← All tags

#rce

17 posts

>_

NVIDIA GEN3C: Unauthenticated RCE via Pickle Deserialization in Inference API

A critical unauthenticated RCE vulnerability in NVIDIA's GEN3C project. Two FastAPI inference endpoints deserialize raw HTTP POST bodies with pickle.loads() without any authentication, giving instant code execution to anyone with network access.

CVERCE
>_

FOSSBilling: One Missing throw - From Auth Bypass to Unauthenticated RCE

A missing throw keyword in FOSSBilling's API router exposes the entire admin surface to unauthenticated attackers. Combined with an unsandboxed Twig SSTI that leaks the full DI container, this leads to arbitrary SQL execution, admin takeover, and unauthenticated RCE via malicious extension installation.

CVERCEAuth Bypass
>_

CVE-2026-29514: NetBox Jinja2 Sandbox Bypass to RCE via RenderTemplateMixin environment_params

A Jinja2 sandbox bypass in NetBox allows low-privilege users to achieve remote code execution via the RenderTemplateMixin environment_params finalize parameter, affecting both ExportTemplate and ConfigTemplate.

CVE-2026-29514RCEJinja2
>_

Unauthenticated RCE in OpenCATS via Installer Config Injection

Unauthenticated remote code execution in OpenCATS through unsanitized input in the installer AJAX endpoint, allowing PHP code injection into config.php.

CVERCEOpenCATS
>_

CVE-2026-26210: ktransformers Unauthenticated RCE via Pickle Deserialization in ZMQ Scheduler

A critical unauthenticated RCE vulnerability in ktransformers' balance_serve backend. A ZMQ ROUTER socket binds to all interfaces and proxies messages to worker threads that deserialize them with pickle.loads() - no authentication, no validation.

CVERCE
>_

CVE-2026-25874: HuggingFace LeRobot Unauthenticated RCE via Pickle Deserialization in gRPC PolicyServer

A critical unauthenticated RCE vulnerability in HuggingFace's LeRobot project (21.5k stars). The gRPC PolicyServer deserializes attacker-controlled data with pickle.loads() in two RPC handlers, allowing instant code execution without authentication.

CVERCE
>_

Microsoft tensorwatch: Local Code Execution via Pickle Deserialization in ZMQ Listener

A local code execution vulnerability in Microsoft's tensorwatch. Calling tw.Watcher() - the first line in every README example - silently creates a ZMQ REP socket on localhost that deserializes incoming messages with pickle.loads(). Any local user on the same machine gets code execution.

CVERCE
Windfall: From Path Traversal to RCE in Nextcloud Flow & Windmill

Windfall: From Path Traversal to RCE in Nextcloud Flow & Windmill

Critical vulnerabilities in Windmill: unauthenticated path traversal leading to RCE, plus an authenticated SQL injection enabling full privilege escalation (operator → super admin → root RCE). Affects standalone Windmill and Nextcloud Flow.

CVERCESQLi
>_

OmniGen2: Unauthenticated RCE via Pickle Deserialization in BAAI's Reward Server

A critical unauthenticated RCE vulnerability in OmniGen2's reward server infrastructure. The Flask-based servers deserialize raw HTTP POST bodies with pickle.loads() without any authentication, giving instant code execution to anyone with network access.

CVERCE
>_

sglang: Unauthenticated RCE via Pickle Deserialization in ZMQ Transport (Disaggregated Serving)

A critical unauthenticated RCE vulnerability in sglang's ZMQ transport layer for disaggregated serving. ZMQ PULL sockets bind to all interfaces and deserialize messages with pickle.loads() - no auth, no validation. Distinct from CVE-2025-10164 which only covers the HTTP API.

CVERCE
>_

openDCIM: From SQL Injection to RCE via Config Poisoning

Three chained vulnerabilities in openDCIM turn a missing authorization check into unauthenticated remote code execution on Docker deployments.

CVERCESQL Injection
>_

CVE-2026-27743 through CVE-2026-27747: Five Vulnerabilities in SPIP Plugins

Five vulnerabilities across SPIP plugins: two SQL injections, two RCE (one unauth, one auth), and reflected XSS. Same template engine, same mistakes, different entry points.

CVERCESQLi
>_

CVE-2025-71243: AI-Assisted Reversal of SPIP Saisies RCE in 30 Minutes

From VulnCheck advisory to working PoC in 30 minutes. Full AI-assisted reversal of CVE-2025-71243, an unauthenticated PHP code injection in SPIP's Saisies plugin affecting versions 5.4.0 through 5.11.0.

CVERCESPIP
>_

LightLLM: Unauthenticated RCE via Pickle Deserialization in WebSocket Endpoints

CVE-2026-26220: A critical unauthenticated RCE vulnerability in LightLLM's PD disaggregation system. Two WebSocket endpoints deserialize binary frames with pickle.loads() without authentication, and the server explicitly refuses to bind to localhost - it's always network-exposed.

CVERCE
>_

manga-image-translator: Unauthenticated RCE via Pickle Deserialization with Nonce Bypass

A critical unauthenticated RCE vulnerability in manga-image-translator. Two FastAPI endpoints deserialize raw HTTP POST bodies with pickle.loads(), and the nonce-based authentication is bypassed because the default value is an empty string - which is falsy in Python.

CVE-2026-26215RCE
From Zero to Shell: Hunting Critical Vulnerabilities in AVideo

From Zero to Shell: Hunting Critical Vulnerabilities in AVideo

A comprehensive security audit of AVideo revealing 10 vulnerabilities including a critical unauthenticated RCE that chains cryptographic weaknesses, predictable salt bruteforce, and an eval() vulnerability to achieve complete server compromise in under 10 seconds.

CVERCE
Streama Path Traversal + SSRF: Chaining Vulnerabilities for Arbitrary File Write

Streama Path Traversal + SSRF: Chaining Vulnerabilities for Arbitrary File Write

A critical vulnerability in Streama allows authenticated users to write arbitrary files through a combination of Server-Side Request Forgery (SSRF) and Path Traversal. This write-up covers the root cause analysis, exploitation flow, and the vendor's comprehensive fix.

CVERCEPath Traversal