#ExploitObserverAlert
CVE-2024-2195
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-2195. A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the `/api/runs/search/run/` endpoint, affecting versions >= 3.0.0. The vulnerability resides in the `run_search_api` function of the `aim/web/api/runs/views.py` file, where improper restriction of user access to the `RunView` object allows for the execution of arbitrary code via the `query` parameter. This issue enables attackers to execute arbitrary commands on the server, potentially leading to full system compromise.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
CVE-2024-2195
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-2195. A critical Remote Code Execution (RCE) vulnerability was identified in the aimhubio/aim project, specifically within the `/api/runs/search/run/` endpoint, affecting versions >= 3.0.0. The vulnerability resides in the `run_search_api` function of the `aim/web/api/runs/views.py` file, where improper restriction of user access to the `RunView` object allows for the execution of arbitrary code via the `query` parameter. This issue enables attackers to execute arbitrary commands on the server, potentially leading to full system compromise.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
#ExploitObserverAlert
CVE-2023-30801
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to CVE-2023-30801. All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and execute arbitrary operating system commands using the "external program" feature in the web user interface. This was reportedly exploited in the wild in March 2023.
FIRST-EPSS: 0.001160000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.5964737
CVE-2023-30801
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to CVE-2023-30801. All versions of the qBittorrent client through 4.5.5 use default credentials when the web user interface is enabled. The administrator is not forced to change the default credentials. As of 4.5.5, this issue has not been fixed. A remote attacker can use the default credentials to authenticate and execute arbitrary operating system commands using the "external program" feature in the web user interface. This was reportedly exploited in the wild in March 2023.
FIRST-EPSS: 0.001160000
NVD-IS: 5.9
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.5964737
#ExploitObserverAlert
CVE-2018-14636
DESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to CVE-2018-14636. Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3, 11.0.5 are vulnerable.
FIRST-EPSS: 0.001240000
NVD-IS: 3.6
NVD-ES: 1.6
ARPS-EXPLOITABILITY: 0.5817243
CVE-2018-14636
DESCRIPTION: Exploit Observer has 8 entries in 2 file formats related to CVE-2018-14636. Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due to the Open vSwitch integration bridge being connected to the instance during migration. When connected to the integration bridge, all traffic for instances using the same Open vSwitch instance would potentially be visible to the migrated guest, as the required Open vSwitch VLAN filters are only applied post-migration. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3, 11.0.5 are vulnerable.
FIRST-EPSS: 0.001240000
NVD-IS: 3.6
NVD-ES: 1.6
ARPS-EXPLOITABILITY: 0.5817243
#ExploitObserverAlert
CVE-2023-50268
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to CVE-2023-50268. jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5959611
CVE-2023-50268
DESCRIPTION: Exploit Observer has 10 entries in 3 file formats related to CVE-2023-50268. jq is a command-line JSON processor. Version 1.7 is vulnerable to stack-based buffer overflow in builds using decNumber. Version 1.7.1 contains a patch for this issue.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5959611
#ExploitObserverAlert
CVE-2023-34969
DESCRIPTION: Exploit Observer has 15 entries in 4 file formats related to CVE-2023-34969. D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.
FIRST-EPSS: 0.000540000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.6006409
CVE-2023-34969
DESCRIPTION: Exploit Observer has 15 entries in 4 file formats related to CVE-2023-34969. D-Bus before 1.15.6 sometimes allows unprivileged users to crash dbus-daemon. If a privileged user with control over the dbus-daemon is using the org.freedesktop.DBus.Monitoring interface to monitor message bus traffic, then an unprivileged user with the ability to connect to the same dbus-daemon can cause a dbus-daemon crash under some circumstances via an unreplyable message. When done on the well-known system bus, this is a denial-of-service vulnerability. The fixed versions are 1.12.28, 1.14.8, and 1.15.6.
