CVEs from 2026
Total
14,034
critical
critical 1,231
high
high 4,634
medium
medium 4,443
low
low 484
% Critical
8.8%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 522
- firepower_threat_defense_software 300
- firepower_threat_defense 298
- gcp 239
- openclaw 172
- commerce 104
- commerce_b2b 89
- grafana 80
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-43862 | low | 3.7 | 3.7 | 1mo ago | In mutt before 2.3.2, the imap_auth_gss security level is mishandled. | |||
| CVE-2026-43861 | low | 3.7 | 3.7 | 1mo ago | mutt before 2.3.2 does not check for '\0' in url_pct_decode. | |||
| CVE-2026-43860 | low | 3.7 | 3.7 | 1mo ago | mutt before 2.3.2 sometimes truncates the hash_passwd by one byte for IMAP auth_cram MD5 digest. | |||
| CVE-2026-43859 | low | 3.7 | 3.7 | 1mo ago | mutt before 2.3.2 sometimes uses strfcpy instead of memcpy for the IMAP auth_cram MD5 digest. | |||
| CVE-2026-7689 | low | 3.7 | 3.7 | 1mo ago | Dolibarr has Insufficient Verification of Data Authenticity | |||
| CVE-2026-7671 | low | 3.7 | 3.7 | 1mo ago | A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The impacted element is an unknown function of the file /TwoFactor. Such manipulation leads to improper restr… | |||
| CVE-2026-41263 | low | 3.7 | 3.7 | 1mo ago | Traefik: A timing side-channel vulnerability allows for valid username enumeration via BasicAuth middleware | |||
| CVE-2026-3832 | low | 3.7 | 3.7 | 1mo ago | RHSA-2026:20612: gnutls security update (Important) | |||
| CVE-2026-7303 | low | 3.7 | 3.7 | 1mo ago | xxl-job has a Resource Injection issue | |||
| CVE-2026-41913 | low | 3.7 | 3.7 | 1mo ago | OpenClaw: Concurrent async auth attempts can bypass the intended shared-secret rate-limit budget on Tailscale-capable paths | |||
| CVE-2026-7103 | low | 3.7 | 3.7 | 1mo ago | A vulnerability was determined in code-projects Chat System 1.0. Affected is an unknown function of the file update_user.php of the component MD5 Hash Handler. This manipulation of the argument Passw… | |||
| CVE-2026-7041 | low | 3.7 | 3.7 | 1mo ago | A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler. Performing a manipulation… | |||
| CVE-2026-7020 | low | 3.7 | 3.7 | 1mo ago | Ollama is Vulnerable to Path Traversal | |||
| CVE-2026-6986 | low | 3.7 | 3.7 | 1mo ago | A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg_aes_gcm_decrypt of the file /src/tls_aes128.c of the component GCM Authentication Tag Han… | |||
| CVE-2026-42040 | low | 3.7 | 3.7 | 1mo ago | Axios: Null Byte Injection via Reverse-Encoding in AxiosURLSearchParams | |||
| CVE-2026-41333 | low | 3.7 | 3.7 | 1mo ago | OpenClaw: Fake DeviceToken Bypasses Shared Auth Rate Limiting | |||
| CVE-2026-40279 | low | 3.7 | 3.7 | 1mo ago | BACnet Stack is a BACnet open source protocol stack C library for embedded systems. Prior to 1.4.3, decode_signed32() in src/bacnet/bacint.c reconstructs a 32-bit signed integer from four APDU bytes … | |||
| CVE-2026-6610 | low | 3.7 | 3.7 | 1mo ago | A vulnerability has been found in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file djangoblog/settings.py of the component Setting Handler. Such manipula… | |||
| CVE-2026-40194 | low | 3.7 | 3.7 | 2mo ago | phpseclib has a variable-time HMAC comparison in SSH2::get_binary_packet() using != instead of hash_equals() | |||
| CVE-2026-5682 | low | 3.7 | 3.7 | 2mo ago | A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation lea… | |||
| CVE-2026-5622 | low | 3.7 | 3.7 | 2mo ago | A vulnerability was determined in hcengineering Huly Platform 0.7.382. Affected by this issue is some unknown functionality of the file foundations/core/packages/token/src/token.ts of the component J… | |||
| CVE-2026-5413 | low | 3.7 | 3.7 | 2mo ago | A vulnerability was identified in Newgen OmniDocs up to 12.0.00. Affected by this vulnerability is an unknown functionality of the file /omnidocs/GetWebApiConfiguration. The manipulation of the argum… | |||
| CVE-2026-5360 | low | 3.7 | 3.7 | 2mo ago | A vulnerability has been found in Free5GC 4.2.0. The affected element is an unknown function of the component aper. Such manipulation leads to type confusion. The attack may be launched remotely. Thi… | |||
