Cyber Security Daily Radar

该论文研究去中心化非托管小额支付系统中信用额度超越全抵押的可行性及激励条件。在现有方案中，信用额度往往与抵押资产挂钩，导致流动性需求随交易量增长，限制了信用支付的实用性。本文通过博弈论模型，分析在公开监控下重复的买家-商家交互，识别出有限风险暴露、可验证结算结果和持续价值在威慑策略性违约中的作用。研究表明，在非托管执行环境下，可以通过这些机制维持部分抵押的信用扩张，无需依赖托管信任，从而在资本效率和激励兼容性之间取得平衡。作为应用层实例，Arbitrum Nitro上实现的原型展示了基于信用额度的设计在结算、承诺和激励执行路径上能够以低链上开销实现。该工作为去中心化支付通道的资本效率优化提供了理论基础，适合对DeFi、加密经济学和支付系统设计感兴趣的研究者阅读。

AgentFlow's local web API accepts non-JSON content types on POST /api/runs and POST /api/runs/validate endpoints without enforcing application/json validation, allowing attackers to bypass trust-boundary enforcement on sensitive operations. Attackers can exploit this content-type validation weakness through browser-driven or local cross-origin requests to abuse the localhost API and enable attack

## Impact An unauthenticated attacker could register a malicious MCP OAuth client with a crafted `client_name`. If a victim user authorized the OAuth consent dialog and a second user subsequently revoked that access, a toast notification would render the injected script. Clicking the link would execute arbitrary JavaScript in the victim's authenticated n8n browser session, enabling credential and

### Impact The vulnerability allows an attacker to inject malicious Javascript into a victim's browser to run it in the context of Icinga Web. The victim needs to visit a specifically prepared website and may have no immediate chance to notice any wrongdoing. ### Patches Version 0.13.1 includes a fix for this. It will be published as part of `icinga-php-library` version 0.19.2. ### Workarounds E

### Summary The `roadiz/openid` package generates an OIDC nonce in `OAuth2LinkGenerator::generate()` and includes it in the authorization request sent to the identity provider, but **never stores it** and **never validates it** on the callback. The `OpenIdJwtConfigurationFactory` validation chain does not include a nonce constraint, and `OpenIdAuthenticator::authenticate()` never checks the nonce

The usage of `is_file`, used to verify if the `$filename` is indeed an actual file, by all(?) `Reader` implementations (inside the helper function `File::assertFile`) is php-wrapper aware, for any [php wrappers](https://www.php.net/manual/en/wrappers.php) implementing `stat()`. The 3 wrappers `ftp://`, `phar://` and `ssh2.sftp://`, all satisfy this requirement - 2 of which are shown in the PoC bel

A security vulnerability has been detected in 1024-lab smart-admin up to 3.30.0. This affects an unknown function of the file /smart-admin-api/druid/index.html of the component Demo Site. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue re

A flaw has been found in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. Affected is the function sub_427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.

A vulnerability was detected in Tenda 4G300 US_4G300V1.0Mt_V1.01.42_CN_TDC01. This impacts the function sub_425A28 of the file /goform/DelFil. The manipulation of the argument delflag results in command injection. The attack may be launched remotely. The exploit is now public and may be used.

A flaw has been found in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the file /admin/update_customer.php. This manipulation of the argument type/length/business parameter validity causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.

A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/export_results/compare_results/scan_directory/create_rule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command injection. The attack can be executed remotely. The exploit is now public and may be used. Upgrading t

A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The proje

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

A weakness has been identified in BurtTheCoder mcp-dnstwist up to 1.0.4. Affected by this vulnerability is the function fuzz_domain of the file src/index.ts of the component MCP Interface. Executing a manipulation of the argument Request can lead to os command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. The projec

A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks.

Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting. Plack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware constructor or the Plack environment. A malicious client can set the X-Sendfile-Type header to "X-Accel-Redirect" to ser

A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhs_publish_content of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument media_paths results in server-side request forgery. The attack may be initiated remotely. The exploit has been made public and could be used. The project was informed of the problem early t

A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEdit_ap. The manipulation of the argument Profile leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.

A vulnerability was found in PolarVista xcode-mcp-server 1.0.0. This issue affects the function build_project/run_tests of the file src/index.ts of the component MCP Interface. The manipulation of the argument Request results in os command injection. The attack may be launched remotely. The exploit has been made public and could be used. The project was informed of the problem early through an iss

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=add_to_cart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_user of the file /admin/ajax.php?action=save_user. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.

