CVSS: 8.9EPSS: %CPEs: 1EXPL: 0CVE-2026-23947 – Orval MCP client is vulnerable to code injection via unsanitized x-enum-descriptions in enum generation
https://notcve.org/view.php?id=CVE-2026-23947
20 Jan 2026 — Versions 7.10.0 until 8.0.2 are vulnerable to arbitrary code execution in environments consuming generated clients. • https://github.com/orval-labs/orval/releases/tag/v8.0.2 • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 5.8EPSS: %CPEs: 1EXPL: 0CVE-2026-23852 – SiYuan vulnerable to Stored XSS / RCE via `setBlockAttrs` icon attribute
https://notcve.org/view.php?id=CVE-2026-23852
19 Jan 2026 — SiYuan is a personal knowledge management system. Versions prior to 3.5.4 have a stored Cross-Site Scripting (XSS) vulnerability that allows an attacker to inject arbitrary HTML attributes into the `icon` attribute of a block via the `/api/attr/setBlockAttrs` API. The payload is later rendered in the dynamic icon feature in an unsanitized context, leading to stored XSS and, in the desktop environment, potential remote code execution (RCE). This issue bypasses the previous fix for issue `#15970` (XSS → RCE v... • https://github.com/siyuan-note/siyuan/commit/0be7e1d4e0da9aac0da850b7aeb9b50ede7e5bdb • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 2.7EPSS: %CPEs: 1EXPL: 0CVE-2025-52660 – HCL AION is affected by an Host Header Injection vulnerability
https://notcve.org/view.php?id=CVE-2025-52660
19 Jan 2026 — This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise. • https://support.hcl-software.com/kb_view.do?sys_kb_id=4b92474633de7ad4159a05273e5c7b4b&searchTerm=kb0127995# • CWE-644: Improper Neutralization of HTTP Headers for Scripting Syntax •
CVSS: 3.1EPSS: %CPEs: 1EXPL: 0CVE-2025-55251 – HCL AION is affected by an Unrestricted File Upload vulnerability
https://notcve.org/view.php?id=CVE-2025-55251
19 Jan 2026 — This can allow malicious file uploads, potentially resulting in unauthorized code execution or system compromise. • https://support.hcl-software.com/kb_view.do?sys_kb_id=4b92474633de7ad4159a05273e5c7b4b&searchTerm=kb0127995# • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23733 – Lobe Chat has Cross-Site Scripting (XSS) issue that may escalate to Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2026-23733
18 Jan 2026 — LobeChat is an open source chat application platform. Prior to version 2.0.0-next.180, a stored Cross-Site Scripting (XSS) vulnerability in the Mermaid artifact renderer allows attackers to execute arbitrary JavaScript within the application context. This XSS can be escalated to Remote Code Execution (RCE) by leveraging the exposed `electronAPI` IPC bridge, allowing attackers to run arbitrary system commands on the victim's machine. Version 2.0.0-next.180 patches the issue. • https://github.com/lobehub/lobe-chat/security/advisories/GHSA-4gpc-rhpj-9443 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.5EPSS: 0%CPEs: -EXPL: 0CVE-2026-0863 – Sandbox escape in n8n Python task runner allows for arbitrary code execution on the underlying host.
https://notcve.org/view.php?id=CVE-2026-0863
18 Jan 2026 — If the instance is operating under the "External" execution mode (ex. n8n's official Docker image) - arbitrary code execution occurs inside a Sidecar container and not the main node, which significantly reduces the vulnerability impact. • https://github.com/n8n-io/n8n/commit/b73a4283cb14e0f27ce19692326f362c7bf3da02 • CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23742 – Skipper arbitrary code execution through lua filters
https://notcve.org/view.php?id=CVE-2026-23742
16 Jan 2026 — Skipper is an HTTP router and reverse proxy for service composition. The default skipper configuration before 0.23.0 was -lua-sources=inline,file. The problem starts if untrusted users can create lua filters, because of -lua-sources=inline , for example through a Kubernetes Ingress resource. The configuration inline allows these user to create a script that is able to read the filesystem accessible to the skipper process and if the user has access to read the logs, they an read skipper secrets. This vulnera... • https://github.com/zalando/skipper/commit/0b52894570773b29e2f3c571b94b4211ef8fa714 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-250: Execution with Unnecessary Privileges CWE-522: Insufficiently Protected Credentials •
CVSS: 9.4EPSS: 0%CPEs: 1EXPL: 0CVE-2026-23722 – WeGIA has a Reflected Cross-Site Scripting (XSS) vulnerability allowing arbitrary code execution and UI redressing.
https://notcve.org/view.php?id=CVE-2026-23722
16 Jan 2026 — WeGIA is a Web Manager for Charitable Institutions. Prior to 3.6.2, a Reflected Cross-Site Scripting (XSS) vulnerability was discovered in the WeGIA system, specifically within the html/memorando/insere_despacho.php file. The application fails to properly sanitize or encode user-supplied input via the id_memorando GET parameter before reflecting it into the HTML source (likely inside a