FIRST-EPSS: 0.000540000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.6006409
#ExploitObserverAlert
CVE-2024-2196
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-2196. aimhubio/aim is vulnerable to Cross-Site Request Forgery (CSRF), allowing attackers to perform actions such as deleting runs, updating data, and stealing data like log records and notes without the user's consent. The vulnerability stems from the lack of CSRF and CORS protection in the aim dashboard. An attacker can exploit this by tricking a user into executing a malicious script that sends unauthorized requests to the aim server, leading to potential data loss and unauthorized data manipulation.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5986414
CVE-2024-2196
DESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-2196. aimhubio/aim is vulnerable to Cross-Site Request Forgery (CSRF), allowing attackers to perform actions such as deleting runs, updating data, and stealing data like log records and notes without the user's consent. The vulnerability stems from the lack of CSRF and CORS protection in the aim dashboard. An attacker can exploit this by tricking a user into executing a malicious script that sends unauthorized requests to the aim server, leading to potential data loss and unauthorized data manipulation.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5986414
#ExploitObserverAlert
CVE-2024-1600
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1600. A Local File Inclusion (LFI) vulnerability exists in the parisneo/lollms-webui application, specifically within the `/personalities` route. An attacker can exploit this vulnerability by crafting a URL that includes directory traversal sequences (`../../`) followed by the desired system file path, URL encoded. Successful exploitation allows the attacker to read any file on the filesystem accessible by the web server. This issue arises due to improper control of filename for include/require statement in the application.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
CVE-2024-1600
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1600. A Local File Inclusion (LFI) vulnerability exists in the parisneo/lollms-webui application, specifically within the `/personalities` route. An attacker can exploit this vulnerability by crafting a URL that includes directory traversal sequences (`../../`) followed by the desired system file path, URL encoded. Successful exploitation allows the attacker to read any file on the filesystem accessible by the web server. This issue arises due to improper control of filename for include/require statement in the application.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
#ExploitObserverAlert
CVE-2023-36054
DESCRIPTION: Exploit Observer has 13 entries in 5 file formats related to CVE-2023-36054. lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
FIRST-EPSS: 0.002670000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.6171401
CVE-2023-36054
DESCRIPTION: Exploit Observer has 13 entries in 5 file formats related to CVE-2023-36054. lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.
FIRST-EPSS: 0.002670000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.6171401
#ExploitObserverAlert
CVE-2018-14635
DESCRIPTION: Exploit Observer has 12 entries in 2 file formats related to CVE-2018-14635. When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3 and 11.0.5 are vulnerable.
FIRST-EPSS: 0.002230000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5854138
CVE-2018-14635
DESCRIPTION: Exploit Observer has 12 entries in 2 file formats related to CVE-2018-14635. When using the Linux bridge ml2 driver, non-privileged tenants are able to create and attach ports without specifying an IP address, bypassing IP address validation. A potential denial of service could occur if an IP address, conflicting with existing guests or routers, is then assigned from outside of the allowed allocation pool. Versions of openstack-neutron before 13.0.0.0b2, 12.0.3 and 11.0.5 are vulnerable.
FIRST-EPSS: 0.002230000
NVD-IS: 3.6
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5854138
#ExploitObserverAlert
CVE-2023-47465
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-47465. An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5935014
CVE-2023-47465
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-47465. An issue in GPAC v.2.2.1 and before allows a local attacker to cause a denial of service (DoS) via the ctts_box_read function of file src/isomedia/box_code_base.c.
