CVEs from 2026
Total
13,464
critical
critical 1,177
high
high 4,294
medium
medium 4,166
low
low 442
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 417
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-5560 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing … | |||
| CVE-2026-5558 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manip… | |||
| CVE-2026-5557 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation res… | |||
| CVE-2026-5556 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/lo… | |||
| CVE-2026-5553 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler… | |||
| CVE-2026-5552 | medium | 6.3 | 6.3 | 2mo ago | A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This mani… | |||
| CVE-2026-5546 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function add_lesson of the file /application/models/Crud_model.php. This manipulation causes unrest… | |||
| CVE-2026-5543 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The mani… | |||
| CVE-2026-5537 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerability is the function check_sel of the file Apps/Index/Controller/IndexController.class.php of the … | |||
| CVE-2026-5532 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in ScrapeGraphAI scrapegraph-ai up to 1.74.0. The affected element is the function create_sandbox_and_execute of the file scrapegraphai/nodes/generate_code_node.py of the co… | |||
| CVE-2026-5528 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in MoussaabBadla code-screenshot-mcp up to 0.1.0. This affects an unknown part of the component HTTP Interface. Such manipulation leads to os command inject… | |||
| CVE-2026-5472 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. The affected element is an unknown function of the file /admin_panel/settings.php… | |||
| CVE-2026-5470 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in mixelpixx Google-Research-MCP 1e062d7bd887bfe5f6e582b6cc288bb897b35cf2/ca613b736ab787bc926932f59cddc69457185a83. This issue affects the function extractC… | |||
| CVE-2026-5344 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in Textpattern up to 4.9.1. Affected by this vulnerability is the function mt_uploadImage of the file rpc/TXP_RPCServer.php of the component XML-RPC Handler… | |||
| CVE-2026-5328 | medium | 6.3 | 6.3 | 2mo ago | A weakness has been identified in shsuishang modulithshop up to 829bac71f507e84684c782b9b062b8bf3b5585d6. The impacted element is the function listItem of the file src/main/java/com/suisung/shopsuite… | |||
| CVE-2026-5327 | medium | 6.3 | 6.3 | 2mo ago | fast-filesystem-mcp is vulnerable to command injection through handleGetDiskUsage function | |||
| CVE-2026-1879 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was detected in Harvard University IQSS Dataverse up to 6.8. This affects an unknown function of the file /ThemeAndWidgets.xhtml of the component Theme Customization. Performing a man… | |||
| CVE-2026-5259 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the file frostmourne-monitor/src/main/java/com/autohome/frostmourne/monitor/contro… | |||
| CVE-2026-5251 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in z-9527 admin 1.0/2.0. This impacts an unknown function of the file /server/routes/user.js of the component User Update Endpoint. Such manipulation of the argument is… | |||
| CVE-2026-5248 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in gougucms 4.08.18. This affects the function reg_submit of the file gougucms-master\app\home\controller\Login.php of the component User Registration Handler. Such man… | |||
| CVE-2026-5206 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in code-projects Simple Gym Management System 1.0. This vulnerability affects unknown code of the component Payment Handler. The manipulation of the argumen… | |||
| CVE-2026-5205 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the function Webhooks::Trigger in the library lib/webhooks/trigger.rb of the component Webhook API. Such man… | |||
| CVE-2026-5197 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in code-projects Student Membership System 1.0. The affected element is an unknown function of the file /delete_user.php. The manipulation of the argument ID results in sql … | |||
| CVE-2026-5196 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in code-projects Student Membership System 1.0. Impacted is an unknown function of the file /delete_member.php. The manipulation of the argument ID leads to sql injecti… | |||
