Search
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-35563 | high | 8.5 | 8.5 | debian | apache | 7d ago | It was identified that the LDAP client implementation in version 2.1.7 does not verify if the server certificate matches the intended LDAP hostname. While the underlying code validates the certifica… | |
| CVE-2026-10235 | medium | 6.3 | 6.3 | 7d ago | A flaw has been found in CodeAstro Ingredients Stock Management System 1.0. This vulnerability affects unknown code of the file /Ingredients-Stock/stock_manager.php. This manipulation of the argument… | |||
| CVE-2026-10234 | low | 3.5 | 3.5 | 7d ago | A vulnerability was detected in Mettle sendportal up to 3.0.1. This affects an unknown part of the file /webview/ of the component Campaign Handler. The manipulation of the argument content results i… | |||
| CVE-2026-10233 | low | 3.3 | 3.3 | sles debian | 7d ago | A security vulnerability has been detected in Assimp up to 6.0.4. Affected by this issue is the function HL1MDLLoader::read_sequence_infos of the file HL1MDLLoader.cpp of the component Half-Life 1 MD… | ||
| CVE-2026-10232 | medium | 5.3 | 5.3 | sles debian | 7d ago | A weakness has been identified in Assimp up to 6.0.4. Affected by this vulnerability is the function aiNode::~aiNode of the file scene.cpp of the component ASE File Parser. Executing a manipulation c… | ||
| CVE-2026-10231 | medium | 5.3 | 5.3 | sles debian | 7d ago | A security flaw has been discovered in Assimp up to 6.0.4. Affected is the function HL1MDLLoader::extract_anim_value of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. Performing a… | ||
| CVE-2026-10230 | medium | 5.3 | 5.3 | sles debian | 7d ago | A vulnerability was identified in Assimp up to 6.0.4. This impacts the function Assimp::MDL::HalfLife::HL1MDLLoader::read_animations of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Load… | ||
| CVE-2026-10229 | medium | 5.3 | 5.3 | sles debian | 7d ago | A vulnerability was determined in Assimp up to 6.0.4. This affects the function HL1MDLLoader::read_meshes of the file HL1MDLLoader.cpp of the component Half-Life 1 MDL Loader. This manipulation cause… | ||
| CVE-2026-10228 | low | 3.5 | 3.5 | 7d ago | A vulnerability was found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. The impacted element is an unknown function of the file admission_form_chec… | |||
| CVE-2026-10227 | high | 7.3 | 7.3 | 7d ago | A vulnerability has been found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. The affected element is an unknown function of the file add_user_check… | |||
| CVE-2026-10226 | high | 7.3 | 7.3 | 7d ago | A flaw has been found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. Impacted is an unknown function of the file delete.php. Executing a manipulatio… | |||
| CVE-2026-10225 | high | 7.3 | 7.3 | 7d ago | A vulnerability was detected in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file login_check.php o… | |||
| CVE-2026-10224 | medium | 5.3 | 5.3 | 7d ago | A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.30. This vulnerability affects the function _handle_webhook_request of the file gateway/platforms/feishu.py of the… | |||
| CVE-2026-48209 | high | 7.1 | 7.1 | 7d ago | An improper neutralization of user-controllable input in OTRS or ((OTRS)) Community Edition ticket handling allows authenticated attackers to perform reflected cross-site scripting (XSS) attacks via … | |||
| CVE-2026-48208 | medium | 6.5 | 6.5 | 7d ago | An improper neutralization of active SVG content in OTRS or ((OTRS)) Community Edition ticket article rendering allows attackers to inject specially crafted SVG payloads via email content, leading to… | |||
| CVE-2026-48191 | low | 3.5 | 3.5 | 7d ago | An incorrect handling of permissions in STORM powered by OTRS and in OTRS (2026.x and above) Document Search Article Meta Filters modules allows gaining knowledge about number of affected CIs, SLA an… | |||
