Vulnerabilities Database - CXSecurity.com https://cxsecurity.com/wlb/ Vulnerabilities Database - World Laboratory of Bugtraq 2 CXSecurity.com en-US Sun, 24 May 2026 13:59:03 +0000 CXSecurity CXSecurity: World Laboratory of Bugtraq 2 https://cxsecurity.com/wlb/rss/vulnerabilities/ https://cxsecurity.com/images/wlb/wlblogo.png Vulnerabilities Database - World Laboratory of Bugtraq 2 (WLB2) Frigate NVR 0.16.3 Remote Code Execution https://cxsecurity.com/issue/WLB-2026050020 WLB-2026050020 2026-05-23 05:00:22 CET jduardo2704 Topic: Frigate NVR 0.16.3 Remote Code Execution Risk: High Text:# Exploit Title: Frigate NVR 0.16.3 - Remote Code Execution # Date: 2026-02-05 # Exploit Author: jduardo2704 # Vendor Homep... Sat, 23 May 2026 05:00:22 +0000 Linux nf_tables 6.19.3 Local Privilege Escalation https://cxsecurity.com/issue/WLB-2026050019 WLB-2026050019 2026-05-23 05:00:13 CET Aviral Srivastava Topic: Linux nf_tables 6.19.3 Local Privilege Escalation Risk: Medium Text: * Exploit Title: Linux Kernel 3.16 – 6.19.3 nf_tables RCU UAF LPE * CVE: CVE-2026-23231 * Date: 20... Sat, 23 May 2026 05:00:13 +0000 ThingsBoard IoT Platform 4.2.0 Server-Side Request Forgery (SSRF) https://cxsecurity.com/issue/WLB-2026050018 WLB-2026050018 2026-05-23 04:59:56 CET Tamil Mathi T. Topic: ThingsBoard IoT Platform 4.2.0 Server-Side Request Forgery (SSRF) Risk: Low Text:# Exploit Title: ThingsBoard IoT Platform 4.2.0 - Server-Side Request Forgery (SSRF) # Date: 2026-03-25 # Exploit Author: Ta... Sat, 23 May 2026 04:59:56 +0000 Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500 / CVE-2026-46300) https://cxsecurity.com/issue/WLB-2026050017 WLB-2026050017 2026-05-23 04:59:49 CET nu11secur1ty Topic: Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500 / CVE-2026-46300) Risk: Medium Text:# Titles:** Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500 / CVE-2026-46300) # Author:** nu11secur1t... Sat, 23 May 2026 04:59:49 +0000 SUSE Manager 4.3.15 Code Execution https://cxsecurity.com/issue/WLB-2026050016 WLB-2026050016 2026-05-23 04:59:19 CET Wiktor Maj Topic: SUSE Manager 4.3.15 Code Execution Risk: High Text:# Exploit Title: SUSE Manager 4.3.15 - Code Execution # Date: 29.01.2026 # Exploit Author: Wiktor Maj # Vendor Homepage: htt... Sat, 23 May 2026 04:59:19 +0000 Apache HertzBeat 1.8.0 Remote Code Execution https://cxsecurity.com/issue/WLB-2026050015 WLB-2026050015 2026-05-19 21:17:49 CET Brett Gervasoni Topic: Apache HertzBeat 1.8.0 Remote Code Execution Risk: High Text:# Exploit Title: Apache HertzBeat 1.8.0 - Remote Code Execution # Google Dork: N/A # Date: 2026-03-09 # Exploit Author: Bre... Tue, 19 May 2026 21:17:49 +0000 JuzaWeb CMS 3.4.2 Authenticated Remote Code Execution https://cxsecurity.com/issue/WLB-2026050014 WLB-2026050014 2026-05-19 21:17:25 CET Sardor Shoakbarov Topic: JuzaWeb CMS 3.4.2 Authenticated Remote Code Execution Risk: High Text:# Exploit Title: JuzaWeb CMS 3.4.2 - Authenticated Remote Code Execution # Date: 2026-01-10 # Exploit Author: Sardor Shoakbar... Tue, 19 May 2026 21:17:25 +0000 GUnet OpenEclass E-learning platform < 4.2 Remote Code Execution (RCE) https://cxsecurity.com/issue/WLB-2026050012 