Nuclei Templates Added for CWP Control Web Panel and Letta AI RCE Flaws
ProjectDiscovery's nuclei-templates repository added detection content for two remote code execution vulnerabilities: CVE-2025-48703 affecting CWP Control Web Panel and CVE-2025-51482 affecting Letta AI. One pull request identifies the CWP issue as an RCE flaw, while a second names an RCE path in Letta AI via the /v1/tools/run endpoint.
The references indicate public detection coverage is being created for both issues, which can increase defender visibility as well as attacker awareness. The available material does not include affected versions, exploitation evidence, patch guidance, or victim impact, but it does confirm that both vulnerabilities were significant enough to warrant dedicated nuclei checks for internet-exposed systems.
Timeline
Apr 4, 2026
Nuclei template PR references CVE-2025-51482 in Letta AI
A separate GitHub pull request in the projectdiscovery/nuclei-templates repository referenced CVE-2025-51482 as a remote code execution vulnerability affecting Letta AI via /v1/tools/run. The available reference does not provide remediation, exploitation, or impact details.
Apr 4, 2026
Nuclei template PR references CVE-2025-48703 in CWP Control Web Panel
A GitHub pull request in the projectdiscovery/nuclei-templates repository referenced CVE-2025-48703 as a remote code execution vulnerability affecting CWP Control Web Panel. The available reference does not include patch, exploitation, or victim details.
See the full picture in Mallory
Mallory subscribers get deeper analysis on every story, including:
Who’s affected and how
Deep-dive technical analysis
Actionable next steps for your team
IPs, domains, hashes, and more
Ask questions and take action on every story
Filter by topic, classification, timeframe
Get matching stories delivered automatically
Related Entities
Vulnerabilities
Organizations
Affected Products
Sources
Related Stories
Nuclei Templates Added for WordPress SSTI and Nginx UI Access Control Flaws
ProjectDiscovery contributors opened and advanced Nuclei template pull requests for two newly tracked vulnerabilities: **`CVE-2026-4257`**, a **server-side template injection** issue in the **WordPress Contact Form by Supsystic** plugin, and **`CVE-2026-33032`**, a **broken access control** flaw in **Nginx UI**. The GitHub activity shows template development intended to support detection of both issues, with one pull request referencing a new `CVE-2026-4257.yaml` file and another marked ready to merge for the Nginx UI vulnerability. The available records are limited to repository metadata and do not include technical write-ups, affected version ranges, exploitation details, or vendor remediation guidance. Even so, the publication of detection content for these CVEs indicates that security researchers are operationalizing checks for exposed systems, and defenders using Nuclei should watch for template releases covering both the WordPress plugin SSTI and the Nginx UI authorization weakness.
3 weeks ago
Nuclei Templates Added for MITRE Caldera RCE and GitLab SAML Auth Bypass
ProjectDiscovery contributors submitted new Nuclei detection templates for two newly tracked vulnerabilities: **`CVE-2025-27364`**, described as an **unauthenticated remote code execution** flaw in **MITRE Caldera**, and **`CVE-2025-25291`**, an **authentication bypass** issue in **`ruby-saml`** affecting **GitLab SAML SSO** deployments. The references indicate both issues were significant enough to prompt rapid addition of scanning coverage in the public `nuclei-templates` repository. Available details remain limited because the source material is drawn from GitHub pull request metadata rather than full advisories, but the vulnerability labels point to potentially high-impact exposure in identity and adversary-emulation infrastructure. Security teams using **GitLab SAML single sign-on** or **MITRE Caldera** should track vendor guidance, validate exposure to **`CVE-2025-25291`** and **`CVE-2025-27364`**, and prepare to use updated detection content as part of vulnerability assessment workflows.
1 months ago
Nuclei Templates Added for Ghost CMS SQLi and n8n Form Node RCE
ProjectDiscovery's public `nuclei-templates` repository received new detection content for two newly tracked web application flaws: **CVE-2026-26980** in Ghost CMS and **CVE-2026-27493** in n8n. One pull request adds a template for a Ghost CMS **SQL injection** issue, with the contributor reporting validation against both vulnerable and patched targets to improve detection accuracy and reduce false positives. A second pull request adds coverage for a **critical unauthenticated expression injection** flaw in n8n Form nodes that can lead to remote code execution. The n8n issue affects versions earlier than **2.10.1**, **2.9.3**, and **1.123.22**, and the proposed template targets the `/form/contact-us` endpoint. The submission says attacker-controlled expressions in form fields are double-evaluated by the server, allowing arbitrary shell command execution; the detection logic verifies exploitation by looking for Linux `uid`/`gid` output after running a command in a controlled test. Both submissions were reported as validated on vulnerable and patched hosts and entered the standard GitHub review workflow, signaling rapidly emerging scanner coverage for high-impact Ghost CMS and n8n exposures.
1 months ago