CVEs from 2026
Total
14,539
critical
critical 1,284
high
high 4,929
medium
medium 4,658
low
low 502
% Critical
8.8%
% with KEV
0.4%
% with exploit
0.7%
Top vendors
Top products
- chrome 558
- firepower_threat_defense_software 310
- gcp 299
- firepower_threat_defense 298
- openclaw 172
- commerce 104
- netweaver_application_server_abap 102
- commerce_b2b 89
Top packages
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-10209 | medium | 6.3 | 6.3 | 5d ago | A vulnerability has been found in code-projects Online Hospital Management System 1.0. Affected is an unknown function of the file appointmentdetail.php of the component Appointment Handler. The mani… | |||
| CVE-2026-10205 | medium | 6.3 | 6.3 | 5d ago | A security vulnerability has been detected in Metasoft 美特软件 MetaCRM 6.4.0. The impacted element is an unknown function of the file develop/systparam/softlogo/upload.jsp. Such manipulation leads to un… | |||
| CVE-2026-10204 | medium | 6.3 | 6.3 | 5d ago | A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the c… | |||
| CVE-2026-10203 | medium | 6.3 | 6.3 | 5d ago | A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the comp… | |||
| CVE-2026-10202 | medium | 6.3 | 6.3 | 5d ago | A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the com… | |||
| CVE-2026-10194 | medium | 6.3 | 6.3 | 5d ago | A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp… | |||
| CVE-2026-10193 | medium | 6.3 | 6.3 | 5d ago | A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the c… | |||
| CVE-2026-10182 | medium | 6.3 | 6.3 | 5d ago | A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee … | |||
| CVE-2026-10180 | medium | 6.3 | 6.3 | 5d ago | A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection.… | |||
| CVE-2026-10176 | medium | 6.3 | 6.3 | 5d ago | A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injec… | |||
| CVE-2026-10177 | medium | 6.3 | 6.3 | 5d ago | A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file api_docs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads … | |||
| CVE-2026-10175 | medium | 6.3 | 6.3 | 5d ago | A security flaw has been discovered in Aider-AI Aider 0.86.3. Affected by this vulnerability is the function editor_coder.run of the file auth.py of the component Architect Mode. Performing a manipul… | |||
| CVE-2026-10174 | medium | 6.3 | 6.3 | 5d ago | A vulnerability was identified in Aider-AI Aider 0.86.3. Affected is an unknown function of the file aider/args.py of the component Pre-commit Hook Handler. Such manipulation of the argument git-comm… | |||
| CVE-2026-10172 | medium | 6.3 | 6.3 | 5d ago | A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php… | |||
| CVE-2026-10170 | medium | 6.3 | 6.3 | 5d ago | A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone_0.php. This manipulation of the argument phone ca… | |||
| CVE-2026-10168 | medium | 6.3 | 6.3 | 6d ago | A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file appl… | |||
| CVE-2026-10166 | medium | 6.3 | 6.3 | 6d ago | A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. This manipulation of t… | |||
| CVE-2026-10152 | medium | 6.3 | 6.3 | 6d ago | A vulnerability was detected in TaleLin lin-cms-spring-boot up to 0.2.1. This issue affects some unknown processing of the file src/main/java/io/github/talelin/latticy/controller/v1/BookController.ja… | |||
| CVE-2026-10127 | medium | 6.3 | 6.3 | 6d ago | A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the … | |||
| CVE-2026-9831 | medium | 6.3 | 6.3 | 7d ago | A race condition in the shared Extreme Platform ONE IAM Gateway API-key authentication path could, under specific high-concurrency traffic conditions, intermittently allow requests authenticated with… | |||
| CVE-2026-44287 | medium | 6.3 | 6.3 | 7d ago | FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import() with the regex /\bimport\s*\(/.t… | |||
| CVE-2026-10101 | medium | 6.3 | 6.3 | 7d ago | ACM/MCE assisted-service writes raw referenced pull-secret contents into `InfraEnv.status.conditions[].message` when pull-secret validation fails. A namespace principal with the stock `view` ClusterR… | |||