WLB-2026050012 2026-05-19 21:16:06 CET Ashif Iqubal Topic: GUnet OpenEclass E-learning platform < 4.2 Remote Code Execution (RCE) Risk: High Text:# Exploit Title: GUnet OpenEclass E-learning platform < 4.2 - Remote Code Execution (RCE) # Date: 2026-01-08 # Exploit Autho... Tue, 19 May 2026 21:16:06 +0000 Windows Snipping Tool NTLMv2 Hash Hijack https://cxsecurity.com/issue/WLB-2026050011 WLB-2026050011 2026-05-19 21:15:57 CET nu11secur1ty Topic: Windows Snipping Tool NTLMv2 Hash Hijack Risk: Medium Text:# Exploit Title: Windows Snipping Tool - NTLMv2 Hash Hijack # Date: 2026-04-22 # Exploit Author: nu11secur1ty # Video Demo... Tue, 19 May 2026 21:15:57 +0000 telnetd 2.7 Buffer Overflow https://cxsecurity.com/issue/WLB-2026050010 WLB-2026050010 2026-05-13 19:41:02 CET Jeff Barron Topic: telnetd 2.7 Buffer Overflow Risk: High Text:# Exploit Title: telnetd 2.7 - Buffer Overflow # Google Dork: N/A # Date: 2026-04-03 # Exploit Author: Jeff Barron (jeffaf) ... Wed, 13 May 2026 19:41:02 +0000 Kukurigu LPE - Linux Kernel Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) https://cxsecurity.com/issue/WLB-2026050009 WLB-2026050009 2026-05-13 19:40:49 CET nu11secur1ty Topic: Kukurigu LPE - Linux Kernel Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) Risk: Medium Text:# Titles: Kukurigu LPE - Linux Kernel Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) # Author: nu11secur1ty # Date: 2... Wed, 13 May 2026 19:40:49 +0000 Event Booking Calendar-5.0 Cross-site scripting (reflected) https://cxsecurity.com/issue/WLB-2026050008 WLB-2026050008 2026-05-13 19:40:38 CET nu11secur1ty Topic: Event Booking Calendar-5.0 Cross-site scripting (reflected) Risk: Low Text:## Titles: Event Booking Calendar-5.0 Cross-site scripting (reflected) ## Author: nu11secur1ty ## Date: 5/13/2026 ## Vendor... Wed, 13 May 2026 19:40:38 +0000 Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) https://cxsecurity.com/issue/WLB-2026050007 WLB-2026050007 2026-05-13 19:40:32 CET nu11secur1ty Topic: Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) Risk: High Text:# Titles:** Linux Kernel Local Privilege Escalation (CVE-2026-43284 / CVE-2026-43500) # Author:** nu11secur1ty # Date:** 2026... Wed, 13 May 2026 19:40:32 +0000 Ninja Forms Uploads Unauthenticated PHP File Upload https://cxsecurity.com/issue/WLB-2026050006 WLB-2026050006 2026-05-13 19:40:20 CET Sélim Lanouar Topic: Ninja Forms Uploads Unauthenticated PHP File Upload Risk: High Text:# Exploit Title: Ninja Forms Uploads - Unauthenticated PHP File Upload # Date: 2026-04-09 # Exploit Author: ... Wed, 13 May 2026 19:40:20 +0000 Traccar GPS Tracking System 6.11.1 Cross-Site WebSocket Hijacking (CSWSH) https://cxsecurity.com/issue/WLB-2026050005 WLB-2026050005 2026-05-13 19:38:16 CET Hazar Taspinar Topic: Traccar GPS Tracking System 6.11.1 Cross-Site WebSocket Hijacking (CSWSH) Risk: Medium Text:# Exploit Title: Traccar GPS Tracking System 6.11.1 - Cross-Site WebSocket Hijacking (CSWSH) # Date: 2026-02-26 # Exploit Aut... Wed, 13 May 2026 19:38:15 +0000 Erugo 0.2.14 Remote Code Execution (RCE) https://cxsecurity.com/issue/WLB-2026050004 WLB-2026050004 2026-05-04 20:19:59 CET Abdul Moiz Topic: Erugo 0.2.14 Remote Code Execution (RCE) Risk: High Text:# Exploit Title: Erugo < = 0.2.14 - Authenticated Remote Code Execution (RCE) # Date: 2026-02-02 # Exploit Author: Abdul Moiz ... Mon, 04 May 2026 20:19:59 +0000 Linux Kernel Local Privilege Escalation via Memory Handling and Access Control Weakness https://cxsecurity.com/issue/WLB-2026050003 WLB-2026050003 2026-05-04 20:19:47 CET RERO Topic: Linux Kernel Local Privilege Escalation via Memory Handling and Access Control Weakness Risk: Medium Text:A privilege escalation vulnerability class affecting the Linux kernel has been analyzed under controlled local test environment... Mon, 04 May 2026 20:19:47 +0000 Linux Kernel proc_readdir_de() 6.18-rc5 Local Privilege Escalation https://cxsecurity.com/issue/WLB-2026050001 WLB-2026050001 2026-05-04 20:18:27 CET Aviral Srivastava Topic: Linux Kernel proc_readdir_de() 6.18-rc5 Local Privilege Escalation Risk: Medium Text: * Exploit Title: Linux Kernel proc_readdir_de() 6.18-rc5 - Local Privilege Escalation * CVE: CVE-2025-40271 * ... Mon, 04 May 2026 20:18:26 +0000 Insecure Permissions vulnerability in Nagios Network Analyzer v.2024R1.02-64 and before allows a local attacker to escalate pri https://cxsecurity.com/issue/WLB-2026040019 WLB-2026040019 2026-04-26 21:07:36 CET Sarang Tumne Topic: Insecure Permissions vulnerability in Nagios Network Analyzer v.2024R1.02-64 and before allows a local attacker to escalate pri Risk: Medium Text:Insecure Permissions vulnerability in Nagios Network Analyzer v.2024R1.02-64 and before allows a local attacker to escalate pri... Sun, 26 Apr 2026 21:07:36 +0000 Samsung ONE Integer Overflow in CircleConst Tensor Size Calculation https://cxsecurity.com/issue/WLB-2026040018 WLB-2026040018 2026-04-26 21:07:24 CET Mohammed Idrees Banyamer Topic: Samsung ONE Integer Overflow in CircleConst Tensor Size Calculation Risk: Medium Text:#!/usr/bin/env python3 # Exploit Title: Samsung ONE - Integer Overflow in CircleConst Tensor Size Calculation # CVE: CVE-2026... Sun, 26 Apr 2026 21:07:24 +0000 solaredge-CSRF-OOB-Injection https://cxsecurity.com/issue/WLB-2026040017 WLB-2026040017 2026-04-26 21:07:15 CET nu11secur1ty Topic: solaredge-CSRF-OOB-Injection Risk: Medium Text:# Titles: solaredge-CSRF-OOB-Injection # Author: nu11secur1tyAI # Date: 2026-04-26 # Vendor: SolarEdge Technologies Ltd. # ... Sun, 26 Apr 2026 21:07:15 +0000 Trojan-Spy.Win32.Small / Remote Command Execution https://cxsecurity.com/issue/WLB-2026040016 WLB-2026040016 2026-04-22 21:54:00 CET malvuln Topic: Trojan-Spy.Win32.Small / Remote Command Execution Risk: Medium Text:Discovery / credits: Malvuln (John Page aka hyp3rlinx) (c) 2026 Original source: https://malvuln.com/advisory/8c15ec5f0137d097... Wed, 22 Apr 2026 21:54:00 +0000 Throttlestop Kernel Driver Kernel Out-of-Bounds Write Privilege Escalation https://cxsecurity.com/issue/WLB-2026040014 WLB-2026040014 2026-04-22 21:53:22 CET Xavi Beltran Topic: Throttlestop Kernel Driver Kernel Out-of-Bounds Write Privilege Escalation Risk: Medium Text:# Exploit Title: Throttlestop Kernel Driver - Kernel Out-of-Bounds Write Privilege Escalation # Exploit Details: https://xavi... Wed, 