24h | 7d | 30d

Overview

  • openmrs
  • openmrs-core

06 May 2026
Published
06 May 2026
Updated

CVSS v4.0
CRITICAL (9.4)
EPSS
Pending

KEV

Description

OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the module upload endpoint at POST `/openmrs/ws/rest/v1/module` is vulnerable to a Zip Slip path traversal attack. During automatic extraction of uploaded .omod archives in `WebModuleUtil.startModule()`, ZIP entries under web/module/ are checked only to see whether the full entry path starts with `..,` and the remaining path is then concatenated into the destination path without normalization or a boundary check. A crafted archive can therefore include entries such as `web/module/../../../../malicious.jsp` and cause files to be written outside the intended module directory. An authenticated attacker with module upload access can write arbitrary files to locations such as the web application root and achieve remote code execution by uploading a JSP file and then requesting it. The issue is compounded by the fact that the module.allow_web_admin runtime property is enforced in the legacy UI controller but not in the REST API upload path, so deployments relying on that property to block web-based module administration remain exposed through the REST endpoint. This issue has been fixed in versions after 2.7.8 in the 2.7.x line and in version 2.8.6 and later.

Statistics

  • 1 Post

Last activity: 8 hours ago

Fediverse

Profile picture fallback

🚨 CRITICAL OpenMRS Core vuln: Path traversal (CVE-2026-40076, CVSS 9.4) lets auth users upload .omod files to gain RCE via crafted ZIPs. Affects ≤2.7.8, 2.8.0 – 2.8.5. Upgrade to 2.7.9/2.8.6+ now! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 8h ago

Overview

  • Cisco
  • Cisco Secure Firewall Adaptive Security Appliance (ASA) Software

25 Sep 2025
Published
26 Feb 2026
Updated

CVSS v3.1
CRITICAL (9.9)
EPSS
25.14%

Description

A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker with valid VPN user credentials could exploit this vulnerability by sending crafted HTTP requests to an affected device. A successful exploit could allow the attacker to execute arbitrary code as root, possibly resulting in the complete compromise of the affected device.

Statistics

  • 1 Post

Last activity: 3 hours ago

Bluesky

Profile picture fallback
Vulnerabilità Cisco ASA: la minaccia di exploit pre-auth RCE è vicina 📌 Link all'articolo : www.redhotcyber.com/post/vulnera... A cura di Manuel Pomarè #redhotcyber #news #cybersecurity #hacking #ciscoasa #exploit #rce #sicurezzainformatica #cve202520362 #cve202520333 #infosecurity
  • 0
  • 0
  • 0
  • 3h ago

Overview

  • Cisco
  • Cisco Secure Firewall Adaptive Security Appliance (ASA) Software

25 Sep 2025
Published
26 Feb 2026
Updated

CVSS v3.1
MEDIUM (6.5)
EPSS
44.08%

Description

Update: On November 5, 2025, Cisco became aware of a new attack variant against devices running Cisco Secure ASA Software or Cisco Secure FTD Software releases that are affected by CVE-2025-20333 and CVE-2025-20362. This attack can cause unpatched devices to unexpectedly reload, leading to denial of service (DoS) conditions. Cisco strongly recommends that all customers upgrade to the fixed software releases that are listed in the Fixed Software ["#fs"] section of this advisory. A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security Appliance (ASA) Software and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to access restricted URL endpoints that are related to remote access VPN that should otherwise be inaccessible without authentication. This vulnerability is due to improper validation of user-supplied input in HTTP(S) requests. An attacker could exploit this vulnerability by sending crafted HTTP requests to a targeted web server on a device. A successful exploit could allow the attacker to access a restricted URL without authentication.

Statistics

  • 1 Post

Last activity: 3 hours ago

Bluesky

Profile picture fallback
Vulnerabilità Cisco ASA: la minaccia di exploit pre-auth RCE è vicina 📌 Link all'articolo : www.redhotcyber.com/post/vulnera... A cura di Manuel Pomarè #redhotcyber #news #cybersecurity #hacking #ciscoasa #exploit #rce #sicurezzainformatica #cve202520362 #cve202520333 #infosecurity
  • 0
  • 0
  • 0
  • 3h ago

Overview

  • CODESYS
  • Control RTE (SL)

04 Aug 2025
Published
04 Aug 2025
Updated

CVSS v3.1
HIGH (7.5)
EPSS
0.15%

KEV

Description

An unauthenticated remote attacker may trigger a NULL pointer dereference in the affected CODESYS Control runtime systems by sending specially crafted communication requests, potentially leading to a denial-of-service (DoS) condition.

Statistics

  • 1 Post

Last activity: 23 hours ago

Fediverse

Profile picture fallback

VDE-2026-005
ifm: Multiple Vulnerabilities in CR3171

The Firmware installed on the CR3171 is impacted by various CODESYS vulnerabilities.
CVE-2025-41659, CVE-2025-41691, CVE-2025-41658

certvde.com/en/advisories/vde-

ifm.csaf-tp.certvde.com/.well-

  • 0
  • 0
  • 0
  • 23h ago

Overview

  • CODESYS
  • Control RTE (SL)

04 Aug 2025
Published
04 Aug 2025
Updated

CVSS v3.1
HIGH (8.3)
EPSS
0.05%

KEV

Description

A low-privileged attacker can remotely access the PKI folder of the CODESYS Control runtime system and thus read and write certificates and its keys. This allows sensitive data to be extracted or to accept certificates as trusted. Although all services remain available, only unencrypted communication is possible if the certificates are deleted.

