ThreatScope by DIAMATIX: Critical Vulnerabilities Actively Exploited (02–08 February 2026)
During the period 02–08 February 2026, DIAMATIX security teams analyzed a set of high-severity vulnerabilities that highlight a recurring pattern across modern environments: execution, automation, and management layers remain prime targets when trust boundaries fail.
This week’s findings span workflow automation platforms, AI frameworks, CMS plugins, network devices, and security infrastructure components. While the affected technologies differ, the underlying risk drivers remain consistent: remote code execution, privilege escalation, authentication bypass, and sandbox escape.
Below, vulnerabilities are grouped by affected area, with context on why each group matters in real-world deployments.
Summary Overview
| Affected Area | Vulnerability Type | Potential Impact |
|---|---|---|
| Workflow automation platforms | Code injection | Remote code execution |
| Remote management interfaces | Token exposure | Full system compromise |
| Web applications (CMS) | Privilege escalation | Administrator takeover |
| Network devices | OS command injection | Device-level compromise |
| AI & agent frameworks | Arbitrary file write | Host compromise |
| JavaScript sandboxing | Sandbox escape | Execution isolation bypass |
| Security infrastructure | Authentication bypass | Unauthorized administrative access |
| Endpoint & management software | SQL injection | Unauthorized code execution |
1. Workflow Automation Platforms. Code Injection
Workflow automation systems continue to present high-impact attack surfaces due to their execution privileges and deep system integration.
Observed vulnerabilities:
n8n – Critical code injection via crafted workflow expressions
CVE-2026-25049 (CVSS 9.4)
An authenticated user with permission to create or modify workflows can abuse crafted expressions in workflow parameters to trigger unintended system command execution on the host running n8n.
Why this matters:
Automation platforms are designed to execute logic with elevated trust. When input handling fails, they become direct paths to system-level execution, often without triggering traditional security controls.
2. Remote Management Interfaces. Token Exposure and One-Click RCE
Misplaced trust in client-supplied parameters continues to enable powerful exploitation chains.
Observed vulnerabilities:
OpenClaw Control UI – Token exfiltration leading to remote code execution
CVE-2026-25253 (CVSS 8.8)
The Control UI trusts the gatewayUrl parameter without validation and automatically connects on load, sending a stored gateway token via WebSocket. A crafted link can leak this token to an attacker-controlled server, enabling configuration changes and privileged actions on the victim’s local gateway.
Why this matters:
Management interfaces are high-trust by design. Token leakage in these contexts enables one-click compromise, bypassing authentication and authorization layers entirely.
3. Web Applications & CMS Plugins. Privilege Escalation
Content management systems remain a frequent target due to their ubiquity and extensibility.
Observed vulnerabilities:
JAY Login & Register (WordPress plugin) – Privilege escalation to administrator
CVE-2025-15027 (CVSS 9.8)
The plugin allows unauthenticated users to update arbitrary user metadata, enabling direct privilege escalation to administrator level.
Why this matters:
Privilege escalation vulnerabilities in CMS plugins often lead to full site compromise, data exposure, and malware deployment, especially in environments with weak plugin governance.
4. Network Devices. OS Command Injection
Network infrastructure remains a high-impact target due to its central role and limited monitoring.
Observed vulnerabilities:
Tenda G300-F router – OS command injection in WAN diagnostics
CVE-2026-25857 (CVSS 8.8)
The WAN diagnostic functionality constructs shell commands using attacker-controlled input without proper neutralization, allowing arbitrary command execution with management-level privileges.
Why this matters:
Compromised network devices provide persistent access, traffic manipulation capabilities, and a foothold for lateral movement that is difficult to detect.
5. AI & Agent Frameworks. Arbitrary File Write
AI orchestration frameworks are increasingly exposed as production infrastructure.
Observed vulnerabilities:
Microsoft Semantic Kernel (.NET SDK) – Arbitrary file write via SessionsPythonPlugin
CVE-2026-25592 (CVSS 9.9)
Prior to version 1.70.0, attackers could write arbitrary files to the host system, enabling further exploitation and persistence.
Why this matters:
AI agent frameworks often run with elevated permissions and broad filesystem access. File write vulnerabilities here can rapidly escalate into full host compromise.
6. JavaScript Sandboxing. Sandbox Escape
Sandboxing continues to be a fragile security boundary when implementation details are flawed.
Observed vulnerabilities:
SandboxJS – Sandbox escape via key coercion mismatch
CVE-2026-25641 (CVSS 10.0)
A mismatch between validation and property access keys allows attackers to bypass sandbox restrictions and execute code outside the intended isolation context.
Why this matters:
Sandbox escapes invalidate core security assumptions. When isolation fails, attackers gain execution capabilities that are often assumed to be impossible.
7. Security Infrastructure. Authentication Bypass
Security tooling itself remains a critical target.
Observed vulnerabilities:
Keylime Registrar – Missing client-side TLS authentication
CVE-2026-1709 (CVSS 9.4)
The registrar does not enforce client TLS authentication, allowing unauthenticated clients to perform administrative operations such as listing agents, retrieving TPM data, or deleting agents.
Why this matters:
Authentication bypass in security infrastructure undermines the integrity of trust and attestation mechanisms across entire environments.
8. Endpoint & Management Software. SQL Injection
Management platforms continue to expose classical injection flaws with severe impact.
Observed vulnerabilities:
Fortinet FortiClientEMS 7.4.4 – SQL injection via crafted HTTP requests
CVE-2026-21643 (CVSS 9.8)
An unauthenticated attacker can execute unauthorized code or commands by exploiting improper SQL input neutralization.
Why this matters:
Management systems aggregate sensitive data and control endpoints at scale. SQL injection vulnerabilities here enable broad compromise with minimal effort.
Key Takeaways
Execution and automation layers remain high-risk targets
Trust in client-supplied input continues to drive compromise
Sandbox and isolation failures have systemic impact
AI and agent frameworks reintroduce familiar vulnerability classes
Security infrastructure itself is increasingly targeted
ThreatScope by DIAMATIX focuses on how vulnerabilities cluster and compound across environments, helping organizations understand where risk actually accumulates, not just where it is reported.
Trusted · Innovative · Vigilant
