CVEs from 2026
Total
13,464
critical
critical 1,177
high
high 4,294
medium
medium 4,166
low
low 442
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-24231 | medium | 6.3 | 6.3 | 1mo ago | NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF protection component, where an attacker could cause a server-side request forgery by supplying a crafted endpoint URL refere… | |||
| CVE-2026-7268 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This impacts the function save_category of the file /admin/ajax.php?action=save_category. Such manipulation of the argum… | |||
| CVE-2026-7267 | medium | 6.3 | 6.3 | 1mo ago | A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects an unknown function of the file /view_prod.php. This manipulation of the argument ID causes sql injection. The attac… | |||
| CVE-2026-7266 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. The impacted element is the function save_order of the file /admin/ajax.php?action=save_order. The manipulation of the arg… | |||
| CVE-2026-7265 | medium | 6.3 | 6.3 | 1mo ago | A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is the function Category of the file pizza/index.php?page=category. The manipulation of… | |||
| CVE-2026-7264 | medium | 6.3 | 6.3 | 1mo ago | A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function get_cart_items of the file /admin/ajax.php?action=get_cart_items. Executing a manipulation of t… | |||
| CVE-2026-7229 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was found in code-projects Coaching Management System 1.0. This affects an unknown function of the file /cims/modules/admin/reply.php of the component POST Handler. Performing a manip… | |||
| CVE-2026-7196 | medium | 6.3 | 6.3 | 1mo ago | A security vulnerability has been detected in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /guestdetails. Such manipulation of the argument deleteid leads to sql inject… | |||
| CVE-2026-7150 | medium | 6.3 | 6.3 | 1mo ago | auto-favicon has a Server-Side Request Forgery issue | |||
| CVE-2026-7148 | medium | 6.3 | 6.3 | 1mo ago | A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Executing a manipulation of the argument fname can lead to sql injection. The attack … | |||
| CVE-2026-7143 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was identified in 1000 Projects Portfolio Management System MCA up to 1.0. This affects an unknown function of the file /admin/block_status.php. The manipulation of the argument q lea… | |||
| CVE-2026-7142 | medium | 6.3 | 6.3 | 1mo ago | Wooey has an Incorrect Privilege Assignment issue | |||
| CVE-2026-7118 | medium | 6.3 | 6.3 | 1mo ago | A security vulnerability has been detected in code-projects Employee Management System 1.0. The affected element is an unknown function of the file 370project/cancel.php. The manipulation of the argu… | |||
| CVE-2026-7117 | medium | 6.3 | 6.3 | 1mo ago | A weakness has been identified in code-projects Employee Management System 1.0. Impacted is an unknown function of the file 370project/approve.php. Executing a manipulation of the argument id/token c… | |||
| CVE-2026-7115 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads t… | |||
| CVE-2026-7114 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection… | |||
| CVE-2026-7107 | medium | 6.3 | 6.3 | 1mo ago | A weakness has been identified in code-projects Invoice System in Laravel 1.0. The impacted element is an unknown function of the file /company. This manipulation of the argument logo causes unrestri… | |||
| CVE-2026-7093 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was found in code-projects Invoice System in Laravel 1.0. Affected by this vulnerability is an unknown functionality of the file /invoice/ of the component Invoice Endpoint. Performin… | |||
| CVE-2026-7092 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /profile/ of the component Profile Handler. Such manipulation of the argumen… | |||
| CVE-2026-7091 | medium | 6.3 | 6.3 | 1mo ago | A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the component User Management Handler. This manipulation causes improper au… | |||
| CVE-2026-7084 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was found in HBAI-Ltd Toonflow-app up to 1.1.1. This affects the function fetch of the file src/routes/setting/vendorConfig/getCodeByLink.ts of the component getCodeByLink Endpoint. T… | |||
| CVE-2026-7044 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can … | |||
| CVE-2026-7043 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability has been found in GreenCMS up to 2.3. This impacts the function pluginAddLocal of the file /index.php?m=admin&c=custom&a=pluginadd. The manipulation leads to unrestricted upload. The … | |||
| CVE-2026-6991 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was determined in colinhacks Zod up to 4.3.6. The impacted element is an unknown function of the file packages/zod/src/v4/core/regexes.ts of the component CUID Data Type Handler. Exec… | |||