| CVE-2026-5181 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in SourceCodester Simple Doctors Appointment System up to 1.0. This issue affects some unknown processing of the file /doctors_appointment/admin/ajax.php?action=save_ca… | |||
| CVE-2026-5126 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function file_get_contents. This manipulation causes server-side request forgery. The attack is possible to … | |||
| CVE-2026-5011 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argum… | |||
| CVE-2026-4999 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in z-9527 admin up to 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2. This issue affects the function uploadFile of the file /server/utils/upload.js of the compon… | |||
| CVE-2026-4970 | medium | 6.3 | 6.3 | 2mo ago | A security flaw has been discovered in code-projects Social Networking Site 1.0. This affects an unknown function of the file delete_photos.php of the component Endpoint. The manipulation of the argu… | |||
| CVE-2026-4966 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in itsourcecode Free Hotel Reservation System 1.0. Impacted is an unknown function of the file /admin/mod_room/index.php?view=edit. Executing a manipulation of the argument ID c… | |||
| CVE-2026-4980 | medium | 6.3 | 6.3 | 2mo ago | A local file disclosure vulnerability in the XInclude processing component of Inkscape 1.1 before 1.3 allows a remote attacker to read local files via a crafted SVG file containing malicious xi:inclu… | |||
| CVE-2026-4954 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in mingSoft MCMS up to 5.5.0. Impacted is the function list of the file net/mingsoft/cms/action/web/ContentAction.java of the component Web Content List End… | |||
| CVE-2026-4907 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in Page-Replica Page Replica up to e4a7f52e75093ee318b4d5a9a9db6751050d2ad0. The impacted element is the function sitemap.fetch of the file /sitemap of the component En… | |||
| CVE-2026-4876 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in itsourcecode Free Hotel Reservation System 1.0. The impacted element is an unknown function of the file /admin/mod_amenities/index.php?view=editpic. Such manipulatio… | |||
| CVE-2026-4836 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was detected in code-projects Accounting System 1.0. The affected element is an unknown function of the file /my_account/delete.php. Performing a manipulation of the argument cos_id r… | |||
| CVE-2026-4783 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/add-single-student-results.php of the component Parameter … | |||
| CVE-2026-4614 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in itsourcecode sanitize or validate this input 1.0. This issue affects some unknown processing of the file /admin/subjects.php of the component Parameter Handler. This… | |||
| CVE-2026-4597 | medium | 6.3 | 6.3 | 2mo ago | A security flaw has been discovered in 648540858 wvp-GB28181-pro up to 2.7.4. Impacted is the function selectAll of the file src/main/java/com/genersoft/iot/vmp/streamProxy/dao/provider/StreamProxyPr… | |||
| CVE-2026-4593 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in erupts erupt bis 1.13.3. Affected by this vulnerability is the function EruptDataQuery of the file erupt-ai/src/main/java/xyz/erupt/ai/call/impl/EruptDataQuery.java of the co… | |||
| CVE-2026-4589 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in kalcaddle kodbox 1.64. The affected element is the function PathDriverUrl of the file /workspace/source-code/app/controller/explorer/editor.class.php of the componen… | |||
| CVE-2026-4586 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in CodePhiliaX Chat2DB up to 0.3.7. This affects the function Upload of the file chat2db-server/chat2db-server-web/chat2db-server-web-api/src/main/java/ai/chat2db/server/web… | |||
| CVE-2026-4574 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was detected in SourceCodester Simple E-learning System 1.0. This vulnerability affects unknown code of the component User Profile Update Handler. The manipulation of the argument fir… | |||
| CVE-2026-4573 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in SourceCodester Simple E-learning System 1.0. This affects an unknown part of the file /includes/form_handlers/delete_post.php of the component HTTP GET P… | |||
| CVE-2026-4543 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function of the file /cgi-bin/firewall.cgi of the component POST Request Handler. Performing a manipulation … | |||
