Common Weakness Enumeration

CWE-250

Allowed

Execution with Unnecessary Privileges

Abstraction: Base · Status: Draft

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

573 vulnerabilities reference this CWE, most recent first.

GHSA-82VG-P6H3-HR69

Vulnerability from github – Published: 2022-12-06 00:30 – Updated: 2022-12-08 18:30
VLAI
Details

A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2022-43553"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2022-12-05T22:15:00Z",
    "severity": "HIGH"
  },
  "details": "A remote code execution vulnerability in EdgeRouters (Version 2.0.9-hotfix.4 and earlier) allows a malicious actor with an operator account to run arbitrary administrator commands.This vulnerability is fixed in Version 2.0.9-hotfix.5 and later.",
  "id": "GHSA-82vg-p6h3-hr69",
  "modified": "2022-12-08T18:30:50Z",
  "published": "2022-12-06T00:30:16Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2022-43553"
    },
    {
      "type": "WEB",
      "url": "https://community.ui.com/releases/Security-Advisory-Bulletin-026-026/07697c65-30b3-4c06-a158-35e06534480d"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-83XV-2Q8M-F6C3

Vulnerability from github – Published: 2023-11-14 06:30 – Updated: 2024-09-26 03:30
VLAI
Details

This vulnerability allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-6006"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250",
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-11-14T04:15:07Z",
    "severity": "MODERATE"
  },
  "details": "This vulnerability allows local attackers to escalate privileges on affected installations of PaperCut NG. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\nThe specific flaw exists within the pc-pdl-to-image process. The process loads an executable from an unsecured location. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of SYSTEM.",
  "id": "GHSA-83xv-2q8m-f6c3",
  "modified": "2024-09-26T03:30:40Z",
  "published": "2023-11-14T06:30:18Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-6006"
    },
    {
      "type": "WEB",
      "url": "https://www.papercut.com/kb/Main/CommonSecurityQuestions"
    },
    {
      "type": "WEB",
      "url": "https://www.papercut.com/kb/Main/Security-Bulletin-November-2023"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-8429-J533-FQ73

Vulnerability from github – Published: 2025-04-30 21:31 – Updated: 2025-04-30 21:31
VLAI
Details

Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this vulnerability.

The specific flaw exists within the oFono process. The process allows an attacker to modify interfaces. An attacker can leverage this vulnerability to bypass the iptables network sandbox. Was ZDI-CAN-23200.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2024-6030"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-04-30T20:15:21Z",
    "severity": "HIGH"
  },
  "details": "Tesla Model S oFono Unnecessary Privileges Sandbox Escape Vulnerability. This vulnerability allows local attackers to escape the sandbox on affected Tesla Model S vehicles. An attacker must first obtain the ability to execute code within the sandbox on the target system in order to exploit this vulnerability.\n \nThe specific flaw exists within the oFono process. The process allows an attacker to modify interfaces. An attacker can leverage this vulnerability to bypass the iptables network sandbox. Was ZDI-CAN-23200.",
  "id": "GHSA-8429-j533-fq73",
  "modified": "2025-04-30T21:31:49Z",
  "published": "2025-04-30T21:31:49Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-6030"
    },
    {
      "type": "WEB",
      "url": "https://www.zerodayinitiative.com/advisories/ZDI-25-263"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-84QJ-W5F9-C492

Vulnerability from github – Published: 2023-08-31 18:30 – Updated: 2024-04-04 07:20
VLAI
Details

An Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system.

See Instruction Manual Appendix A and Appendix E dated 20230615 for more details.

This issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2023-31175"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250",
      "CWE-269"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2023-08-31T16:15:09Z",
    "severity": "CRITICAL"
  },
  "details": "\nAn Execution with Unnecessary Privileges vulnerability in the Schweitzer Engineering Laboratories SEL-5037 SEL Grid Configurator could allow an attacker to run system commands with the highest level privilege on the system.\n\n\n\n\n\nSee Instruction Manual Appendix A and Appendix E dated 20230615 for more details.\n\n\nThis issue affects SEL-5037 SEL Grid Configurator: before 4.5.0.20.\n\n",
  "id": "GHSA-84qj-w5f9-c492",
  "modified": "2024-04-04T07:20:49Z",
  "published": "2023-08-31T18:30:28Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-31175"
    },
    {
      "type": "WEB",
      "url": "https://selinc.com/support/security-notifications/external-reports"
    },
    {
      "type": "WEB",
      "url": "https://www.nozominetworks.com/blog"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-85G2-PMRX-R49Q

Vulnerability from github – Published: 2026-05-21 20:16 – Updated: 2026-06-10 18:41
VLAI
Summary
Fission runtime pods automount the fission-fetcher service-account token into the user function container, granting function code namespace-wide secret / configmap read
Details

Summary

Fission runtime pods were created with ServiceAccountName: fission-fetcher, and the fission-fetcher ServiceAccount was granted namespace-wide get on secrets and configmaps (it needs that to load function code, env vars, and config). The runtime pod's automounted token was reachable from inside the user's function container at /var/run/secrets/kubernetes.io/serviceaccount/token, so user-supplied function code inherited the same Kubernetes API privileges and could read any secret or configmap in the function's namespace — far beyond the Function.spec.secrets allowlist that the function specification suggests.

Affected component

  • pkg/executor/executortype/poolmgr/gp_deployment.go:154-156 — pool-manager runtime pod ServiceAccountName.
  • pkg/executor/executortype/newdeploy/newdeploy.go:225-227 — new-deploy runtime pod ServiceAccountName.
  • pkg/utils/serviceaccount.go:51-64fission-fetcher RBAC: namespace-wide get on secrets / configmaps.

Impact

A user able to deploy or update a function in any namespace where Fission runtime pods are scheduled could:

  1. Read every secret in that namespace (TLS keys, OIDC client secrets, database credentials, cloud provider credentials).
  2. Read every configmap in that namespace.
  3. Use those credentials to pivot to other Kubernetes resources or external systems the secrets unlock.

This violates the principle that Function.spec.secrets is the authoritative declaration of which secrets a function can read.

Root cause

The fetcher sidecar legitimately needs the SA token to call the Fission control plane and fetch package archives. Setting ServiceAccountName: fission-fetcher on the pod gives every container in the pod (including the user container) the automounted token. Kubernetes does not provide per-container service-account scoping inside a single pod, so the user container has to be moved into a separate identity / token-mount scheme.

Fix

Released in v1.23.0:

  • PR #3366 (commit fe1842ef):
  • The user function container now sets AutomountServiceAccountToken: false at the container level (via projected-volume token suppression), so the user container no longer sees the pod's SA token even though the fetcher sidecar still does.
  • The fetcher sidecar retains its existing token mount (separate projected volume) since it needs cluster API access for its own work.
  • For the few legitimate use cases where a function needs its own Kubernetes API access, the user is expected to mount a different ServiceAccount via Function.spec.podspec with the minimum necessary RBAC (documented separately).

Mitigation (until upgrade)

