CVE-2026-4119: CWE-862 Missing Authorization in jppreus Create DB Tables CVE-2026-4119 is an authorization bypass vulnerability in the Create DB Tables WordPress plugin (versions up to 1.2.1). The plugin registers admin_post action hooks (admin_post_add_table and admin_post_delete_db_table) that allow any logged

WordPress Create DB Tables plugin (≤1.2.1) has a CRITICAL vuln: any authenticated user can delete/create DB tables, risking site destruction. Disable or restrict roles until fixed. radar.offseq.com/threat/cve-2026-4119-cwe... #OffSeq #WordPress #Secu...

CVE-2026-40911: CWE-94: Improper Control of Generation of Code ('Code Injection' WWBN AVideo (<=29.0) contains a critical CWE-94 code injection vulnerability in the YPTSocket plugin. The WebSocket server forwards attacker-supplied JSON message bodies to all connected clients without sanitizing the 'msg' or 'callback' fi

WWBN AVideo <=29.0 faces CRITICAL code injection (CVSS 10) in YPTSocket. Attackers can hijack sessions & accounts. Patch via commit c08694b or upgrade now. radar.offseq.com/threat/cve-2026-40911-cw... #OffSeq #CVE202640911 #security

CVE-2026-40906: CWE-89: Improper Neutralization of Special Elements used in an S CVE-2026-40906 is a critical SQL injection vulnerability (CWE-89) affecting ElectricSQL, a Postgres sync engine. The issue exists in the order_by parameter of the /v1/shape API endpoint in versions >= 1.1.12 and < 1.5.0. Authenticated users

ElectricSQL (v1.1.12 – <1.5.0) faces CRITICAL SQL injection (CVSS 10). Authenticated users can fully access PostgreSQL DB. Upgrade to 1.5.0+ ASAP! radar.offseq.com/threat/cve-2026-40906-cw... #OffSeq #SQLInjection #PatchNow

CVE-2026-6834: CWE-862 Missing Authorization in aEnrich a+HRD The a+HRD product by aEnrich contains a Missing Authorization vulnerability (CWE-862) identified as CVE-2026-6834. Authenticated remote attackers can exploit this flaw to arbitrarily read database contents through a particular API method wi

aEnrich a+HRD faces a HIGH-severity missing authorization flaw (CVE-2026-6834) — authenticated users can read DB contents. Restrict API access & review user privileges now. No patch yet. radar.offseq.com/threat/cve-2026-6834-cwe... #OffSeq #Vulnerabi...

CVE-2026-40933: CWE-78: Improper Neutralization of Special Elements used in an O CVE-2026-40933 is an OS command injection vulnerability in FlowiseAI's Flowise product before version 3.1.0. The flaw arises from unsafe serialization of stdio commands in the MCP adapter, allowing authenticated users to add a Custom MCP wi

FlowiseAI Flowise < 3.1.0: CRITICAL OS command injection (CVSS 10). Authenticated attackers can execute arbitrary commands. Patch to 3.1.0+ now! 🔒 radar.offseq.com/threat/cve-2026-40933-cw... #OffSeq #Vulnerability #FlowiseAI

CVE-2026-40946: CWE-287: Improper Authentication in oxia-db oxia Oxia, a metadata store and coordination system, prior to version 0.16.2, contains an authentication vulnerability where the OIDC authentication provider unconditionally sets SkipClientIDCheck: true in the go-oidc verifier configuration. Thi

CRITICAL: oxia-db oxia < 0.16.2 lets OIDC tokens from other services bypass auth checks. 🛡️ Upgrade to 0.16.2+ immediately. No known exploits yet — stay ahead! radar.offseq.com/threat/cve-2026-40946-cw... #OffSeq #Oxia #Security

CVE-2026-41064: CWE-78: Improper Neutralization of Special Elements used in an O WWBN AVideo, an open source video platform, suffers from an OS command injection vulnerability (CWE-78) in its test.php script in versions up to 29.0. The initial fix applied escapeshellarg only to the wget command, but left other code path

Critical OS command injection in WWBN AVideo <=29.0 (CVSS 9.3). Unauthenticated attackers can execute server commands. No patch yet — check vendor repo & avoid affected versions. More info: radar.offseq.com/threat/cve-2026-41064-cw... #OffSeq #CVE202...

