Search

Find a vulnerability

Search criteria

    6 vulnerabilities by th30d4y

    CVE-2026-44720 (GCVE-0-2026-44720)

    Vulnerability from nvd – Published: 2026-05-27 21:02 – Updated: 2026-06-02 18:09
    VLAI
    Title
    OpenLearnX: Critical Authentication Bypass via JWT Signature Verification Disabled Leading to Account Takeover
    Summary
    OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX that could allow unauthorized access to user accounts under specific conditions. This vulnerability is fixed in 2.0.4.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    References
    Impacted products
    Vendor Product Version
    th30d4y OpenLearnX Affected: < 2.0.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44720",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T18:08:48.866810Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T18:09:07.056Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenLearnX",
              "vendor": "th30d4y",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.0.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX that could allow unauthorized access to user accounts under specific conditions. This vulnerability is fixed in 2.0.4."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287: Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347: Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-27T21:02:29.706Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-223g-f5mq-gw33",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-223g-f5mq-gw33"
            }
          ],
          "source": {
            "advisory": "GHSA-223g-f5mq-gw33",
            "discovery": "UNKNOWN"
          },
          "title": "OpenLearnX: Critical Authentication Bypass via JWT Signature Verification Disabled Leading to Account Takeover"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44720",
        "datePublished": "2026-05-27T21:02:29.706Z",
        "dateReserved": "2026-05-07T18:04:17.308Z",
        "dateUpdated": "2026-06-02T18:09:07.056Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41575 (GCVE-0-2026-41575)

    Vulnerability from nvd – Published: 2026-05-08 14:42 – Updated: 2026-05-08 16:41
    VLAI
    Title
    th30d4y/IP: DOM-Based Cross-Site Scripting (XSS) Vulnerability
    Summary
    In th30d4y/IP from version 1.0.1 to before version 2.0.1, a DOM-Based Cross-Site Scripting (XSS) vulnerability was identified in an IP Reputation Checker application. Unsanitized user input was directly rendered in the browser, allowing attackers to execute arbitrary JavaScript. This issue has been patched in version 2.0.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    th30d4y IP Affected: >= 1.0.1, < 2.0.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41575",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:15:34.852298Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T16:41:23.602Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP",
              "vendor": "th30d4y",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.1, \u003c 2.0.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In th30d4y/IP from version 1.0.1 to before version 2.0.1, a DOM-Based Cross-Site Scripting (XSS) vulnerability was identified in an IP Reputation Checker application. Unsanitized user input was directly rendered in the browser, allowing attackers to execute arbitrary JavaScript. This issue has been patched in version 2.0.1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-08T14:42:24.109Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/th30d4y/IP/security/advisories/GHSA-j7wv-7j97-9qh9",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/th30d4y/IP/security/advisories/GHSA-j7wv-7j97-9qh9"
            }
          ],
          "source": {
            "advisory": "GHSA-j7wv-7j97-9qh9",
            "discovery": "UNKNOWN"
          },
          "title": "th30d4y/IP: DOM-Based Cross-Site Scripting (XSS) Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41575",
        "datePublished": "2026-05-08T14:42:24.109Z",
        "dateReserved": "2026-04-21T14:15:21.958Z",
        "dateUpdated": "2026-05-08T16:41:23.602Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41900 (GCVE-0-2026-41900)