  1. Restrict who can create / update Function and Package CRDs in your cluster — treat the ability to ship function code as equivalent to namespace-wide secret read.
  2. Reduce the fission-fetcher ClusterRole / Role scope where possible (e.g. constrain it to specific named secrets via separate Role bindings).
  3. Add NetworkPolicy egress rules denying function pods access to the Kubernetes API server (this blunts the token even if it leaks).
Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 1.22.0"
      },
      "package": {
        "ecosystem": "Go",
        "name": "github.com/fission/fission"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.23.0"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-46617"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250",
      "CWE-269",
      "CWE-538"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-05-21T20:16:12Z",
    "nvd_published_at": "2026-06-10T18:17:05Z",
    "severity": "HIGH"
  },
  "details": "### Summary\n\nFission runtime pods were created with `ServiceAccountName: fission-fetcher`, and the `fission-fetcher` ServiceAccount was granted namespace-wide `get` on `secrets` and `configmaps` (it needs that to load function code, env vars, and config). The runtime pod\u0027s automounted token was reachable from inside the user\u0027s function container at `/var/run/secrets/kubernetes.io/serviceaccount/token`, so user-supplied function code inherited the same Kubernetes API privileges and could read any secret or configmap in the function\u0027s namespace \u2014 far beyond the `Function.spec.secrets` allowlist that the function specification suggests.\n\n### Affected component\n\n- `pkg/executor/executortype/poolmgr/gp_deployment.go:154-156` \u2014 pool-manager runtime pod `ServiceAccountName`.\n- `pkg/executor/executortype/newdeploy/newdeploy.go:225-227` \u2014 new-deploy runtime pod `ServiceAccountName`.\n- `pkg/utils/serviceaccount.go:51-64` \u2014 `fission-fetcher` RBAC: namespace-wide `get` on `secrets` / `configmaps`.\n\n### Impact\n\nA user able to deploy or update a function in any namespace where Fission runtime pods are scheduled could:\n\n1. Read every secret in that namespace (TLS keys, OIDC client secrets, database credentials, cloud provider credentials).\n2. Read every configmap in that namespace.\n3. Use those credentials to pivot to other Kubernetes resources or external systems the secrets unlock.\n\nThis violates the principle that `Function.spec.secrets` is the authoritative declaration of which secrets a function can read.\n\n### Root cause\n\nThe fetcher sidecar legitimately needs the SA token to call the Fission control plane and fetch package archives. Setting `ServiceAccountName: fission-fetcher` on the pod gives every container in the pod (including the user container) the automounted token. Kubernetes does not provide per-container service-account scoping inside a single pod, so the user container has to be moved into a separate identity / token-mount scheme.\n\n### Fix\n\nReleased in [v1.23.0](https://github.com/fission/fission/releases/tag/v1.23.0):\n\n- **PR #3366** (commit `fe1842ef`):\n  - The user function container now sets `AutomountServiceAccountToken: false` at the container level (via projected-volume token suppression), so the user container no longer sees the pod\u0027s SA token even though the fetcher sidecar still does.\n  - The fetcher sidecar retains its existing token mount (separate projected volume) since it needs cluster API access for its own work.\n  - For the few legitimate use cases where a function needs its own Kubernetes API access, the user is expected to mount a different ServiceAccount via `Function.spec.podspec` with the minimum necessary RBAC (documented separately).\n\n### Mitigation (until upgrade)\n\n1. Restrict who can create / update `Function` and `Package` CRDs in your cluster \u2014 treat the ability to ship function code as equivalent to namespace-wide secret read.\n2. Reduce the `fission-fetcher` ClusterRole / Role scope where possible (e.g. constrain it to specific named secrets via separate Role bindings).\n3. Add NetworkPolicy egress rules denying function pods access to the Kubernetes API server (this blunts the token even if it leaks).",
  "id": "GHSA-85g2-pmrx-r49q",
  "modified": "2026-06-10T18:41:53Z",
  "published": "2026-05-21T20:16:12Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/fission/fission/security/advisories/GHSA-85g2-pmrx-r49q"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-46617"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fission/fission/pull/3366"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/fission/fission"
    },
    {
      "type": "WEB",
      "url": "https://github.com/fission/fission/releases/tag/v1.23.0"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
      "type": "CVSS_V4"
    }
  ],
  "summary": "Fission runtime pods automount the fission-fetcher service-account token into the user function   container, granting function code namespace-wide secret / configmap read"
}

GHSA-88G6-23MM-RPG4

Vulnerability from github – Published: 2026-06-12 00:31 – Updated: 2026-06-12 15:30
VLAI
Details

Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2026-12027"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2026-06-11T22:16:55Z",
    "severity": "CRITICAL"
  },
  "details": "Inappropriate implementation in Headless in Google Chrome prior to 149.0.7827.115 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)",
  "id": "GHSA-88g6-23mm-rpg4",
  "modified": "2026-06-12T15:30:33Z",
  "published": "2026-06-12T00:31:56Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-12027"
    },
    {
      "type": "WEB",
      "url": "https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_01962725236.html"
    },
    {
      "type": "WEB",
      "url": "https://issues.chromium.org/issues/517517155"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

GHSA-898V-775G-777C

Vulnerability from github – Published: 2025-12-09 17:19 – Updated: 2025-12-11 15:49
VLAI
Summary
Neuron MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent “footgun”)
Details

Impact

MySQLWriteTool executes arbitrary SQL provided by the caller using PDO::prepare() + execute() without semantic restrictions.

