CVEs from 2026
Total
13,572
critical
critical 1,186
high
high 4,342
medium
medium 4,229
low
low 459
% Critical
8.7%
% with KEV
0.4%
% with exploit
0.8%
Top products
- chrome 434
- firepower_threat_defense 298
- firepower_threat_defense_software 295
- gcp 229
- openclaw 166
- commerce 104
- commerce_b2b 89
- magento 74
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-7212 | high | 7.3 | 7.3 | 1mo ago | notes-mcp has a Path Traversal issue | |||
| CVE-2026-7211 | high | 7.3 | 7.3 | 1mo ago | A weakness has been identified in dvladimirov MCP up to 0.1.0. The impacted element is the function GitSearchRequest of the file mcp_server.py of the component Git Search API. Executing a manipulatio… | |||
| CVE-2026-7205 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was identified in duartium papers-mcp-server 9ceb3812a6458ba7922ca24a7406f8807bc55598. Impacted is the function search_papers of the file src/main.py. Such manipulation of the argumen… | |||
| CVE-2026-7199 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_product. Perform… | |||
| CVE-2026-7194 | high | 7.3 | 7.3 | 1mo ago | A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=save_product. This manipulation of the argument… | |||
| CVE-2026-7178 | high | 7.3 | 7.3 | 1mo ago | A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulatio… | |||
| CVE-2026-7177 | high | 7.3 | 7.3 | 1mo ago | A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/[provider]/[...path]/route.ts. The manipulation re… | |||
| CVE-2026-7159 | high | 7.3 | 7.3 | 1mo ago | mkdocs-mcp-plugin has a Path Traversal issue | |||
| CVE-2026-7158 | high | 7.3 | 7.3 | 1mo ago | mcp-url-downloader has a Server-Side Request Forgery issue | |||
| CVE-2026-7157 | high | 7.3 | 7.3 | 1mo ago | A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of the file src/aider_mcp_server/server.py … | |||
| CVE-2026-7149 | high | 7.3 | 7.3 | 1mo ago | kaggle-mcp has a Path Traversal issue | |||
| CVE-2026-7147 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performi… | |||
| CVE-2026-7146 | high | 7.3 | 7.3 | 1mo ago | A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/ser… | |||
| CVE-2026-7131 | high | 7.3 | 7.3 | 1mo ago | A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email… | |||
| CVE-2026-7130 | high | 7.3 | 7.3 | 1mo ago | A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete_category. Executing a manipulation of … | |||
| CVE-2026-7128 | high | 7.3 | 7.3 | 1mo ago | A security vulnerability has been detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=save_type. Such manipulat… | |||
| CVE-2026-7127 | high | 7.3 | 7.3 | 1mo ago | A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_receiving. This manipulation of t… | |||
| CVE-2026-7126 | high | 7.3 | 7.3 | 1mo ago | A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_category. The manipulation of the argumen… | |||
| CVE-2026-7094 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was determined in ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78. Affected by this issue is some unknown functionality of the file src/puppeteer/in… | |||
| CVE-2026-7088 | high | 7.3 | 7.3 | 1mo ago | A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipula… | |||
| CVE-2026-7087 | high | 7.3 | 7.3 | 1mo ago | A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a manipulation of th… | |||
| CVE-2026-7077 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit_parcel.php. The manipulation of the argument ID leads to sq… | |||
| CVE-2026-7076 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /edit_branch.php. Executing a manipulation of the argument ID can lead to sql… | |||
| CVE-2026-7075 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the argument address … | |||
| CVE-2026-7074 | high | 7.3 | 7.3 | 1mo ago | A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to s… | |||
| CVE-2026-7073 | high | 7.3 | 7.3 | 1mo ago | A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument code causes sql injection. The attac… | |||
| CVE-2026-7072 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was detected in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Usern… | |||
| CVE-2026-7070 | high | 7.3 | 7.3 | 1mo ago | A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to … | |||
| CVE-2026-7067 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argumen… | |||
| CVE-2026-7066 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function exec_openstack of the file server.py. The manipulati… | |||
| CVE-2026-7065 | high | 7.3 | 7.3 | 1mo ago | A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the comp… | |||
| CVE-2026-7064 | high | 7.3 | 7.3 | 1mo ago | A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead… | |||
| CVE-2026-7063 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performin… | |||
| CVE-2026-7062 | high | 7.3 | 7.3 | 1mo ago | A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation le… | |||
| CVE-2026-7061 | high | 7.3 | 7.3 | 1mo ago | A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. … | |||
| CVE-2026-7060 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupictu… | |||
| CVE-2026-7058 | high | 7.3 | 7.3 | 1mo ago | A vulnerability has been found in 666ghj MiroFish up to 0.1.2. The impacted element is the function SimulationIPCClient.send_command of the file backend/app/services/simulation_ipc.py of the componen… | |||