CVE-2026-41036: CWE-78 Improper neutralization of special elements used in an OS This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands

HIGH severity: Quantum Networks QN-I-470 (6.1.1.B1) has OS command injection flaw — authenticated attackers get root RCE. Restrict CLI access & monitor for patch updates. radar.offseq.com/threat/cve-2026-41036-cw... #OffSeq #Vulnerability #RouterSecu...

CVE-2026-40497: CWE-79: Improper Neutralization of Input During Web Page Generat FreeScout's input sanitization function Helper::stripDangerousTags() removes certain dangerous HTML tags but does not remove <style> tags. An attacker with mailbox settings access can inject CSS in the mailbox signature, which is rendered u

FreeScout (<1.8.213) XSS flaw: mailbox settings users can inject CSS, steal CSRF tokens, and escalate privileges. HIGH severity — upgrade to 1.8.213 now! radar.offseq.com/threat/cve-2026-40497-cw... #OffSeq #XSS #Security

CVE-2026-31368: Vulnerability in Honor AIAssistant AiAssistant is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability.

🔒 HIGH severity in Honor AIAssistant v90.0.12.010: privilege bypass can impact service availability. No fix yet — review your systems and monitor for updates. radar.offseq.com/threat/cve-2026-31368-vu... #OffSeq #Honor #Security

CVE-2026-39918: CWE-94 Improper Control of Generation of Code ('Code Injection') CVE-2026-39918 is a code injection vulnerability (CWE-94) in givanz Vvveb prior to version 1.0.8.1. The issue exists in the installation endpoint where the subdir POST parameter is unsafely written into the env.php configuration file withou

🚨 CRITICAL: givanz Vvveb <1.0.8.1 has unauthenticated RCE via code injection in installation endpoint. Restrict exposure, monitor for patch, use WAF. Details: radar.offseq.com/threat/cve-2026-39918-cw... #OffSeq #Vulnerability #WebSecurity

CVE-2026-5965: CWE-78 Improper neutralization of special elements used in an OS CVE-2026-5965 is an OS Command Injection vulnerability (CWE-78) in NewSoftOA by NewSoft. It permits unauthenticated local attackers to inject arbitrary OS commands that the server executes. The vulnerability has a CVSS 4.0 score of 9.3, ref

Critical OS command injection in NewSoftOA (CVSS 9.3). Unauthenticated local attackers can execute commands. No patch — limit access & monitor for fixes. radar.offseq.com/threat/cve-2026-5965-cwe... #OffSeq #Vulnerability

CVE-2026-24467: CWE-640: Weak Password Recovery Mechanism for Forgotten Password OpenAEV's password reset implementation prior to version 2.0.13 has multiple weaknesses: reset tokens never expire and are only 8-digit numeric codes. Attackers can generate many valid tokens over time and brute-force them efficiently, enab

OpenAEV-Platform (<2.0.13) has a CRITICAL flaw: non-expiring, short reset tokens allow unauthenticated account takeover — even for admins. Patch to 2.0.13 now! radar.offseq.com/threat/cve-2026-24467-cw... #OffSeq #Vulnerability #AppSec

CVE-2026-6257: CWE-434 Unrestricted Upload of File with Dangerous Type in Vvveb CVE-2026-6257 is a critical vulnerability in Vvveb CMS v1.0.8 involving CWE-434 (Unrestricted Upload of File with Dangerous Type). The flaw is in the media management functionality where a missing return statement in the file rename handler

Vvveb CMS v1.0.8 CRITICAL flaw: Authenticated users can upload + rename files to .php/.htaccess, enabling RCE as www-data. No patch yet — restrict access & monitor for signs of abuse. radar.offseq.com/threat/cve-2026-6257-cwe... #OffSeq #Vulnerabilit...

