Common Weakness Enumeration

CWE-1188

Initialization of a Resource with an Insecure Default

The product initializes or sets a resource with a default that is intended to be changed by the product's installer, administrator, or maintainer, but the default is not secure.

CVE-2025-66482 (GCVE-0-2025-66482)

Vulnerability from cvelistv5 – Published: 2025-12-15 23:18 – Updated: 2025-12-16 15:09
VLAI
Title
Misskey has a login rate limit bypass via spoofed X-Forwarded-For header
Summary
Misskey is an open source, federated social media platform. Attackers who use an untrusted reverse proxy or not using a reverse proxy at all can bypass IP rate limiting by adding a forged X-Forwarded-For header. Starting with version 2025.9.1, an option (`trustProxy`) has been added in config file to prevent this from happening. However, it is initialized with an insecure default value before version 2025.12.0-alpha.2, making it still vulnerable if the configuration is not set correctly. This is patched in v2025.12.0-alpha.2 by flipping default value of `trustProxy` to `false`. Users of a trusted reverse proxy who are unsure if they manually overode this value should check their config for optimal behavior. Users are running Misskey with a trusted reverse proxy should not be affected by this vulnerability. From v2025.9.1 to v2025.11.1, workaround is available. Set `trustProxy: false` in config file.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-307 - Improper Restriction of Excessive Authentication Attempts
  • CWE-1188 - Insecure Default Initialization of Resource
Assigner
References
Impacted products
Vendor Product Version
misskey-dev misskey Affected: >= 2025.9.1, < 2025.12.0-alpha.2
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-66482",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-12-16T14:37:27.348528Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-12-16T15:09:19.925Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/misskey-dev/misskey/security/advisories/GHSA-wwrj-3hvj-prpm"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "misskey",
          "vendor": "misskey-dev",
          "versions": [
            {
              "status": "affected",
              "version": "\u003e= 2025.9.1, \u003c 2025.12.0-alpha.2"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Misskey is an open source, federated social media platform. Attackers who use an untrusted reverse proxy or not using a reverse proxy at all can bypass IP rate limiting by adding a forged X-Forwarded-For header. Starting with version 2025.9.1, an option (`trustProxy`) has been added in config file to prevent this from happening. However, it is initialized with an insecure default value before version 2025.12.0-alpha.2, making it still vulnerable if the configuration is not set correctly. This is patched in v2025.12.0-alpha.2 by flipping default value of `trustProxy` to `false`. Users of a trusted reverse proxy who are unsure if they manually overode this value should check their config for optimal behavior. Users are running Misskey with a trusted reverse proxy should not be affected by this vulnerability. From v2025.9.1 to v2025.11.1, workaround is available. Set `trustProxy: false` in config file."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 6.9,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "LOW",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "LOW"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-307",
              "description": "CWE-307: Improper Restriction of Excessive Authentication Attempts",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "CWE-1188: Insecure Default Initialization of Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-12-15T23:18:53.415Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/misskey-dev/misskey/security/advisories/GHSA-wwrj-3hvj-prpm",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/misskey-dev/misskey/security/advisories/GHSA-wwrj-3hvj-prpm"
        },
        {
          "name": "https://github.com/misskey-dev/misskey/commit/5512898463fa8487b9e6488912f35102b91f25f7",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/misskey-dev/misskey/commit/5512898463fa8487b9e6488912f35102b91f25f7"
        }
      ],
      "source": {
        "advisory": "GHSA-wwrj-3hvj-prpm",
        "discovery": "UNKNOWN"
      },
      "title": "Misskey has a login rate limit bypass via spoofed X-Forwarded-For header"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2025-66482",
    "datePublished": "2025-12-15T23:18:37.295Z",
    "dateReserved": "2025-12-02T17:09:52.016Z",
    "dateUpdated": "2025-12-16T15:09:19.925Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2025-7353 (GCVE-0-2025-7353)