### Impact A vulnerability in `datastore_search_sql` allowed attackers to inject SQL in order to gain access to private resources and PostgreSQL system information. ### Patches The issue has been patched in CKAN 2.10.10 and CKAN 2.11.5 ### Workarounds Disable the DataStore SQL search (`ckan.datastore.sqlsearch.enabled = false`). Note that the SQL search is disabled by default. ### More informa

The `BetaLocalFilesystemMemoryTool` in the Anthropic TypeScript SDK created memory files and directories using the Node.js default modes (`0o666` for files, `0o777` for directories), leaving them world-readable on systems with a standard umask and world-writable in environments with a permissive umask such as many Docker base images. A local attacker on a shared host could read persisted agent sta

### Impact OGC API - Process execution requests can use the `subscriber` object to requests to internal HTTP services. ### Patches The issue has been patched in master branch and made available as part of the 0.23.3 release. The patch disables any HTTP requests made to internal resources by default (unless explicitly defined in configuration by a new `allow_internal_requests` directive. The com

### Impact A raw string path concatenation vulnerability in pygeoapi's STAC FileSystemProvider plugin can allow for requests to STAC collection based collections to expose directories without authentication. The issue manifests when pygeoapi is deployed without a proxy or web front end that would normalize URLs with `..` values, along with a resource of type `stac-collection` defined in configura

### Summary A critical Denial of Service (DoS) vulnerability exists in `marked@18.0.0`. By providing a specific 3-byte input sequence a tab, a vertical tab, and a newline (`\x09\x0b\n`)—an unauthenticated attacker can trigger an infinite recursion loop during parsing. This leads to unbounded memory allocation, causing the host Node.js application to crash via Memory Exhaustion (OOM). ### Details

## Summary `Role::stopMembership()` does not verify whether removing a user from the administrator role leaves zero administrators. The deprecated `Membership::stopMembership()` contains this safety check, but the current code path bypasses it. Any administrator can remove the last remaining other administrator, locking the entire system out of administrative access. The exploit does not require

## Summary A logic error in Admidio's two-factor authentication reset inverts the authorization check. Non-admin users cannot remove their own TOTP configuration, but they can remove other users' TOTP, including administrators. A group leader with profile edit rights on an admin account can strip that admin's 2FA. ## Details In `modules/profile/two_factor_authentication.php` at line 84, the aut

## Summary The member assignment DataTables endpoint (`members_assignment_data.php`) includes hidden profile fields (BIRTHDAY, STREET, CITY, POSTCODE, COUNTRY) in its SQL search condition regardless of field visibility settings. While the JSON output correctly suppresses hidden columns via `isVisible()` checks, the server-side search operates at the SQL level before any visibility filtering. This

## Summary The `contacts_data.php` endpoint uses a weaker permission check (`isAdministratorUsers()`, requiring only `rol_edit_user=true`) than the frontend UI (`contacts.php`) which correctly requires the stronger `isAdministrator()` (requiring `rol_administrator=true`) and the `contacts_show_all` system setting. A user manager who is not a full administrator can directly request `contacts_data.

## Summary The `add` mode in `modules/documents-files.php` accepts a `name` parameter validated only as `'string'` type (HTML encoding), allowing path traversal characters (`../`) to pass through unfiltered. Combined with the absence of CSRF protection on this endpoint and `SameSite=Lax` session cookies, a low-privileged attacker can trick a documents administrator into clicking a crafted link th

## Summary The `ecard_preview.php` endpoint does not validate that the `ecard_template` POST parameter is a safe filename before passing it to `ECard::getEcardTemplate()`. An authenticated user can supply a path traversal payload (e.g., `../config.php`) to read arbitrary files accessible to the web server process, including `adm_my_files/config.php` which contains database credentials. ## Detail

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument student_id/full_name/section/username results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be us

A security vulnerability has been detected in geekgod382 filesystem-mcp-server 1.0.0. This issue affects the function is_path_allowed of the file server.py of the component read_file_tool/write_file_tool. Such manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.1.0 is capable of addressing this i

A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web (MotW) protections. When an archive is downloaded from the internet and extracted using B1 Free Archiver, the software fails to propagate the 'Zone.Identifier' alternate data stream to the extracted files. As a result, these files can be executed without triggering Windows

Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/save_collection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP code through rule parameters which is written directly to server-side PHP files and executed via incl

A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is the function save_settings of the file /pizzafy/admin/ajax.php?action=save_settings of the component Setting Handler. Such manipulation leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function list_rules/fetch_rule of the file src/gel_mcp/server.py. The manipulation of the argument rule_name results in path traversal. The attack may be performed from remote. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report b

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this issue is the function save_menu of the file /admin/ajax.php?action=save_menu. Performing a manipulation results in sql injection. The attack can be initiated remotely. The exploit is now public and may be used.

A weakness has been identified in getsimpletool mcpo-simple-server up to 0.2.0. Affected is the function delete_shared_prompt of the file src/mcpo_simple_server/services/prompt_manager/base_manager.py. This manipulation of the argument detail causes relative path traversal. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attac

Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized string in the License Name field. Attackers can craft a malicious input containing shellcode with structured exception handler (SEH) overwrite to bypass protections and execute code with application privileges.

LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interface. Attackers can exploit the upload endpoint with directory traversal sequences to write files to arbitrary locations on the system, enabling remote code execution.

Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malicious payload through the optional proxy hostname field in the PrimeNet connection settings to trigger the overflow and execute system commands.

Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input string with 780 bytes of junk data followed by SEH chain pointers and shellcode, then paste it into the License Name field during re

Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hijack user sessions and gain unauthorized access to the PACS system.

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor.

SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key. Attackers can inject shellcode through the Unlock Key field during registration to execute arbitrary code with application privileges.

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross-site request forgery flaw in the web management interface. Attackers with valid credentials can leverage the CSRF vulnerability to inject and execute system commands through the Tools > System > Shel

Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with structured exception handler (SEH) overwrite and shellcode to achieve code execution when the application processes the license registration input.

BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attackers can modify the field_hiddenfile and field_deleteimg parameters during profile editing to unlink files from the server.

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows authenticated attackers to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl, download_xml.pl, download.pl, downloadmib.pl, or downloadFile.pl with directory traversal payloads to read sensitive system

Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploitation. Attackers can craft a malicious URL file that, when imported through the File > Import > Import lists of downloads menu, causes a buffer overflow in the Location header response that overwrites t

AgentFlow contains an arbitrary code execution vulnerability that allows attackers to execute local Python pipeline files by supplying a user-controlled pipeline_path parameter to the POST /api/runs and POST /api/runs/validate endpoints. Attackers can induce requests to the local AgentFlow API to load and execute existing Python pipeline files on disk, resulting in code execution in the context of

Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious username string. Attackers can craft a payload containing junk data, SEH chain pointers, and shellcode that overwrites the SEH handler to redirect execution and run arbitrary commands like opening calc.exe.

XATABoost CMS 1.0.0 contains a union-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id parameter. Attackers can send GET requests to news.php with malicious id values to extract sensitive database information.

Allok AVI to DVD SVCD VCD Converter 4.0.1217 contains a structured exception handling (SEH) based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with junk data, NSEH bypass, SEH handler address, and shellcode that triggers the overflow when pasted into the License Name fiel

SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can inject a large payload through the Proxy Server Host Name field in the Options menu to crash the application.

PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmentation fault in the XRef::getEntry function within libpoppler by providing a specially crafted PDF file to the pdfunite utility.

A weakness has been identified in florensiawidjaja BioinfoMCP up to 7ada7918b9e515604d3c0ae264d3a9af10bf6e54. This vulnerability affects the function Upload of the file bioinfo_mcp_platform/app.py of the component Upload Endpoint. This manipulation of the argument Name causes path traversal. The attack can be initiated remotely. The exploit has been made available to the public and could be used f

A security flaw has been discovered in NousResearch hermes-agent 0.8.0. This affects the function _check_sensitive_path of the file tools/file_tools.py. The manipulation results in symlink following. Attacking locally is a requirement. The exploit has been released to the public and may be used for attacks. Upgrading to version 0.9.0 is able to mitigate this issue. The patch is identified as 311da

Dell/Alienware Purchased Apps, versions prior to 1.1.31.0, contain an Improper Link Resolution Before File Access ('Link Following') vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Arbitrary File Write

## Impact The `dynamic-node-parameters` endpoints did not verify whether the authenticated caller was authorized to use a supplied credential reference. An authenticated user with access to a shared workflow could supply a foreign credential ID in the request body, causing the backend to decrypt and use that credential in a helper execution path where the caller also controls the destination URL.

## Impact An authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbitrary code execution on the task runner container. - This issue only affects instances where the Python Task Runner is enabled. ## Patches The issue has been fixed in n8n versions 1.123.32, 2.17.4, and 2.18.1. Users should upgrade to one of these ve

## Impact An authenticated user with a valid API key scoped to `variable:list` could read variables from projects they are not a member of by supplying an arbitrary `projectId` query parameter to the public API variables endpoint. The handler queried the variables repository directly without enforcing project membership checks, bypassing the authorization-aware service layer used by the internal e

## Impact The MCP OAuth client registration endpoint accepted unauthenticated requests and stored client data without adequate resource controls. An unauthenticated remote attacker could exhaust server memory resources by sending large registration payloads, rendering the n8n instance unavailable. The MCP enable/disable toggle gates MCP access but did not restrict client registrations, meaning the

## Impact The `/chat` WebSocket endpoint used by the Chat Trigger node's Hosted Chat feature did not verify that an incoming connection was authorized to interact with the target execution. An unauthenticated remote attacker who could identify a valid execution ID for a workflow in a waiting state could attach to that execution, receive the pending prompt intended for the legitimate user, and subm

