FUXA 1.2.8 - Authentication Bypass + RCE Exploit

Python-Multipart 0.0.22 - Path Traversal

Google Chrome 145.0.7632.75 - CSSFontFeatureValuesMap

Windows 11 23H2 - Denial of Service (DoS)

Repetier-Server 1.4.10 - Path Traversal

HUSTOJ Zip-Slip v26.01.24 - RCE

BusyBox 1.37.0 - Path Traversal

Windows 11 25H2 - Heap Overflow

JUNG Smart Visu Server 1.1.1050 - Dos

SumatraPDF 3.5.2 - Remote Code Execution

NiceGUI 3.6.1 - Path Traversal

Frigate NVR 0.16.3 - Remote Code Execution

Js2Py 0.74 - RCE

Camaleon CMS v2.9.0 - Path Traversal

Cybersecurity AI (CAI) Framework 0.5.10 - Command Injection

Erugo 0.2.14 - Remote Code Execution (RCE)

deephas 1.0.7 - Prototype Pollution

SUSE Manager 4.3.15 - Code Execution

Posted by Milan Berger via Fulldisclosure on Apr 29

# Security Advisory: ESP-RFID-Tool v2 PRO

**Product:** ESP-RFID-Tool v2 PRO
**Vendor:** Raik Schneider (Einstein2150), foto-video-it.de
**Repository:** https://github.com/Einstein2150/ESP-RFID-Tool-v2
**Affected Version:** v2.2.1 (latest as of 2026-04-28)
**Severity:** CRITICAL
**Disclosure Type:** Full Public Disclosure
**Disclosure Date:** 2026-04-28
**Researcher:** Milan 't4c' Berger

---

## Disclosure Timeline

| Date | Event |...

Posted by SEC Consult Vulnerability Lab via Fulldisclosure on Apr 29

*Update 2026-04-28:* The vendor contacted us and now provides a patched version v1.3.674 which can be obtained at the
following URL:

https://desktime.com/download