| CVE-2026-49279 |
unknown |
— |
— |
|
|
|
23h ago |
WWBN AVideo: Stored XSS via autoEvalCodeOnHTML Bypass in MessageSQLite WebSocket Handler (CVE-2026-43874 Bypass) |
| CVE-2026-8462 |
unknown |
— |
— |
|
|
|
23h ago |
OpenMeter: SQL injection through meter creation |
| CVE-2026-48040 |
unknown |
— |
— |
|
|
|
1d ago |
The netty incubator codec.bhttp is a java language binary http parser. The library implements Oblivious HTTP (RFC 9458) using BoringSSL's HPKE C library via JNI. When deriving native memory addresses… |
| CVE-2026-25550 |
critical |
9.8 |
9.8 |
|
|
|
1d ago |
Seagull Software BarTender 2010, 2016, and 2019 contain an unauthenticated remote code execution vulnerability in the .NET Remoting service exposed on TCP port 7375 via BtSystem.Service.exe. The serv… |
| CVE-2026-10880 |
critical |
9.8 |
9.8 |
|
|
|
1d ago |
OSNexus QuantaStor SDS Manager is vulnerable to SQL injection in the login endpoint. The username field is not properly sanitized before being incorporated into a SQL query, allowing an unauthenticat… |
| CVE-2025-67447 |
critical |
9.8 |
9.8 |
|
|
|
1d ago |
The network diagnosis (ping) module in Neterbit NW-431F Router 20241014-IR03 and before is vulnerable to OS command injection. The application does not properly sanitize user input in the IP address … |