| CVE-2026-9989 | medium | 6.3 | 6.3 | 8d ago | Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to bypass same origin policy via a crafted video file. (Chromium security severity: High) | |||
| CVE-2026-46416 | medium | 6.3 | 6.3 | 9d ago | Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO creates one shared UFOWebSocketHandler instance and reuses it for mult… | |||
| CVE-2026-47270 | medium | 6.3 | 6.3 | 9d ago | pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, pam_usb is a PAM module loaded into the host process (sudo, login, GDM, GNOME Shell). Display manage… | |||
| CVE-2026-47274 | medium | 6.3 | 6.3 | 9d ago | pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.0, multiple pam_usb helper tools resolved external binaries through the PATH environment variable rathe… | |||
| CVE-2026-2254 | medium | 6.3 | 6.3 | 10d ago | Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.6 and 11.0.0.0, including 9.3.x and 8.3.x, does not apply ACLs on certain API endpoints related to platform mail notficatio… | |||
| CVE-2026-9607 | medium | 6.3 | 6.3 | 10d ago | A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcel_list.php. Performing a manipulation of the argument s results … | |||
| CVE-2026-30498 | medium | 6.3 | 6.3 | 10d ago | A Cross-Site Request Forgery (CSRF) vulnerability was discovered in the delete.php endpoint of Jason2605 AdminPanel 4.0. | |||
| CVE-2026-9581 | medium | 6.3 | 6.3 | 10d ago | A vulnerability was identified in JeecgBoot up to 3.9.1. The impacted element is an unknown function of the file /sys/comment/add. Such manipulation leads to improper access controls. The attack can … | |||
| CVE-2026-9579 | medium | 6.3 | 6.3 | 10d ago | A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of the file /sys/user/login/setting/userEdit of the component SysUser. The manipulation of the argument u… | |||
| CVE-2026-27331 | medium | 6.3 | 6.3 | 10d ago | Missing Authorization vulnerability in Magepeople inc. WpTravelly allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WpTravelly: from n/a through 2.1.5. | |||
| CVE-2026-9565 | medium | 6.3 | 6.3 | 10d ago | A vulnerability was determined in haojing8312 WorkClaw up to 0.6.4. This affects the function is_dangerous of the file apps/runtime/src-tauri/src/agent/tools/bash.rs of the component Blacklist Handle… | |||
| CVE-2026-9542 | medium | 6.3 | 6.3 | 10d ago | A weakness has been identified in CodeAstro Leave Management System 1.0. The affected element is an unknown function of the file /admin/add_staff.php. Executing a manipulation of the argument email_i… | |||
| CVE-2026-9534 | medium | 6.3 | 6.3 | 10d ago | A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the arg… | |||
| CVE-2026-9533 | medium | 6.3 | 6.3 | 10d ago | A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a mani… | |||
| CVE-2026-9532 | medium | 6.3 | 6.3 | 10d ago | A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Su… | |||
| CVE-2026-9531 | medium | 6.3 | 6.3 | 11d ago | A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the arg… | |||
| CVE-2026-9524 | medium | 6.3 | 6.3 | 11d ago | A flaw has been found in xianrendzw EasyReport up to 2.0.17.0522_Beta. Affected by this issue is the function execute of the component REST Endpoint. Executing a manipulation of the argument reportPa… | |||
| CVE-2026-9515 | medium | 6.3 | 6.3 | 11d ago | A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUnloadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation… | |||
| CVE-2026-9514 | medium | 6.3 | 6.3 | 11d ago | A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. Impacted is the function setNetworkDiag of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. The manipulation … | |||
| CVE-2026-9513 | medium | 6.3 | 6.3 | 11d ago | A weakness has been identified in Totolink CA750-PoE 6.2c.510. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulat… | |||
