CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 1CVE-2019-25691 – Faleemi Desktop Software 1.8 Local Buffer Overflow SEH DEP Bypass
https://notcve.org/view.php?id=CVE-2019-25691
12 Apr 2026 — Attackers can inject a crafted payload into the Save Path for Snapshot and Record file field to trigger a buffer overflow and execute arbitrary code via ROP chain gadgets. • https://www.exploit-db.com/exploits/46269 • CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 1CVE-2019-25689 – HTML5 Video Player 1.2.5 Local Buffer Overflow Non-SEH
https://notcve.org/view.php?id=CVE-2019-25689
12 Apr 2026 — HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help Register dialog to trigger code execution and spawn a calculator process. • http://www.html5videoplayer.net/download.html • CWE-787: Out-of-bounds Write •
CVSS: 8.6EPSS: 0%CPEs: 1EXPL: 1CVE-2018-25258 – RGui 3.5.0 Local Buffer Overflow SEH DEP Bypass
https://notcve.org/view.php?id=CVE-2018-25258
12 Apr 2026 — Attackers can craft malicious input in the Language for menus and messages field to trigger a stack-based buffer overflow, execute a ROP chain for VirtualAlloc allocation, and achieve arbitrary code execution. • https://cran.r-project.org/bin/windows/base/old/3.5.0/R-3.5.0-win.exe • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.2EPSS: 0%CPEs: 2EXPL: 0CVE-2026-32146 – Improper Path Validation in Git Dependency Handling Allows Arbitrary File System Modification
https://notcve.org/view.php?id=CVE-2026-32146
11 Apr 2026 — Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows arbitrary file system modification during dependency download. ... A malicious direct or transitive git dependency can exploit this issue to delete and overwrite arbitrary directories outside the intended dependency directory, including attacker-chosen absolute paths, potentially causing data loss. In some environments, this may be further leveraged to achieve code execution, for ex... • https://cna.erlef.org/cves/CVE-2026-32146.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 8.6EPSS: 0%CPEs: 8EXPL: 0CVE-2026-34621 – Adobe Acrobat and Reader Prototype Pollution Vulnerability
https://notcve.org/view.php?id=CVE-2026-34621
11 Apr 2026 — Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. ... Adobe Acrobat and Reader contain a prototype pollution vulnerability that allows for arbitrary code execution. • https://helpx.adobe.com/security/products/acrobat/apsb26-43.html • CWE-1321: Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2026-40175 – Axios has Unrestricted Cloud Metadata Exfiltration via Header Injection Chain
https://notcve.org/view.php?id=CVE-2026-40175
10 Apr 2026 — Prior to 1.15.0, the Axios library is vulnerable to a specific "Gadget" attack chain that allows Prototype Pollution in any third-party dependency to be escalated into Remote Code Execution (RCE) or Full Cloud Compromise (via AWS IMDSv2 bypass). • https://github.com/axios/axios/commit/363185461b90b1b78845dc8a99a1f103d9b122a1 • CWE-113: Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Request/Response Splitting') CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') CWE-918: Server-Side Request Forgery (SSRF) •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2026-33704 – Chamilo LMS Affected by Authenticated Arbitrary File Write via BigUpload endpoint
https://notcve.org/view.php?id=CVE-2026-33704
10 Apr 2026 — Prior to 1.11.38, any authenticated user (including students) can write arbitrary content to files on the server via the BigUpload endpoint. ... On Apache configurations where .pht is handled as PHP, this leads to Remote Code Execution. • https://github.com/chamilo/chamilo-lms/commit/9748f1ffbdb8b6dc84c0e0591c9d3c1d92e21c00 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2026-33698 – Chamilo LMS affected by unauthenticated RCE in main/install folder
https://notcve.org/view.php?id=CVE-2026-33698
10 Apr 2026 — Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the main/install/ directory and allow an unauthenticated attacker to modify existing files or create new files where allowed by system permissions. • https://github.com/chamilo/chamilo-lms/commit/d3355d7873c7e5b907c5fa84cbd5d9b62ed33e51 • CWE-552: Files or Directories Accessible to External Parties •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0CVE-2026-33618 – Chamilo LMS Affected by Remote Code Execution via eval() in Platform Settings
https://notcve.org/view.php?id=CVE-2026-33618
10 Apr 2026 — An attacker with admin access (obtainable via Advisory 1) can inject arbitrary PHP code into the settings, which is then executed when any user (including unauthenticated) requests /platform-config/list. • https://github.com/chamilo/chamilo-lms/commit/f2c382c94a3f153a4d7e5ce5686c5a219fd09b3b • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2026-32931 – Chamilo LMS has Arbitrary File Upload via MIME-Only Validation in Exercise Sound Upload Leads to RCE
https://notcve.org/view.php?id=CVE-2026-32931
10 Apr 2026 — The uploaded file retains its original .php extension and is placed in a web-accessible directory, enabling Remote Code Execution as the web server user (www-data). • https://github.com/chamilo/chamilo-lms/commit/8cbe660de267f2b6ed625433bdfcf38dee8752b4 • CWE-434: Unrestricted Upload of File with Dangerous Type •