LittleSuRii

4 exploits Active since Jul 2024
CVE-2024-36985 NOMISEC HIGH WORKING POC
Authenticated RCE in Splunk (splunk_archiver app)
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10, a low-privileged user that does not hold the admin or power Splunk roles could cause a Remote Code Execution through an external lookup that references the “splunk_archiver“ application.
CVSS 8.8
CVE-2026-37452 WRITEUP HIGH WORKING POC
MSI NBFoundation Service 2.0.2506.1201 - Insecure Permissions Information Disclosure via MSIAPService.exe
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSIAPService.exe component
CVSS 7.5
CVE-2026-37453 WRITEUP HIGH WORKING POC
MSI NBFoundation Service 2.0.2506.1201 - Insecure Permissions via MSI_SERVICE_2 Pipe
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSI_SERVICE_2 pipe
CVSS 7.5
CVE-2026-37454 WRITEUP HIGH WORKING POC
MSI NBFoundation Service 2.0.2506.1201 - Insecure Permissions via 3DES-ECB Encryption
Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the 3DES-ECB encryption
CVSS 7.5