FIRST-EPSS: 0.000420000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5935014
#ExploitObserverAlert
CVE-2024-1602
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1602. parisneo/lollms-webui is vulnerable to stored Cross-Site Scripting (XSS) that leads to Remote Code Execution (RCE). The vulnerability arises due to inadequate sanitization and validation of model output data, allowing an attacker to inject malicious JavaScript code. This code can be executed within the user's browser context, enabling the attacker to send a request to the `/execute_code` endpoint and establish a reverse shell to the attacker's host. The issue affects various components of the application, including the handling of user input and model output.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
CVE-2024-1602
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-1602. parisneo/lollms-webui is vulnerable to stored Cross-Site Scripting (XSS) that leads to Remote Code Execution (RCE). The vulnerability arises due to inadequate sanitization and validation of model output data, allowing an attacker to inject malicious JavaScript code. This code can be executed within the user's browser context, enabling the attacker to send a request to the `/execute_code` endpoint and establish a reverse shell to the attacker's host. The issue affects various components of the application, including the handling of user input and model output.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
#ExploitObserverAlert
CVE-2023-49557
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-49557. An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the yasm_section_bcs_first function in the libyasm/section.c component.
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5963488
CVE-2023-49557
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-49557. An issue in YASM 1.3.0.86.g9def allows a remote attacker to cause a denial of service via the yasm_section_bcs_first function in the libyasm/section.c component.
FIRST-EPSS: 0.000680000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5963488
#ExploitObserverAlert
CVE-2024-3101
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-3101. In mintplex-labs/anything-llm, an improper input validation vulnerability allows attackers to escalate privileges by deactivating 'Multi-User Mode'. By sending a specially crafted curl request with the 'multi_user_mode' parameter set to false, an attacker can deactivate 'Multi-User Mode'. This action permits the creation of a new admin user without requiring a password, leading to unauthorized administrative access.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
CVE-2024-3101
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-3101. In mintplex-labs/anything-llm, an improper input validation vulnerability allows attackers to escalate privileges by deactivating 'Multi-User Mode'. By sending a specially crafted curl request with the 'multi_user_mode' parameter set to false, an attacker can deactivate 'Multi-User Mode'. This action permits the creation of a new admin user without requiring a password, leading to unauthorized administrative access.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5780347
#ExploitObserverAlert
CVE-2023-49463
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-49463. libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc.
FIRST-EPSS: 0.000940000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5905308
CVE-2023-49463
DESCRIPTION: Exploit Observer has 8 entries in 3 file formats related to CVE-2023-49463. libheif v1.17.5 was discovered to contain a segmentation violation via the function find_exif_tag at /libheif/exif.cc.
FIRST-EPSS: 0.000940000
NVD-IS: 5.9
NVD-ES: 2.8
ARPS-EXPLOITABILITY: 0.5905308
#ExploitObserverAlert
CVE-2023-51713
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-51713. make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.5963488
CVE-2023-51713
DESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2023-51713. make_ftp_cmd in main.c in ProFTPD before 1.3.8a has a one-byte out-of-bounds read, and daemon crash, because of mishandling of quote/backslash semantics.
FIRST-EPSS: 0.000530000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.5963488
#ExploitObserverAlert
CVE-2022-2806
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2022-2806. It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5941964
CVE-2022-2806
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2022-2806. It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev
FIRST-EPSS: 0.000440000
NVD-IS: 3.6
NVD-ES: 1.8
ARPS-EXPLOITABILITY: 0.5941964
#ExploitObserverAlert
CVE-2024-29834