CVE-2026-32311: CWE-78: Improper Neutralization of Special Elements used in an O Flowsint is an OSINT graph exploration tool that allows automated processes called 'transformers' to run on nodes within sketches. The 'org_to_asn' transformer in affected versions improperly neutralizes special shell metacharacters, enabli

Flowsint users: CRITICAL OS command injection (CVE-2026-32311) in versions <b52cbbb9 allows remote root access. Upgrade to the fixed commit ASAP! Details: radar.offseq.com/threat/cve-2026-32311-cw... #OffSeq #OSINT #Vulnerability

CVE-2026-5963: CWE-89 Improper neutralization of special elements used in an SQL CVE-2026-5963 is a SQL Injection vulnerability in Digiwin EasyFlow .NET affecting versions 6.1.*, 6.6.*, and 8.1.1. The flaw allows unauthenticated remote attackers to inject malicious SQL commands due to improper neutralization of special

Critical SQL Injection in Digiwin EasyFlow .NET 6.1.*, 6.6.*, 8.1.1 🚨 Unauthenticated attackers can access & change DB data. Restrict access & monitor for attacks. No patch available yet. radar.offseq.com/threat/cve-2026-5963-cwe... #OffSeq #SQLInjec...

CVE-2026-5964: CWE-89 Improper neutralization of special elements used in an SQL CVE-2026-5964 is a SQL Injection vulnerability in Digiwin EasyFlow .NET affecting versions 6.1.*, 6.6.*, and 8.1.1. It allows unauthenticated remote attackers to inject malicious SQL commands due to improper neutralization of special elemen

🚨 CRITICAL: Digiwin EasyFlow .NET (6.1.*, 6.6.*, 8.1.1) has a severe SQL injection risk (CVE-2026-5964). Unauthenticated attackers can access or change DB data. Check vendor updates & deploy WAFs. radar.offseq.com/threat/cve-2026-5964-cwe... #OffSeq ...

CVE-2026-6644: CWE-78 Improper neutralization of special elements used in an OS This vulnerability (CVE-2026-6644) involves improper neutralization of special elements used in an OS command (CWE-78) within the PPTP VPN Clients on ASUSTOR ADM. An administrative user can supply crafted input that is insufficiently valida

ASUSTOR ADM PPTP VPN Clients hit by CRITICAL vuln (CVE-2026-6644, CVSS 9.4). Admins can inject OS commands — full system compromise possible. Restrict access & monitor for patches. radar.offseq.com/threat/cve-2026-6644-cwe... #OffSeq #ASUSTOR #Vulner...

CVE-2026-32955: Stack-based buffer overflow in silex technology, Inc. SD-330AC CVE-2026-32955 is a stack-based buffer overflow vulnerability in silex technology, Inc.'s SD-330AC and AMC Manager products (versions 1.42 and earlier). The vulnerability arises during the processing of redirect URLs, enabling an attacker w

🚨 Stack-based buffer overflow (HIGH) in silex SD-330AC (≤v1.42) may allow code execution via redirect URLs. Restrict access & monitor for threats while awaiting a fix. radar.offseq.com/threat/cve-2026-32955-st... #OffSeq #Vulnerability

CVE-2026-32956: Heap-based buffer overflow in silex technology, Inc. SD-330AC CVE-2026-32956 is a critical heap-based buffer overflow vulnerability in silex technology, Inc.'s SD-330AC and AMC Manager products. The flaw occurs during the processing of redirect URLs, potentially enabling remote attackers to execute ar

🚨 CRITICAL heap overflow in silex SD-330AC (≤v1.42) allows remote code execution — no patch yet. Restrict access & watch for vendor updates. radar.offseq.com/threat/cve-2026-32956-he... #OffSeq #CVE202632956 #IoTSecurity

CVE-2026-6597: Unprotected Storage of Credentials in langflow-ai langflow A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flow Using API. This manipulation causes unp

langflow-ai langflow v1.8.0 – 1.8.3 faces a MEDIUM risk: unprotected credential storage in Flow Using API. Public exploit exists — restrict access & review credential use now. radar.offseq.com/threat/cve-2026-6597-unp... #OffSeq #Vulnerability #Langflow

CVE-2026-6591: Path Traversal in ComfyUI A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_filepath of the file folder_paths.py of the component LoadImage Node. This manipulation of the argument Name causes path traversal. Remote ex