| CVE-2026-4831 | low | 3.7 | 3.7 | 2mo ago | A security flaw has been discovered in kalcaddle kodbox 1.64. Impacted is the function can of the file /workspace/source-code/app/controller/explorer/auth.class.php of the component Password-protecte… | |||
| CVE-2026-4588 | low | 3.7 | 3.7 | 2mo ago | A vulnerability was determined in kalcaddle kodbox 1.64. Impacted is the function shareSafeGroup of the file /workspace/source-code/app/controller/explorer/shareOut.class.php of the component Site-le… | |||
| CVE-2026-4115 | low | 3.7 | 3.7 | 2mo ago | A vulnerability was detected in PuTTY 0.83. Affected is the function eddsa_verify of the file crypto/ecc-ssh.c of the component Ed25519 Signature Handler. The manipulation results in improper verific… | |||
| CVE-2026-4045 | low | 3.7 | 3.7 | 3mo ago | A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldap_email can lead to observable re… | |||
| CVE-2026-3963 | low | 3.7 | 3.7 | 3mo ago | A security flaw has been discovered in perfree go-fastdfs-web up to 1.3.7. This affects the function rememberMeManager of the file src/main/java/com/perfree/config/ShiroConfig.java of the component A… | |||
| CVE-2026-2968 | low | 3.7 | 3.7 | 3mo ago | A vulnerability was detected in Cesanta Mongoose up to 7.20. This impacts the function mg_chacha20_poly1305_decrypt of the file /src/tls_chacha20.c of the component Poly1305 Authentication Tag Handle… | |||
| CVE-2026-2967 | low | 3.7 | 3.7 | 3mo ago | A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This affects the function getpeer of the file /src/net_builtin.c of the component TCP Sequence Number Handler. The manipulat… | |||
| CVE-2026-2966 | low | 3.7 | 3.7 | 3mo ago | A weakness has been identified in Cesanta Mongoose up to 7.20. The impacted element is the function mg_sendnsreq of the file /src/dns.c of the component DNS Transaction ID Handler. Executing a manipu… | |||
| CVE-2026-2215 | low | 3.7 | 3.7 | 4mo ago | A vulnerability was detected in rachelos WeRSS we-mp-rss up to 1.4.8. This issue affects some unknown processing of the file core/auth.py of the component JWT Handler. Performing a manipulation of th… | |||
| CVE-2026-41962 | low | 3.6 | 3.6 | 19d ago | Permission control vulnerability in the app management and control module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | |||
| CVE-2026-10567 | low | 3.5 | 3.5 | 1d ago | A security vulnerability has been detected in 1Panel-dev CordysCRM up to 1.4.1. This impacts the function Save of the file src/main/java/cn/cordys/crm/system/service/ModuleFormService.java of the com… | |||
| CVE-2026-45266 | low | 3.5 | 3.5 | 2d ago | Nextcloud is an open source content collaboration platform. Prior to versions 21.1.10, 22.0.11, and 23.0.3, a low-privileged user can force other user's microphones to be muted in calls when no High-… | |||
| CVE-2026-45159 | low | 3.5 | 3.5 | 2d ago | Nextcloud is an open source content collaboration platform. From versions 1.15.0 to before 1.15.4, 1.16.0 to before 1.16.3, 1.17.0 to before 1.17.1, and 1.18.0 to before 1.18.1, a malicious user with… | |||
| CVE-2026-10264 | low | 3.5 | 3.5 | 2d ago | A vulnerability was determined in lharries whatsapp-mcp 0.0.1. Affected by this vulnerability is the function SendMessageRequest of the file whatsapp-bridge/main.go of the component Send API Endpoint… | |||
| CVE-2026-10247 | low | 3.5 | 3.5 | 2d ago | A vulnerability was found in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects the function create_generic_name of the file /ShowForm/create_generic_name/main. The ma… | |||
| CVE-2026-10246 | low | 3.5 | 3.5 | 2d ago | A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function create_medicine_presentation of the file /ShowForm/create_medicine_presentation/mai… | |||
| CVE-2026-10245 | low | 3.5 | 3.5 | 2d ago | A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function create_supplier of the file /ShowForm/create_supplier/main. Executing a manipul… | |||
| CVE-2026-10244 | low | 3.5 | 3.5 | 2d ago | A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is the function create_medicine_name of the file /ShowForm/create_medicine_name/… | |||