DESCRIPTION: Exploit Observer has 13 entries in 4 file formats related to CVE-2024-29834. This vulnerability allows authenticated users with produce or consume permissions to perform unauthorized operations on partitioned topics, such as unloading topics and triggering compaction. These management operations should be restricted to users with the tenant admin role or superuser role. An authenticated user with produce permission can create subscriptions and update subscription properties on partitioned topics, even though this should be limited to users with consume permissions. This impact analysis assumes that Pulsar has been configured with the default authorization provider. For custom authorization providers, the impact could be slightly different. Additionally, the vulnerability allows an authenticated user to read, create, modify, and delete namespace properties in any namespace in any tenant. In Pulsar, namespace properties are reserved for user provided metadata about the namespace. This issue affects Apache Pulsar versions from 2.7.1 to 2.10.6, from 2.11.0 to 2.11.4, from 3.0.0 to 3.0.3, from 3.1.0 to 3.1.3, and from 3.2.0 to 3.2.1. 3.0 Apache Pulsar users should upgrade to at least 3.0.4. 3.1 and 3.2 Apache Pulsar users should upgrade to at least 3.2.2. Users operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.715534
CVE-2024-29834
DESCRIPTION: Exploit Observer has 13 entries in 4 file formats related to CVE-2024-29834. This vulnerability allows authenticated users with produce or consume permissions to perform unauthorized operations on partitioned topics, such as unloading topics and triggering compaction. These management operations should be restricted to users with the tenant admin role or superuser role. An authenticated user with produce permission can create subscriptions and update subscription properties on partitioned topics, even though this should be limited to users with consume permissions. This impact analysis assumes that Pulsar has been configured with the default authorization provider. For custom authorization providers, the impact could be slightly different. Additionally, the vulnerability allows an authenticated user to read, create, modify, and delete namespace properties in any namespace in any tenant. In Pulsar, namespace properties are reserved for user provided metadata about the namespace. This issue affects Apache Pulsar versions from 2.7.1 to 2.10.6, from 2.11.0 to 2.11.4, from 3.0.0 to 3.0.3, from 3.1.0 to 3.1.3, and from 3.2.0 to 3.2.1. 3.0 Apache Pulsar users should upgrade to at least 3.0.4. 3.1 and 3.2 Apache Pulsar users should upgrade to at least 3.2.2. Users operating versions prior to those listed above should upgrade to the aforementioned patched versions or newer versions.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.715534
#ExploitObserverAlert
CVE-2024-31864
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-31864. Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Zeppelin. The attacker can inject sensitive configuration or malicious code when connecting MySQL database via JDBC driver. This issue affects Apache Zeppelin: before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.5747126
CVE-2024-31864
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-31864. Improper Control of Generation of Code ('Code Injection') vulnerability in Apache Zeppelin. The attacker can inject sensitive configuration or malicious code when connecting MySQL database via JDBC driver. This issue affects Apache Zeppelin: before 0.11.1. Users are recommended to upgrade to version 0.11.1, which fixes the issue.
FIRST-EPSS: 0.000450000
ARPS-EXPLOITABILITY: 0.5747126
#ExploitObserverAlert
CVE-2024-27992
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2024-27992. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Whisper Link Whisper Free allows Reflected XSS.This issue affects Link Whisper Free: from n/a through 0.6.8.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5986263
CVE-2024-27992
DESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2024-27992. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Whisper Link Whisper Free allows Reflected XSS.This issue affects Link Whisper Free: from n/a through 0.6.8.
FIRST-EPSS: 0.000430000
ARPS-EXPLOITABILITY: 0.5986263
#ExploitObserverAlert
CVE-2023-5824
DESCRIPTION: Exploit Observer has 19 entries in 4 file formats related to CVE-2023-5824. Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
FIRST-EPSS: 0.009670000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.6359197
CVE-2023-5824
DESCRIPTION: Exploit Observer has 19 entries in 4 file formats related to CVE-2023-5824. Squid is vulnerable to Denial of Service attack against HTTP and HTTPS clients due to an Improper Handling of Structural Elements bug.
FIRST-EPSS: 0.009670000
NVD-IS: 3.6
NVD-ES: 3.9
ARPS-EXPLOITABILITY: 0.6359197
#ExploitObserverAlert
CVE-2024-21508
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-21508. Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.
FIRST-EPSS: 0.000440000
ARPS-EXPLOITABILITY: 0.6373563
CVE-2024-21508
DESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-21508. Versions of the package mysql2 before 3.9.4 are vulnerable to Remote Code Execution (RCE) via the readCodeFor function due to improper validation of the supportBigNumbers and bigNumberStrings values.
FIRST-EPSS: 0.000440000
ARPS-EXPLOITABILITY: 0.6373563