| CVE-2026-9512 | medium | 6.3 | 6.3 | 11d ago | A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performin… | |||
| CVE-2026-42776 | medium | 6.3 | 6.3 | 11d ago | Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sunshine Photo Cart: from n/a throu… | |||
| CVE-2026-9511 | medium | 6.3 | 6.3 | 11d ago | A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argu… | |||
| CVE-2026-9498 | medium | 6.3 | 6.3 | 11d ago | A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument De… | |||
| CVE-2026-9497 | medium | 6.3 | 6.3 | 11d ago | A flaw has been found in changmingxie tcc-transaction up to 2.1.0. This issue affects the function Fastjson.parseObject of the component Fastjson AutoType REST API. This manipulation causes deseriali… | |||
| CVE-2026-9483 | medium | 6.3 | 6.3 | 11d ago | A vulnerability was found in SourceCodester Student Grades Management System 1.0. Affected is an unknown function of the file grades.php. Performing a manipulation of the argument student_id results … | |||
| CVE-2026-9484 | medium | 6.3 | 6.3 | 11d ago | A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected by this vulnerability is the function getClassroomStudents/removeStudentFromClassroom of the file class… | |||
| CVE-2026-9473 | medium | 6.3 | 6.3 | 11d ago | A vulnerability has been found in c-rick jimeng-mcp 1.10.0. Affected by this vulnerability is the function getFileContent/uploadCoverFile/generateImage/generateVideo of the file src/api.ts. The manip… | |||
| CVE-2026-9468 | medium | 6.3 | 6.3 | 11d ago | A security flaw has been discovered in dazeb cline-mcp-memory-bank up to 55c81b9cf6c16700983c84dc4cdea3cafa19a75f. The affected element is the function handleInitializeMemoryBank of the file src/inde… | |||
| CVE-2026-9472 | medium | 6.3 | 6.3 | 11d ago | A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a. Affected is the function download_markdown/list_downloaded_files/create_subdirectory of the file src… | |||
| CVE-2026-9451 | medium | 6.3 | 6.3 | 11d ago | A weakness has been identified in code-projects Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /process/applyleaveprocess.php. This manipulatio… | |||
| CVE-2026-9450 | medium | 6.3 | 6.3 | 11d ago | A security flaw has been discovered in code-projects Employee Management System 1.0. Affected is an unknown function of the file /psubmit.php. The manipulation of the argument pid results in sql inje… | |||
| CVE-2026-9449 | medium | 6.3 | 6.3 | 11d ago | A vulnerability was identified in code-projects Employee Management System 1.0. This impacts an unknown function of the file /changepassemp.php. The manipulation leads to sql injection. It is possibl… | |||
| CVE-2026-9445 | medium | 6.3 | 6.3 | 11d ago | A flaw has been found in SourceCodester Simple POS and Inventory System 1.0. Impacted is an unknown function of the file /admin/addproduct.php of the component File Extension Handler. This manipulati… | |||
| CVE-2026-9441 | medium | 6.3 | 6.3 | 11d ago | A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. Performing … | |||
| CVE-2026-9440 | medium | 6.3 | 6.3 | 11d ago | A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formAccept of the file /goform/formAccept of the component POST Request Handler. Such manipulat… | |||
| CVE-2026-9439 | medium | 6.3 | 6.3 | 11d ago | A vulnerability was determined in Edimax BR-6675nD 1.12. Affected is the function stainfo of the file /goform/stainfo. This manipulation of the argument interface causes command injection. It is poss… | |||
| CVE-2026-9437 | medium | 6.3 | 6.3 | 11d ago | A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The at… | |||
| CVE-2026-9424 | medium | 6.3 | 6.3 | 12d ago | A weakness has been identified in Edimax EW-7438RPn 1.31. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component Content-Type Handler. Executing a manipulatio… | |||
| CVE-2026-9420 | medium | 6.3 | 6.3 | 12d ago | A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to la… | |||