| CVE-2026-6981 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was found in IhateCreatingUserNames2 AiraHub2 up to 3e4b77fd7d48ed811ffe5b8d222068c17c76495e. Affected is the function connect_stream_endpoint/sync_agents of the file AiraHub.py of th… | |||
| CVE-2026-6979 | medium | 6.3 | 6.3 | 1mo ago | A flaw has been found in devlikeapro WAHA up to 2026.3.4. This affects an unknown function of the file src/api/media.controller.ts of the component API Request Handler. This manipulation causes serve… | |||
| CVE-2026-35374 | medium | 6.3 | 6.3 | 1mo ago | A Time-of-Check to Time-of-Use (TOCTOU) vulnerability exists in the split utility of uutils coreutils. The program attempts to prevent data loss by checking for identity between input and output file… | |||
| CVE-2026-6799 | medium | 6.3 | 6.3 | 1mo ago | A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this issue is some unknown functionality of the file /cgi-bin/mbox-config?method=SET§ion=ping_config of the component E… | |||
| CVE-2026-6744 | medium | 6.3 | 6.3 | 1mo ago | Bagisto affected by Server-Side Request Forgery | |||
| CVE-2026-31370 | medium | 6.3 | 6.3 | 1mo ago | Honor E APP is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2026-6649 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was determined in Qibo CMS 1.0. Affected by this issue is some unknown functionality of the file /index/image/headers. Executing a manipulation of the argument starts can lead to serv… | |||
| CVE-2026-6634 | medium | 6.3 | 6.3 | 1mo ago | Memos has an Incorrect Privilege Assignment issue | |||
| CVE-2026-6628 | medium | 6.3 | 6.3 | 1mo ago | A flaw has been found in phili67 Ecclesia CRM up to 8.0.0. This affects the function ValidateInput of the file /v2/query/view/ of the component Query Viewer Component. This manipulation of the argume… | |||
| CVE-2026-6626 | medium | 6.3 | 6.3 | 1mo ago | Cockpit has NoSQL Injection Through Content Aggregation Pipelines | |||
| CVE-2026-6620 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was found in SonicCloudOrg sonic-server up to 2.0.0. The affected element is the function Upload of the file FileTool.java of the component File Upload Endpoint. The manipulation of t… | |||
| CVE-2026-6618 | medium | 6.3 | 6.3 | 1mo ago | A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse_openai_plugin_json_to_tool_bundle of the file api/core/tools/utils/parser.py of the component ApiBasedTool… | |||
| CVE-2026-6617 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function get_api_tool_provider_remote_schema of the file api/services/tools/api_tools_manage_service.py of … | |||
| CVE-2026-6616 | medium | 6.3 | 6.3 | 1mo ago | A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract_with_bs4/extract_with_3k/extract_with_lxml of the file superagi/helper/webpag… | |||
| CVE-2026-6614 | medium | 6.3 | 6.3 | 1mo ago | A security flaw has been discovered in TransformerOptimus SuperAGI up to 0.0.14. Affected by this vulnerability is the function get_project/update_project/get_projects_organisation of the file supera… | |||
| CVE-2026-6613 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Affected is the function delete_agent/stop_schedule/get_schedule_data of the file superagi/controllers/agent.py. The manipu… | |||
| CVE-2026-6612 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was determined in TransformerOptimus SuperAGI up to 0.0.14. This impacts the function get_agent_execution/update_agent_execution of the file superagi/controllers/agent_execution.py of… | |||
| CVE-2026-6609 | medium | 6.3 | 6.3 | 1mo ago | A flaw has been found in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function form_valid of the file oauth/views.py. This manipulation of the argument oauthid causes improper a… | |||
| CVE-2026-6599 | medium | 6.3 | 6.3 | 1mo ago | Langflow vulnerable to injection | |||
| CVE-2026-6587 | medium | 6.3 | 6.3 | 1mo ago | RAGAS has SSRF via Multi-Modal Faithfulness Collections Module | |||
| CVE-2026-6586 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was identified in TransformerOptimus SuperAGI up to 0.0.14. Impacted is the function get_budget/update_budget of the file superagi/controllers/budget.py of the component Budget Endpoi… | |||
| CVE-2026-6576 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Int… | |||
| CVE-2026-6573 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of t… | |||
| CVE-2026-6571 | medium | 6.3 | 6.3 | 1mo ago | A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGroupAction of the file /app/controller/systemRole.class.php. Executing a manipul… | |||
| CVE-2026-6497 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was determined in prasathmani TinyFileManager up to 2.6. Affected by this vulnerability is an unknown functionality of the file /filemanager.php?p= ajax=true&type=upload of the compon… | |||
| CVE-2026-6489 | medium | 6.3 | 6.3 | 1mo ago | A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Backg… | |||
| CVE-2026-6488 | medium | 6.3 | 6.3 | 1mo ago | A vulnerability was identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This vulnerability affects unknown code of the file admin/editcourse.php of the component GET Request P… | |||
| CVE-2026-6215 | medium | 6.3 | 6.3 | 2mo ago | A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServerUrl1 of the file packages/rest/src/openApiDriver.ts of the component REST/GraphQL. This manipulatio… | |||
| CVE-2026-6202 | medium | 6.3 | 6.3 | 2mo ago | A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown function of the file post.php. Performing a manipulation of the argument tags results in sql injection… | |||
| CVE-2026-6191 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /equipments.php. Executing a manipulation of the argument Name can lead… | |||
| CVE-2026-6190 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /employees.php. Performing a manipulation of the argument Name re… | |||
| CVE-2026-6143 | medium | 6.3 | 6.3 | 2mo ago | A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is some unknown functionality of the file src-tauri/src/proxy/server.rs of the component ProxyServer. … | |||
| CVE-2026-6141 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parse_url.ts. Executing a manipulation can lea… | |||
| CVE-2026-6125 | medium | 6.3 | 6.3 | 2mo ago | Warm-Flow has a SpEL Expression Injection in SpelHelper.parseExpression | |||
| CVE-2026-6119 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get of the component API Endpoint. Such manipulation leads to server-side request fo… | |||
| CVE-2026-6118 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function add_mcp_server of the file astrbot/dashboard/routes/tools.py of the component MCP Endpoint. This manipulat… | |||
| CVE-2026-6117 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of the file astrbot/dashboard/routes/plugin.py of the component install-upload End… | |||
| CVE-2026-6108 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py of the component Mod… | |||
| CVE-2026-40354 | medium | 6.3 | 6.3 | 2mo ago | Flatpak xdg-desktop-portal before 1.20.4 and 1.21.x before 1.21.1 allows any Flatpak app to trash any file in the host context via a symlink attack on g_file_trash. | |||
| CVE-2026-6033 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /updatedetailsfromstudent.php?eno=146891650. Executing a manipulation of the argument fna… | |||
| CVE-2026-6030 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /del1.php. This manipulation of the argument toolname causes sql inje… | |||
| CVE-2026-6010 | medium | 6.3 | 6.3 | 2mo ago | A security flaw has been discovered in CodeAstro Online Classroom 1.0/2.php. Affected by this vulnerability is an unknown functionality of the file /OnlineClassroom/takeassessment2.php?exid=14. Perfo… | |||
| CVE-2026-6007 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /del.php. The manipulation of the argument equipname results in sql injectio… | |||
| CVE-2026-6006 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in code-projects Patient Record Management System 1.0. The impacted element is an unknown function of the file /edit_hpatient.php. The manipulation of the argument ID l… | |||
| CVE-2026-6005 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in code-projects Patient Record Management System 1.0. The affected element is an unknown function of the file /hematology_print.php. Executing a manipulation of the argument he… | |||
| CVE-2026-5999 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in JeecgBoot up to 3.9.1. This impacts an unknown function of the component SysAnnouncementController. Such manipulation leads to improper authorization. The attack can… | |||
| CVE-2026-5823 | medium | 6.3 | 6.3 | 2mo ago | A weakness has been identified in itsourcecode Construction Management System 1.0. Affected by this issue is some unknown functionality of the file /borrowed_tool_report.php. This manipulation of the… | |||
| CVE-2026-5803 | medium | 6.3 | 6.3 | 2mo ago | A security flaw has been discovered in bigsk1 openai-realtime-ui up to 188ccde27fdf3d8fab8da81f3893468f53b2797c. The affected element is an unknown function of the file server.js of the component API… | |||
| CVE-2026-5719 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown function of the file /borrowedtool.php. Executing a manipulation of the argument code can lead to sql… | |||
| CVE-2026-5681 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in itsourcecode sanitize or validate this input 1.0. This impacts an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the… | |||
| CVE-2026-5675 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowed_tool.php of the component Parameter Handler. The manipulation of the a… | |||
| CVE-2026-5670 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This issue affects the function move_uploaded_file of the file /AssignmentSection/subm… | |||
