PoC Week 2026-07-13
The most featured CVEs in this week’s security newsletters, with public Proof-of-Concepts, ordered by mention count.
For the most up-to-date and accurate info, visit the NIST links. Always audit PoCs thoroughly before running them. I don’t vouch for any links in this list: follow them with caution.
CVE-2026-56290 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: Joomla extension Page Builder CK
- Description: The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.
- Remediation:
- More Info: NVD - CVE-2026-56290
- PoC:
CVE-2026-48282 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: Adobe ColdFusion
- Description: Adobe ColdFusion is affected by a path traversal vulnerability in its Remote Development Services (RDS) component that allows for arbitrary file writes and remote code execution. This flaw enables an unauthenticated attacker to bypass directory restrictions and place malicious files on the host system.
- Remediation:
- More Info: NVD - CVE-2026-48282
- PoC:
CVE-2026-40047 NEW
- Severity: 9.1 CRITICAL
- Impacted Products: Apache Camel 4.15.0, Apache Camel 4.16.0, Apache Camel 4.17.0, Apache Camel 4.18.0, Apache Camel 4.18.1
- Description: Apache Camel is affected by an argument injection and directory traversal vulnerability in its camel-docling component. This flaw allows an attacker to pass unintended command-line flags or manipulate file paths when the application invokes the external
doclingtool. - Remediation:
- More Info: NVD - CVE-2026-40047
- PoC:
CVE-2026-8655 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: NetScaler ADC, NetScaler Gateway
- Description: Multiple Memory overflow vulnerabilities in NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if NetScaler ADC is configured as an LB of type Oracle OR NetScaler ADC is configured as a DNS Proxy OR NetScaler ADC is configured as a DNS recursive resolver deployment
- Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
- More Info: NVD - CVE-2026-8655
- PoC:
CVE-2026-8452 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: NetScaler ADC, NetScaler Gateway
- Description: Memory overflow vulnerability NetScaler ADC and NetScaler Gateway leading to unpredictable or erroneous behavior and Denial of Service if the appliance is configured as a Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server
- Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
- More Info: NVD - CVE-2026-8452
- PoC:
CVE-2026-58138 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: Orkes Conductor 3.21.21, Orkes Conductor 3.30.2
- Description: Orkes Conductor 3.21.21 before 3.30.2 contains an unauthenticated remote code execution vulnerability that allows remote attackers to execute arbitrary OS commands by submitting inline workflow definitions containing malicious JavaScript or Python expressions to the workflow API endpoint prior to authentication.
- Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
- More Info: NVD - CVE-2026-58138
- PoC:
CVE-2026-58127 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: PACSgear MediaWriter 5.2.1
- Description: PACSgear MediaWriter 5.2.1 exposes a .NET Remoting TCP service on port 9000 via PacsgearMediaServerEngine.dll, registered with ObjectURIs RemoteObj and UIRemoteObj, without any authentication requirement. By exploiting the MarshalByRefObject object unmarshalling technique and implementing .NET WebClient class methods, an unauthenticated remote attacker can read and write arbitrary files on the host filesystem.
- Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
- More Info: NVD - CVE-2026-58127
- PoC:
CVE-2026-58126 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: PACSgear PACS Scan 5.2.1
- Description: PACSgear PACS Scan 5.2.1 contains an unauthenticated remote code execution vulnerability that allows remote attackers to read and write arbitrary files by exploiting an exposed .NET Remoting TCP service on port 22222 via PGImageExchQueue.exe without any authentication requirement.
- Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
- More Info: NVD - CVE-2026-58126
- PoC:
CVE-2026-58116 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: LLaMA-Factory 0.9.5
- Description: LLaMA-Factory through 0.9.5 contains a remote code execution vulnerability that allows attackers with WebUI access to execute arbitrary Python code by supplying a malicious model path in the Chat or Training interfaces. The application passes user-supplied model path input unvalidated into AutoTokenizer.from_pretrained() and AutoModel.
- Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
- More Info: NVD - CVE-2026-58116
- PoC:
CVE-2026-57517 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: Control Web Panel (CWP) versions prior to 0.9.8.1225
- Description: Control Web Panel (CWP) versions prior to 0.9.8.1225 contain a blind SQL injection vulnerability in the user interface portal that allows unauthenticated remote attackers to execute arbitrary SQL queries. Successful exploitation can lead to remote code execution by leveraging database privileges to write malicious files to the server.
- Remediation: Follow vendor security advisories and apply the latest patches. Review affected systems and prioritize patching based on exploitability and business impact.
- More Info: NVD - CVE-2026-57517
- PoC:
CVE-2026-51947 NEW
- Severity: 9.8 CRITICAL
- Impacted Products: Pivotal CRM 6.6.4.08, Pivotal CRM 6.6.5.10, patch-ghi-15381-cwe-502-20251225.zip, Patch_CWE502_20260316.zip
- Description: An issue in Pivotal CRM 6.6.4.08 and systems using patch-ghi-15381-cwe-502-20251225.zip (fixed in Pivotal CRM 6.6.5.10 and Patch_CWE502_20260316.zip) allows a remote attacker to execute arbitrary code via the Pivotal.Engine.Client.Services.Conversion.dll component. NOTE: this issue exists because of an incomplete fix for CVE-2026-39253.
- Remediation:
- More Info: NVD - CVE-2026-51947
- PoC:
CVE-2026-34038 NEW
- Severity: 9.9 CRITICAL
- Impacted Products: Coolify, prior to 4.0.0-beta.469
- Description: Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, an authenticated remote command injection vulnerability in application deployment handling allows users with application write permissions to achieve remote code execution and exfiltrate sensitive environment variables through deployment logs via fields such as dockerfile_location and deployment commands. This issue is fixed in version 4.0.0-beta.469.
- Remediation:
- More Info: NVD - CVE-2026-34038
- PoC:
CVE-2020-1938
- Severity: 9.8 CRITICAL
- Impacted Products: Apache Tomcat
- Description: A vulnerability exists within the AJP Connector in Tomcat because the default configuration allows AJP connections to have higher trust and it is also enabled to listen on all configured IP addresses. Apache wrote that the risks were previously documented and they recommended steps to disable the Connector if it wasn’t required.
- Remediation:
- More Info: NVD - CVE-2020-1938
- PoC:
CVE-2026-53359 NEW
- Severity: 7.8 HIGH
- Impacted Products: Linux kernel
- Description: The Linux kernel is affected by a use-after-free vulnerability in the Kernel-based Virtual Machine (KVM) x86 shadow paging mechanism. This flaw arises from an unexpected role mismatch when a page directory entry (PDE) mapping is modified, which can lead to system instability or arbitrary code execution.
- Remediation:
- More Info: NVD - CVE-2026-53359
- PoC:
CVE-2026-43499 NEW
- Severity: 7.8 HIGH
- Impacted Products: Linux kernel
- Description: The Linux kernel is affected by a use-after-free vulnerability in the rtmutex component during proxy-lock rollback operations. This flaw exists because the remove_waiter() function incorrectly operates on the current task instead of the specific waiter task when invoked via the futex_requeue() path.
- Remediation:
- More Info: NVD - CVE-2026-43499
- PoC:
CVE-2026-39253 NEW
- Severity: 8.1 HIGH
- Impacted Products: Pivotal CRM v.6.6.04.08
- Description: An issue in Pivotal CRM v.6.6.04.08 allows a remote attacker to execute arbitrary code via the Pivotal.Core.Common.dll and Pivotal.Engine.Client.Services.Conversion.dll components.
- Remediation:
- More Info: NVD - CVE-2026-39253
- PoC:
References
This list was scraped from the quite amazing and highly recommended newsletters below:
Thanks for reading! For corrections, omissions (e.g. newsletter recs) feel free to get in touch.