    Vulnerability from nvd – Published: 2026-05-08 03:25 – Updated: 2026-05-08 12:54
    VLAI
    Title
    OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment
    Summary
    OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbitrary command execution. This issue has been patched in version 2.0.3.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    • CWE-250 - Execution with Unnecessary Privileges
    • CWE-284 - Improper Access Control
    • CWE-693 - Protection Mechanism Failure
    Assigner
    Impacted products
    Vendor Product Version
    th30d4y OpenLearnX Affected: < 2.0.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41900",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T12:53:19.987003Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T12:54:17.267Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenLearnX",
              "vendor": "th30d4y",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbitrary command execution. This issue has been patched in version 2.0.3."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "CWE-250: Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-693",
                  "description": "CWE-693: Protection Mechanism Failure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-08T03:25:50.286Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-8h25-q488-4hxw",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-8h25-q488-4hxw"
            },
            {
              "name": "https://github.com/th30d4y/OpenLearnX/commit/14765d7d1856d564747c55c5412e2f38feab079e",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/th30d4y/OpenLearnX/commit/14765d7d1856d564747c55c5412e2f38feab079e"
            },
            {
              "name": "https://github.com/th30d4y/OpenLearnX/releases/tag/v2.0.3-security-fix",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/th30d4y/OpenLearnX/releases/tag/v2.0.3-security-fix"
            }
          ],
          "source": {
            "advisory": "GHSA-8h25-q488-4hxw",
            "discovery": "UNKNOWN"
          },
          "title": "OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41900",
        "datePublished": "2026-05-08T03:25:50.286Z",
        "dateReserved": "2026-04-22T15:11:54.672Z",
        "dateUpdated": "2026-05-08T12:54:17.267Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-44720 (GCVE-0-2026-44720)

    Vulnerability from cvelistv5 – Published: 2026-05-27 21:02 – Updated: 2026-06-02 18:09
    VLAI
    Title
    OpenLearnX: Critical Authentication Bypass via JWT Signature Verification Disabled Leading to Account Takeover
    Summary
    OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX that could allow unauthorized access to user accounts under specific conditions. This vulnerability is fixed in 2.0.4.
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-287 - Improper Authentication
    • CWE-347 - Improper Verification of Cryptographic Signature
    Assigner
    References
    Impacted products
    Vendor Product Version
    th30d4y OpenLearnX Affected: < 2.0.4
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-44720",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-06-02T18:08:48.866810Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-06-02T18:09:07.056Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenLearnX",
              "vendor": "th30d4y",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.0.4"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to 2.0.4, a critical authentication vulnerability was identified in OpenLearnX that could allow unauthorized access to user accounts under specific conditions. This vulnerability is fixed in 2.0.4."
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "privilegesRequired": "NONE",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "NONE",
                "userInteraction": "NONE",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "LOW"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-287",
                  "description": "CWE-287: Improper Authentication",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-347",
                  "description": "CWE-347: Improper Verification of Cryptographic Signature",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-27T21:02:29.706Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-223g-f5mq-gw33",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-223g-f5mq-gw33"
            }
          ],
          "source": {
            "advisory": "GHSA-223g-f5mq-gw33",
            "discovery": "UNKNOWN"
          },
          "title": "OpenLearnX: Critical Authentication Bypass via JWT Signature Verification Disabled Leading to Account Takeover"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-44720",
        "datePublished": "2026-05-27T21:02:29.706Z",
        "dateReserved": "2026-05-07T18:04:17.308Z",
        "dateUpdated": "2026-06-02T18:09:07.056Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41575 (GCVE-0-2026-41575)

