PT-2026-21248

Name of the Vulnerable Software and Affected Versions detronetdip E-commerce version 1.0.0 Description A security flaw exists in detronetdip E-commerce 1.0.0, specifically within the Delete/Update function of the Product Management Module. Manipulation of the ID argument can lead to authorization...

F5 BIG-IP AFM 代码问题漏洞

F5 BIG-IP AFM is a high-level firewall product developed by F5 Corporation in the United States, designed to protect against DDoS attacks. There is a code vulnerability in F5 BIG-IP AFM, where unacknowledged traffic may lead to TMM termination...

PT-2026-6711

Name of the Vulnerable Software and Affected Versions AMS module affected versions not specified Description A permission control issue exists within the AMS module. Successful exploitation of this issue may impact system availability. Recommendations At the moment, there is no information about ...

Tanium Deploy 安全漏洞

Tanium Deploy is a software management module developed by the American company Tanium. Tanium Deploy has a security vulnerability, which stems from improper access control...

Tanium Deploy 安全漏洞

Tanium Deploy is a software management module developed by the American company Tanium. Tanium Deploy has a security vulnerability, which stems from improper input validation...

EUVD-2025-206518

FluentCMS 2026 contains a stored cross-site scripting vulnerability that allows authenticated administrators to upload SVG files with embedded JavaScript via the File Management module. Attackers can upload malicious SVG files that execute JavaScript in the browser of any user accessing the...

PT-2026-5331

FluentCMS 2026 contains a stored cross-site scripting vulnerability that allows authenticated administrators to upload SVG files with embedded JavaScript via the File Management module. Attackers can upload malicious SVG files that execute JavaScript in the browser of any user accessing the...

FluentCMS cross-site scripting vulnerabilities

FluentCMS is an open-source content management system developed by FluentCMS. Version 2026 of FluentCMS has a cross-site scripting vulnerability. This vulnerability arises because authenticated administrators can upload SVG files embedded with JavaScript through the file management module,...

Huawei HarmonyOS Thermal Management Module Multi-threaded Conditional Competition Vulnerability

Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A multi-threaded conditional contention vulnerability exists in the Huawei HarmonyOS thermal management module, which can be exploited by an attacker to caus...

EUVD-2026-3129

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064 bastillion-io Bastillion System Management SystemKtrl.java command injection

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064 bastillion-io Bastillion System Management SystemKtrl.java command injection

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

CVE-2026-1064

Summary of CVE-2026-1064 (bastillion-io Bastillion) Affects Bastillion up to version 4.0.1 in the System Management Module, specifically the SystemKtrl.java component. The vulnerability arises from a manipulation of the file path src/main/java/io/bastillion/manage/control/SystemKtrl.java, leading...

PT-2026-3371

A vulnerability was found in bastillion-io Bastillion up to 4.0.1. This issue affects some unknown processing of the file src/main/java/io/bastillion/manage/control/SystemKtrl.java of the component System Management Module. Performing a manipulation results in command injection. The attack can be...

Bastillion command injection vulnerability

Bastillion is an open-source key management tool developed by bastillion-io. Versions of Bastillion 4.0.1 and earlier contained a command injection vulnerability. This vulnerability stemmed from incorrect operations on the System Management Module component in the file...

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

CVE-2025-68969

Multi-thread race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability...

CVE-2025-70892

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...

EUVD-2026-2701

Phpgurukul Cyber Cafe Management System v1.0 contains a SQL Injection vulnerability in the user management module. The application fails to properly validate user-supplied input in the username parameter of the add-users.php endpoint...