Lucene search
K

765 matches found

Cvelist
Cvelist
added yesterday19 views

CVE-2026-14753 mjperpinosa stumasy Note Handler/Assignment notes authorization

A vulnerability was detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This impacts an unknown function of the file /PHP/objects/notes of the component Note Handler/Assignment Handler. Performing a manipulation of the argument assignmentitemid results in authorization...

7.5CVSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/18 6:42 p.m.6 views

CVE-2026-42488

Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache...

8.1CVSS5.8AI score0.00353EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/16 7:27 p.m.14 views

CVE-2026-46870

...

8.5CVSS0.00311EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.15 views

CVE-2026-11478

A flaw has been found in kokke tiny-regex-c up to f2632c6d9ed25272987471cdb8b70395c2460bdb. This vulnerability affects the function matchstar of the file re.c of the component Pattern Handler. This manipulation causes inefficient regular expression complexity. The attack is restricted to local...

4.8CVSS4.8AI score0.00113EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 2:0 a.m.24 views

CVE-2026-11478

CVE-2026-11478 affects kokke tiny-regex-c, specifically the Pattern Handler’s file re.c and its function matchstar. The issue is a manipulation that causes inefficient regular-expression complexity (a redos-like problem). The attack is local, and an exploit has been published and may be used. Ver...

4.8CVSS4.9AI score0.00113EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.23 views

PT-2026-45269

A vulnerability was detected in raisulislamg4 student management system by php up to 310d950e09013d5133c6b9210aff9444382d16d1. This issue affects some unknown processing of the file login check.php of the component Login. Performing a manipulation of the argument Username results in sql injection...

7.5CVSS6.9AI score0.00263EPSS
Exploits0References7
MariaDBUnix
MariaDBUnix
added 2026/05/30 1:59 a.m.13 views

CVE-2026-48163

Disclaimer: This data contains information about vulnerable...

5.7AI score0.00654EPSS
Exploits0
EUVD
EUVD
added 2026/05/25 3:0 p.m.15 views

EUVD-2026-31699

A security flaw has been discovered in dazeb cline-mcp-memory-bank up to 55c81b9cf6c16700983c84dc4cdea3cafa19a75f. The affected element is the function handleInitializeMemoryBank of the file src/index.ts. The manipulation of the argument projectPath results in path traversal. The attack may be...

6.5CVSS6.2AI score0.00337EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 11:15 a.m.13 views

EUVD-2026-31671

A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component SkillsLoader. Performing a manipulation of the argument requires.bins results in command injection. T...

7.5CVSS5.6AI score0.01385EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/05/25 12:0 a.m.15 views

PT-2026-43086

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRST NAME results in cross site scripting. The attack can be initiated remotely...

5.1CVSS4.3AI score0.00248EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/19 12:59 p.m.11 views

EUVD-2026-30930

Sparx Enterprise Architect software has a security feature that limits user's actions to those specified in the role. An authenticated attacker can modify the Enterprise Architect client behavior e.g. using a debugger and log in as any other user or administrator - then it is possible to do every...

8.7CVSS5.8AI score0.00598EPSS
Exploits2References4
NVD
NVD
added 2026/05/05 5:16 a.m.26 views

CVE-2026-7812

A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function gitoperation of the file src/codemcp/server.py of the component MCP Tool. Performing a manipulation of the argument operation results in command injection. The attack...

7.5CVSS0.01339EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/05/01 5:45 p.m.2 views

CVE-2026-7588

A vulnerability was found in ggerve coding-standards-mcp. This issue affects the function getstyleguide/getbestpractices of the file server.py. The manipulation of the argument Language results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and...

6.9CVSS5.8AI score0.00449EPSS
Exploits0References5
CVE
CVE
added 2026/04/28 3:15 a.m.15 views

CVE-2026-7220

The CVE-2026-7220 entry concerns jackwrichards FastlyMCP (fastly_cli Tool) up to commit 6f3d0b0e654fc51076badc7fa16c03c461f95620, affecting fastly-mcp.mjs. The vulnerability arises from manipulation of the command argument, enabling an OS command injection. It can be exploited remotely, and the e...

7.5CVSS5.3AI score0.01338EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.4 views

PT-2026-35652

A vulnerability has been found in jackwrichards FastlyMCP up to 6f3d0b0e654fc51076badc7fa16c03c461f95620. This impacts an unknown function of the file fastly-mcp.mjs of the component fastly cli Tool. The manipulation of the argument command leads to os command injection. It is possible to initiat...

7.5CVSS7AI score0.01338EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/26 11:15 p.m.7 views

EUVD-2026-25736

A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function execopenstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has...

7.5CVSS5.3AI score0.01338EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/20 2:0 a.m.30 views

CVE-2026-6595 ProjectsAndPrograms School Management System HTTP GET Parameter buslocation.php sql injection

A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of the component HTTP GET Parameter Handler. The manipulation of the argument busid leads to sql...

7.5CVSS0.00259EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/07 10:51 a.m.5 views

CVE-2026-5643

A vulnerability was identified in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This impacts an unknown function of the file /admin/Add%20notice/notice.php of the component Admin Add Endpoint. Such manipulation of the argument $SERVER'PHPSELF' leads to cross...

4.8CVSS4.3AI score0.00206EPSS
Exploits0References1
CNVD
CNVD
added 2026/03/19 12:0 a.m.5 views

WordPress Plugin Avada Core Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists in the WordPress plugin Avada Core, which stems fro...

6.5CVSS5.6AI score0.00129EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/20 12:0 a.m.22 views

PT-2026-21247

A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function deleteCache/removeAllCache/syncCache of the file datasetreposwarehousesrcmainjavacomyeqifusyscontrollerCacheController.java of the component Cache Sync Handler...

5.5CVSS5.2AI score0.0022EPSS
Exploits1References7
Rows per page
Query Builder