22 Apr 2026 21:53:21 +0000 Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange (IKE) Service (CVE-2026-33824) https://cxsecurity.com/issue/WLB-2026040013 WLB-2026040013 2026-04-19 20:47:26 CET RERO Topic: Critical Remote Code Execution Vulnerability in Windows Internet Key Exchange (IKE) Service (CVE-2026-33824) Risk: High Text:CVE-2026-33824 is a critical remote code execution vulnerability affecting the Windows Internet Key Exchange (IKE) service, whi... Sun, 19 Apr 2026 20:47:26 +0000 WordPress Madara Local File Inclusion https://cxsecurity.com/issue/WLB-2026040012 WLB-2026040012 2026-04-14 19:07:10 CET Beatriz Fresno Naumova Topic: WordPress Madara Local File Inclusion Risk: Medium Text:# Exploit Title: WordPress Madara Local File Inclusion # Date: November 1, 2025 # Exploit Author: Beatriz Fresno Naumova # ... Tue, 14 Apr 2026 19:07:10 +0000 FortiWeb 8.0.2 Remote Code Execution https://cxsecurity.com/issue/WLB-2026040011 WLB-2026040011 2026-04-14 19:06:52 CET Mohammed Idrees Banyamer Topic: FortiWeb 8.0.2 Remote Code Execution Risk: High Text:# Exploit Title: FortiWeb 8.0.2 - Remote Code Execution # Date: 2025-11-22 # Author: Mohammed Idrees Banyamer # Author Coun... Tue, 14 Apr 2026 19:06:52 +0000 Easy File Sharing Web Server v7.2 Buffer Overflow https://cxsecurity.com/issue/WLB-2026040010 WLB-2026040010 2026-04-14 19:06:41 CET Donwor Topic: Easy File Sharing Web Server v7.2 Buffer Overflow Risk: High Text:# Exploit title: Easy File Sharing Web Server v7.2 - Buffer Overflow # Date: 16/10/2025 # Exploit Author: Donwor # X: @real_... Tue, 14 Apr 2026 19:06:29 +0000 NetBT e-Fatura Privilege Escalation https://cxsecurity.com/issue/WLB-2026040009 WLB-2026040009 2026-04-14 19:06:00 CET Seccops Topic: NetBT e-Fatura Privilege Escalation Risk: Medium Text:# Exploit Title: NetBT e-Fatura - Privilege Escalation # Author: Seccops # Discovery Date: 2025-10-03 # Vendor: https://net-... Tue, 14 Apr 2026 19:05:59 +0000 Docker Desktop 4.44.3 Unauthenticated API Exposure https://cxsecurity.com/issue/WLB-2026040008 WLB-2026040008 2026-04-09 20:53:26 CET OilSeller2001 Topic: Docker Desktop 4.44.3 Unauthenticated API Exposure Risk: High Text:# Exploit Title: Docker Desktop 4.44.3 - Unauthenticated API Exposure # Date: 2025-10-06 # Exploit Author: OilSeller2001 # ... Thu, 09 Apr 2026 20:53:26 +0000 MaNGOSWebV4 4.0.6 Reflected XSS https://cxsecurity.com/issue/WLB-2026040007 WLB-2026040007 2026-04-09 20:52:55 CET CodeSecLab Topic: MaNGOSWebV4 4.0.6 Reflected XSS Risk: Low Text:# Exploit Title: MaNGOSWebV4 4.0.6 - Reflected XSS # Date: 2024-10-26 # Exploit Author: CodeSecLab # Vendor Homepage: http... Thu, 09 Apr 2026 20:52:55 +0000 Grafana 11.6.0 SSRF https://cxsecurity.com/issue/WLB-2026040006 WLB-2026040006 2026-04-09 20:52:38 CET Beatriz Fresno Naumova Topic: Grafana 11.6.0 SSRF Risk: Medium Text:# Exploit Title: Grafana 11.6.0 - SSRF # FOFA: app="Grafana" # Date: 2-11-2025 # Exploit Author: Beatriz Fresno Naumova #... Thu, 09 Apr 2026 20:52:38 +0000 OctoPrint 1.11.2 File Upload https://cxsecurity.com/issue/WLB-2026040005 WLB-2026040005 2026-04-09 20:52:26 CET prabhatverma.addada Topic: OctoPrint 1.11.2 File Upload Risk: High Text:# Exploit Title: OctoPrint 1.11.2 - File Upload # Date: 2025-09-28 # Exploit Author: prabhatverma.addada # Vendor Homepage:... Thu, 09 Apr 2026 20:52:26 +0000 esm-dev 136 Path Traversal https://cxsecurity.com/issue/WLB-2026040004 WLB-2026040004 2026-04-09 20:52:13 CET Byte Reaper Topic: esm-dev 136 Path Traversal Risk: Medium Text:# Exploit Title: esm-dev 136 - Path Traversal # Date: 2025-07-11 # Exploit Author: Byte Reaper #Vendor Homepage: https://g... Thu, 09 Apr 2026 20:52:12 +0000 Linux Kernel mseal Invariant Violation (Linux kernel 6.17-7.0 rc5) https://cxsecurity.com/issue/WLB-2026040003 WLB-2026040003 2026-04-04 16:01:28 CET Antonius Topic: Linux Kernel mseal Invariant Violation (Linux kernel 6.17-7.0 rc5) Risk: High Text:Title : CVE-2026-23416 - Linux Kernel mseal Invariant Violation (Linux kernel 6.17-7.0 rc5) Exploit Poc : https://github.com... Sat, 04 Apr 2026 16:01:28 +0000 astrojs/vercel < = 10.0.0 - Unauthenticated x-astro-path Header Path Override https://cxsecurity.com/issue/WLB-2026040002 WLB-2026040002 2026-04-03 20:23:39 CET Mohammed Idrees Banyamer Topic: astrojs/vercel < = 10.0.0 - Unauthenticated x-astro-path Header Path Override Risk: Medium Text:#!/usr/bin/env python3 # Exploit Title: @astrojs/vercel < = 10.0.0 - Unauthenticated x-astro-path Header Path Override ... Fri, 03 Apr 2026 20:23:39 +0000 Microsoft SQL Server Privilege Elevation Through https://cxsecurity.com/issue/WLB-2026040001 WLB-2026040001 2026-04-03 20:23:17 CET Emad Al-Mousa Topic: Microsoft SQL Server Privilege Elevation Through Risk: Medium Text:Title: Microsoft SQL Server Privilege Elevation Through ##MS_DatabaseManager## Role [CVE-2025-24999] Product: Database Manufa... Fri, 03 Apr 2026 20:23:17 +0000 FreeScout Unauthenticated RCE via ZWSP .htaccess Bypass https://cxsecurity.com/issue/WLB-2026030038 WLB-2026030038 2026-03-31 19:40:02 CET offensiveee Topic: FreeScout Unauthenticated RCE via ZWSP .htaccess Bypass Risk: High Text:## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-... Tue, 31 Mar 2026 19:40:02 +0000 Wavlink WL-WN579X3-C firewall.cgi UPNP Stack-based Buffer Overflow https://cxsecurity.com/issue/WLB-2026030037 WLB-2026030037 2026-03-31 19:38:49 CET Mohammed Idrees Banyamer Topic: Wavlink WL-WN579X3-C firewall.cgi UPNP Stack-based Buffer Overflow Risk: Medium Text:# Exploit Title: Wavlink WL-WN579X3-C firewall.cgi UPNP Stack-based Buffer Overflow # CVE: CVE-2026-5004 # Date: 2026-03-29 ... Tue, 31 Mar 2026 19:38:48 +0000 esiclivre 0.2.2 SQL Injection https://cxsecurity.com/issue/WLB-2026030036 WLB-2026030036 2026-03-26 08:58:54 CET Bryan Topic: esiclivre 0.2.2 SQL Injection Risk: Medium Text:# CVE-2026-30655 — SQL Injection in esiclivre (password reset) ## Summary A SQL injection vulnerability exists in the pas... Thu, 26 Mar 2026 08:58:54 +0000 Payara Server Cross Site Scripting https://cxsecurity.com/issue/WLB-2026030035 WLB-2026030035 2026-03-26 08:56:48 CET DeepSecurity Research Topic: Payara Server Cross Site Scripting Risk: Low Text:# XSS to Admin account takeover (CVE-2025-14340) A Cross-Site Scripting vulnerability in Payara’s Administration Rest Inte... Thu, 26 Mar 2026 08:56:48 +0000