| CVE-2026-48190 | low | 3.5 | 3.5 | 7d ago | An incorrect handling of permissions in OTRS External Interface and the ConfigItem List module allows an authenticated customer to query the system for CI information. Please note that CMDB has to be… | |||
| CVE-2026-48189 | medium | 5.7 | 5.7 | 7d ago | An improper Input Validation vulnerability in OTRS Customer Backend module allows to access customer information which are restricted to other groups. Please note that the feature has to be anabled a… | |||
| CVE-2026-48188 | critical | 9.1 | 9.1 | 7d ago | An improper Input Validation vulnerability in OTRS or ((OTRS)) Community Edition database layer module allows an unauthenticated SQL injection which can lead to an authentication bypass. This issue o… | |||
| CVE-2026-48187 | medium | 5.7 | 5.7 | 7d ago | An uncontrolled allocation of resources without limits or throttling in the e-mail handling in OTRS allows excessive allocation which may lead to the abortion of the webserver.This issue affects OTRS… | |||
| CVE-2026-20456 | medium | 5.5 | 5.5 | mediatek | 7d ago | In wlan STA driver, there is a possible system crash due to a missing bounds check. This could lead to local denial of service with User execution privileges needed. User interaction is not needed fo… | ||
| CVE-2026-20455 | high | 7.8 | 7.8 | mediatek | 7d ago | In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. U… | ||
| CVE-2026-20454 | medium | 6.4 | 6.4 | mediatek | 7d ago | In geniezone, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User in… | ||
| CVE-2026-20453 | medium | 6.7 | 6.7 | mediatek | 7d ago | In geniezone, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. U… | ||
| CVE-2026-20452 | high | 8.0 | 8.0 | mediatek | 7d ago | In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote (proximal/adjacent) code execution with User execution privileges needed. User intera… | ||
| CVE-2026-10221 | high | 7.3 | 7.3 | 7d ago | A vulnerability was identified in NousResearch hermes-agent up to 0.12.0. Affected by this vulnerability is the function _compress_context of the file run_agent.py. The manipulation leads to injectio… | |||
| CVE-2026-10220 | high | 7.3 | 7.3 | 7d ago | A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function _serve_plugin_skill/skill_view of the file tools/skills_tool.py. Executing a manipulation can lea… | |||
| CVE-2026-10219 | high | 7.3 | 7.3 | 7d ago | A vulnerability was found in nextlevelbuilder GoClaw up to 3.11.3. This impacts the function FsBridge.WriteFile of the file internal/sandbox/fsbridge.go of the component write_file Tool. Performing a… | |||
| CVE-2026-10218 | medium | 5.4 | 5.4 | 7d ago | A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolution_handlers.go. Such manipulation leads to improper authorizati… | |||
| CVE-2026-10217 | medium | 6.3 | 6.3 | 7d ago | A flaw has been found in nextlevelbuilder GoClaw up to 3.11.3. The impacted element is the function handleSave of the file internal/http/tts_config.go of the component RoleAdmin Gateway. This manipul… | |||
| CVE-2026-10216 | low | 3.7 | 3.7 | 7d ago | A vulnerability was detected in unitedbyai droidclaw up to 0.5.3. The affected element is an unknown function of the file server/src/routes/pairing.ts of the component claim Endpoint. The manipulatio… | |||
| CVE-2026-10223 | medium | 6.3 | 6.3 | 7d ago | A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. This affects the function _scan_memory_content of the file tools/memory_tool.py. This manipulation causes injection. The a… | |||
| CVE-2026-10222 | medium | 5.6 | 5.6 | 7d ago | A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function _sanitize_env_lines of the file hermes_cli/config.py. The manipulation results… | |||
| CVE-2026-10215 | medium | 4.3 | 4.3 | 7d ago | A security vulnerability has been detected in Dolibarr ERP CRM up to 23.0.1. Impacted is the function checkUserAccessToObject of the file htdocs/holiday/class/api_holidays.class.php of the component … | |||