Vulnerability from cvelistv5 – Published: 2025-08-14 13:23 – Updated: 2026-02-26 17:48
VLAI
Title
Rockwell Automation ControlLogix® Ethernet Remote Code Execution Vulnerability
Summary
A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix® Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow.
SSVC
Exploitation: none Automatable: yes Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
Date Public
2025-08-14 13:11
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-7353",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-08-15T03:55:59.205927Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-26T17:48:36.010Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "1756-EN2T/D",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "Version 11.004 or below"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "1756-EN2F/C",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "Version 11.004 or below"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "1756-EN2TR/C",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "Version 11.004 or below"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "1756-EN3TR/B",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "Version 11.004 or below"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "1756-EN2TP/A",
          "vendor": "Rockwell Automation",
          "versions": [
            {
              "status": "affected",
              "version": "Version 11.004 or below"
            }
          ]
        }
      ],
      "datePublic": "2025-08-14T13:11:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eA security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix\u00ae Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow. \u0026nbsp;\u003c/p\u003e\u003cbr\u003e"
            }
          ],
          "value": "A security issue exists due to the web-based debugger agent enabled on Rockwell Automation ControlLogix\u00ae Ethernet Modules. If a specific IP address is used to connect to the WDB agent, it can allow remote attackers to perform memory dumps, modify memory, and control execution flow."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 9.3,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "CWE-1188: Initialization of a Resource with an Insecure Default",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-08-14T13:49:37.413Z",
        "orgId": "b73dd486-f505-4403-b634-40b078b177f0",
        "shortName": "Rockwell"
      },
      "references": [
        {
          "url": "https://www.rockwellautomation.com/en-us/trust-center/security-advisories/advisory.SD1732.html"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e12.001 and later\u003c/span\u003e\u003cbr\u003e"
            }
          ],
          "value": "12.001 and later"
        }
      ],
      "source": {
        "advisory": "SD1732",
        "discovery": "INTERNAL"
      },
      "title": "Rockwell Automation ControlLogix\u00ae Ethernet Remote Code Execution Vulnerability",
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b73dd486-f505-4403-b634-40b078b177f0",
    "assignerShortName": "Rockwell",
    "cveId": "CVE-2025-7353",
    "datePublished": "2025-08-14T13:23:26.940Z",
    "dateReserved": "2025-07-08T12:24:08.365Z",
    "dateUpdated": "2026-02-26T17:48:36.010Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-14474 (GCVE-0-2026-14474)

Vulnerability from cvelistv5 – Published: 2026-07-07 09:12 – Updated: 2026-07-07 13:42
VLAI
Title
Sssd: sssd: sudo ldap provider searches entire directory tree for sudorole objects by default, enabling privilege escalation
Summary
A flaw was found in SSSD's LDAP sudo provider. When the ldap_sudo_search_base option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo privileges on all SSSD-enrolled hosts.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
References
URL Tags
https://access.redhat.com/security/cve/CVE-2026-14474 vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2496556 issue-trackingx_refsource_REDHAT
Date Public
2026-07-07 09:00
Credits
This issue was discovered by Ian Murphy (Red Hat).
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-14474",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-07-07T13:41:44.076680Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-07-07T13:42:01.577Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:10"
          ],
          "defaultStatus": "affected",
          "packageName": "sssd",
          "product": "Red Hat Enterprise Linux 10",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:6"
          ],
          "defaultStatus": "unknown",
          "packageName": "sssd",
          "product": "Red Hat Enterprise Linux 6",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:7"
          ],
          "defaultStatus": "affected",
          "packageName": "sssd",
          "product": "Red Hat Enterprise Linux 7",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:8"
          ],
          "defaultStatus": "affected",
          "packageName": "sssd",
          "product": "Red Hat Enterprise Linux 8",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/o:redhat:enterprise_linux:9"
          ],
          "defaultStatus": "affected",
          "packageName": "sssd",
          "product": "Red Hat Enterprise Linux 9",
          "vendor": "Red Hat"
        },
        {
          "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
          "cpes": [
            "cpe:/a:redhat:openshift:4"
          ],
          "defaultStatus": "affected",
          "packageName": "rhcos",
          "product": "Red Hat OpenShift Container Platform 4",
          "vendor": "Red Hat"
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "This issue was discovered by Ian Murphy (Red Hat)."
        }
      ],
      "datePublic": "2026-07-07T09:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw was found in SSSD\u0027s LDAP sudo provider. When the ldap_sudo_search_base option is not explicitly configured, SSSD searches the entire LDAP directory tree for sudoRole objects. An authenticated attacker with write access to any subtree can inject a sudoRole object granting root-level sudo privileges on all SSSD-enrolled hosts."
        }
      ],
      "metrics": [
        {
          "other": {
            "content": {
              "namespace": "https://access.redhat.com/security/updates/classification/",
              "value": "Important"
            },
            "type": "Red Hat severity rating"
          }
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "Initialization of a Resource with an Insecure Default",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-07-07T09:12:33.200Z",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "tags": [
            "vdb-entry",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/security/cve/CVE-2026-14474"
        },
        {
          "name": "RHBZ#2496556",
          "tags": [
            "issue-tracking",
            "x_refsource_REDHAT"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2496556"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-04-28T00:00:00.000Z",
          "value": "Reported to Red Hat."
        },
        {
          "lang": "en",
          "time": "2026-07-07T09:00:00.000Z",
          "value": "Made public."
        }
      ],
      "title": "Sssd: sssd: sudo ldap provider searches entire directory tree for sudorole objects by default, enabling privilege escalation",
      "workarounds": [
        {
          "lang": "en",
          "value": "Set ldap_sudo_search_base explicitly in /etc/sssd/sssd.conf to restrict the search to the designated sudoers container:\n\n[domain/example.com] ldap_sudo_search_base = ou=sudoers,dc=example,dc=com\n\nAdditionally, restrict LDAP ACLs to prevent non-admin principals from creating sudoRole objects outside the designated sudoers container."
        }
      ],
      "x_generator": {
        "engine": "cvelib 1.8.0"
      },
      "x_redhatCweChain": "CWE-1188: Initialization of a Resource with an Insecure Default"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2026-14474",
    "datePublished": "2026-07-07T09:12:33.200Z",
    "dateReserved": "2026-07-02T14:49:31.316Z",
    "dateUpdated": "2026-07-07T13:42:01.577Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-1675 (GCVE-0-2026-1675)