## Impact A flaw in the SeaTable node's `row:search` and `row:get` operations allowed user-controlled input to be concatenated directly into SQL query strings without escaping or parameterization. In workflows where external user input is passed via expressions into the SeaTable node's search or row retrieval parameters, an attacker could manipulate the constructed query to retrieve unintended row

## Impact The `/mcp-oauth/register` endpoint accepted OAuth client registrations without authentication, allowing arbitrary `redirect_uri` values to be registered. When a user denies the MCP OAuth consent dialog, the `handleDeny` handler redirects the user to the registered `redirect_uri` without validation, enabling an open redirect to an attacker-controlled URL. An attacker can craft a phishing

## Impact A flaw in the Oracle Database node's select operation allowed user-controlled input passed into the `Limit` field via expressions to be interpolated directly into the SQL query without sanitization or parameterization. In workflows where external input is passed into the `Limit` field (e.g., from a webhook), an attacker could inject arbitrary SQL and exfiltrate data from the connected Or

## Impact The fix for [GHSA-f3f2-mcxc-pwjx](https://github.com/advisories/GHSA-f3f2-mcxc-pwjx) did not cover the Snowflake node or the legacy MySQL v1 node. Both nodes construct SQL queries by directly interpolating user-controlled table names, column names, and update keys into query strings without identifier escaping, enabling SQL injection against the connected database. Exploitation requires

### Summary A remote Denial of Service (DoS) vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during the processing of 4-byte AS attributes when the message structure causes an internal slice index shift that is not properly handled. ### Details The vulnerability is located in internal/pkg/table/message.go within

### Summary A theme upload feature allows any authenticated backend user with theme-upload permission to achieve remote code execution (RCE) by uploading a crafted ZIP file. PHP files inside the ZIP are installed into the web-accessible public/ directory with no extension or content filtering, making them directly executable via HTTP. ### Details File: `modules/Theme/Controllers/Theme.php` Afte

Views can be marked as exempt from CSRF protection Access to the views via tokens or unauthenticated requests marked the endpoint as not requiring CSRF protection. The marking was a member variable in flask-wtf.csrf.CSRFProtect(), which was stored as a module level variable in the flask_app middleware. Thsi API was never intended for request level changes, it is primarily a decorator for stati

### Impact Configured SMTP server may be spoofed with any certificate (e.g. self-signed), leaving credentials and all emails sent open to MITM attacks. ### Patches The vulnerability has been patched in CKAN 2.10.10 and CKAN 2.11.5

## Summary The XLSX reader's `ColumnAndRowAttributes::readRowAttributes()` method reads row numbers from XML attributes without validating them against the spreadsheet maximum row limit (`AddressRange::MAX_ROW = 1,048,576`). An attacker can craft a minimal XLSX file (~1.6KB) containing a `` element that inflates `cachedHighestRow` to 999,999,999, causing any subsequent row iteration to attempt ~1

## Summary The SpreadsheetML XML reader (`Reader\Xml`) does not validate the `ss:Index` row attribute against the maximum allowed row count (`AddressRange::MAX_ROW = 1,048,576`). An attacker can craft a SpreadsheetML XML file with `ss:Index="999999999"` on a `` element, which inflates the internal `cachedHighestRow` to ~1 billion. Any subsequent call to `getRowIterator()` without an explicit end

A vulnerability was determined in SourceCodester Pizzafy Ecommerce System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/view_order.php of the component GET Parameter Handler. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

### Summary The optional flag `--filter-system-calls` was not applied even if specified. ### Details This is a defense in depth feature to apply additional seccomp filters after the binary has started. The example config also sandboxes the binary with systemd. ### Impact Reduced sandboxing of the netfoil binary.

### Summary Rules could be bypassed by changing the first character: `example.com` could be be bypassed by e.g. `fxample.com`. ### Details Off-by-one error in the suffixtrie implementation. ### Impact The domain filter could be bypassed. Please note that DNS filtering alone is not enough to block malicious traffic.

### Summary A SQL injection vulnerability exists in `FilterDataServiceCE.java` where the `dropTable` method constructs a SQL `DROP TABLE` statement using string concatenation with the table name. If the table name is derived from user input, this allows for arbitrary SQL command execution. ### Details The vulnerability is located in `app/server/appsmith-interfaces/src/main/java/com/appsmith/exter

SourceCodester Pet Grooming Management Software 1.0 存在SQL注入漏洞，位于文件 /admin/update_customer.php 中。攻击者通过操纵 type、length、business 等参数，可以在后台数据库中执行任意SQL命令。该漏洞可被远程利用，且已有公开的利用代码。成功利用后，攻击者能够读取、修改或删除数据库中的敏感信息，例如客户资料、宠物信息等。由于该软件可能用于小型宠物店管理，数据泄露可能导致客户隐私受损。目前官方尚未发布补丁，建议用户在受影响路径上实施访问控制或限制管理后台的暴露。

