CVSS: 8.2EPSS: %CPEs: 1EXPL: 0CVE-2026-0805 – Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Crafty Controller
https://notcve.org/view.php?id=CVE-2026-0805
30 Jan 2026 — An input neutralization vulnerability in the Backup Configuration component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal. • https://gitlab.com/crafty-controller/crafty-4/-/issues/650 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.9EPSS: %CPEs: 1EXPL: 0CVE-2026-0963 – Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Crafty Controller
https://notcve.org/view.php?id=CVE-2026-0963
30 Jan 2026 — An input neutralization vulnerability in the File Operations API Endpoint component of Crafty Controller allows a remote, authenticated attacker to perform file tampering and remote code execution via path traversal. • https://gitlab.com/crafty-controller/crafty-4/-/issues/660 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.4EPSS: %CPEs: 1EXPL: 0CVE-2026-1665 – Command Injection in nvm via NVM_AUTH_HEADER in wget code path
https://notcve.org/view.php?id=CVE-2026-1665
29 Jan 2026 — The nvm_download() function uses eval to execute wget commands, and the NVM_AUTH_HEADER environment variable was not sanitized in the wget code path (though it was sanitized in the curl code path). An attacker who can set environment variables in a victim's shell environment (e.g., via malicious CI/CD configurations, compromised dotfiles, or Docker images) can inject arbitrary shell commands that execute when the victim runs nvm commands that trigger downloads, such as 'nvm insta... • https://github.com/nvm-sh/nvm • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-95: Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') •
CVSS: 9.0EPSS: %CPEs: 1EXPL: 0CVE-2026-25116 – Runtipi vulnerable to unauthenticated docker-compose.yml Overwrite via Path Traversal
https://notcve.org/view.php?id=CVE-2026-25116
29 Jan 2026 — Starting in version 4.5.0 and prior to version 4.7.2, an unauthenticated Path Traversal vulnerability in the `UserConfigController` allows any remote user to overwrite the system's `docker-compose.yml` configuration file. By exploiting insecure URN parsing, an attacker can replace the primary stack configuration with a malicious one, resulting in full Remote Code Execution (RCE) and host filesystem compromise the next time the instance is restarted by the ope... • https://github.com/runtipi/runtipi/releases/tag/v4.7.2 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-306: Missing Authentication for Critical Function •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2026-1340
https://notcve.org/view.php?id=CVE-2026-1340
29 Jan 2026 — A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: %CPEs: -EXPL: 0CVE-2026-1281 – Ivanti Endpoint Manager Mobile (EPMM) Code Injection Vulnerability
https://notcve.org/view.php?id=CVE-2026-1281
29 Jan 2026 — A code injection in Ivanti Endpoint Manager Mobile allowing attackers to achieve unauthenticated remote code execution. Ivanti Endpoint Manager Mobile (EPMM) contains a code injection vulnerability that could allow attackers to achieve unauthenticated remote code execution. • https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Endpoint-Manager-Mobile-EPMM-CVE-2026-1281-CVE-2026-1340 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: %CPEs: -EXPL: 0CVE-2026-1457 – Authenticated RCE Vulnerability Due to Buffer Overflow on TP-Link VIGI C385
https://notcve.org/view.php?id=CVE-2026-1457
29 Jan 2026 — An authenticated buffer handling flaw in TP-Link VIGI C385 V1 Web API lacking input sanitization, may allow memory corruption leading to remote code execution. An authenticated buffer handling flaw in TP-Link VIGI C385 V1 Web API lacking input sanitization, may allow memory corruption leading to remote code execution. Authenticated attackers may trigger buffer overflow and potentially execute arbitrary code with elevated privileges. Authenticate... • https://www.tp-link.com/en/support/download/vigi-c385/v1/#Firmware • CWE-121: Stack-based Buffer Overflow •
CVSS: 9.8EPSS: %CPEs: 1EXPL: 0CVE-2026-24780 – AutoGPT is Vulnerable to RCE via Disabled Block Execution
https://notcve.org/view.php?id=CVE-2026-24780
29 Jan 2026 — Any authenticated user can execute the disabled `BlockInstallationBlock`, which writes arbitrary Python code to the server filesystem and executes it via `__import__()`, achieving Remote Code Execution. • https://github.com/Significant-Gravitas/AutoGPT/blob/master/autogpt_platform/backend/backend/api/external/v1/routes.py#L79-L93 • CWE-94: Improper Control of Generation of Code ('Code Injection') CWE-276: Incorrect Default Permissions CWE-863: Incorrect Authorization •
CVSS: 8.5EPSS: %CPEs: 1EXPL: 1CVE-2020-37017 – CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path
https://notcve.org/view.php?id=CVE-2020-37017
29 Jan 2026 — CodeMeter 6.60 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CodeMeter Runtime Server service to inject malicious code that would execute with LocalSystem permissions. • https://www.vulncheck.com/advisories/codemeter-codemeterexe-unquoted-service-path • CWE-428: Unquoted Search Path or Element •
CVSS: 8.4EPSS: %CPEs: 1EXPL: 2CVE-2020-37013 – Audio Playback Recorder 3.2.2 - Local Buffer Overflow (SEH)
https://notcve.org/view.php?id=CVE-2020-37013
29 Jan 2026 — Audio Playback Recorder 3.2.2 contains a local buffer overflow vulnerability in the eject and registration parameters that allows attackers to execute arbitrary code. Attackers can craft malicious payloads and overwrite Structured Exception Handler (SEH) to execute shellcode when pasting specially crafted input into the application's input fields. • https://archive.org/details/tucows_288670_Audio_Playback_Recorder • CWE-121: Stack-based Buffer Overflow •