Vulnerability from cvelistv5 – Published: 2026-02-07 08:26 – Updated: 2026-04-08 16:44
VLAI
Title
Advanced Country Blocker <= 2.3.1 - Unauthenticated Authorization Bypass via Insecure Default Secret Key
Summary
The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for unauthenticated attackers to bypass the geolocation blocking mechanism by appending the key to any URL on sites where the administrator has not changed the default value.
SSVC
Exploitation: none Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
Impacted products
Vendor Product Version
brstefanovic Advanced Country Blocker Affected: 0 , ≤ 2.3.1 (semver)
Create a notification for this product.
Credits
Hector Flores
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-1675",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T15:41:21.639323Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-11T15:46:18.830Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Advanced Country Blocker",
          "vendor": "brstefanovic",
          "versions": [
            {
              "lessThanOrEqual": "2.3.1",
              "status": "affected",
              "version": "0",
              "versionType": "semver"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Hector Flores"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for unauthenticated attackers to bypass the geolocation blocking mechanism by appending the key to any URL on sites where the administrator has not changed the default value."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "CWE-1188 Initialization of a Resource with an Insecure Default",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-04-08T16:44:50.385Z",
        "orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
        "shortName": "Wordfence"
      },
      "references": [
        {
          "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/30747988-83f9-41f9-9bc5-1f533bc4cb94?source=cve"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/advanced-country-blocker/tags/2.3.1/advanced-country-blocking.php#L278"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/advanced-country-blocker/tags/2.3.1/advanced-country-blocking.php#L336"
        },
        {
          "url": "https://plugins.trac.wordpress.org/browser/advanced-country-blocker/tags/2.3.1/advanced-country-blocking.php#L420"
        },
        {
          "url": "https://plugins.trac.wordpress.org/changeset/3455225/"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2026-02-06T20:24:09.000Z",
          "value": "Disclosed"
        }
      ],
      "title": "Advanced Country Blocker \u003c= 2.3.1 - Unauthenticated Authorization Bypass via Insecure Default Secret Key"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
    "assignerShortName": "Wordfence",
    "cveId": "CVE-2026-1675",
    "datePublished": "2026-02-07T08:26:37.529Z",
    "dateReserved": "2026-01-30T01:48:15.248Z",
    "dateUpdated": "2026-04-08T16:44:50.385Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-20265 (GCVE-0-2026-20265)