VetCoders 开发的 mcp-server-semgrep 版本 1.0.0 中存在一个 OS 命令注入漏洞。该漏洞位于 src/index.ts 文件的 MCP 接口中，涉及 analyze_results、filter_results、export_results、compare_results、scan_directory、create_rule 等多个函数。攻击者可以通过向参数 ID 注入恶意操作系统命令，实现远程命令执行。由于攻击者无需任何身份验证即可利用此漏洞（CVSS 攻击向量为 AV:N/AC:L/PR:N/UI:N），且漏洞利用代码已公开，实际攻击风险较高。成功利用后，攻击者可以在服务器上以运行服务的用户权限执行任意命令，导致机密性、完整性和可用性部分受损（CVSS 评分 7.3，高危）。厂商已在版本 1.0.1 中修复此漏洞，补丁提交为 141335da044e53c3f5b315e0386e01238405b771。建议所有受影响用户立即升级至 1.0.1 或更高版本，并在无法立即升级的情况下限制 MCP 接口的网络访问。

CVE-2026-7445 是 ZachHandley ZMCPTools 组件（版本 ≤0.2.2）中的一个路径遍历漏洞。该漏洞位于 src/managers/ResourceManager.ts 文件的 MCP 日志资源处理功能中，攻击者可操纵 dirname 参数实现路径遍历攻击。由于漏洞可通过远程方式利用，攻击者无需本地访问即可实施攻击。漏洞的利用方法已公开披露，可能被用于实际攻击。尽管项目方已通过问题报告获知此漏洞，但尚未发布修复补丁或做出回应。该漏洞的 CVSS 评分为 6.3（中等），影响范围包括机密性、完整性和可用性的部分受损。建议受影响用户限制受控组件（MCP）的网络暴露，特别是对涉及日志资源处理的目录进行访问控制，直至官方发布补丁。由于项目方未响应，可考虑临时禁用相关功能或迁移至替代方案。

CVE-2026-7417 是 Algovate xhs-mcp 0.8.11 版本中的一个服务端请求伪造 (SSRF) 漏洞。该漏洞位于组件 MCP Interface 的 src/server/mcp.server.ts 文件中，具体存在于函数 xhs_publish_content。攻击者可以通过远程方式操纵参数 media_paths，从而发起 SSRF 攻击。SSRF 漏洞允许攻击者诱使服务器向内部或外部系统发送恶意请求，可能导致敏感信息泄露、内部网络扫描或进一步的攻击。该漏洞的利用代码已公开，增加了被实际利用的风险。项目方已通过 issue 报告获知此问题，但尚未回应或发布补丁。CVSS 评分为 7.3（高），攻击复杂度低，无需权限，影响机密性、完整性和可用性（均为低）。受影响的版本为 xhs-mcp 0.8.11，可能影响使用该组件的应用。建议用户关注官方更新，并考虑限制受影响服务的网络暴露，应用必要的输入验证和过滤措施，以降低风险。

CVE-2026-7416 影响 PolarVista xcode-mcp-server 1.0.0 版本，漏洞位于 src/index.ts 文件中的 build_project 和 run_tests 函数，通过 MCP 接口的 Request 参数可触发 OS 命令注入。攻击者可远程利用该漏洞，且利用代码已公开，增加了被恶意利用的风险。厂商已通过 issue 报告获知此问题，但尚未做出回应或发布补丁。由于未认证即可远程触发，攻击者可执行任意系统命令，可能导致数据泄露、服务中断或进一步横向移动。目前无官方修复方案，建议用户限制网络暴露，仅允许可信来源访问，并监控异常请求。

这是 SourceCodester Pizzafy 电子商务系统 1.0 中的一个 SQL 注入漏洞，位于 /admin/ajax.php?action=add_to_cart 文件。攻击者可以通过操纵 'pid' 参数，在后台数据库中执行任意 SQL 语句，导致数据泄露、篡改或破坏。该漏洞无需特殊权限即可远程利用，目前已公开概念验证代码，增加了被攻击的风险。由于 CVSS 评分为 6.3（中等），且厂商尚未发布补丁，建议用户立即限制管理后台的网络暴露，并监控异常数据库查询活动。