| CVE-2026-10234 | low | 3.5 | 3.5 | 2d ago | A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results i… | |||
| CVE-2026-10228 | low | 3.5 | 3.5 | 2d ago | A vulnerability was found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admission_form_chec… | |||
| CVE-2026-48191 | low | 3.5 | 3.5 | 2d ago | An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA an… | |||
| CVE-2026-48190 | low | 3.5 | 3.5 | 2d ago | An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be… | |||
| CVE-2026-42448 | low | 3.5 | 3.5 | 8d ago | Magic Wormhole: receive, with --output pointing at an existing directory can be path-traversed | |||
| CVE-2026-9485 | low | 3.5 | 3.5 | 8d ago | A vulnerability was identified in SourceCodester Student Grades Management System 1.0. Affected by this issue is some unknown functionality of the file students.php. The manipulation of the argument … | |||
| CVE-2026-9471 | low | 3.5 | 3.5 | 9d ago | A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation… | |||
| CVE-2026-9414 | low | 3.5 | 3.5 | 9d ago | A security flaw has been discovered in SourceCodester Indian Invoicing System up to 0.x/1.0. The impacted element is an unknown function of the file /Invoicing/add_order.php of the component Invoice … | |||
| CVE-2026-48832 | low | 3.5 | 3.5 | 9d ago | action/cookie.php in ecrire in SPIP before 4.4.15 is prone to an open redirect vulnerability. | |||
| CVE-2026-9395 | low | 3.5 | 3.5 | 9d ago | A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentia… | |||
| CVE-2026-9357 | low | 3.5 | 3.5 | 10d ago | A vulnerability was found in vBulletin 6.x. This impacts an unknown function of the component Login. Performing a manipulation results in cross site scripting. It is possible to initiate the attack r… | |||
| CVE-2026-4643 | low | 3.5 | 3.5 | 16d ago | Mattermost Desktop App versions <=6.1 6.0.1 5.4.13.0 fail to prevent server-rendered content from closing an underlying application view in the Mattermost Desktop App which allows a malicious server … | |||
| CVE-2026-45316 | low | 3.5 | 3.5 | 18d ago | Open WebUI: Read-Only Users Can Toggle Note Pin Status via Incorrect Permission Check (Write via Read-Only Access) | |||
| CVE-2026-45803 | low | 3.5 | 3.5 | 19d ago | `gh` is GitHub’s official command line tool. From 1.6.0 to before 2.92.0, a security vulnerability has been identified in GitHub CLI that could allow terminal escape sequence injection when users vie… | |||
| CVE-2026-45781 | low | 3.5 | 3.5 | 19d ago | MCP Registry: OCI validator skips ownership check on upstream rate limits | |||
| CVE-2026-7471 | low | 3.5 | 3.5 | 20d ago | GitLab has remediated an issue in GitLab EE affecting all versions from 18.8 before 18.9.7, 18.10 before 18.10.6, and 18.11 before 18.11.3 that could have allowed an authenticated user with control o… | |||
| CVE-2026-8232 | low | 3.5 | 3.5 | 24d ago | A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlib_worker_loop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The ma… | |||
| CVE-2026-7677 | low | 3.5 | 3.5 | 1mo ago | A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNotic… | |||
| CVE-2026-7501 | low | 3.5 | 3.5 | 1mo ago | A weakness has been identified in LinkStackOrg LinkStack up to 4.8.6. Impacted is the function editPage of the file app/Http/Controllers/UserController.php. Executing a manipulation of the argument p… | |||
| CVE-2026-41663 | low | 3.5 | 3.5 | 1mo ago | Admidio has CSRF on Admin Preferences that Triggers Unauthorized Backup, .htaccess Write, and Email Send | |||
| CVE-2026-7390 | low | 3.5 | 3.5 | 1mo ago | A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. The impacted element is the function Customer of the file /index.php?page=customer. The manipulation of the arg… | |||
| CVE-2026-7222 | low | 3.5 | 3.5 | 1mo ago | A vulnerability was determined in code-projects Coaching Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /cims/modules/student/complaint.php of the compo… | |||
