80 matches found
CVE-2026-6118
creationtimestamp| type| source ---|---|--- 2026-04-12 06:55:10+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjbrghufuw2z 2026-04-12 17:43:58+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2026/CVE-2026-6118.yaml 2026-04-15...
CVE-2026-6118 AstrBotDevs AstrBot MCP Endpoint tools.py add_mcp_server command injection
A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function addmcpserver of the file astrbot/dashboard/routes/tools.py of the component MCP Endpoint. This manipulation of the argument command causes command injection. The attack is possible to be carried out...
CVE-2026-20435
In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:...
CVE-2026-20435
In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:...
CVE-2026-20435
In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID:...
Debian: Security Advisory (DSA-6118-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Google Chrome < 66.0.3359.139 Vulnerability
The version of Google Chrome installed on the remote macOS host is prior to 66.0.3359.139. It is, therefore, affected by a vulnerability as referenced in the 201804stable-channel-update-for-desktop26 advisory. - A double-eviction in the Incognito mode cache that lead to a user-after-free in cache...
ECHO-2F7E-552C-6118
Bulletin has no description...
CVE-2025-6118
A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been rated as critical. This issue affects some unknown processing of the file /vehicle/search of the component API. The manipulation of the argument vehicleTypeCode leads to sql injection. The attack may be initiate...
CVE-2025-6118
creationtimestamp| type| source ---|---|--- 2025-06-16 11:31:49+00:00| published-proof-of-concept| Telegram/oLOy7--VJbipyW7S8irCLBIPInj4HgPeGijKKEWPe48acU 2025-06-16 11:40:02+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18444...
CVE-2025-6118
A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been rated as critical. This issue affects some unknown processing of the file /vehicle/search of the component API. The manipulation of the argument vehicleTypeCode leads to sql injection. The attack may be initiate...
CVE-2025-6118
A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been rated as critical. This issue affects some unknown processing of the file /vehicle/search of the component API. The manipulation of the argument vehicleTypeCode leads to sql injection. The attack may be initiate...
CVE-2025-6118
CVE-2025-6118 affects Das Parking Management System 6.2.0, specifically the /vehicle/search API where manipulating the vehicleTypeCode parameter leads to a SQL injection. Reported as remotely exploitable with public disclosure. Several connected sources confirm the vulnerability in the API path a...
CVE-2025-6118 Das Parking Management System 停车场管理系统 API search sql injection
A vulnerability was found in Das Parking Management System 停车场管理系统 6.2.0. It has been rated as critical. This issue affects some unknown processing of the file /vehicle/search of the component API. The manipulation of the argument vehicleTypeCode leads to sql injection. The attack may be initiate...
CVE-2023-30013
TOTOLINK X5000R V9.1.0u.6118B20201102 and V9.1.0u.6369B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter...
CVE-2023-6118
Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1...
CVE-2024-6118
creationtimestamp| type| source ---|---|--- 2024-08-05 08:03:07+00:00| seen| https://t.me/cvedetector/2429...
CVE-2024-6118 Hamastar MeetingHub Paperless Meetings - Plaintext Storage of a Password
A Plaintext Storage of a Password vulnerability in ebooknote function in Hamastar MeetingHub Paperless Meetings 2021 allows remote attackers to obtain the other users’ credentials and gain access to the product via an XML file...
CVE-2023-6118
Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal. This issue affects IP Camera: before b1130.1.0.1...
CVE-2023-6118
Path Traversal: '/../filedir' vulnerability in Neutron IP Camera allows Absolute Path Traversal.This issue affects IP Camera: before b1130.1.0.1...