该漏洞存在于 SourceCodester Pizzafy Ecommerce System 1.0 的 /admin/ajax.php?action=save_user 函数中，攻击者可通过远程发送特制请求触发 SQL 注入漏洞。由于该函数未对用户输入进行充分过滤和转义，具有高权限（PR:H）的攻击者能够构造恶意 SQL 语句，进而可能导致数据库信息泄露、数据篡改或部分服务受影响。CVSS 评分 4.7（中等），攻击复杂度低，无需用户交互，影响范围包括机密性、完整性和可用性的低度损失。目前已有公开的利用代码发布，增加了被攻击的风险。受影响系统为 SourceCodester Pizzafy Ecommerce System 1.0，厂商尚未发布官方补丁。建议管理员限制对 /admin/ 目录的网络访问，仅允许受信任 IP，并监控相关日志以检测异常请求。同时，可通过代码审计和输入验证修复该漏洞。

CVE-2026-7408 是影响 SourceCodester Pizzafy Ecommerce System 1.0 的 SQL 注入漏洞。漏洞存在于 /admin/ajax.php?action=save_menu 文件中的 save_menu 函数内，攻击者可通过向该端点发送特制请求，在未正确过滤输入的情况下执行恶意 SQL 语句，从而导致数据库被非法访问或篡改。由于该接口需要管理员权限（CVSS 权限要求为高），但攻击者可远程发起攻击，且利用代码已公开，因此风险不容忽视。成功利用此漏洞的攻击者可能读取、修改或删除数据库中的敏感信息，如用户凭证、订单数据等，进而影响系统的机密性和完整性。尽管 CVSS 评分为 4.7（中危），但由于漏洞利用已公开，且可远程触发，实际威胁应引起重视。建议受影响的用户立即更新至官方发布的安全版本，如暂无补丁，应严格限制 /admin 路径的访问来源，仅允许可信 IP 访问，并启用 Web 应用防火墙（WAF）拦截常见 SQL 注入攻击载荷。

SourceCodester Pizzafy Ecommerce System 1.0 存在SQL注入漏洞，位于文件 /pizzafy/admin/ajax.php 的 save_settings 函数中。攻击者可利用Setting Handler组件通过HTTP请求向参数注入恶意SQL代码，从而操纵数据库。该漏洞可远程利用，CVSS 3.1评分为4.7（中等），要求攻击者具有高权限（PR:H），但无需用户交互。由于漏洞细节和利用代码已公开披露，存在被攻击者利用的风险。受影响系统为Pizzafy Ecommerce System 1.0版本。建议管理员尽快应用厂商提供的补丁或升级到最新版本；若无法立即修复，应严格限制对/admin目录的访问，仅允许可信IP，并部署Web应用防火墙（WAF）过滤SQL注入载荷。同时，审计数据库日志以检测异常查询。

CVE-2026-7404 影响 getsimpletool 开发的 mcpo-simple-server 版本 0.2.0 及之前版本。该漏洞位于 src/mcpo_simple_server/services/prompt_manager/base_manager.py 文件中的 delete_shared_prompt 函数。由于对参数 detail 的清理不足，导致相对路径遍历攻击。攻击者可以在无需认证的情况下，通过远程发送特制请求，利用路径遍历删除服务器上任意文件或读取敏感信息。该漏洞的 CVSS 评分为 7.3 (高)，攻击复杂度低，无需特权。目前已有公开的利用代码，但厂商尚未发布补丁或修复版本。建议受影响的用户立即采取缓解措施，如限制网络访问或升级到最新版本（如果可用）。

CVE-2026-7403 影响 geldata gel-mcp 0.1.0 版本，存在于 src/gel_mcp/server.py 文件中的 list_rules 和 fetch_rule 函数。攻击者可以通过操纵 rule_name 参数，实施路径遍历攻击，远程读取服务器上的任意文件（如配置文件、敏感数据等）。该漏洞已公开利用代码，但厂商尚未响应修复。CVSS 评分为 5.3（中等），攻击复杂度低，无需认证，且可利用性高。虽然目前未被列入已知利用漏洞目录（KEV）或标记为在野利用，但鉴于 PoC 公开，应该视为潜在威胁。受影响产品为 gel-mcp 模块，广泛用于 MongoDB 数据库的交互管理（MCP 协议）。建议立即将 gel-mcp 服务隔离到内网，禁止公网直接访问，并监控对 list_rules/fetch_rule 接口的异常请求。若后续有官方补丁，需优先升级。

NVD 公开了 CVE-2026-7443，影响 BurtTheCoder 开发的 mcp-dnstwist 工具（一个用于域名相似度对比的 MCP 服务），版本 ≤1.0.4。漏洞位于 src/index.ts 文件的 fuzz_domain 函数中，攻击者通过向 MCP 接口的 Request 参数注入恶意系统命令，可导致远程 OS 命令注入。由于该组件通常以较高权限运行在服务器或自动化环境中，且无需身份验证即可远程触发（CVSS AV:N/AC:L/PR:N/UI:N），攻击者能够执行任意系统命令。漏洞细节和利用代码（PoC）已在公开渠道发布，增加了被积极利用的风险。项目维护者已通过 issue 报告获知此问题但尚未回应或发布修复。鉴于攻击面明确且利用难度低，建议所有使用该工具的用户立即采取缓解措施。