| CVE-2026-4516 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in Foundation Agents MetaGPT up to 0.8.1. This vulnerability affects unknown code of the file metagpt/actions/di/write_analysis_code.py of the component DataInterpreter. The… | |||
| CVE-2026-4515 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in Foundation Agents MetaGPT up to 0.8.1. This affects the function code_generate of the file metagpt/ext/aflow/scripts/operator.py. The manipulation leads to code inje… | |||
| CVE-2026-4514 | medium | 6.3 | 6.3 | 2mo ago | A flaw has been found in PbootCMS up to 3.2.12. Affected by this issue is some unknown functionality of the file apps/admin/controller/system/UserController.php of the component Backend. Executing a … | |||
| CVE-2026-4513 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was detected in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function ask of the file vanna\legacy\base\base.py. Performing a manipulation results in sql injectio… | |||
| CVE-2026-4511 | medium | 6.3 | 6.3 | 2mo ago | A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. Affected is the function exec of the file /src/vanna/legacy. Such manipulation leads to injection. The attack can be executed… | |||
| CVE-2026-4509 | medium | 6.3 | 6.3 | 2mo ago | A security flaw has been discovered in PbootCMS up to 3.2.12. This affects an unknown function of the file core/function/file.php of the component File Upload. The manipulation of the argument black … | |||
| CVE-2026-4507 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was determined in Mindinventory MindSQL up to 0.2.1. The affected element is the function ask_db of the file mindsql/core/mindsql_core.py. Executing a manipulation can lead to sql inj… | |||
| CVE-2026-4506 | medium | 6.3 | 6.3 | 2mo ago | MindSQL is vulnerable to Code Injection through its ask_db function | |||
| CVE-2026-4505 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in eosphoros-ai DB-GPT up to 0.7.5. This issue affects the function module_plugin.refresh_plugins of the file packages/dbgpt-serve/src/dbgpt_serve/agent/hub/controller.… | |||
| CVE-2026-4500 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was identified in bagofwords1 bagofwords up to 0.0.297. This impacts the function generate_df of the file backend/app/ai/code_execution/code_execution.py. Such manipulation leads to i… | |||
| CVE-2026-4485 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability has been found in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/search_student.php. The manipulation of the argument Searc… | |||
| CVE-2026-4476 | medium | 6.3 | 6.3 | 2mo ago | A vulnerability was found in Yi Technology YI Home Camera 2 2.1.1_20171024151200. The impacted element is an unknown function of the file home/web/ipc of the component CGI Endpoint. Performing a mani… | |||
| CVE-2026-4308 | medium | 6.3 | 6.3 | 3mo ago | A weakness has been identified in frdel/agent0ai agent-zero 0.9.7. This affects the function handle_pdf_document of the file python/helpers/document_query.py. This manipulation causes server-side req… | |||
| CVE-2026-4241 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was identified in itsourcecode College Management System 1.0. The impacted element is an unknown function of the file /admin/time-table.php. Such manipulation of the argument course_c… | |||
| CVE-2026-4234 | medium | 6.3 | 6.3 | 3mo ago | A security flaw has been discovered in SSCMS 7.4.0. This vulnerability affects unknown code of the file SitesAddController.Submit.cs of the component DDL Handler. The manipulation of the argument tab… | |||
| CVE-2026-4230 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability has been found in vanna-ai vanna up to 2.0.2. Affected is the function update_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Such manipulation leads to … | |||
| CVE-2026-4215 | medium | 6.3 | 6.3 | 3mo ago | A security flaw has been discovered in FlowCI flow-core-x up to 1.23.01. The impacted element is the function Save of the file core/src/main/java/com/flowci/core/config/service/ConfigServiceImpl.java… | |||
| CVE-2026-4192 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability has been found in AvinashBole quip-mcp-server 1.0.0. Affected by this vulnerability is the function setupToolHandlers of the file src/index.ts. Such manipulation leads to command inje… | |||