This is consistent with the name (“write tool”), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as DROP TABLE, TRUNCATE, DELETE, ALTER, or privilege-related statements (subject to DB permissions).

Who is impacted: Deployments that expose an agent with MySQLWriteTool enabled to untrusted input and/or run the tool with a DB user that has broad privileges.

Patches

Not patched in: 2.8.11

Recommended improvements (even if keeping the tool intentionally powerful):

  • Provide a safer API that supports only constrained operations (e.g., insertRecord, updateRecord) with allowlisted tables/columns.

  • Add a policy/allowlist layer (e.g., allow only INSERT/UPDATE on selected tables; forbid DROP/TRUNCATE/ALTER/GRANT).

  • Add optional review workflow: log + require human approval for high-risk statements; or “dry-run” mode.

  • Document strongly that the tool must not be exposed to untrusted prompts without additional safeguards.

Workarounds

  • Do not enable MySQLWriteTool for public/untrusted agents.

  • Use a dedicated DB user with least privilege:

  • no DROP, no ALTER, no GRANT, no access to sensitive tables unless necessary

  • Add an application-layer policy rejecting high-risk statements (DROP, TRUNCATE, ALTER, GRANT, REVOKE, CREATE USER, etc.).

  • Implement authorization gating for tool calls (RBAC, allow tool use only for trusted operators).

Show details on source website

{
  "affected": [
    {
      "database_specific": {
        "last_known_affected_version_range": "\u003c= 2.8.11"
      },
      "package": {
        "ecosystem": "Packagist",
        "name": "neuron-core/neuron-ai"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.8.12"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2025-67510"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250",
      "CWE-284"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2025-12-09T17:19:42Z",
    "nvd_published_at": "2025-12-10T23:15:48Z",
    "severity": "CRITICAL"
  },
  "details": "### Impact\n\n`MySQLWriteTool` executes arbitrary SQL provided by the caller using `PDO::prepare()` + `execute()` without semantic restrictions.  \n\nThis is consistent with the name (\u201cwrite tool\u201d), but in an LLM/agent context it becomes a high-risk capability: prompt injection or indirect prompt manipulation can cause execution of destructive queries such as `DROP TABLE`, `TRUNCATE`, `DELETE`, `ALTER`, or privilege-related statements (subject to DB permissions).\n\n\n\n**Who is impacted:** Deployments that expose an agent with `MySQLWriteTool` enabled to untrusted input and/or run the tool with a DB user that has broad privileges.\n\n### Patches\n\n**Not patched in:** 2.8.11  \n\nRecommended improvements (even if keeping the tool intentionally powerful):\n\n- Provide a safer API that supports only constrained operations (e.g., `insertRecord`, `updateRecord`) with allowlisted tables/columns.\n\n- Add a policy/allowlist layer (e.g., allow only `INSERT`/`UPDATE` on selected tables; forbid `DROP/TRUNCATE/ALTER/GRANT`).\n\n- Add optional review workflow: log + require human approval for high-risk statements; or \u201cdry-run\u201d mode.\n\n- Document strongly that the tool must not be exposed to untrusted prompts without additional safeguards.\n\n\n\n### Workarounds\n\n- Do not enable `MySQLWriteTool` for public/untrusted agents.\n\n- Use a dedicated DB user with **least privilege**:\n\n  - no `DROP`, no `ALTER`, no `GRANT`, no access to sensitive tables unless necessary\n\n- Add an application-layer policy rejecting high-risk statements (`DROP`, `TRUNCATE`, `ALTER`, `GRANT`, `REVOKE`, `CREATE USER`, etc.).\n\n- Implement authorization gating for tool calls (RBAC, allow tool use only for trusted operators).",
  "id": "GHSA-898v-775g-777c",
  "modified": "2025-12-11T15:49:17Z",
  "published": "2025-12-09T17:19:42Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/neuron-core/neuron-ai/security/advisories/GHSA-898v-775g-777c"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-67510"
    },
    {
      "type": "WEB",
      "url": "https://github.com/neuron-core/neuron-ai/commit/44bab85d92bf162898ee48d0bcef6ba0d29b59c9"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/neuron-core/neuron-ai"
    },
    {
      "type": "WEB",
      "url": "https://github.com/neuron-core/neuron-ai/releases/tag/2.8.12"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "Neuron MySQLWriteTool allows arbitrary/destructive SQL when exposed to untrusted prompts (agent \u201cfootgun\u201d)"
}