CVE-2026-7420 影响 UTT HiPER 1250GW 路由器固件版本 3.2.7-210907-180535 及之前版本。漏洞位于文件 /route/goform/ConfigAdvideo 中的 strcpy 函数，通过操纵参数 Profile 可触发缓冲区溢出。攻击者无需认证即可远程利用，但需要低权限（CVSS 权限要求为低）。成功利用可导致远程代码执行，完全控制设备（机密性、完整性、可用性均受高影响）。CVSS 评分 8.8（高）。尽管目前该漏洞未被列入已知利用漏洞目录（KEV），且元数据未标明已在野利用，但 PoC 已公开，实际攻击风险较高。建议用户立即升级固件至最新版本，或限制对受影响端口的网络访问，同时监控异常流量。

该漏洞影响 UTT HiPER 1250GW 路由器固件版本至 3.2.7-210907-180535。漏洞位于 route/goform/formTaskEdit_ap 文件的 strcpy 函数中，攻击者可通过向 Profile 参数提交特制输入触发栈缓冲区溢出，从而可能导致远程代码执行。CVSS 评分为 8.8（高），攻击复杂度低，需要低权限，无需用户交互，影响机密性、完整性和可用性。目前已有公开的利用代码，可能被攻击者用于完全控制受影响设备。受影响设备通常暴露在网络上，风险较高。

CVE-2026-7381 影响 Perl 的 Plack::Middleware::XSendfile 模块至版本 1.0053。该中间件用于处理 X-Sendfile 类型的文件发送，但存在一个安全缺陷：如果中间件构造函数或 Plack 环境未明确指定发送文件类型，则客户端可以通过 X-Sendfile-Type 请求头控制发送类型。恶意客户端可将 X-Sendfile-Type 设置为 'X-Accel-Redirect'，针对后端使用 nginx 反向代理的服务，然后通过 X-Accel-Mapping 头将路径映射到服务器上的任意文件。虽然该漏洞与 CVE-2025-61780（影响 Rack::Sendfile）类似，但 Plack::Middleware::XSendfile 有一定的缓解措施：禁止在映射中使用正则表达式，且仅对 'X-Accel-Redirect' 类型应用映射。自 1.0053 版本起，该模块已被标记为弃用，并将从未来的 Plack 发行版中移除。暂无 CVSS 评分和 EPSS 数据，也未列入已知利用漏洞目录（KEV）或观察到在野利用。影响范围包括所有使用 Plack::Middleware::XSendfile 且未正确配置发送文件类型的 Web 应用，尤其是部署在 nginx 反向代理后的服务。

CVE-2026-6221 是一个被其编号管理机构（CNA）拒绝或撤销的 CVE 标识符。根据 NVD 记录，该 CVE 没有提供任何技术细节、受影响的产品或厂商信息，也没有 CVSS 评分、EPSS 评分或任何利用指标。该漏洞已被正式拒绝，因此不构成任何实际安全风险。对于防御者而言，无需关注此条目，也不会对当前环境产生威胁。

CVE-2026-7418 是 UTT HiPER 1250GW 路由器（固件版本 3.2.7-210907-180535 及之前）中的一个缓冲区溢出漏洞。该漏洞位于 route/goform/NTP 文件中的 strcpy 函数，攻击者可以通过操纵 Profile 参数触发缓冲区溢出，实现远程代码执行。攻击复杂度低，无需用户交互，但需要低权限（PR:L）。CVSS v3.1 评分为 8.8（高严重性），影响机密性、完整性和可用性。漏洞利用细节已公开披露，可能被利用发动远程攻击。建议用户尽快升级固件到最新版本，并限制对设备管理接口的网络暴露（例如仅允许信任 IP 访问），以降低被攻击风险。

wget2 accepts a server certificate with incorrect Key Usage (KU) or Extended Key Usage (EKU). If the attackers compromise a certificate (with the associated private key) issued for a different purpose, they may be able to reuse it for TLS server authentication.

A vulnerability in B1 Free Archiver v1.5.86 allows files extracted from downloaded archives to bypass Windows Mark of the Web (MotW) protections. When an archive is downloaded from the internet and extracted using B1 Free Archiver, the software fails to propagate the 'Zone.Identifier' alternate data stream to the extracted files. As a result, these files can be executed without triggering Windows

A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=register of the component Registration. The manipulation of the argument student_id/full_name/section/username results in cross site scripting. The attack can be launched remotely. The exploit is now public and may be us

A security vulnerability has been detected in geekgod382 filesystem-mcp-server 1.0.0. This issue affects the function is_path_allowed of the file server.py of the component read_file_tool/write_file_tool. Such manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 1.1.0 is capable of addressing this i

Cockpit CMS contains an authenticated remote code execution vulnerability in the /cockpit/collections/save_collection endpoint that allows authenticated attackers with collection management privileges to inject arbitrary PHP code into collection rules parameters. Attackers can inject malicious PHP code through rule parameters which is written directly to server-side PHP files and executed via incl

Alloksoft Video joiner 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with structured exception handler (SEH) overwrite and shellcode to achieve code execution when the application processes the license registration input.