| CVE-2026-4185 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was found in GPAC up to 2.5-DEV-rev2167-gcc9d617c0-master. This vulnerability affects the function swf_def_bits_jpeg of the file src/scene_manager/swf_parse.c of the component MP4Box.… | |||
| CVE-2026-4173 | medium | 6.3 | 6.3 | 3mo ago | A flaw has been found in CodePhiliaX Chat2DB up to 0.3.7. This vulnerability affects the function exportTable/exportTableColumnComment/exportView/exportProcedure/exportTriggers/exportTrigger/updatePr… | |||
| CVE-2026-4171 | medium | 6.3 | 6.3 | 3mo ago | A security vulnerability has been detected in CodeGenieApp serverless-express up to 4.17.1. Affected by this issue is some unknown functionality of the file examples/lambda-function-url/packages/api/… | |||
| CVE-2026-3992 | medium | 6.3 | 6.3 | 3mo ago | A weakness has been identified in CodeGenieApp serverless-express up to 4.17.1. This affects an unknown part of the file utils/dynamodb.ts of the component Users Endpoint. This manipulation of the ar… | |||
| CVE-2026-3968 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability has been found in AutohomeCorp frostmourne up to 1.0. This affects the function scriptEngine.eval of the file ExpressionRule.java of the component Oracle Nashorn JavaScript Engine. Su… | |||
| CVE-2026-3967 | medium | 6.3 | 6.3 | 3mo ago | A flaw has been found in Alfresco Activiti up to 7.19/8.8.0. Affected by this issue is the function deserialize/createObjectInputStream of the file activiti-core/activiti-engine/src/main/java/org/act… | |||
| CVE-2026-3966 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was detected in 648540858 wvp-GB28181-pro up to 2.7.4-20260107. Affected by this vulnerability is the function getDownloadFilePath of the file /src/main/java/com/genersoft/iot/vmp/med… | |||
| CVE-2026-3965 | medium | 6.3 | 6.3 | 3mo ago | @whyour/qinglong: manipulation of the argument command leads to protection mechanism failure | |||
| CVE-2026-3961 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was determined in zyddnys manga-image-translator up to beta-0.3. The affected element is the function to_pil_image of the file manga-image-translator-main/server/request_extraction.py… | |||
| CVE-2026-3958 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability has been found in Woahai321 ListSync up to 0.6.6. This issue affects the function requests.post of the file list-sync-main/api_server.py of the component JSON Handler. The manipulatio… | |||
| CVE-2026-3955 | medium | 6.3 | 6.3 | 3mo ago | A security vulnerability has been detected in elecV2P up to 3.8.3. Affected by this issue is the function runJSFile of the file source-code/elecV2P-master/webser/wbjs.js of the component jsfile Endpo… | |||
| CVE-2026-3739 | medium | 6.3 | 6.3 | 3mo ago | A security flaw has been discovered in suitenumerique messages 0.2.0. This issue affects the function ThreadAccessSerializer of the file src/backend/core/api/serializers.py of the component ThreadAcc… | |||
| CVE-2026-3738 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was identified in SourceCodester Pet Grooming Management Software 1.0. This vulnerability affects unknown code of the component Financial Report Page. The manipulation leads to improp… | |||
| CVE-2026-3737 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was determined in SourceCodester Pet Grooming Management Software 1.0. This affects an unknown part of the file add_user.php of the component User Creation Handler. Executing a manipu… | |||
| CVE-2026-3733 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was detected in xuxueli xxl-job up to 3.3.2. This impacts an unknown function of the file source-code/src/main/java/com/xxl/job/admin/controller/JobInfoController.java. The manipulati… | |||
| CVE-2026-3697 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was determined in Planet ICG-2510 1.0_20250811. The impacted element is the function sub_40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Ex… | |||
| CVE-2026-3683 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was detected in bufanyun HotGo up to 2.0. This issue affects the function ImageTransferStorage of the file /server/internal/logic/common/upload.go of the component Endpoint. The manip… | |||
| CVE-2026-3682 | medium | 6.3 | 6.3 | 3mo ago | A security vulnerability has been detected in welovemedia FFmate up to 2.0.15. This vulnerability affects the function Execute of the file /internal/service/ffmpeg/ffmpeg.go. The manipulation leads t… | |||