| CVE-2026-7110 | low | 3.5 | 3.5 | 1mo ago | A flaw has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /item. Executing a manipulation of the argument item name/description can lead to cro… | |||
| CVE-2026-7021 | low | 3.5 | 3.5 | 1mo ago | A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the arg… | |||
| CVE-2026-6990 | low | 3.5 | 3.5 | 1mo ago | A vulnerability was found in projeto-siga siga 11.0.3.18. The affected element is an unknown function of the file /sigawf/app/responsavel/novo. Performing a manipulation of the argument Nome/Descriçã… | |||
| CVE-2026-6745 | low | 3.5 | 3.5 | 1mo ago | Bagisto affected by Cross-site Scripting | |||
| CVE-2026-6743 | low | 3.5 | 3.5 | 1mo ago | A vulnerability has been found in WebSystems WebTOTUM 2026. This impacts an unknown function of the component Calendar. The manipulation leads to cross site scripting. The attack may be initiated rem… | |||
| CVE-2026-6648 | low | 3.5 | 3.5 | 1mo ago | A vulnerability was found in Qibo CMS 1.0. Affected by this vulnerability is an unknown functionality of the component Internal Message Module. Performing a manipulation results in cross site scripti… | |||
| CVE-2026-6633 | low | 3.5 | 3.5 | 1mo ago | A security flaw has been discovered in Yifang CMS up to 2.0.5. The impacted element is the function store of the file plugins/yifang_backend_account/logic/admin/L_rbac_admin.php of the component Exte… | |||
| CVE-2026-6619 | low | 3.5 | 3.5 | 1mo ago | A vulnerability has been found in langgenius dify up to 1.13.3. Impacted is the function openInNewTab of the file web/app/components/base/image-uploader/image-preview.tsx of the component ImagePrevie… | |||
| CVE-2026-6600 | low | 3.5 | 3.5 | 1mo ago | A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file src/frontend/src/modals/IOModal/components/chatView/chatMessage/components/edit-message.tsx of … | |||
| CVE-2026-6593 | low | 3.5 | 3.5 | 1mo ago | A vulnerability was found in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py of the component View Endpoint. Performing a manipulation results in cros… | |||
| CVE-2026-6592 | low | 3.5 | 3.5 | 1mo ago | A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/user_manager.py of the component userdata Endpoint. Such manipulatio… | |||
| CVE-2026-6493 | low | 3.5 | 3.5 | 2mo ago | A flaw has been found in lukevella rallly up to 4.7.4. This affects an unknown function of the file apps/web/src/app/[locale]/(auth)/reset-password/components/reset-password-form.tsx of the component… | |||
| CVE-2026-6486 | low | 3.5 | 3.5 | 2mo ago | A vulnerability was detected in classroombookings up to 2.17.0. This impacts the function read of the file crbs-core/application/views/layout.php of the component User Display Name Handler. The manip… | |||
| CVE-2026-6216 | low | 3.5 | 3.5 | 2mo ago | DbGate has cross site scripting via the SVG Icon String Handler component | |||
| CVE-2026-6162 | low | 3.5 | 3.5 | 2mo ago | A vulnerability has been found in PHPGurukul Company Visitor Management System 2.0. This impacts an unknown function of the file /bwdates-reports-details.php. The manipulation of the argument fromdat… | |||
| CVE-2026-6106 | low | 3.5 | 3.5 | 2mo ago | A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/static_headers_middleware.py of the co… | |||
| CVE-2026-5810 | low | 3.5 | 3.5 | 2mo ago | A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected is an unknown function of the file /delete.php of the component GET Parameter Handler. This manipulation of the argume… | |||
| CVE-2026-5806 | low | 3.5 | 3.5 | 2mo ago | A security vulnerability has been detected in code-projects Easy Blog Site 1.0. This affects an unknown function of the file /posts/update.php. The manipulation of the argument postTitle leads to cro… | |||
| CVE-2026-35679 | low | 3.5 | 3.5 | 2mo ago | Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was someti… | |||
| CVE-2026-5568 | low | 3.5 | 3.5 | 2mo ago | A vulnerability has been found in Akaunting up to 3.1.21. This issue affects some unknown processing of the component Invoice/Billing. The manipulation of the argument notes leads to cross site scrip… | |||