GHSA-8GWJ-M6VH-2G6J

Vulnerability from github – Published: 2023-10-12 00:30 – Updated: 2023-10-18 18:29
VLAI
Summary
kOps privilege escalation vulnerability
Details

Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "Go",
        "name": "k8s.io/kops"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.25.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "Go",
        "name": "k8s.io/kops"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "1.26.0"
            },
            {
              "fixed": "1.26.2"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2023-1943"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2023-10-18T18:29:01Z",
    "nvd_published_at": "2023-10-12T00:15:10Z",
    "severity": "HIGH"
  },
  "details": "Privilege Escalation in kOps using GCE/GCP Provider in Gossip Mode.\n",
  "id": "GHSA-8gwj-m6vh-2g6j",
  "modified": "2023-10-18T18:29:01Z",
  "published": "2023-10-12T00:30:29Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2023-1943"
    },
    {
      "type": "WEB",
      "url": "https://github.com/kubernetes/kops/issues/15539"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/kubernetes/kops"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/g/kubernetes-security-announce/c/yrCE1x89oaU"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "kOps privilege escalation vulnerability"
}

GHSA-8H25-Q488-4HXW

Vulnerability from github – Published: 2026-04-23 21:46 – Updated: 2026-05-11 13:49
VLAI
Summary
OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment
Details

Overview

A critical Remote Code Execution (RCE) vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbitrary command execution. The issue has been fixed.

Show details on source website

{
  "affected": [
    {
      "package": {
        "ecosystem": "npm",
        "name": "openlearnx"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "2.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2026-41900"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250",
      "CWE-284",
      "CWE-693",
      "CWE-78",
      "CWE-94"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2026-04-23T21:46:07Z",
    "nvd_published_at": "2026-05-08T04:16:18Z",
    "severity": "HIGH"
  },
  "details": "##  Overview\n\nA critical Remote Code Execution (RCE) vulnerability was identified in the OpenLearnX code execution environment, allowing sandbox escape and arbitrary command execution. The issue has been fixed.",
  "id": "GHSA-8h25-q488-4hxw",
  "modified": "2026-05-11T13:49:47Z",
  "published": "2026-04-23T21:46:07Z",
  "references": [
    {
      "type": "WEB",
      "url": "https://github.com/th30d4y/OpenLearnX/security/advisories/GHSA-8h25-q488-4hxw"
    },
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-41900"
    },
    {
      "type": "WEB",
      "url": "https://github.com/th30d4y/OpenLearnX/commit/14765d7d1856d564747c55c5412e2f38feab079e"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/th30d4y/OpenLearnX"
    },
    {
      "type": "WEB",
      "url": "https://github.com/th30d4y/OpenLearnX/releases/tag/v2.0.3-security-fix"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ],
  "summary": "OpenLearnX has Critical Remote Code Execution Through Python Sandbox Escape via Code Execution Environment"
}

GHSA-8HX5-7G7V-WPR9

Vulnerability from github – Published: 2025-08-27 00:31 – Updated: 2025-08-27 15:33
VLAI
Details

In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.