    Vulnerability from cvelistv5 – Published: 2026-05-08 14:42 – Updated: 2026-05-08 16:41
    VLAI
    Title
    th30d4y/IP: DOM-Based Cross-Site Scripting (XSS) Vulnerability
    Summary
    In th30d4y/IP from version 1.0.1 to before version 2.0.1, a DOM-Based Cross-Site Scripting (XSS) vulnerability was identified in an IP Reputation Checker application. Unsanitized user input was directly rendered in the browser, allowing attackers to execute arbitrary JavaScript. This issue has been patched in version 2.0.1.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
    • CWE-80 - Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)
    Assigner
    References
    Impacted products
    Vendor Product Version
    th30d4y IP Affected: >= 1.0.1, < 2.0.1
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41575",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T16:15:34.852298Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T16:41:23.602Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "IP",
              "vendor": "th30d4y",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003e= 1.0.1, \u003c 2.0.1"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In th30d4y/IP from version 1.0.1 to before version 2.0.1, a DOM-Based Cross-Site Scripting (XSS) vulnerability was identified in an IP Reputation Checker application. Unsanitized user input was directly rendered in the browser, allowing attackers to execute arbitrary JavaScript. This issue has been patched in version 2.0.1."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 6.1,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-79",
                  "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-80",
                  "description": "CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-08T14:42:24.109Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/th30d4y/IP/security/advisories/GHSA-j7wv-7j97-9qh9",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/th30d4y/IP/security/advisories/GHSA-j7wv-7j97-9qh9"
            }
          ],
          "source": {
            "advisory": "GHSA-j7wv-7j97-9qh9",
            "discovery": "UNKNOWN"
          },
          "title": "th30d4y/IP: DOM-Based Cross-Site Scripting (XSS) Vulnerability"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41575",
        "datePublished": "2026-05-08T14:42:24.109Z",
        "dateReserved": "2026-04-21T14:15:21.958Z",
        "dateUpdated": "2026-05-08T16:41:23.602Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2026-41900 (GCVE-0-2026-41900)

    Vulnerability from cvelistv5 – Published: 2026-05-08 03:25 – Updated: 2026-05-08 12:54
    VLAI
    Title
    OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment
    Summary
    OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbitrary command execution. This issue has been patched in version 2.0.3.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    • CWE-94 - Improper Control of Generation of Code ('Code Injection')
    • CWE-250 - Execution with Unnecessary Privileges
    • CWE-284 - Improper Access Control
    • CWE-693 - Protection Mechanism Failure
    Assigner
    Impacted products
    Vendor Product Version
    th30d4y OpenLearnX Affected: < 2.0.3
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2026-41900",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2026-05-08T12:53:19.987003Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-05-08T12:54:17.267Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "OpenLearnX",
              "vendor": "th30d4y",
              "versions": [
                {
                  "status": "affected",
                  "version": "\u003c 2.0.3"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "OpenLearnX is an open-source, decentralized learning and assessment platform. Prior to version 2.0.3, a remote code execution (RCE) vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbitrary command execution. This issue has been patched in version 2.0.3."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.8,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "LOW",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-78",
                  "description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-94",
                  "description": "CWE-94: Improper Control of Generation of Code (\u0027Code Injection\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-250",
                  "description": "CWE-250: Execution with Unnecessary Privileges",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-284",
                  "description": "CWE-284: Improper Access Control",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            },
            {
              "descriptions": [
                {
                  "cweId": "CWE-693",
                  "description": "CWE-693: Protection Mechanism Failure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2026-05-08T03:25:50.286Z",
            "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
            "shortName": "GitHub_M"
          },
          "references": [
            {
              "name": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-8h25-q488-4hxw",
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-8h25-q488-4hxw"
            },
            {
              "name": "https://github.com/th30d4y/OpenLearnX/commit/14765d7d1856d564747c55c5412e2f38feab079e",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/th30d4y/OpenLearnX/commit/14765d7d1856d564747c55c5412e2f38feab079e"
            },
            {
              "name": "https://github.com/th30d4y/OpenLearnX/releases/tag/v2.0.3-security-fix",
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/th30d4y/OpenLearnX/releases/tag/v2.0.3-security-fix"
            }
          ],
          "source": {
            "advisory": "GHSA-8h25-q488-4hxw",
            "discovery": "UNKNOWN"
          },
          "title": "OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment"
        }
      },
      "cveMetadata": {
        "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa",
        "assignerShortName": "GitHub_M",
        "cveId": "CVE-2026-41900",
        "datePublished": "2026-05-08T03:25:50.286Z",
        "dateReserved": "2026-04-22T15:11:54.672Z",
        "dateUpdated": "2026-05-08T12:54:17.267Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }