Jeff Ohrstrom

4 exploits Active since Jul 2025
CVE-2025-53636 WRITEUP MEDIUM WRITEUP
OSC OnDemand 1.6-3.1.13 and 4.0.0-0.rc1-4.0.5 - Denial of Service via Shell App Log Flooding
Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service (DoS) to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6.
CVSS 5.4
CVE-2026-26002 WRITEUP CRITICAL WRITEUP
Open OnDemand <4.0.9/4.1.3 - Path Traversal
Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain susceptible.
CVSS 9.8
CVE-2026-26002 WRITEUP CRITICAL WRITEUP
Open OnDemand <4.0.9/4.1.3 - Path Traversal
Open OnDemand is an open-source high-performance computing portal. The Files application in OnDemand versions prior to 4.0.9 and 4.1.3 is susceptible to malicious input when navigating to a directory. This has been patched in versions 4.0.9 and 4.1.3. Versions below this remain susceptible.
CVSS 9.8
CVE-2025-53636 WRITEUP MEDIUM WRITEUP
OSC OnDemand 1.6-3.1.13 and 4.0.0-0.rc1-4.0.5 - Denial of Service via Shell App Log Flooding
Open OnDemand is an open-source HPC portal. Users can flood logs by interacting with the shell app and generating many errors. Users who flood logs can create very large log files causing a Denial of Service (DoS) to the ondemand system. This vulnerability is fixed in 3.1.14 and 4.0.6.
CVSS 5.4