Vulnerability from cvelistv5 – Published: 2026-06-17 17:07 – Updated: 2026-06-17 18:04
VLAI
Title
Insecure Default Domain Allowlist in Splunk AI Toolkit
Summary
In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the "admin" or "power" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration. The vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent requests to approved external domains.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1188 - The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.
Assigner
Impacted products
Vendor Product Version
Splunk Splunk AI Toolkit Affected: 5.7 , < 5.7.4 (custom)
Create a notification for this product.
Date Public
2026-06-17 00:00
Credits
Gabriel Nitu, Splunk
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-20265",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-17T18:04:24.981105Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-17T18:04:30.312Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Splunk AI Toolkit",
          "vendor": "Splunk",
          "versions": [
            {
              "lessThan": "5.7.4",
              "status": "affected",
              "version": "5.7",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Gabriel Nitu, Splunk"
        }
      ],
      "datePublic": "2026-06-17T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration.  \n\nThe vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent  requests to approved external domains."
            }
          ],
          "value": "In Splunk AI Toolkit versions below 5.7.4, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could cause the Splunk AI Toolkit to make outbound requests over HTTP to a server that an attacker controls, which could allow for data exfiltration.  \n\nThe vulnerability exists because of an insecure default domain allowlist in the Splunk AI Toolkit, which does not restrict outbound AI agent  requests to approved external domains."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 4.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.",
              "lang": "en",
              "type": "cwe"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-17T17:07:19.943Z",
        "orgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
        "shortName": "cisco"
      },
      "references": [
        {
          "url": "https://advisory.splunk.com/advisories/SVD-2026-0613"
        }
      ],
      "source": {
        "advisory": "SVD-2026-0613"
      },
      "title": "Insecure Default Domain Allowlist in Splunk AI Toolkit"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "d1c1063e-7a18-46af-9102-31f8928bc633",
    "assignerShortName": "cisco",
    "cveId": "CVE-2026-20265",
    "datePublished": "2026-06-17T17:07:19.943Z",
    "dateReserved": "2025-10-08T11:59:15.402Z",
    "dateUpdated": "2026-06-17T18:04:30.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-24148 (GCVE-0-2026-24148)

Vulnerability from cvelistv5 – Published: 2026-03-31 16:22 – Updated: 2026-04-02 03:55
VLAI
Summary
NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an insecure default. A successful exploit of this vulnerability might lead to information disclosure of encrypted data, data tampering, and partial denial of service across devices sharing the same machine ID.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24148",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-04-01T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-04-02T03:55:59.949Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Jetson Linux(35)"
          ],
          "product": "Jetson Xavier Series and Jetson Orin Series",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to 35.6.4"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Jetson Linux(36)"
          ],
          "product": "Jetson Xavier Series and Jetson Orin Series",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All versions prior to 36.5"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": true,
              "type": "text/html",
              "value": "NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an insecure default. A successful exploit of this vulnerability might lead to information disclosure of encrypted data, data tampering, and partial denial of service across devices sharing the same machine ID."
            }
          ],
          "value": "NVIDIA Jetson for JetPack contains a vulnerability in the system initialization logic, where an unprivileged attacker could cause the initialization of a resource with an insecure default. A successful exploit of this vulnerability might lead to information disclosure of encrypted data, data tampering, and partial denial of service across devices sharing the same machine ID."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Data tampering, information disclosure, denial of service"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 8.3,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "LOW",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "CWE-1188 Initialization of a Resource with an Insecure Default",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-03-31T16:22:51.128Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24148"
        },
        {
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24148"
        },
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5797"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "NVIDIA PSIRT"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2026-24148",
    "datePublished": "2026-03-31T16:22:51.128Z",
    "dateReserved": "2026-01-21T19:09:27.438Z",
    "dateUpdated": "2026-04-02T03:55:59.949Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-24197 (GCVE-0-2026-24197)

