ZDI-26-031: (0Day) Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit... 10/01/2026 Zero-Day Initiative
ZDI-26-030: (0Day) GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to... 10/01/2026 Zero-Day Initiative
ZDI-26-029: (0Day) GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to... 10/01/2026 Zero-Day Initiative
ZDI-26-028: (0Day) GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Interaction with a malicious DAAS... 10/01/2026 Zero-Day Initiative
Cisco Identity Services Engine XML External Entity Processing Information Disclosure Vulnerability (CVE-2026-20029) Cisco released a security advisory to address a medium-severity vulnerability impacting Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC. Tracked as CVE-2026-20029,... 09/01/2026 Qualys-Threat-Protect
N8n Warns of Remote Code Execution Vulnerability (CVE-2026-21877) N8n is vulnerable to a maximum severity flaw that could allow an authenticated attacker to execute arbitrary code with the... 09/01/2026 Qualys-Threat-Protect
N8n Critical Arbitrary Command Execution Vulnerability (CVE-2025-68668) A new vulnerability has been discovered in n8n, an open-source workflow automation tool. Tracked as CVE-2025-68668, the vulnerability has a critical severity rating with a CVSS score of 9.9. Successful exploitation of the... 06/01/2026 Qualys-Threat-Protect
ZDI-25-1202: (0Day) Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1201: (0Day) Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to... 31/12/2025 Zero-Day Initiative
ZDI-25-1200: (0Day) Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to... 31/12/2025 Zero-Day Initiative