| CVE-2026-9412 | medium | 6.3 | 6.3 | 12d ago | A vulnerability was determined in SourceCodester Indian Invoicing System 1.0. Impacted is an unknown function of the component Backend Endpoint. Executing a manipulation can lead to improper access c… | |||
| CVE-2026-9411 | medium | 6.3 | 6.3 | 12d ago | A vulnerability was found in SourceCodester Indian Invoicing System 1.0. This issue affects some unknown processing of the file /Invoicing/IGST_Invoice.php of the component Invoice Generation Handler… | |||
| CVE-2026-9402 | medium | 6.3 | 6.3 | 12d ago | A vulnerability was found in Edimax BR-6675nD 1.12. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component POST Request Handler. The manipulation of the argum… | |||
| CVE-2026-9400 | medium | 6.3 | 6.3 | 12d ago | A flaw has been found in Edimax BR-6675nD 1.12. This issue affects the function formUSBStorage of the file /goform/formUSBStorage of the component POST Request Handler. Executing a manipulation of th… | |||
| CVE-2026-9379 | medium | 6.3 | 6.3 | 12d ago | A weakness has been identified in Edimax BR-6675nD 1.12. This impacts the function formWpsStart of the file /goform/formWpsStart of the component POST Request Handler. This manipulation of the argume… | |||
| CVE-2026-9378 | medium | 6.3 | 6.3 | 12d ago | A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument… | |||
| CVE-2026-9376 | medium | 6.3 | 6.3 | 12d ago | A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Execut… | |||
| CVE-2026-9374 | medium | 6.3 | 6.3 | 12d ago | A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a mani… | |||
| CVE-2026-9363 | medium | 6.3 | 6.3 | 12d ago | A vulnerability was detected in Edimax EW-7438RPn 1.12. This issue affects the function formEZCHNwlanSetup of the file /goform/formEZCHNwlanSetu of the component POST Request Handler. Performing a ma… | |||
| CVE-2026-9362 | medium | 6.3 | 6.3 | 12d ago | A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting … | |||
| CVE-2026-9361 | medium | 6.3 | 6.3 | 12d ago | A weakness has been identified in Edimax EW-7438RPn 1.12. This affects the function formAccept of the file /goform/formAccep of the component POST Request Handler. This manipulation of the argument s… | |||
| CVE-2026-9359 | medium | 6.3 | 6.3 | 13d ago | A vulnerability was identified in Edimax EW-7438RPn 1.28a. Affected by this vulnerability is the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulati… | |||
| CVE-2026-9347 | medium | 6.3 | 6.3 | 13d ago | A vulnerability has been found in Edimax EW-7438RPn up to 1.31. Affected is the function formWizSurvey of the file /goform/formWizSurvey of the component webs. The manipulation of the argument ip/mas… | |||
| CVE-2026-9343 | medium | 6.3 | 6.3 | 13d ago | A weakness has been identified in Edimax EW-7438RPn up to 1.31. The affected element is the function formWpsStart of the file /goform/formWpsStart of the component webs. This manipulation of the argu… | |||
| CVE-2026-9342 | medium | 6.3 | 6.3 | 13d ago | A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. Impacted is an unknown function of the file /admin/patients/view_history.php. The manipulation o… | |||
| CVE-2026-9305 | medium | 6.3 | 6.3 | 13d ago | A weakness has been identified in QuantumNous new-api up to 0.12.1. The impacted element is the function SearchUserTopUps/SearchAllTopUps of the file model/topup.go of the component self Endpoint. Th… | |||
| CVE-2026-9302 | medium | 6.3 | 6.3 | 13d ago | A vulnerability was determined in 546669204 vps-inventory-monitoring up to 98c00b370668c96ae75e91c15548d9ea113652d9. This issue affects the function eval of the file app/index/command/VpsTest.php of … | |||
| CVE-2026-9301 | medium | 6.3 | 6.3 | 13d ago | A vulnerability was found in omec-project amf up to 2.1.1. This vulnerability affects unknown code of the component NGReset Message Handler. Performing a manipulation results in memory corruption. Th… | |||
| CVE-2026-9300 | medium | 6.3 | 6.3 | 13d ago | A vulnerability has been found in omec-project amf up to 2.1.1. This affects an unknown part of the component NGSetupRequest Handler. Such manipulation leads to memory corruption. The attack can be e… | |||