Statistics

  • 1 Post

Last activity: 23 hours ago

Fediverse

Profile picture fallback

VDE-2026-005
ifm: Multiple Vulnerabilities in CR3171

The Firmware installed on the CR3171 is impacted by various CODESYS vulnerabilities.
CVE-2025-41659, CVE-2025-41691, CVE-2025-41658

certvde.com/en/advisories/vde-

ifm.csaf-tp.certvde.com/.well-

  • 0
  • 0
  • 0
  • 23h ago

Overview

  • CODESYS
  • Runtime Toolkit

04 Aug 2025
Published
04 Aug 2025
Updated

CVSS v3.1
MEDIUM (5.5)
EPSS
0.02%

KEV

Description

CODESYS Runtime Toolkit-based products may expose sensitive files to local low-privileged operating system users due to default file permissions.

Statistics

  • 1 Post

Last activity: 23 hours ago

Fediverse

Profile picture fallback

VDE-2026-005
ifm: Multiple Vulnerabilities in CR3171

The Firmware installed on the CR3171 is impacted by various CODESYS vulnerabilities.
CVE-2025-41659, CVE-2025-41691, CVE-2025-41658

certvde.com/en/advisories/vde-

ifm.csaf-tp.certvde.com/.well-

  • 0
  • 0
  • 0
  • 23h ago

Overview

  • Crafter Software
  • Crafter CMS

13 Sep 2022
Published
16 Sep 2024
Updated

CVSS v3.1
MEDIUM (6.4)
EPSS
12.99%

KEV

Description

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

The Crafter CMS Groovy sandbox has been patched three times. CVE-2021-23259, CVE-2022-40635, CVE-2025-6384.

Our team went back in anyway and found 14 distinct RCE bypass techniques in v5.0.0: AST Transformations, SpelExpressionParser, GroovyShell, Template Engines, XStream, BeanShell, Jakarta EL, Commons Exec, Object Factories, MBeans, and more.

The sandbox wasn't broken in one place. It was porous.

CVE-2026-1770 (PTT-2025-022). Full PoC: pentest-tools.com/research

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • CrafterCMS
  • CrafterCMS
  • Studio

02 Feb 2026
Published
02 Feb 2026
Updated

CVSS v4.0
MEDIUM (4.5)
EPSS
0.04%

KEV

Description

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE (Remote Code Execution).

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

The Crafter CMS Groovy sandbox has been patched three times. CVE-2021-23259, CVE-2022-40635, CVE-2025-6384.

Our team went back in anyway and found 14 distinct RCE bypass techniques in v5.0.0: AST Transformations, SpelExpressionParser, GroovyShell, Template Engines, XStream, BeanShell, Jakarta EL, Commons Exec, Object Factories, MBeans, and more.

The sandbox wasn't broken in one place. It was porous.

CVE-2026-1770 (PTT-2025-022). Full PoC: pentest-tools.com/research

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • CrafterCMS
  • CrafterCMS
  • Studio

19 Jun 2025
Published
23 Jun 2025
Updated

CVSS v4.0
HIGH (7.3)
EPSS
0.32%

KEV

Description

Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of CrafterCMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass Sandbox restrictions and obtain RCE (Remote Code Execution). This issue affects CrafterCMS: from 4.0.0 through 4.2.2.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

The Crafter CMS Groovy sandbox has been patched three times. CVE-2021-23259, CVE-2022-40635, CVE-2025-6384.

Our team went back in anyway and found 14 distinct RCE bypass techniques in v5.0.0: AST Transformations, SpelExpressionParser, GroovyShell, Template Engines, XStream, BeanShell, Jakarta EL, Commons Exec, Object Factories, MBeans, and more.

The sandbox wasn't broken in one place. It was porous.

CVE-2026-1770 (PTT-2025-022). Full PoC: pentest-tools.com/research

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • Crafter Software
  • Crafter CMS

02 Dec 2021
Published
16 Sep 2024
Updated

CVSS v3.1
MEDIUM (4.2)
EPSS
0.39%

KEV

Description

Authenticated users with Administrator or Developer roles may execute OS commands by Groovy Script which uses Groovy lib to render a webpage. The groovy script does not have security restrictions, which will cause attackers to execute arbitrary commands remotely(RCE).

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

The Crafter CMS Groovy sandbox has been patched three times. CVE-2021-23259, CVE-2022-40635, CVE-2025-6384.

Our team went back in anyway and found 14 distinct RCE bypass techniques in v5.0.0: AST Transformations, SpelExpressionParser, GroovyShell, Template Engines, XStream, BeanShell, Jakarta EL, Commons Exec, Object Factories, MBeans, and more.

The sandbox wasn't broken in one place. It was porous.

CVE-2026-1770 (PTT-2025-022). Full PoC: pentest-tools.com/research

  • 0
  • 0
  • 0
  • 18h ago
Showing 21 to 30 of 30 CVEs