| CVE-2026-7042 | high | 7.3 | 7.3 | 1mo ago | A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create_app of the file backend/app/__init__.py of the component REST API Endpoint. Executing a manipulation can lead to… | |||
| CVE-2026-7025 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The m… | |||
| CVE-2026-7022 | high | 7.3 | 7.3 | 1mo ago | A security vulnerability has been detected in SmythOS sre up to 0.0.15. Affected is the function AgentRuntime of the file packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts of the compon… | |||
| CVE-2026-6980 | high | 7.3 | 7.3 | 1mo ago | A vulnerability has been found in Divyanshu-hash GitPilot-MCP up to 9ed9f153ba4158a2ad230ee4871b25130da29ffd. This impacts the function repo_path of the file main.py. Such manipulation of the argumen… | |||
| CVE-2026-6977 | high | 7.3 | 7.3 | 1mo ago | A security vulnerability has been detected in vanna-ai vanna up to 2.0.2. The affected element is an unknown function of the component Legacy Flask API. The manipulation leads to improper authorizati… | |||
| CVE-2026-31569 | high | 7.3 | 7.3 | 1mo ago | In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointc_update_sw_coremap() can be empty, cu… | |||
| CVE-2026-41355 | high | 7.3 | 7.3 | 1mo ago | OpenClaw: OpenShell `mirror` mode can convert untrusted sandbox files into explicitly enabled workspace hooks and execute them on the host during gateway startup | |||
| CVE-2026-40542 | high | 7.3 | 7.3 | 1mo ago | Apache HttpClient accepts SCRAM-SHA-256 authentication without proper mutual authentication verification | |||
| CVE-2026-6662 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was found in ericc-ch copilot-api up to 0.7.0. The impacted element is the function cors of the file src/server.ts of the component Token Endpoint. Performing a manipulation results i… | |||
| CVE-2026-6635 | high | 7.3 | 7.3 | 1mo ago | A security vulnerability has been detected in rowboatlabs rowboat up to 0.1.67. This impacts the function tool_call of the file apps/experimental/tools_webhook/app.py of the component tools_webhook. … | |||
| CVE-2026-6629 | high | 7.3 | 7.3 | 1mo ago | A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.0. This vulnerability affects the function Statement.executeUpdate of the file sql.jsp of the component Interface. Such manipulation … | |||
| CVE-2026-6625 | high | 7.3 | 7.3 | 1mo ago | A security vulnerability has been detected in moxi624 Mogu Blog v2 up to 5.2. Affected by this vulnerability is the function LocalFileServiceImpl.uploadPictureByUrl of the file mogu_picture/src/main/… | |||
| CVE-2026-6621 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation of the argument __proto__ causes improperly cont… | |||
| CVE-2026-6615 | high | 7.3 | 7.3 | 1mo ago | A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Uplo… | |||
| CVE-2026-6604 | high | 7.3 | 7.3 | 1mo ago | AgentScope vulnerable to Server-Side Request Forgery | |||
| CVE-2026-6606 | high | 7.3 | 7.3 | 1mo ago | AgentScope vulnerable to Server-Side Request Forgery | |||
| CVE-2026-6605 | high | 7.3 | 7.3 | 1mo ago | AgentScope vulnerable to Server-Side Request Forgery | |||
| CVE-2026-6603 | high | 7.3 | 7.3 | 1mo ago | AgentScope Vulnerable to Remote Code Injection | |||
| CVE-2026-6602 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The ma… | |||
| CVE-2026-6596 | high | 7.3 | 7.3 | 1mo ago | Langflow: DoS Through Lack of File Size Restriction via Deprecated Unauthenticated File Upload API | |||
| CVE-2026-6595 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of t… | |||
| CVE-2026-6582 | high | 7.3 | 7.3 | 1mo ago | A flaw has been found in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function get_vector_db_details of the file superagi/controllers/vector_dbs.py of the component Vector … | |||
| CVE-2026-6580 | high | 7.3 | 7.3 | 1mo ago | A security vulnerability has been detected in liangliangyy DjangoBlog up to 2.1.0.0. Affected is an unknown function of the file owntracks/views.py of the component Amap API Call Handler. Such manipu… | |||
| CVE-2026-6577 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was identified in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file owntracks/views.py of the component logtracks Endpoint. The manipulati… | |||
| CVE-2026-6574 | high | 7.3 | 7.3 | 1mo ago | A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation… | |||
| CVE-2026-6568 | high | 7.3 | 7.3 | 1mo ago | A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Ha… | |||
| CVE-2026-6562 | high | 7.3 | 7.3 | 1mo ago | A flaw has been found in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql… | |||
| CVE-2026-21733 | high | 7.3 | 7.3 | 2mo ago | Vulnerability in Imagination Technologies Graphics DDK on Linux, Android -- RESERVED | |||
| CVE-2026-6490 | high | 7.3 | 7.3 | 2mo ago | A weakness has been identified in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. Impacted is an unknown function of the file admin/deletecourse.php of the component GET Request Paramet… | |||
| CVE-2026-6224 | high | 7.3 | 7.3 | 2mo ago | A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue affects the function createSafeConsole of the file packages/plugins/@nocobase/plugin-workflow-javas… | |||