Vulnerability from cvelistv5 – Published: 2026-05-26 17:19 – Updated: 2026-05-27 15:44
VLAI
Summary
NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
Impacted products
Vendor Product Version
NVIDIA GeForce Affected: All driver versions prior to 595.71.05
Create a notification for this product.
NVIDIA GeForce Affected: All driver versions prior to 580.159.03
Create a notification for this product.
NVIDIA GeForce Affected: All driver versions prior to 535.309.01
Create a notification for this product.
NVIDIA NVIDIA RTX, Quadro, NVS Affected: All driver versions prior to 595.71.05
Create a notification for this product.
NVIDIA NVIDIA RTX, Quadro, NVS Affected: All driver versions prior to 580.159.03
Create a notification for this product.
NVIDIA NVIDIA RTX, Quadro, NVS Affected: All driver versions prior to 535.309.01
Create a notification for this product.
NVIDIA Tesla Affected: All driver versions prior to 595.71.05
Create a notification for this product.
NVIDIA Tesla Affected: All driver versions prior to 580.159.03
Create a notification for this product.
NVIDIA Tesla Affected: All driver versions prior to 535.309.01
Create a notification for this product.
NVIDIA Virtual GPU Manager Affected: 595.58.02(All versions prior to and including vGPU 20.0)
Create a notification for this product.
NVIDIA Virtual GPU Manager Affected: 580.126.08(All versions prior to and including vGPU 19.4)
Create a notification for this product.
NVIDIA Virtual GPU Manager Affected: 595.94(All versions prior to and including vGPU 20.0)
Create a notification for this product.
NVIDIA Virtual GPU Manager Affected: 582.16(All versions prior to and including vGPU 19.4)
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-24197",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-05-26T18:53:48.535083Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-05-26T18:54:00.363Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux(R595)"
          ],
          "product": "GeForce",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 595.71.05"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux(R580)"
          ],
          "product": "GeForce",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 580.159.03"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux(R535)"
          ],
          "product": "GeForce",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 535.309.01"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux(R595)"
          ],
          "product": "NVIDIA RTX, Quadro, NVS",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 595.71.05"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux(R580)"
          ],
          "product": "NVIDIA RTX, Quadro, NVS",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 580.159.03"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux(R535)"
          ],
          "product": "NVIDIA RTX, Quadro, NVS",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 535.309.01"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux(R595)"
          ],
          "product": "Tesla",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 595.71.05"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux(R580)"
          ],
          "product": "Tesla",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 580.159.03"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Linux(R535)"
          ],
          "product": "Tesla",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "All driver versions prior to 535.309.01"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "XenServer",
            "VMware vSphere",
            "Red Hat Enterprise Linux KVM",
            "Ubuntu(R595 vGPU 20)"
          ],
          "product": "Virtual GPU Manager",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "595.58.02(All versions prior to and including vGPU 20.0)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "XenServer",
            "VMware vSphere",
            "Red Hat Enterprise Linux KVM",
            "Ubuntu(R580 vGPU 19)"
          ],
          "product": "Virtual GPU Manager",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "580.126.08(All versions prior to and including vGPU 19.4)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Azure Local",
            "Windows Server(R595 vGPU 20)"
          ],
          "product": "Virtual GPU Manager",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "595.94(All versions prior to and including vGPU 20.0)"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "platforms": [
            "Azure Local",
            "Windows Server(R580 vGPU 19)"
          ],
          "product": "Virtual GPU Manager",
          "vendor": "NVIDIA",
          "versions": [
            {
              "status": "affected",
              "version": "582.16(All versions prior to and including vGPU 19.4)"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": true,
              "type": "text/html",
              "value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
            }
          ],
          "value": "NVIDIA Display Driver for Linux contains a vulnerability in the Multi-Instance GPU (MIG) partition management, where an insecure default initialization of memory subsystem routing resources could lead to data corruption or a hang during partition reconfiguration. A successful exploit of this vulnerability might lead to denial of service."
        }
      ],
      "impacts": [
        {
          "descriptions": [
            {
              "lang": "en",
              "value": "Denial of service"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "LOW",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "CWE-1188 Initialization of a Resource with an Insecure Default",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-27T15:44:16.401Z",
        "orgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
        "shortName": "nvidia"
      },
      "references": [
        {
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-24197"
        },
        {
          "url": "https://www.cve.org/CVERecord?id=CVE-2026-24197"
        },
        {
          "url": "https://nvidia.custhelp.com/app/answers/detail/a_id/5821"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "NVIDIA PSIRT"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9576f279-3576-44b5-a4af-b9a8644b2de6",
    "assignerShortName": "nvidia",
    "cveId": "CVE-2026-24197",
    "datePublished": "2026-05-26T17:19:40.408Z",
    "dateReserved": "2026-01-21T19:09:34.079Z",
    "dateUpdated": "2026-05-27T15:44:16.401Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-25499 (GCVE-0-2026-25499)