Allok soft WMV to AVI MPEG DVD WMV Converter 4.6.1217 contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying an oversized string in the License Name field. Attackers can craft a malicious input containing shellcode with structured exception handler (SEH) overwrite to bypass protections and execute code with application privileges.

SysGauge 4.5.18 contains a buffer overflow vulnerability in the proxy configuration handler that allows local attackers to cause a denial of service by supplying an oversized string. Attackers can inject a large payload through the Proxy Server Host Name field in the Options menu to crash the application.

LifeSize ClearSea 3.1.4 contains directory traversal vulnerabilities that allow authenticated attackers to download and upload arbitrary files by manipulating path parameters in the smartgui interface. Attackers can exploit the upload endpoint with directory traversal sequences to write files to arbitrary locations on the system, enabling remote code execution.

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated directory traversal vulnerability that allows authenticated attackers to disclose arbitrary files by injecting path traversal sequences in the ID parameter. Attackers can submit requests to downloadsys.pl, download_xml.pl, download.pl, downloadmib.pl, or downloadFile.pl with directory traversal payloads to read sensitive system

VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cross-site request forgery flaw in the web management interface. Attackers with valid credentials can leverage the CSRF vulnerability to inject and execute system commands through the Tools > System > Shel

MyBB Recent threads 17.0 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating threads with crafted subject lines. Attackers can create threads with script tags in the subject parameter to execute arbitrary JavaScript in the browsers of all users viewing the index page.

BuddyPress Xprofile Custom Fields Type 2.6.3 contains a remote code execution vulnerability that allows authenticated users to delete arbitrary files by manipulating unescaped POST parameters. Attackers can modify the field_hiddenfile and field_deleteimg parameters during profile editing to unlink files from the server.

SysGauge Pro 4.6.12 contains a local buffer overflow vulnerability in the Register function that allows local attackers to overwrite the structured exception handler by supplying a crafted unlock key. Attackers can inject shellcode through the Unlock Key field during registration to execute arbitrary code with application privileges.

PDFunite 0.41.0 contains a buffer overflow vulnerability that allows local attackers to crash the application by processing malformed PDF files during merge operations. Attackers can trigger a segmentation fault in the XRef::getEntry function within libpoppler by providing a specially crafted PDF file to the pdfunite utility.

librsvg2-bin 2.40.13 contains a buffer overflow vulnerability that allows local attackers to cause a denial of service by processing malformed SVG files. Attackers can supply crafted SVG input to the rsvg conversion tool to trigger a segmentation fault in the cairo image compositor.

Free Download Manager 2.0 Built 417 contains a local buffer overflow vulnerability in the URL import functionality that allows attackers to trigger a structured exception handler (SEH) chain exploitation. Attackers can craft a malicious URL file that, when imported through the File > Import > Import lists of downloads menu, causes a buffer overflow in the Location header response that overwrites t

Allok Video to DVD Burner 2.6.1217 contains a stack-based buffer overflow vulnerability in the License Name field that allows local attackers to execute arbitrary code by triggering a structured exception handler (SEH) overwrite. Attackers can craft a malicious input string with 780 bytes of junk data followed by SEH chain pointers and shellcode, then paste it into the License Name field during re

Allok AVI to DVD SVCD VCD Converter 4.0.1217 contains a structured exception handling (SEH) based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the License Name field. Attackers can craft a payload with junk data, NSEH bypass, SEH handler address, and shellcode that triggers the overflow when pasted into the License Name fiel

Easy MPEG to DVD Burner 1.7.11 contains a structured exception handling (SEH) local buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious username string. Attackers can craft a payload containing junk data, SEH chain pointers, and shellcode that overwrites the SEH handler to redirect execution and run arbitrary commands like opening calc.exe.

XATABoost CMS 1.0.0 contains a union-based SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the id parameter. Attackers can send GET requests to news.php with malicious id values to extract sensitive database information.

Prime95 29.4b8 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting structured exception handling (SEH) mechanisms. Attackers can inject malicious payload through the optional proxy hostname field in the PrimeNet connection settings to trigger the overflow and execute system commands.

Merge PACS 7.0 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms targeting the merge-viewer endpoint. Attackers can submit POST requests to /servlet/actions/merge-viewer/summary with login credentials to hijack user sessions and gain unauthorized access to the PACS system.