| CVE-2026-3681 | medium | 6.3 | 6.3 | 3mo ago | A weakness has been identified in welovemedia FFmate up to 2.0.15. This affects the function fireWebhook of the file /internal/service/webhook/webhook.go. Executing a manipulation can lead to server-… | |||
| CVE-2026-3680 | medium | 6.3 | 6.3 | 3mo ago | A security flaw has been discovered in RyuzakiShinji biome-mcp-server up to 1.0.0. Affected by this issue is some unknown functionality of the file biome-mcp-server.ts. Performing a manipulation resu… | |||
| CVE-2026-3672 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability has been found in JeecgBoot up to 3.9.1. Affected is the function isExistSqlInjectKeyword of the file /jeecg-boot/sys/api/getDictItems. Such manipulation leads to sql injection. The a… | |||
| CVE-2026-3616 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was detected in DefaultFuction Jeson Customer Relationship Management System 1.0.0. Impacted is an unknown function of the file /modules/customers/edit.php. Performing a manipulation … | |||
| CVE-2026-28230 | medium | 6.3 | 6.3 | 3mo ago | SteVe is an open-source EV charging station management system. In versions up to and including 3.11.0, when a charger sends a StopTransaction message, SteVe looks up the transaction solely by transac… | |||
| CVE-2026-3209 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability has been found in fosrl Pangolin up to 1.15.4-s.3. This affects the function verifyRoleAccess/verifyApiKeyRoleAccess of the component Role Handler. The manipulation leads to improper … | |||
| CVE-2026-2985 | medium | 6.3 | 6.3 | 3mo ago | A security flaw has been discovered in Tiandy Video Surveillance System 视频监控平台 7.17.0. This impacts the function downloadImage of the file /com/tiandy/easy7/core/bo/CLSBODownLoad.java. Performing a m… | |||
| CVE-2026-2963 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was determined in Jinher OA C6 up to 20260210. This issue affects some unknown processing of the file /C6/Jhsoft.Web.officesupply/OfficeSupplyTypeRight.aspx. This manipulation of the … | |||
| CVE-2026-2860 | medium | 6.3 | 6.3 | 3mo ago | A security vulnerability has been detected in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeControl… | |||
| CVE-2026-2852 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse… | |||
| CVE-2026-2849 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file dataset\repo… | |||
| CVE-2026-2819 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was identified in Dromara RuoYi-Vue-Plus up to 5.5.3. This vulnerability affects the function SaServletFilter of the file /workflow/instance/deleteByInstanceIds of the component Workf… | |||
| CVE-2026-2676 | medium | 6.3 | 6.3 | 3mo ago | A weakness has been identified in GoogTech sms-ssm up to e8534c766fd13f5f94c01dab475d75f286918a8d. Affected by this issue is the function preHandle of the file LoginInterceptor.java of the component … | |||
| CVE-2026-2665 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability was detected in huanzi-qch base-admin up to 57a8126bb3353a004f3c7722089e3b926ea83596. Impacted is the function Upload of the file SysFileController.java of the component JSP Parser. P… | |||
| CVE-2026-2663 | medium | 6.3 | 6.3 | 3mo ago | A security vulnerability has been detected in Alixhan xh-admin-backend up to 1.7.0. This issue affects some unknown processing of the file /frontend-api/system-service/api/system/role/query of the co… | |||
| CVE-2026-2560 | medium | 6.3 | 6.3 | 3mo ago | A vulnerability has been found in kalcaddle kodbox up to 1.64.05. The impacted element is the function run of the file plugins/fileThumb/lib/VideoResize.class.php of the component Media File Preview … | |||
| CVE-2026-2558 | medium | 6.3 | 6.3 | 3mo ago | A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/net_handler.go. This manipulation of the argument url causes server-side request for… | |||
| CVE-2026-2556 | medium | 6.3 | 6.3 | 3mo ago | A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoi… | |||
| CVE-2026-2553 | medium | 6.3 | 6.3 | 3mo ago | A security flaw has been discovered in tushar-2223 Hotel-Management-System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. This affects an unknown part of the file /home.php of the component HTTP POS… | |||
| CVE-2026-2548 | medium | 6.3 | 6.3 | 4mo ago | A flaw has been found in WAYOS FBM-220G 24.10.19. This affects the function sub_40F820 of the file rc. Executing a manipulation of the argument upnp_waniface/upnp_ssdp_interval/upnp_max_age can lead … |