Notable CVEs

OS Command Injection RCE

SpEL injection / remote code execution via property binder

Missing Authentication for Critical Function (CWE-306) leading to unauthenticated RCE / full takeover via HTTP

Symlink follow / CWE-61 UNIX symbolic link following leading to privilege escalation or path escape on shared hosting (CloudLinux/CageFS bypass)

Cross-Site Scripting (XSS) leading to spoofing

Improper Input Validation leading to Remote Code Execution

Path Traversal / Arbitrary File Write (CWE-22)

Incorrect Authorization leading to arbitrary code execution (CWE-863)

Authentication bypass via LDAP mixed auth with OTP enforcement skip

Authentication Bypass via Logic Error in Client Secret Comparison (CWE-287, CWE-303)

Missing Authentication for Critical Function - unauthenticated Core protocol federation connection hijack (CWE-306)

Unsafe deserialization via JSON.load instead of JSON.parse

Missing Authentication for Critical Function (CWE-306) - Unauthenticated arbitrary file create/truncate via PostgreSQL sidecar service endpoint, leading to pre-auth RCE

Prototype Pollution leading to RCE / DoS

SQL Injection

SQL Injection

Improper Input Validation leading to Denial of Service and Remote Code Execution

Authorization bypass through user-controlled key (IDOR / Broken Object Level Authorization)

SQL Injection

Time-of-check Time-of-use (TOCTOU) / State Mutation Race Condition (CWE-367) in node pairing reconnection logic

Code Injection via insufficient escaping of attacker-controlled JMESPath function names in generated PHP source (RCE)

Improper Input Validation / Inverted Security Check (CWE-20) - IP-based OAuth request filtering logic error

XML External Entity (XXE) injection via unsecured SAXParserFactory (CWE-611)

Unauthenticated OS Command Injection (CWE-78)

Improper Input Validation leading to Arbitrary Code Execution (RCE)

Improper Input Validation leading to Privilege Escalation (Missing Authentication / Hard-coded Credentials / Missing Authorization)

SQL Injection via unsanitized spreadsheet cell input (CWE-89)

Path traversal via malicious gzipped tarball (Zip Slip / symlink follow)

Sandbox escape via inappropriate implementation in Headless renderer

Improper Certificate Validation / Hardcoded Insecure TLS (CWE-295)

Stored Cross-Site Scripting (XSS)

Insufficient encryption / credentials leak via UDP broadcast (CWE-656, security through obscurity)

Improper Input Validation / Out-of-bounds Write in TEE secure-service wrappers (CWE-20, CWE-787)

Improper Input Validation - Unauthenticated SQL Injection leading to Authentication Bypass

Stack-based buffer overflow (CWE-121) remote memory corruption / process crash

Stack-based buffer overflow (CWE-121) leading to memory corruption or process crash via remote exploitation

Authentication Bypass

JWT Audience Claim Validation Bypass (Token Confusion/Routing Attack)

Insufficient input validation on AuthEnvelopedData cipher and tag length fields leading to authentication bypass and decryption oracle (CWE-354)

OS Command Injection via unsanitized shell meta-character substitution (CWE-78) leading to Remote Code Execution

OS Command Injection via unescaped shell metacharacters in print job description (CWE-78)

HTTP Host header validation bypass / HTTP Request Smuggling (CWE-444, CWE-1289)