Lucene search
K

41707 matches found

CVE
CVE
added 1 hour ago4 views

CVE-2026-15544

A vulnerability was determined in Shibby Tomato up to 1.28.0000. Affected is the function getupsvar of the file www/apcupsd/tomatodata.cgi of the component apcupsd. This manipulation of the argument Field causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has be...

9CVSS7.4AI score
Exploits0References5
CVE
CVE
added 2 hours ago4 views

CVE-2026-15541

A flaw has been found in will-moss Isaiah up to 1.36.9. The impacted element is the function Server.Handle of the file app/server/server/server.go of the component Master Websocket Handler. Executing a manipulation of the argument Agent can lead to missing authorization. It is possible to launch...

7.5CVSS6.6AI score
Exploits0References7
CVE
CVE
added 3 hours ago6 views

CVE-2026-15539

SourceCodester Online Book Store System 1.0 is affected by a vulnerability in the Book Image Upload Feature (admin/index.php?page=books) that allows unrestricted file upload. The issue enables remote attacker manipulation leading to unrestricted upload, as disclosed publicly. No remediation detai...

5.8CVSS5.7AI score
Exploits0References6
CVE
CVE
added 4 hours ago6 views

CVE-2026-15535

The CVE concerns AkariAsai self-rag’s retrieval_lm component. Affected code: file retrieval_lm/src/index.py, function Indexer.deserialize_from, where manipulating the argument index_meta.faiss can trigger deserialization. This may be exploitable remotely; public exploit details exist. No specific...

6.5CVSS6.4AI score
Exploits0References7
CVE
CVE
added 4 hours ago6 views

CVE-2026-15532

SourceCodester Online Book Store System 1.0 is affected by a cross site scripting (XSS) vulnerability in the User Management Module. The issue arises from manipulation of the Name/Username argument, enabling an attacker to inject script. The vulnerability is remote-exploitable and has a publicly ...

4.8CVSS4.7AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 hours ago7 views

CVE-2026-15532

A vulnerability was identified in SourceCodester Online Book Store System 1.0. This issue affects some unknown processing of the component User Management Module. Such manipulation of the argument Name/Username leads to cross site scripting. The attack can be executed remotely. The exploit is...

4.8CVSS4.7AI score
Exploits0References6Affected Software1
CVE
CVE
added 5 hours ago5 views

CVE-2026-15530

WuzhiCMS

6.9CVSS5.8AI score
Exploits0References6
EUVD
EUVD
added 5 hours ago4 views

EUVD-2026-43276

A flaw has been found in WuzhiCMS up to 4.1.0. Affected by this vulnerability is the function config/listimage of the file /index.php?m=attachment&f=index&v=upload of the component Attachment API. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. Th...

6.9CVSS5.8AI score
Exploits0References6
CVE
CVE
added 5 hours ago8 views

CVE-2026-15529

The vulnerability affects yzhao062 pyod versions 3.5.0, 3.5.1, and 3.5.2, specifically the function pyod.utils.persistence.load in pyod/utils/persistence.py. A path argument manipulation leads to deserialization, and the issue can be triggered remotely. The connected documents mention a pull requ...

6.5CVSS6.5AI score
Exploits0References7
CVE
CVE
added 7 hours ago9 views

CVE-2026-15523

CVE-2026-15523 affects CodeAstro Simple Online Leave Management System 1.0. The vulnerability is in the /SimpleOnlineLeave/admin/dashboard.php file, where manipulation of the Name argument enables SQL injection. The issue can be triggered remotely and a public exploit is available. The supplied s...

6.5CVSS6.5AI score
Exploits0References6
EUVD
EUVD
added 7 hours ago4 views

EUVD-2026-43265

A weakness has been identified in CodeAstro Simple Online Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /SimpleOnlineLeave/admin/dashboard.php. This manipulation of the argument Name causes sql injection. The attack can be initiated remotely. The...

6.5CVSS6.5AI score
Exploits0References6
CVE
CVE
added 8 hours ago15 views

CVE-2026-15518

AREA 17 Twill CMS

5.8CVSS5.7AI score
Exploits0References5
EUVD
EUVD
added 8 hours ago8 views

EUVD-2026-43252

A vulnerability was determined in Comfast CF-WR631AX V3 up to 2.7.0.8. Affected by this vulnerability is the function systemwluploadpicfile of the file /usr/bin/webmgnt of the component FastCGI Backend. This manipulation of the argument filename causes os command injection. It is possible to...

10CVSS6.7AI score
Exploits0References6
EUVD
EUVD
added 8 hours ago8 views

EUVD-2026-43253

A vulnerability was identified in pig-mesh Pig up to 3.9.2. Affected by this issue is some unknown functionality of the file \pig-master\pig-visual\pig-codegen\src\main\java\com\pig4cloud\pig\codegen\service\impl\GeneratorServiceImpl.java of the component pig-codegen. Such manipulation leads to...

6.5CVSS6.3AI score
Exploits0References6
EUVD
EUVD
added 8 hours ago6 views

EUVD-2026-43249

A flaw has been found in Helicone ai-gateway up to 0.2.0-beta.30. This affects the function buildtargeturl of the file ai-gateway/src/dispatcher/service.rs of the component AWS Metadata Service. Executing a manipulation of the argument extractedpathandquery can lead to server-side request forgery...

6.5CVSS6.3AI score
Exploits0References6
CVE
CVE
added 9 hours ago9 views

CVE-2026-15516

Technical details are not publicly available in the provided documents. Monitor for updates on CVE-2026-15516 for affected versions, impact, and remediation.

6.3CVSS5.8AI score
Exploits0References6
EUVD
EUVD
added 9 hours ago3 views

EUVD-2026-43258

A vulnerability was detected in MacCMS Pro up to 2022.1000.3005. Impacted is the function step5 of the file application/install/controller/Index.php of the component Installation Module. The manipulation results in authorization bypass. The attack may be launched remotely. The attack requires a...

6.3CVSS5.8AI score
Exploits0References6
CVE
CVE
added yesterday8 views

CVE-2026-15512

CVE-2026-15512 affects pig-mesh Pig up to 3.9.2. The issue lies in pig-codegen, specifically GeneratorServiceImpl.java, where certain manipulation leads to code injection. The vulnerability appears exploitable remotely, with a publicly available exploit. The vendor was contacted early but did not...

6.5CVSS6.3AI score
Exploits0References5
CVE
CVE
added yesterday10 views

CVE-2026-15510

Leantime up to 3.8.0 is affected by an improper authorization issue in API:Setting::saveSetting. The root cause is improper access control in the SaveSetting function, enabling a remote attack. Public exploit exists and could be used. The vulnerability impacts the API component and is rated with ...

6.5CVSS6.2AI score
Exploits0References5
CVE
CVE
added yesterday13 views

CVE-2026-15509

Leantime up to 3.8.0 is affected by a vulnerability in the JSON-RPC Endpoint functions editUser/addUser where manipulating the role argument leads to improper authorization. The issue is exploitable remotely and has been publicly disclosed; vendor response was not provided. Affected impact includ...

6.5CVSS6.2AI score
Exploits0References5
Rows per page
Query Builder