Lucene search
K

14551 matches found

EUVD
EUVD
added 6 hours ago4 views

EUVD-2026-43309

A vulnerability was identified in Shibby Tomato up to 1.28.0000. Affected by this vulnerability is the function main of the file www/apcupsd/tomatodata.cgi of the component apcupsd. Such manipulation leads to out-of-bounds write. The attack may be launched remotely. The exploit is publicly...

9CVSS6.7AI score
Exploits0References6
EUVD
EUVD
added 6 hours ago3 views

EUVD-2026-43296

A vulnerability was detected in SourceCodester Online Book Store System 1.0. The affected element is an unknown function of the file /admin/index.php of the component Administrative Interface. Performing a manipulation of the argument page results in improper control of filename for include/requi...

5.3CVSS5.9AI score
Exploits0References7
NVD
NVD
added 6 hours ago5 views

CVE-2026-15547

A weakness has been identified in Shibby Tomato up to 1.28.0000. This affects the function sub2D048 of the component CIFS Mount Handler. Executing a manipulation of the argument cifs1/cifs2 can lead to os command injection. The attack can be executed remotely. The exploit has been made available ...

6.5CVSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 11 hours ago8 views

CVE-2026-15532

A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...

4.8CVSS4.7AI score
Exploits0References6Affected Software1
EUVD
EUVD
added 12 hours ago4 views

EUVD-2026-43273

A vulnerability was found in lamaalrajih kicad-mcp up to 3.3.1. This issue affects some unknown processing of the file kicadmcp/utils/pathvalidator.py. Performing a manipulation of the argument projectpath/schematicpath results in protection mechanism failure. Attacking locally is a requirement...

4.8CVSS5.8AI score
Exploits0References6
EUVD
EUVD
added 13 hours ago5 views

EUVD-2026-43265

A weakness has been identified in CodeAstro Simple Online Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /SimpleOnlineLeave/admin/dashboard.php. This manipulation of the argument Name causes sql injection. The attack can be initiated remotely. The...

6.5CVSS6.5AI score
Exploits0References6
EUVD
EUVD
added 14 hours ago5 views

EUVD-2026-43264

A security flaw has been discovered in tugcantopaloglu godot-mcp 2.0.0. Affected by this vulnerability is the function validatePath of the file build/index.js of the component runproject. The manipulation of the argument projectPath results in path traversal. Attacking locally is a requirement. T...

5.3CVSS5.9AI score
Exploits0References8
CVE
CVE
added 14 hours ago9 views

CVE-2026-15521

The CVE applies to makafeli n8n-workflow-builder up to 0.11.0. Vulnerable is an unknown function in build/server.cjs (update_node_from_file); manipulating the filePath argument enables path traversal. Local attack required; exploit publicly available. Project was informed via issue report but has...

5.3CVSS5.7AI score
Exploits0References6
EUVD
EUVD
added 14 hours ago8 views

EUVD-2026-43262

A vulnerability was found in usestrix strix up to 1.0.2. This affects an unknown function of the file systemprompt.jinja of the component PyPI Handler. Performing a manipulation results in inclusion of functionality from untrusted control sphere. The attack is possible to be carried out remotely...

5.1CVSS5.4AI score
Exploits0References5
EUVD
EUVD
added 15 hours ago9 views

EUVD-2026-43253

A vulnerability was identified in pig-mesh Pig up to 3.9.2. Affected by this issue is some unknown functionality of the file \pig-master\pig-visual\pig-codegen\src\main\java\com\pig4cloud\pig\codegen\service\impl\GeneratorServiceImpl.java of the component pig-codegen. Such manipulation leads to...

6.5CVSS6.3AI score
Exploits0References6
CVE
CVE
added 15 hours ago10 views

CVE-2026-15516

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-15516 for affected versions, impact, and remediation.

6.3CVSS5.8AI score
Exploits0References6
CVE
CVE
added yesterday8 views

CVE-2026-15512

CVE-2026-15512 affects pig-mesh Pig up to 3.9.2. The issue lies in pig-codegen, specifically GeneratorServiceImpl.java, where certain manipulation leads to code injection. The vulnerability appears exploitable remotely, with a publicly available exploit. The vendor was contacted early but did not...

6.5CVSS6.3AI score
Exploits0References5
CVE
CVE
added yesterday10 views

CVE-2026-15510

Leantime up to 3.8.0 is affected by an improper authorization issue in API:Setting::saveSetting. The root cause is improper access control in the SaveSetting function, enabling a remote attack. Public exploit exists and could be used. The vulnerability impacts the API component and is rated with ...

6.5CVSS6.2AI score
Exploits0References5
CVE
CVE
added yesterday10 views

CVE-2026-15507

CVE-2026-15507 affects coollabsio Coolify up to version 4.1.1. The vulnerability is in the Policy Handler component, specifically an unknown function under /app/Policies/. Manipulation can cause missing authorization and enables remote exploitation; the exploit is public. No additional remediatio...

6.5CVSS6.4AI score
Exploits0References5
Cvelist
Cvelist
added yesterday22 views

CVE-2026-15507 coollabsio Coolify Policy Policies authorization

A vulnerability was detected in coollabsio Coolify up to 4.1.1. The impacted element is an unknown function of the file /app/Policies/ of the component Policy Handler. Performing a manipulation results in missing authorization. Remote exploitation of the attack is possible. The exploit is now...

6.5CVSS
Exploits0References5
EUVD
EUVD
added yesterday7 views

EUVD-2026-43222

A weakness has been identified in AstrBotDevs AstrBot up to 4.25.2. Affected by this vulnerability is the function getonlineplugins of the file astrbot/dashboard/routes/plugin.py of the component marketlist Endpoint. Executing a manipulation of the argument customregistry can lead to server-side...

6.5CVSS6.4AI score
Exploits0References6
EUVD
EUVD
added yesterday9 views

EUVD-2026-43218

A vulnerability was found in SonicCloudOrg sonic-agent up to 2.7.2. The impacted element is the function evalIsFailed of the file sonic-agent/src/main/java/org/cloud/sonic/agent/tests/script/GroovyScriptImpl.java of the component Groovy Script Handler. The manipulation results in os command...

6.5CVSS6.3AI score
Exploits0References5
EUVD
EUVD
added yesterday8 views

EUVD-2026-43211

A vulnerability was identified in RafyMrX TOKO-ONLINE-ROTI up to ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99. Affected by this vulnerability is an unknown functionality of the file proses/login.php. The manipulation of the argument Username leads to sql injection. Remote exploitation of the attack i...

7.5CVSS6.8AI score0.00304EPSS
Exploits0References4
CVE
CVE
added yesterday13 views

CVE-2026-15489

The CVE-2026-15489 entry describes a SQL injection in RafyMrX TOKO-ONLINE-ROTI (up to commit ddfe1cd587be0a0b5135d8b6e85cce2ec3aece99) via an input in the file proses/login.php where the Username argument is manipulated. The vulnerability is exploitable remotely, with a publicly available exploit...

7.5CVSS6.8AI score0.00304EPSS
Exploits0References4
EUVD
EUVD
added yesterday7 views

EUVD-2026-43204

A weakness has been identified in Aster Telecom Azcall 10/11. This issue affects some unknown processing of the file /azcall/adm/gestaoloja/sis.php?t=consultar of the component HTTP Handler. Executing a manipulation of the argument nome/perfil/status can lead to sql injection. The attack may be...

7.5CVSS5.9AI score0.00304EPSS
Exploits0References4
Rows per page
Query Builder