| CVE-2026-5660 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in itsourcecode Construction Management System 1.0. The impacted element is an unknown function of the file /borrowed_equip.php of the component Parameter Handler. This… | |||
| CVE-2026-5659 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in pytries datrie up to 0.8.3. The affected element is the function Trie.load/Trie.read/Trie.__setstate__ of the file src/datrie.pyx of the component trie File Handler. The … | |||
| CVE-2026-5649 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in code-projects Online Application System for Admission 1.0. This issue affects some unknown processing of the file /enrollment/admsnform.php of the component Endpoint… | |||
| CVE-2026-5641 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /admin/update-image1.php of the component Parameter Handler. The ma… | |||
| CVE-2026-5640 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /admin/update-image2.php of the component Parameter Handler. T… | |||
| CVE-2026-5639 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in PHPGurukul Online Shopping Portal Project 2.1. Impacted is an unknown function of the file /admin/update-image3.php of the component Parameter Handler. Executing a manipulati… | |||
| CVE-2026-5636 | medium | 6.3 | 6.3 | 2mo ago | A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /cancelorder.php of the component Parameter Handler. This manipulation of the… | |||
| CVE-2026-5635 | medium | 6.3 | 6.3 | 2mo ago | A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. Affected by this issue is some unknown functionality of the file /categorywise-products.php of the component Para… | |||
| CVE-2026-5623 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in hcengineering Huly Platform 0.7.382. This affects an unknown part of the file server/front/src/index.ts of the component Import Endpoint. Such manipulation leads to … | |||
| CVE-2026-5620 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in itsourcecode Construction Management System 1.0. Affected is an unknown function of the file /borrowed_equip_report.php of the component Parameter Handler. The manip… | |||
| CVE-2026-5607 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handle… | |||
| CVE-2026-5597 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument … | |||
| CVE-2026-5596 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was detected in griptape-ai griptape 0.19.4. Affected by this issue is some unknown functionality of the file griptape/tools/sql/tool.py of the component SqlTool. Performing a manipul… | |||
| CVE-2026-5595 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in griptape-ai griptape 0.19.4. Affected by this vulnerability is the function load_files_from_disk/list_files_from_disk/save_content_to_file/save_memory_ar… | |||
| CVE-2026-5594 | medium | 6.3 | 6.3 | 2mo ago | A weakness has been identified in premAI-io premsql up to 0.2.1. Affected is the function eval of the file premsql/agents/baseline/workers/followup.py. This manipulation of the argument result causes… | |||
| CVE-2026-5587 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in wbbeyourself MAC-SQL up to 31a9df5e0d520be4769be57a4b9022e5e34a14f4. This affects the function _execute_sql of the file core/agents.py of the component Refiner Agent… | |||
| CVE-2026-5586 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in zhongyu09 openchatbi up to 0.2.1. The impacted element is an unknown function of the component Multi-stage Text2SQL Workflow. Executing a manipulation of the argumen… | |||
| CVE-2026-5583 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in PHPGurukul Online Shopping Portal Project 2.1. This affects an unknown part of the file /my-profile.php of the component Parameter Handler. The manipulat… | |||
| CVE-2026-5580 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/addvideos.php of the component Parameter Handler. The manipulation of th… | |||
| CVE-2026-5579 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in CodeAstro Online Classroom 1.0. This issue affects some unknown processing of the file /OnlineClassroom/updatedetailsfromfaculty.php?myfid=108 of the component Param… | |||
| CVE-2026-5578 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /OnlineClassroom/addassessment.php of the component Parameter Handler. Performing a ma… | |||
| CVE-2026-5559 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function _is_safe_ast of the file sandbox.py of the component AST Validation. Such manipu… | |||
| CVE-2026-5563 | medium | 6.3 | 6.3 | 2mo ago | A security flaw has been discovered in AutohomeCorp frostmourne up to 1.0. Affected is the function httpTest of the file /api/monitor-api/alarm/previewData of the component Alarm Preview. The manipul… | |||
| CVE-2026-5561 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in Campcodes Complete POS Management and Inventory System up to 4.0.6. This affects an unknown function of the file app/Http/Controllers/SettingsController.php of the c… |