| CVE-2026-9298 | medium | 6.3 | 6.3 | 13d ago | A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory… | |||
| CVE-2026-9297 | medium | 6.3 | 6.3 | 13d ago | A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of th… | |||
| CVE-2026-9299 | medium | 6.3 | 6.3 | 13d ago | A flaw has been found in omec-project amf up to 2.1.1. Affected by this issue is the function PDUSessionResourceModifyIndication of the file /go/src/amf/ngap/handler.go. This manipulation causes memo… | |||
| CVE-2026-9296 | medium | 6.3 | 6.3 | 13d ago | A weakness has been identified in Edimax BR-6428NS 1.10. This impacts the function system of the file /goform/formWlanM of the component POST Request Handler. Executing a manipulation of the argument… | |||
| CVE-2026-39828 | medium | 6.3 | 6.3 | 15d ago | When an SSH server authentication callback returned PartialSuccessError with non-nil Permissions, those permissions were silently discarded, potentially dropping certificate restrictions such as forc… | |||
| CVE-2026-1816 | medium | 6.3 | 6.3 | 15d ago | Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Application allows Brute Force. This issue affects Mobile Appli… | |||
| CVE-2026-20206 | medium | 6.3 | 6.3 | 16d ago | A vulnerability in the BrowserBot component of Cisco ThousandEyes Enterprise Agent could have allowed an authenticated, remote attacker to execute arbitrary commands on Agents on behalf of the Browse… | |||
| CVE-2026-43619 | medium | 6.3 | 6.3 | 17d ago | Rsync version 3.4.2 and prior contain symlink race condition vulnerabilities in path-based system calls including chmod, lchown, utimes, rename, unlink, mkdir, symlink, mknod, link, rmdir, and lstat … | |||
| CVE-2026-44408 | medium | 6.3 | 6.3 | 17d ago | There is an unauthorized access vulnerability in ZTE MU5250. Due to improper permission control of the Web interface, an unauthorized attacker can modify configuration through the interface. | |||
| CVE-2026-0964 | medium | 6.3 | 6.3 | 18d ago | Moderate: libssh security update | |||
| CVE-2026-45626 | medium | 6.3 | 6.3 | 18d ago | Arcane is an interface for managing Docker containers, images, networks, and volumes. In 1.18.1 and earlier, GET /environments/{id}/volumes/{volumeName}/browse accepts a path query parameter that is … | |||
| CVE-2026-8786 | medium | 6.3 | 6.3 | 19d ago | A vulnerability has been found in Tencent WeKnora up to 0.3.6. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the component… | |||
| CVE-2026-8777 | medium | 6.3 | 6.3 | 19d ago | A vulnerability was found in Edimax BR-6428NS 1.10. This issue affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. Performing a manipulatio… | |||
| CVE-2026-8774 | medium | 6.3 | 6.3 | 19d ago | A vulnerability was detected in Edimax BR-6228NC 1.22. Affected by this issue is the function mp of the file /goform/mp of the component POST Request Handler. The manipulation of the argument command… | |||
| CVE-2026-8754 | medium | 6.3 | 6.3 | 19d ago | AstrBot: File upload vulnerability in the function post_file of the file astrbot/dashboard/routes/chat.py | |||
| CVE-2026-8753 | medium | 6.3 | 6.3 | 19d ago | A security vulnerability has been detected in kalcaddle Kodbox up to 1.64. This issue affects the function parseVideoInfo of the file /workspace/source-code/plugins/fileThumb/lib/VideoResize.class.ph… | |||
| CVE-2026-8747 | medium | 6.3 | 6.3 | 19d ago | A weakness has been identified in Z-BlogPHP 1.7.4.3430. This affects the function CheckComment of the file zb_system/function/c_system_event.php of the component Commend Approval Handler. This manipu… | |||
| CVE-2026-8743 | medium | 6.3 | 6.3 | 19d ago | A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in … | |||
| CVE-2026-8740 | medium | 6.3 | 6.3 | 19d ago | A flaw has been found in Sanluan PublicCMS 5.202506.d. The impacted element is the function execute of the file publiccms-core/src/main/java/com/publiccms/views/directive/tools/TemplateResultDirectiv… |