6.5
CVE-2026-0622 - Open 5GS WebUI uses a hard-coded JWT signing key
Open 5GS WebUI uses a hard-coded JWT signing key (change-me) whenever the environment variable JWT_SECRET_KEY is unset
6.5
CVE-2026-1245 - CVE-2026-1245
A code injection vulnerability in the binary-parser library prior to version 2.3.0 allows arbitrary JavaScript code execution when untrusted values are used in parser field names or encoding parameters. The library directly interpolates these values into dynamically generated code without sanitizatβ¦
6.7
CVE-2025-33231 -
NVIDIA Nsight Systems for Windows contains a vulnerability in the applicationβs DLL loading mechanism where an attacker could cause an uncontrolled search path element by exploiting insecure DLL search paths. A successful exploit of this vulnerability might lead to code execution, escalation of priβ¦
7.3
CVE-2025-33230 - nsight-systems: NVIDIA Nsight Systems for Linux: Privilege escalation and code execution via OS comβ¦
NVIDIA Nsight Systems for Linux contains a vulnerability in the .run installer, where an attacker could cause an OS command injection by supplying a malicious string to the installation path. A successful exploit of this vulnerability might lead to escalation of privileges, code execution, data tamβ¦
7.3
CVE-2025-33229 - nsight-systems: NVIDIA Nsight Visual Studio for Windows: Arbitrary Code Execution and Privilege Escβ¦
NVIDIA Nsight Visual Studio for Windows contains a vulnerability in Nsight Monitor where an attacker can execute arbitrary code with the same privileges as the NVIDIA Nsight Visual Studio Edition Monitor application. A successful exploit of this vulnerability may lead to escalation of privileges, cβ¦
7.3
CVE-2025-33228 - nsight-systems: Nsight Systems: Arbitrary code execution via OS command injection
NVIDIA Nsight Systems contains a vulnerability in the gfx_hotspot recipe, where an attacker could cause an OS command injection by supplying a malicious string to the process_nsys_rep_cli.py script if the script is invoked manually. A successful exploit of this vulnerability might lead to code execβ¦
7.8
CVE-2025-33233 -
NVIDIA Merlin Transformers4Rec for all platforms contains a vulnerability where an attacker could cause code injection. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.
5.3
CVE-2025-36419 - Multiple vulnerabilities found in IBM ApplinX.
IBM ApplinX 11.1 could disclose sensitive information about server architecture that could aid in further attacks against the system.
7.3
CVE-2025-36418 - Multiple vulnerabilities found in IBM ApplinX.
IBM ApplinX 11.1 is vulnerable due to a privilege escalation vulnerability due to improper verification of JWT tokens. An attacker may be able to craft or modify a JSON web token in order to impersonate another user or to elevate their privileges.
3.5
CVE-2025-36411 - Multiple vulnerabilities found in IBM ApplinX.
IBM ApplinX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.