Vulnerability from cvelistv5 – Published: 2026-02-04 20:31 – Updated: 2026-02-05 21:05
VLAI
Title
terraform-provider-proxmox has insecure sudo recommendation in the documentation
Summary
Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been patched in version 0.93.1.
SSVC
Exploitation: poc Automatable: yes Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1188 - Insecure Default Initialization of Resource
  • CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Assigner
References
Impacted products
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-25499",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-05T21:05:26.324039Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-05T21:05:30.910Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://github.com/bpg/terraform-provider-proxmox/security/advisories/GHSA-gwch-7m8v-7544"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "terraform-provider-proxmox",
          "vendor": "bpg",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 0.93.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Terraform / OpenTofu Provider adds support for Proxmox Virtual Environment. Prior to version 0.93.1, in the SSH configuration documentation, the sudoer line suggested is insecure and can result in escaping the folder using ../, allowing any files on the system to be edited. This issue has been patched in version 0.93.1."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.7,
            "baseSeverity": "HIGH",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "CWE-1188: Insecure Default Initialization of Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-22",
              "description": "CWE-22: Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-04T20:31:17.316Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/bpg/terraform-provider-proxmox/security/advisories/GHSA-gwch-7m8v-7544",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/bpg/terraform-provider-proxmox/security/advisories/GHSA-gwch-7m8v-7544"
        },
        {
          "name": "https://github.com/bpg/terraform-provider-proxmox/commit/bd604c41a31e2a55dd6acc01b0608be3ea49c023",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/bpg/terraform-provider-proxmox/commit/bd604c41a31e2a55dd6acc01b0608be3ea49c023"
        }
      ],
      "source": {
        "advisory": "GHSA-gwch-7m8v-7544",
        "discovery": "UNKNOWN"
      },
      "title": "terraform-provider-proxmox has insecure sudo recommendation in the documentation"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-25499",
    "datePublished": "2026-02-04T20:31:17.316Z",
    "dateReserved": "2026-02-02T18:21:42.485Z",
    "dateUpdated": "2026-02-05T21:05:30.910Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-25894 (GCVE-0-2026-25894)