🚨 MEDIUM: Path traversal vuln in ComfyUI <=0.13.0. Exploit released, vendor unresponsive. Review deployments & monitor for patches. Details: radar.offseq.com/threat/cve-2026-6591-pat... #OffSeq #ComfyUI #Security

CVE-2026-6581: Buffer Overflow in H3C Magic B1 This vulnerability involves a buffer overflow in the SetMobileAPInfoById function of the H3C Magic B1 device firmware (up to version 100R004). The issue arises from improper handling of an argument parameter in the /goform/aspForm endpoint,

H3C Magic B1 (≤100R004) faces a HIGH severity buffer overflow. Exploit code is public & no patch is available. Restrict management access & monitor endpoints now. More info: radar.offseq.com/threat/cve-2026-6581-buf... #OffSeq #Vulnerability #NetworkSecurity

CVE-2026-6572: Improper Authorization in Collabora KodExplorer This vulnerability in Collabora KodExplorer affects versions 4.0 through 4.52 and involves improper authorization in the fileUpload endpoint component. Specifically, manipulation of the fileUpload argument in /app/controller/share.class.php

Medium severity: Collabora KodExplorer (v4.0 – 4.52) vulnerable to improper authorization in fileUpload. No patch yet — limit access and apply network controls. Details: radar.offseq.com/threat/cve-2026-6572-imp... #OffSeq #Vulnerability #AppSec

CVE-2026-6574: Hard-coded Credentials in osuuu LightPicture This vulnerability in osuuu LightPicture (versions 1.2.0 through 1.2.2) arises from hard-coded credentials exposed via manipulation of the argument key in the processing of the /public/install/lp.sql file within the API Upload Endpoint. The

osuuu LightPicture v1.2.0 – 1.2.2: MEDIUM risk due to hard-coded credentials in API Upload Endpoint. No patch yet. Restrict access & monitor for suspicious activity. Details: radar.offseq.com/threat/cve-2026-6574-har... #OffSeq #Vulnerability #Security

CVE-2026-6573: Server-Side Request Forgery in PHPEMS A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-

PHPEMS 11.0 faces MEDIUM severity SSRF (CVE-2026-6573) via Instant Exam Creation Handler — public exploit available. Check your security stance now! radar.offseq.com/threat/cve-2026-6573-ser... #OffSeq #PHPEMS #SSRF

CVE-2026-6570: Authorization Bypass in kodcloud KodExplorer This vulnerability in kodcloud KodExplorer affects the initInstall function in the systemMember.class.php controller file. By manipulating the 'path' argument, an attacker with high privileges can bypass authorization checks remotely, poten

kodcloud KodExplorer (4.0 – 4.52) has a MEDIUM auth bypass vuln (CVE-2026-6570). No patch — restrict access & monitor vendor channels for updates. radar.offseq.com/threat/cve-2026-6570-aut... #OffSeq #Vulnerability #Cybersecurity

CVE-2026-6568: Path Traversal in kodcloud KodExplorer A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulation of the argument

kodcloud KodExplorer (v4.0 – 4.52) hit by MEDIUM severity path traversal vuln. Public exploit out, no vendor fix yet. Limit public shares & monitor systems. Details: radar.offseq.com/threat/cve-2026-6568-pat... #OffSeq #vulnerability #infosec

CVE-2026-6563: Buffer Overflow in H3C Magic B1 A vulnerability has been found in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to initia

H3C Magic B1 (≤100R004) faces a HIGH severity buffer overflow flaw — public exploit available, vendor silent. Audit and secure exposed devices now. radar.offseq.com/threat/cve-2026-6563-buf... #OffSeq #cybersecurity #vulnerability

CVE-2026-6560: Buffer Overflow in H3C Magic B0 This vulnerability in H3C Magic B0 up to version 100R002 involves a buffer overflow triggered by improper handling of an argument parameter in the Edit_BasicSSID function within the /goform/aspForm file. The flaw allows remote attackers to

🚨 H3C Magic B0 (100R002) faces a HIGH-severity buffer overflow (CVSS 8.7). Remote exploit possible, no patch yet — restrict access & monitor for updates. Details: radar.offseq.com/threat/cve-2026-6560-buf... #OffSeq #Vulnerability #H3C