| CVE-2026-10214 | high | 7.3 | 7.3 | 7d ago | A weakness has been identified in zhayujie chatgpt-on-wechat up to 2.0.8. This issue affects the function _get_safety_warning of the file agent/tools/bash/bash.py of the component Bash Tool. Executin… | |||
| CVE-2026-10213 | medium | 5.4 | 5.4 | 7d ago | A security flaw has been discovered in AstrBotDevs AstrBot 4.23.6. This vulnerability affects unknown code of the file /api/skills/delete of the component API Endpoint. Performing a manipulation of t… | |||
| CVE-2026-10212 | medium | 6.3 | 6.3 | 7d ago | A vulnerability was identified in AstrBotDevs AstrBot 4.24.2. This affects the function astr_main_agent of the file astrbot/core/astr_main_agent.py. Such manipulation of the argument session_id leads… | |||
| CVE-2026-10211 | medium | 6.3 | 6.3 | 7d ago | A vulnerability was determined in AstrBotDevs AstrBot 4.23.6. Affected by this issue is the function _normalize_rw_path of the file astrbot/core/tools/computer_tools/fs.py. This manipulation causes i… | |||
| CVE-2026-10210 | medium | 6.3 | 6.3 | 7d ago | A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function _sanitize_prompt_description of the file astrbot/core/skills/skill_manager.py. The manipulation… | |||
| CVE-2026-10209 | medium | 6.3 | 6.3 | 7d ago | A vulnerability has been found in code-projects Online Hospital Management System 1.0. Affected is an unknown function of the file appointmentdetail.php of the component Appointment Handler. The mani… | |||
| CVE-2026-10208 | high | 7.3 | 7.3 | 7d ago | A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function login_user of the file login_1.php. Executing a manipulation of the argument Username can lea… | |||
| CVE-2026-10206 | high | 8.8 | 8.8 | 7d ago | A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer o… | |||
| CVE-2026-10205 | medium | 6.3 | 6.3 | 7d ago | A security vulnerability has been detected in Metasoft 美特软件 MetaCRM 6.4.0. The impacted element is an unknown function of the file develop/systparam/softlogo/upload.jsp. Such manipulation leads to un… | |||
| CVE-2026-10204 | medium | 6.3 | 6.3 | 7d ago | A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the c… | |||
| CVE-2026-10203 | medium | 6.3 | 6.3 | 7d ago | A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the comp… | |||
| CVE-2026-10202 | medium | 6.3 | 6.3 | 7d ago | A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the com… | |||
| CVE-2026-10201 | low | 3.3 | 3.3 | sles debian | 7d ago | A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a ma… | ||
| CVE-2026-37234 | high | 8.2 | 8.2 | mosaic5g | 7d ago | FlexRIC v2.0.0 allows a single SCTP connection to bind multiple xapp_ids by sending multiple E42_SETUP_REQUESTs. On disconnect, only the first registered xapp_id's resources are cleaned up; subsequen… | ||
| CVE-2025-70099 | high | 7.5 | 7.5 | 7d ago | A NULL pointer dereference in the ext4_dir_en_get_name_len function in include/ext4_dir.h of lwext4 1.0.0 allows attackers to cause a denial of service by supplying a specially crafted EXT4 filesyste… | |||
| CVE-2025-53020 | medium | — | 5.5 | FIX | debian sles rhel | 7d ago | Late Release of Memory after Effective Lifetime vulnerability in Apache HTTP Server. This issue affects Apache HTTP Server: from 2.4.17 up to 2.4.63. Users are recommended to upgrade to version 2.4… | |
| CVE-2026-10200 | medium | 5.3 | 5.3 | sles debian | 7d ago | A vulnerability was found in Assimp up to 6.0.4. This affects the function glTFCommon::CopyValue in the library glTFCommon.h of the component 4x4 Matrix Parser. Performing a manipulation results in h… | ||
| CVE-2026-10199 | low | 3.3 | 3.3 | sles debian | 7d ago | A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of the argument operator[] leads to null po… | ||
| CVE-2026-10198 | low | 3.3 | 3.3 | sles debian | 7d ago | A flaw has been found in Assimp up to 6.0.4. Affected by this vulnerability is the function Assimp::glTFImporter::ImportMeshes of the file glTFImporter.cpp of the component glTFImporter. This manipul… |