Vulnerability from cvelistv5 – Published: 2026-02-09 22:28 – Updated: 2026-02-11 21:25
VLAI
Title
FUXA Unauthenticated Remote Code Execution via Hardcoded JWT Secret in Default Configuration
Summary
FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is enabled, but the administrator JWT secret is not configured. This issue has been patched in FUXA version 1.2.10.
SSVC
Exploitation: none Automatable: no Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
  • CWE-321 - Use of Hard-coded Cryptographic Key
  • CWE-1188 - Insecure Default Initialization of Resource
Assigner
Impacted products
Vendor Product Version
frangoteam FUXA Affected: < 1.2.10
Create a notification for this product.
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-25894",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-02-11T21:25:11.880678Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-02-11T21:25:17.858Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "FUXA",
          "vendor": "frangoteam",
          "versions": [
            {
              "status": "affected",
              "version": "\u003c 1.2.10"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "FUXA is a web-based Process Visualization (SCADA/HMI/Dashboard) software. An insecure default configuration in FUXA allows an unauthenticated, remote attacker to gain administrative access and execute arbitrary code on the server. This affects FUXA through version 1.2.9 when authentication is enabled, but the administrator JWT secret is not configured. This issue has been patched in FUXA version 1.2.10."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "attackComplexity": "HIGH",
            "attackRequirements": "PRESENT",
            "attackVector": "NETWORK",
            "baseScore": 9.5,
            "baseSeverity": "CRITICAL",
            "privilegesRequired": "NONE",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "HIGH",
            "vulnIntegrityImpact": "HIGH"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-321",
              "description": "CWE-321: Use of Hard-coded Cryptographic Key",
              "lang": "en",
              "type": "CWE"
            }
          ]
        },
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "CWE-1188: Insecure Default Initialization of Resource",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-02-09T22:28:46.316Z",
        "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "shortName": "GitHub_M"
      },
      "references": [
        {
          "name": "https://github.com/frangoteam/FUXA/security/advisories/GHSA-32cc-x95p-fxcg",
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/frangoteam/FUXA/security/advisories/GHSA-32cc-x95p-fxcg"
        },
        {
          "name": "https://github.com/frangoteam/FUXA/commit/ea7b3df066f9fdef8ecdce318398ae40546bc50d",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/frangoteam/FUXA/commit/ea7b3df066f9fdef8ecdce318398ae40546bc50d"
        },
        {
          "name": "https://github.com/frangoteam/FUXA/releases/tag/v1.2.10",
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/frangoteam/FUXA/releases/tag/v1.2.10"
        }
      ],
      "source": {
        "advisory": "GHSA-32cc-x95p-fxcg",
        "discovery": "UNKNOWN"
      },
      "title": "FUXA Unauthenticated Remote Code Execution via Hardcoded JWT Secret in Default Configuration"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
    "assignerShortName": "GitHub_M",
    "cveId": "CVE-2026-25894",
    "datePublished": "2026-02-09T22:28:46.316Z",
    "dateReserved": "2026-02-06T21:08:39.130Z",
    "dateUpdated": "2026-02-11T21:25:17.858Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

CVE-2026-26122 (GCVE-0-2026-26122)

Vulnerability from cvelistv5 – Published: 2026-03-05 22:18 – Updated: 2026-06-19 18:17 Exclusively Hosted Service
VLAI
Title
Microsoft ACI Confidential Containers Information Disclosure Vulnerability
Summary
Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
SSVC
Exploitation: none Automatable: no Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
  • CWE-1188 - Initialization of a Resource with an Insecure Default
Assigner
References
Impacted products
Date Public
2026-03-05 16:00
Show details on NVD website

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-26122",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-03-09T20:26:58.642440Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-03-09T20:27:09.343Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Microsoft ACI Confidential Containers",
          "vendor": "Microsoft",
          "versions": [
            {
              "status": "affected",
              "version": "-"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:a:microsoft:microsoft_aci_confidential_containers:*:*:*:*:*:*:*:*",
                  "versionStartIncluding": "-",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "datePublic": "2026-03-05T16:00:00.000Z",
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 6.5,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en-US",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-1188",
              "description": "CWE-1188: Initialization of a Resource with an Insecure Default",
              "lang": "en-US",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-06-19T18:17:56.355Z",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "Microsoft ACI Confidential Containers Information Disclosure Vulnerability",
          "tags": [
            "vendor-advisory",
            "patch"
          ],
          "url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-26122"
        }
      ],
      "tags": [
        "exclusively-hosted-service"
      ],
      "title": "Microsoft ACI Confidential Containers Information Disclosure Vulnerability"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2026-26122",
    "datePublished": "2026-03-05T22:18:22.492Z",
    "dateReserved": "2026-02-11T15:52:13.911Z",
    "dateUpdated": "2026-06-19T18:17:56.355Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

No mitigation information available for this CWE.

CAPEC-665: Exploitation of Thunderbolt Protection Flaws

An adversary leverages a firmware weakness within the Thunderbolt protocol, on a computing device to manipulate Thunderbolt controller firmware in order to exploit vulnerabilities in the implementation of authorization and verification schemes within Thunderbolt protection mechanisms. Upon gaining physical access to a target device, the adversary conducts high-level firmware manipulation of the victim Thunderbolt controller SPI (Serial Peripheral Interface) flash, through the use of a SPI Programing device and an external Thunderbolt device, typically as the target device is booting up. If successful, this allows the adversary to modify memory, subvert authentication mechanisms, spoof identities and content, and extract data and memory from the target device. Currently 7 major vulnerabilities exist within Thunderbolt protocol with 9 attack vectors as noted in the Execution Flow.

Back to CWE stats page