| CVE-2026-6193 | high | 7.3 | 7.3 | 2mo ago | A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an unknown function of the file /register.php. The manipulation of the argument email results in sql i… | |||
| CVE-2026-6189 | high | 7.3 | 7.3 | 2mo ago | A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argu… | |||
| CVE-2026-6188 | high | 7.3 | 7.3 | 2mo ago | A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=delete_sales. This manipulation of the argument ID causes… | |||
| CVE-2026-6187 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue affects some unknown processing of the file /ajax.php?action=chk_prod_availability. The manipulation… | |||
| CVE-2026-6183 | high | 7.3 | 7.3 | 2mo ago | A security flaw has been discovered in code-projects Simple Content Management System 1.0. Affected by this issue is some unknown functionality of the file /web/index.php. Performing a manipulation o… | |||
| CVE-2026-6182 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php. Such manipulation of… | |||
| CVE-2026-6167 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was detected in code-projects Faculty Management System 1.0. Impacted is an unknown function of the file /subject-print.php. The manipulation of the argument ID results in sql injecti… | |||
| CVE-2026-6166 | high | 7.3 | 7.3 | 2mo ago | A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/UpdateVehicleFunction.php. The manipul… | |||
| CVE-2026-6165 | high | 7.3 | 7.3 | 2mo ago | A weakness has been identified in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/Login_check.php. Executing a manipulation of the argu… | |||
| CVE-2026-6164 | high | 7.3 | 7.3 | 2mo ago | A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results … | |||
| CVE-2026-6163 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such manipulation of the argument… | |||
| CVE-2026-6161 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing a manipulation of the argum… | |||
| CVE-2026-6158 | high | 7.3 | 7.3 | 2mo ago | A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. … | |||
| CVE-2026-6153 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /util/StaffDetailsFunction.php. Such manipulation of the argument S… | |||
| CVE-2026-6152 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/StaffAddingFunction.php. This manipulation of the … | |||
| CVE-2026-6151 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argumen… | |||
| CVE-2026-6149 | high | 7.3 | 7.3 | 2mo ago | A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issue is some unknown functionality of the file /util/BookVehicleFunction.php. Executing a manipulation… | |||
| CVE-2026-6148 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /util/MonthTotalReportUpdateFunction.php. … | |||
| CVE-2026-6142 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf51b6fba9fbb01d15. Affected by this vulnerability is an unknown functionality of the file /admin/roo… | |||
| CVE-2026-6130 | high | 7.3 | 7.3 | 2mo ago | A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/main/mcp/ipc-stdio-transport.ts of the component Model Context Protocol Server … | |||
| CVE-2026-6129 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the component Agent Mode Service. Performing a manipulation results in missing aut… | |||
| CVE-2026-6126 | high | 7.3 | 7.3 | 2mo ago | A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missin… | |||
| CVE-2026-6105 | high | 7.3 | 7.3 | 2mo ago | A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component… | |||
| CVE-2026-6038 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. This impacts an unknown function of the file /util/RegisterCustomerFunction.php. Such manipulation of the argum… | |||
| CVE-2026-6037 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function of the file /util/AddVehicleFunction.php. This manipulation of the argument BR… | |||
| CVE-2026-6036 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. The impacted element is an unknown function of the file /util/VehicleDetailsFunction.php. The manipulation of the ar… | |||
| CVE-2026-6031 | high | 7.3 | 7.3 | 2mo ago | A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. This affects an unknown function of the file /add-category-function.php. Such manipulation of the argument Category lea… | |||
| CVE-2026-6004 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument cat_id result… | |||
| CVE-2026-5985 | high | 7.3 | 7.3 | 2mo ago | A security flaw has been discovered in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /crud.php. The manipulation of the argument user_Id result… | |||
| CVE-2026-5961 | high | 7.3 | 7.3 | 2mo ago | A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This vulnerability affects unknown code of the file /topic-details.php. The manipulation of the argument po… | |||
| CVE-2026-5842 | high | 7.3 | 7.3 | 2mo ago | decolua 9router vulnerable to authorization bypass | |||
| CVE-2026-5837 | high | 7.3 | 7.3 | 2mo ago | A vulnerability was found in PHPGurukul News Portal Project 4.1. This affects an unknown part of the file /news-details.php. The manipulation of the argument Comment results in sql injection. The att… | |||
| CVE-2026-5832 | high | 7.3 | 7.3 | 2mo ago | api-lab-mcp vulnerable to SSRF |