CVE-2026-4908

A security flaw has been discovered in code-projects Simple Laundry System 1.0. This affects an unknown function of the file /modstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in sql injection. The attack may be performed from remote. The exploit...

EUVD-2026-16895

A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smfgxccacb/smfgyccacb/smfs6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitabilit...

EUVD-2026-16894

A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgifaddframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier ...

elecV2P 代码问题漏洞

elecV2P is a network request modification and scheduled task tool developed by the elecV2 individual developer. Versions of elecV2P 3.8.3 and earlier have code vulnerabilities. These vulnerabilities stem from improper handling of parameters req in the eAxios function within the component’s URL...

PT-2026-28713

Name of the Vulnerable Software and Affected Versions wandb OpenUI versions up to 1.0 Description A cross site scripting issue exists in the file frontend/public/annotator/index.html of the Window Message Event Handler component. This manipulation can be initiated remotely and the exploit has bee...

PT-2026-28730

Name of the Vulnerable Software and Affected Versions elecV2 elecV2P versions through 3.8.3 Description A server-side request forgery condition exists due to manipulation of the req argument within the eAxios function located in the /mock file of the URL Handler component. This allows for remote...

PT-2026-28716

Name of the Vulnerable Software and Affected Versions Sinaptik AI PandasAI versions up to 3.0.0 Description A code injection weakness exists in the Chat Message Handler component, specifically within the CodeExecutor.execute function of the pandasai/core/code execution/code executor.py file. This...

PT-2026-28732

Name of the Vulnerable Software and Affected Versions Simple Food Order System version 1.0 Description A flaw exists in Simple Food Order System 1.0 related to the handling of parameters. Specifically, manipulating the Name argument can lead to SQL injection. This issue affects an unknown functio...

PT-2026-28728

Name of the Vulnerable Software and Affected Versions elecV2 versions prior to 3.8.4 Description A path traversal issue exists due to the manipulation of the path.join function within the /log/ file of the Wildcard Handler component. This allows for remote exploitation. The project was notified o...

Code-Projects Simple Food Order System SQL注入漏洞

Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Simple Food Order System has a SQL injection vulnerability. This vulnerability stems from improper handling of parameters by the unknown function in...

PT-2026-28720

Name of the Vulnerable Software and Affected Versions PromtEngineer localGPT versions up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054 Description A flaw exists within PromtEngineer localGPT that allows for injection. The issue resides in the route using overviews function within the...

Code-Projects Simple Food Order System SQL注入漏洞

Code-Projects Simple Food Order System is a simple food ordering system developed by Code-Projects as open source. Version 1.0 of the Code-Projects Simple Food Order System has a SQL injection vulnerability. This vulnerability stems from an unknown function in the Component Parameter Handler’s fi...

elecV2P 路径遍历漏洞

elecV2P is a network request modification and scheduled task tool developed by the elecV2 individual developer. Versions of elecV2P 3.8.3 and earlier have a path traversal vulnerability. This vulnerability stems from the use of the path.join function in the Wildcard Handler component’s file/log/...

Linux Distros Unpatched Vulnerability : CVE-2026-4985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgifaddframe of the file src/cgif.c of the component GIF Imag...

Deadlock

Overview Affected versions of this package are vulnerable to Deadlock via the SCTP notification handler process. An attacker can cause the control plane to become unresponsive by sending specially crafted SCTP notifications to the N2 interface, resulting in service disruption for all subscribers...

Deadlock

Overview Affected versions of this package are vulnerable to Deadlock via the SCTP notification handler process. An attacker can cause the control plane to become unresponsive by sending specially crafted SCTP notifications to the N2 interface, resulting in service disruption for all subscribers...

CVE-2026-4902

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is n...

CVE-2026-4903

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. Th...

CVE-2026-4985

A vulnerability was identified in dloebl CGIF up to 0.5.2. This vulnerability affects the function cgifaddframe of the file src/cgif.c of the component GIF Image Handler. The manipulation of the argument width/height leads to integer overflow. The attack may be initiated remotely. The identifier ...

CVE-2026-4988

A security flaw has been discovered in Open5GS 2.7.6. This issue affects the function smfgxccacb/smfgyccacb/smfs6b of the component CCA Message Handler. The manipulation results in denial of service. The attack may be launched remotely. Attacks of this nature are highly complex. The exploitabilit...