| CVE-2026-5370 | low | 3.5 | 3.5 | 2mo ago | Krayin CRM is vulnerable to Cross-site Scripting (XSS) | |||
| CVE-2026-5325 | low | 3.5 | 3.5 | 2mo ago | A vulnerability was determined in SourceCodester Simple Customer Relationship Management System 1.0. This issue affects some unknown processing of the file /create-ticket.php of the component Create … | |||
| CVE-2026-5254 | low | 3.5 | 3.5 | 2mo ago | A security vulnerability has been detected in welovemedia FFmate up to 2.0.15. Affected by this issue is some unknown functionality of the file /ui/app/components/AppJsonTreeView.vue of the component… | |||
| CVE-2026-5253 | low | 3.5 | 3.5 | 2mo ago | A weakness has been identified in bufanyun HotGo 1.0/2.0. Affected by this vulnerability is an unknown functionality of the file /web/src/layout/components/Header/MessageList.vue of the component edi… | |||
| CVE-2026-5252 | low | 3.5 | 3.5 | 2mo ago | A security flaw has been discovered in z-9527 admin 1.0/2.0. Affected is an unknown function of the file /server/routes/message.js of the component Message Create Endpoint. Performing a manipulation … | |||
| CVE-2026-5249 | low | 3.5 | 3.5 | 2mo ago | A vulnerability was found in gougucms 4.08.18. This impacts an unknown function of the file \gougucms-master\app\admin\view\user\record.html of the component Record Endpoint. Performing a manipulatio… | |||
| CVE-2026-4995 | low | 3.5 | 3.5 | 2mo ago | A vulnerability was determined in wandb OpenUI up to 1.0. Affected by this vulnerability is an unknown functionality of the file frontend/public/annotator/index.html of the component Window Message E… | |||
| CVE-2026-4994 | low | 3.5 | 3.5 | 2mo ago | A vulnerability was found in wandb OpenUI up to 1.0/3.5-turb. Affected is the function generic_exception_handler of the file backend/openui/server.py of the component APIStatusError Handler. The mani… | |||
| CVE-2026-4973 | low | 3.5 | 3.5 | 2mo ago | A vulnerability was detected in SourceCodester Online Quiz System up to 1.0. Affected by this vulnerability is an unknown functionality of the file endpoint/add-question.php. Performing a manipulatio… | |||
| CVE-2026-4969 | low | 3.5 | 3.5 | 2mo ago | A vulnerability was identified in code-projects Social Networking Site 1.0. The impacted element is an unknown function of the file /home.php of the component Alert Handler. The manipulation of the a… | |||
| CVE-2026-32984 | low | 3.5 | 3.5 | 2mo ago | Wazuh authd contains a heap-buffer overflow vulnerability that allows attackers to cause memory corruption and malformed heap data by sending specially crafted input. Attackers can exploit this vulne… | |||
| CVE-2026-4835 | low | 3.5 | 3.5 | 2mo ago | A security vulnerability has been detected in code-projects Accounting System 1.0. Impacted is an unknown function of the file /my_account/add_costumer.php of the component Web Application Interface.… | |||
| CVE-2026-4495 | low | 3.5 | 3.5 | 3mo ago | A security flaw has been discovered in atjiu pybbs 6.0.0. This impacts the function create of the file src/main/java/co/yiiu/pybbs/controller/api/CommentApiController.java. The manipulation results i… | |||
| CVE-2026-4494 | low | 3.5 | 3.5 | 3mo ago | A vulnerability was identified in atjiu pybbs 6.0.0. This affects the function create of the file src/main/java/co/yiiu/pybbs/controller/api/TopicApiController.java. The manipulation leads to cross s… | |||
| CVE-2026-4355 | low | 3.5 | 3.5 | 3mo ago | A vulnerability was detected in Portabilis i-Educar 2.11. This impacts an unknown function of the file /intranet/educar_servidor_curso_lst.php of the component Endpoint. Performing a manipulation of … | |||
| CVE-2026-4354 | low | 3.5 | 3.5 | 3mo ago | A vulnerability was identified in TRENDnet TEW-824DRU 1.010B01/1.04B01. The impacted element is the function sub_420A78 of the file apply_sec.cgi of the component Web Interface. Such manipulation of … | |||
| CVE-2026-4239 | low | 3.5 | 3.5 | 3mo ago | A vulnerability was found in Lagom WHMCS Template up to 2.3.7. Impacted is an unknown function of the component Datatables. The manipulation results in improperly controlled modification of object pr… |