#rce

### Summary Arbitrary files can be uploaded via the GrapesJS Builder, as the types of files that can be uploaded are not restricted. ### Impact If the media folder is not restricted from running files this can lead to a remote code execution.

After seven years of acting like normal add-ons, five popular Chrome and Edge extensions with millions of installs suddenly turned malicious.

### Summary `vllm` has a critical remote code execution vector in a config class named `Nemotron_Nano_VL_Config`. When `vllm` loads a model config that contains an `auto_map` entry, the config class resolves that mapping with `get_class_from_dynamic_module(...)` and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the `auto_map` string. Crucially, this happens even when the caller explicitly sets `trust_remote_code=False` in `vllm.transformers_utils.config.get_config`. In practice, an attacker can publish a benign-looking frontend repo whose `config.json` points via `auto_map` to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. ### Details The vulnerable code resolves and instantiates classes from `auto_map` entries without checking whether those entries point to a different repo or whether remote code execution is allowed. ```python class Nemotron_N...

View CSAF 1. EXECUTIVE SUMMARY CVSS v4 9.3 ATTENTION: Exploitable remotely/low attack complexity Vendor: Industrial Video & Control Equipment: Longwatch Vulnerability: IMPROPER CONTROL OF GENERATION OF CODE ('CODE INJECTION') 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated attacker to gain remote code execution with elevated privileges. 3. TECHNICAL DETAILS 3.1 AFFECTED PRODUCTS The following versions of Industrial Video & Control Longwatch, a video surveillance and monitoring system, are affected: Longwatch: Versions 6.309 to 6.334 3.2 VULNERABILITY OVERVIEW 3.2.1 IMPROPER CONTROL OF GENERATION OF CODE ('CODE INJECTION') CWE-94 A vulnerability in Longwatch devices allows unauthenticated HTTP GET requests to execute arbitrary code via an exposed endpoint, due to the absence of code signing and execution controls. Exploitation results in SYSTEM-level privileges. CVE-2025-13658 has been assigned to this vulnerability. A CVSS v3.1 base score...

### Summary A Server-Side Template Injection (SSTI) vulnerability exists in Grav that allows authenticated attackers with editor permissions to execute arbitrary commands on the server and, under certain conditions, may also be exploited by unauthenticated attackers. This vulnerability stems from weak regex validation in the `cleanDangerousTwig` method. ### Important - First of all this vulnerability is due to weak sanitization in the method `clearDangerousTwig`, so any other class that calls it indirectly through for example `$twig->processString` to sanitize code is also vulnerable. - For this report, we will need the official Form and Admin plugin installed, also I will be chaining this with another vulnerability to allow an editor which is a user with only pages permissions to edit the process section of a form. - I made another report for the other vulnerability which is a Broken Access Control which allows a user with full permission for pages to change the process section by ...

### Summary A user with admin panel access and permissions to create or edit pages in Grav CMS can enable Twig processing in the page frontmatter. By injecting malicious Twig expressions, the user can escalate their privileges to admin or execute arbitrary system commands via the scheduler API. This results in both Privilege Escalation (PE) and Remote Code Execution (RCE) vulnerabilities. ### Details Grav CMS allows Twig to be executed in page templates if enabled in admin panel (process: twig: true). A user with publisher/editor privileges, that can create or edit pages and enable twig processing, can thereby inject arbitrary code that will execute in the context of the page render. This enables exploitation of Grav internal APIs such as: - `grav.user.update()` and `grav.user.save()` for escalating the current user to super admin or admin - `grav.scheduler.addCommand()`, `grav.scheduler.save()` and `grav.scheduler.run()` for code execution The Twig sandbox is not enforced in this c...

### Summary The `MCPScanner ` class contains a critical Command Injection vulnerability in the `cloneRepo `method. The application passes the user-supplied githubUrl argument directly to a system shell via execSync without sanitization. This allows an attacker to execute arbitrary commands on the host machine by appending shell metacharacters to the URL. ### Details The vulnerability exists in the src/scanner/MCPScanner.ts file within the cloneRepo method. [https://github.com/kapilduraphe/mcp-watch/blob/0fca7228bd313ae5aa938d61311377e88ce6e682/src/scanner/McpScanner.ts#L181](https://github.com/kapilduraphe/mcp-watch/blob/0fca7228bd313ae5aa938d61311377e88ce6e682/src/scanner/McpScanner.ts#L181) The code uses child_process.execSync to execute a git clone command: Because execSync spawns a shell (defaulting to `/bin/sh` on Unix or` cmd.exe` on Windows), any shell metacharacters present in the url argument will be interpreted by the shell. The application does not validate that the url ...

## Summary Grav CMS is vulnerable to a Server-Side Template Injection (SSTI) that allows any authenticated user with editor permissions to execute arbitrary code on the remote server, bypassing the existing security sandbox. ## Details Grav CMS uses a custom sandbox to protect the powerful Twig methods such as `registerUndefinedFilterCallback()`. These methods are designed to prevent SSTI attacks by denying the execution of dangerous PHP functions (e.g., `exec()`, `passthru()`, `system()`, etc.) within Twig template directives. The current defense mechanism relies on a blacklist of prohibited functions (PHP, Twig), checked through the `isDangerousFunction()` method in the file `system/src/Grav/Common/Twig.php`: ```php $this->twig->registerUndefinedFilterCallback(function (string $name) use ($config) { $allowed = $config->get('system.twig.safe_filters'); if (is_array($allowed) && in_array($name, $allowed, true) && function_exists($name)) { return new TwigFilter($nam...

A vulnerability exists in Keycloak's server distribution where enabling debug mode (`--debug`) insecurely defaults to binding the Java Debug Wire Protocol (JDWP) port to all network interfaces (`0.0.0.0`). This exposes the debug port to the local network, allowing an attacker on the same network segment to attach a remote debugger and achieve remote code execution within the Keycloak Java virtual machine. Red Hat evaluates this as a Moderate impact vulnerability due to the requirement of running debug mode and untrusted network. Also, for Red Hat Single Sign-On, this must as well be bound to 0.0.0.0 address, which is not recommended in production scenarios.

## Summary The `fonttools varLib` (or `python3 -m fontTools.varLib`) script has an arbitrary file write vulnerability that leads to remote code execution when a malicious .designspace file is processed. The vulnerability affects the `main()` code path of `fontTools.varLib`, used by the fonttools varLib CLI and any code that invokes `fontTools.varLib.main()`. The vulnerability exists due to unsanitised filename handling combined with content injection. Attackers can write files to arbitrary filesystem locations via path traversal sequences, and inject malicious code (like PHP) into the output files through XML injection in labelname elements. When these files are placed in web-accessible locations and executed, this achieves remote code execution without requiring any elevated privileges. Once RCE is obtained, attackers can further escalate privileges to compromise system files (like overwriting `/etc/passwd`). Overall this allows attackers to: - Write font files to arbitrary locatio...