Exploit Intelligence Platform

64 exploits Active since Mar 2022
CVE-2026-45829 GITHUB CRITICAL c WORKING POC
ChromaDB >=1.0.0 - Unauthenticated Remote Code Execution via Malicious Model Repository
A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in the /api/v2/tenants/{tenant}/databases/{db}/collections endpoint.
6 stars
CVE-2026-41702 GITHUB HIGH c WORKING POC
VMware Fusion >=2025H2 <2026H1 - Privilege Escalation via SETUID Binary TOCTOU Race Condition
VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed.
4 stars
CVSS 7.8
CVE-2022-0735 GITHUB CRITICAL c WORKING POC
GitLab CE/EE <14.6.5-14.8.2 - Info Disclosure
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.10 before 14.6.5, all versions starting from 14.7 before 14.7.4, all versions starting from 14.8 before 14.8.2. An unauthorised user was able to steal runner registration tokens through an information disclosure vulnerability using quick actions commands.
3 stars
CVSS 10.0
CVE-2026-41940 GITHUB CRITICAL c SCANNER
cPanel and WHM Authentication Bypass via Login Flow
cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.
3 stars
CVSS 9.8
CVE-2026-34980 GITHUB HIGH c WORKING POC
OpenPrinting CUPS: Shared PostScript queue lets anonymous Print-Job requests reach `lp` code execution over the network
OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.16 and prior, in a network-exposed cupsd with a shared target queue, an unauthorized client can send a Print-Job to that shared PostScript queue without authentication. The server accepts a page-border value supplied as textWithoutLanguage, preserves an embedded newline through option escaping and reparse, and then reparses the resulting second-line PPD: text as a trusted scheduler control record. A follow-up raw print job can therefore make the server execute an attacker-chosen existing binary such as /usr/bin/vim as lp. At time of publication, there are no publicly available patches.
3 stars
CVSS 7.5
CVE-2026-35414 GITHUB MEDIUM c WORKING POC
OpenSSH < 10.3 - Always-Incorrect Control Flow Implementation in Authorized Keys Principals Handling
OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon scenarios involving a principals list in conjunction with a Certificate Authority that makes certain use of comma characters.
3 stars
CVSS 4.2
CVE-2026-33765 GITHUB CRITICAL c WORKING POC
Pi-hole Web <6.0 savesettings.php - Command Injection
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. Versions prior to 6.0 have a critical OS Command Injection vulnerability in the savesettings.php file. The application takes the user-controlled $_POST['webtheme'] parameter and concatenates it directly into a system command executed via PHP's exec() function. Since the input is neither sanitized nor validated before being passed to the shell, an attacker can append arbitrary system commands to the intended pihole command. Furthermore, because the command is executed with sudo privileges, the injected commands will run with elevated (likely root) privileges. Version 6.0 patches the issue.
3 stars
CVSS 9.8
CVE-2026-24289 GITHUB HIGH c WORKING POC
Windows Kernel - Privilege Escalation
Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally.
2 stars
CVSS 7.8
CVE-2026-4105 GITHUB MEDIUM c WORKING POC
Red Hat Enterprise Linux 10 - Improper Access Control via systemd-machined RegisterMachine D-Bus Method
A flaw was found in systemd. The systemd-machined service contains an Improper Access Control vulnerability due to insufficient validation of the class parameter in the RegisterMachine D-Bus (Desktop Bus) method. A local unprivileged user can exploit this by attempting to register a machine with a specific class value, which may leave behind a usable, attacker-controlled machine object. This allows the attacker to invoke methods on the privileged object, leading to the execution of arbitrary commands with root privileges on the host system.
2 stars
CVSS 6.7
CVE-2026-30860 GITHUB CRITICAL c WORKING POC
WeKnora <0.2.12 - RCE via SQL Injection
WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation system fails to recursively inspect child nodes within PostgreSQL array expressions and row expressions, allowing attackers to bypass SQL injection protections. By smuggling dangerous PostgreSQL functions inside these expressions and chaining them with large object operations and library loading capabilities, an unauthenticated attacker can achieve arbitrary code execution on the database server with database user privileges. This issue has been patched in version 0.2.12.
1 stars
CVSS 9.9
CVE-2026-28391 GITHUB CRITICAL c WORKING POC
OpenClaw <2026.2.2 - Command Injection
OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allowlist-gated exec requests (non-default configuration), allowing attackers to bypass command approval restrictions. Remote attackers can craft command strings with shell metacharacters like & or %...% to execute unapproved commands beyond the allowlisted operations.
1 stars
CVSS 9.8
CVE-2025-50213 GITHUB CRITICAL python WORKING POC
Apache Airflow Providers Snowflake <6.4.0 - Special Element Injection
Failure to Sanitize Special Elements into a Different Plane (Special Element Injection) vulnerability in Apache Airflow Providers Snowflake. This issue affects Apache Airflow Providers Snowflake: before 6.4.0. Sanitation of table and stage parameters were added in CopyFromExternalStageToSnowflakeOperator to prevent SQL injection Users are recommended to upgrade to version 6.4.0, which fixes the issue.
1 stars
CVSS 9.8
CVE-2026-0761 GITHUB CRITICAL python WORKING POC
Foundation Agents MetaGPT - Code Injection
Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The specific flaw exists within the actionoutput_str_to_mapping function. The issue results from the lack of proper validation of a user-supplied string before using it to execute Python code. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-28124.
1 stars
CVSS 9.8
CVE-2024-31866 GITHUB CRITICAL python WORKING POC
Apache Zeppelin 0.8.2-0.11.0 - Remote Code Execution via Configuration Override
Improper Encoding or Escaping of Output vulnerability in Apache Zeppelin. The attackers can execute shell scripts or malicious code by overriding configuration like ZEPPELIN_INTP_CLASSPATH_OVERRIDES. This issue affects Apache Zeppelin: from 0.8.2 before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue.
1 stars
CVSS 9.8
CVE-2023-42117 GITHUB CRITICAL python WORKING POC
Exim < 4.96.2 - Unauthenticated Remote Code Execution via SMTP Service
Exim Improper Neutralization of Special Elements Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Exim. Authentication is not required to exploit this vulnerability. The specific flaw exists within the smtp service, which listens on TCP port 25 by default. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-17554.
1 stars
CVSS 9.8
CVE-2024-43115 GITHUB HIGH python WORKING POC
Apache DolphinScheduler <3.2.2 - RCE
Improper Input Validation vulnerability in Apache DolphinScheduler. An authenticated user can execute any shell script server by alert script. This issue affects Apache DolphinScheduler: before 3.2.2. Users are recommended to upgrade to version 3.3.1, which fixes the issue.
1 stars
CVSS 8.8
CVE-2025-27818 GITHUB HIGH python WORKING POC
Apache Kafka 2.3.0-3.9.0 - Authenticated Remote Code Execution via SASL JAAS LDAP Deserialization
A possible security vulnerability has been identified in Apache Kafka. This requires access to a alterConfig to the cluster resource, or Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been possible on Kafka clusters since Apache Kafka 2.0.0 (Kafka Connect 2.3.0). When configuring the broker via config file or AlterConfig command, or connector via the Kafka Kafka Connect REST API, an authenticated operator can set the `sasl.jaas.config` property for any of the connector's Kafka clients to "com.sun.security.auth.module.LdapLoginModule", which can be done via the `producer.override.sasl.jaas.config`, `consumer.override.sasl.jaas.config`, or `admin.override.sasl.jaas.config` properties. This will allow the server to connect to the attacker's LDAP server and deserialize the LDAP response, which the attacker can use to execute java deserialization gadget chains on the Kafka connect server. Attacker can cause unrestricted deserialization of untrusted data (or) RCE vulnerability when there are gadgets in the classpath. Since Apache Kafka 3.0.0, users are allowed to specify these properties in connector configurations for Kafka Connect clusters running with out-of-the-box configurations. Before Apache Kafka 3.0.0, users may not specify these properties unless the Kafka Connect cluster has been reconfigured with a connector client override policy that permits them. Since Apache Kafka 3.9.1/4.0.0, we have added a system property ("-Dorg.apache.kafka.disallowed.login.modules") to disable the problematic login modules usage in SASL JAAS configuration. Also by default "com.sun.security.auth.module.JndiLoginModule,com.sun.security.auth.module.LdapLoginModule" are disabled in Apache Kafka Connect 3.9.1/4.0.0. We advise the Kafka users to validate connector configurations and only allow trusted LDAP configurations. Also examine connector dependencies for vulnerable versions and either upgrade their connectors, upgrading that specific dependency, or removing the connectors as options for remediation. Finally, in addition to leveraging the "org.apache.kafka.disallowed.login.modules" system property, Kafka Connect users can also implement their own connector client config override policy, which can be used to control which Kafka client properties can be overridden directly in a connector config and which cannot.
1 stars
CVSS 8.8
CVE-2025-26866 GITHUB HIGH python WORKING POC
Apache HugeGraph < 1.7.0 - Remote Code Execution via Hessian Deserialization
A remote code execution vulnerability exists where a malicious Raft node can exploit insecure Hessian deserialization within the PD store. The fix enforces IP-based authentication to restrict cluster membership and implements a strict class whitelist to harden the Hessian serialization process against object injection attacks. Users are recommended to upgrade to version 1.7.0, which fixes the issue.
1 stars
CVSS 8.8
CVE-2025-24490 GITHUB CRITICAL python WORKING POC
Mattermost 9.11.0-9.11.7, 10.2.0-10.2.2, 10.3.0-10.3.2, 10.4.0-10.4.1 - SQL Injection via Boards Reordering
Mattermost versions 10.4.x <= 10.4.1, 9.11.x <= 9.11.7, 10.3.x <= 10.3.2, 10.2.x <= 10.2.2 fail to use prepared statements in the SQL query of boards reordering which allows an attacker to retrieve data from the database, via a SQL injection when reordering specially crafted boards categories.
1 stars
CVSS 9.6
CVE-2016-15057 GITHUB CRITICAL python WORKING POC
Apache Continuum - Command Injection
** UNSUPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Apache Continuum. This issue affects Apache Continuum: all versions. Attackers with access to the installations REST API can use this to invoke arbitrary commands on the server. As this project is retired, we do not plan to release a version that fixes this issue. Users are recommended to find an alternative or restrict access to the instance to trusted users. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
1 stars
CVSS 9.9
CVE-2025-14931 GITHUB CRITICAL python WORKING POC
Hugging Face smolagents - Deserialization
Hugging Face smolagents Remote Python Executor Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Hugging Face smolagents. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing of pickle data. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the service account. Was ZDI-CAN-28312.
1 stars
CVSS 10.0
CVE-2025-58046 GITHUB CRITICAL python WORKING POC
Dataease <= 2.10.12 - Remote Code Execution via Impala JDBC Connection String JNDI Injection
Dataease is an open-source data visualization and analysis platform. In versions up to and including 2.10.12, the Impala data source is vulnerable to remote code execution due to insufficient filtering in the getJdbc method of the io.dataease.datasource.type.Impala class. Attackers can construct malicious JDBC connection strings that exploit JNDI injection and trigger RMI deserialization, ultimately enabling remote command execution. The vulnerability can be exploited by editing the data source and providing a crafted JDBC connection string that references a remote configuration file, leading to RMI-based deserialization attacks. This issue has been patched in version 2.10.13. It is recommended to upgrade to the latest version. No known workarounds exist for affected versions.
1 stars
CVSS 9.8
CVE-2025-54466 GITHUB CRITICAL python WORKING POC
Apache OFBiz < 24.09.02 - Unauthenticated Remote Code Execution via Scrum Plugin
Improper Control of Generation of Code ('Code Injection') vulnerability leading to a possible RCE in Apache OFBiz scrum plugin. This issue affects Apache OFBiz: before 24.09.02 only when the scrum plugin is used. Even unauthenticated attackers can exploit this vulnerability. Users are recommended to upgrade to version 24.09.02, which fixes the issue.
1 stars
CVSS 9.8
CVE-2025-12421 GITHUB CRITICAL python WORKING POC
Mattermost <11.0.2, 10.12.1, 10.11.4, 10.5.12 - Auth Bypass
Mattermost versions 11.0.x <= 11.0.2, 10.12.x <= 10.12.1, 10.11.x <= 10.11.4, 10.5.x <= 10.5.12 fail to to verify that the token used during the code exchange originates from the same authentication flow, which allows an authenticated user to perform account takeover via a specially crafted email address used when switching authentication methods and sending a request to the /users/login/sso/code-exchange endpoint. The vulnerability requires ExperimentalEnableAuthenticationTransfer to be enabled (default: enabled) and RequireEmailVerification to be disabled (default: disabled).
1 stars
CVSS 9.9
CVE-2025-66524 GITHUB HIGH python WORKING POC
Apache NiFi <2.6.0 - Deserialization
Apache NiFi 1.20.0 through 2.6.0 include the GetAsanaObject Processor, which requires integration with a configurable Distribute Map Cache Client Service for storing and retrieving state information. The GetAsanaObject Processor used generic Java Object serialization and deserialization without filtering. Unfiltered Java object deserialization does not provide protection against crafted state information stored in the cache server configured for GetAsanaObject. Exploitation requires an Apache NiFi system running with the GetAsanaObject Processor, and direct access to the configured cache server. Upgrading to Apache NiFi 2.7.0 is the recommended mitigation, which replaces Java Object serialization with JSON serialization. Removing the GetAsanaObject Processor located in the nifi-asana-processors-nar bundle also prevents exploitation.
1 stars
CVSS 8.8