Show details on source website

{
  "affected": [],
  "aliases": [
    "CVE-2025-0079"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-250"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2025-08-26T23:15:32Z",
    "severity": "HIGH"
  },
  "details": "In multiple locations, there is a possible way that avdtp and avctp channels could be unencrypted due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.",
  "id": "GHSA-8hx5-7g7v-wpr9",
  "modified": "2025-08-27T15:33:14Z",
  "published": "2025-08-27T00:31:15Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-0079"
    },
    {
      "type": "WEB",
      "url": "https://android.googlesource.com/platform/packages/modules/Bluetooth/+/b1e6d8d1e393d246a0738c92747a0bef98e67a30"
    },
    {
      "type": "WEB",
      "url": "https://source.android.com/security/bulletin/2025-03-01"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Mitigation MIT-17
Architecture and Design Operation

Strategy: Environment Hardening

Run your code using the lowest privileges that are required to accomplish the necessary tasks [REF-76]. If possible, create isolated accounts with limited privileges that are only used for a single task. That way, a successful attack will not immediately give the attacker access to the rest of the software or its environment. For example, database applications rarely need to run as the database administrator, especially in day-to-day operations.

Mitigation MIT-18
Architecture and Design

Strategy: Separation of Privilege

Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.

Mitigation MIT-18
Architecture and Design

Strategy: Attack Surface Reduction

Identify the functionality that requires additional privileges, such as access to privileged operating system resources. Wrap and centralize this functionality if possible, and isolate the privileged code as much as possible from other code [REF-76]. Raise privileges as late as possible, and drop them as soon as possible to avoid CWE-271. Avoid weaknesses such as CWE-288 and CWE-420 by protecting all possible communication channels that could interact with the privileged code, such as a secondary socket that is only intended to be accessed by administrators.

Mitigation
Implementation

Perform extensive input validation for any privileged code that must be exposed to the user and reject anything that does not fit your strict requirements.

Mitigation MIT-19
Implementation

When dropping privileges, ensure that they have been dropped successfully to avoid CWE-273. As protection mechanisms in the environment get stronger, privilege-dropping calls may fail even if it seems like they would always succeed.

Mitigation
Implementation

If circumstances force you to run with extra privileges, then determine the minimum access level necessary. First identify the different permissions that the software and its users will need to perform their actions, such as file read and write permissions, network socket permissions, and so forth. Then explicitly allow those actions while denying all else [REF-76]. Perform extensive input validation and canonicalization to minimize the chances of introducing a separate vulnerability. This mitigation is much more prone to error than dropping the privileges in the first place.

Mitigation MIT-37
Operation System Configuration

Strategy: Environment Hardening

Ensure that the software runs properly under the United States Government Configuration Baseline (USGCB) [REF-199] or an equivalent hardening configuration guide, which many organizations use to limit the attack surface and potential risk of deployed software.

CAPEC-104: Cross Zone Scripting

An attacker is able to cause a victim to load content into their web-browser that bypasses security zone controls and gain access to increased privileges to execute scripting code or other web objects such as unsigned ActiveX controls or applets. This is a privilege elevation attack targeted at zone-based web-browser security.

CAPEC-470: Expanding Control over the Operating System from the Database

An attacker is able to leverage access gained to the database to read / write data to the file system, compromise the operating system, create a tunnel for accessing the host machine, and use this access to potentially attack other machines on the same network as the database machine. Traditionally SQL injections attacks are viewed as a way to gain unauthorized read access to the data stored in the database, modify the data in the database, delete the data, etc. However, almost every data base management system (DBMS) system includes facilities that if compromised allow an attacker complete access to the file system, operating system, and full access to the host running the database. The attacker can then use this privileged access to launch subsequent attacks. These facilities include dropping into a command shell, creating user defined functions that can call system level libraries present on the host machine, stored procedures, etc.

CAPEC-69: Target Programs with Elevated Privileges

This attack targets programs running with elevated privileges. The adversary tries to leverage a vulnerability in the running program and get arbitrary code to execute with elevated privileges.