40966 matches found
PublicCMS 安全漏洞
PublicCMS is an open-source content management system CMS developed by PublicCMS Company in China using the Java language. Version Sanluan PublicCMS 5.202506.d contains a security vulnerability. This vulnerability stems from the improper handling of the templateContent parameter in the execute...
PT-2026-41536
A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs sbi subscription data add/ogs sbi nf service add in the library /lib/sbi/context.c of the component NRF. Executing a manipulation can lead to denial of service. It is possible to launch the attack remotely. The...
PT-2026-41568
Name of the Vulnerable Software and Affected Versions adenhq hive versions prior to 0.11.0 Description A path traversal issue exists in the Delete Request Handler component. A remote attacker can perform a manipulation affecting the read events tail function within the core/framework/server/route...
PT-2026-41514
A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogs sbi discovery option parse plmn list in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument target-plmn-list leads to denial of service. The attack can be...
Metasoft MetaCRM 访问控制错误漏洞
Metasoft MetaCRM is a customer relationship management system software developed by Metasoft, a Chinese company. Versions of Metasoft MetaCRM 6.4.0 Beta06 and earlier contained a access control error vulnerability. This vulnerability stemmed from an improper handling of the File parameter by an...
PT-2026-41585
Name of the Vulnerable Software and Affected Versions Kilo-Org kilocode versions prior to 7.0.48 Description A path traversal issue exists in the File Diff API Endpoint within the Bun.file function of the packages/opencode/src/kilocode/review/worktree-diff.ts file. A remote attacker can trigger...
PT-2026-41590
A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java of the component Front-end WeChat API. Performing a manipulation results in sql injection. Remote...
Vercel AI SDK 资源管理错误漏洞
Vercel AI SDK is a JavaScript SDK provided by Vercel that supports the integration of large language models, streaming responses, and AI application development. Vercel AI SDK versions 3.0.97 and earlier contain a resource management vulnerability. This vulnerability stems from the functions...
PT-2026-41516
A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogs sbi nf instance set id in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfInstanceId can lead to denial of service. The attack may be performed from remote. The exploit has...
AstrBot 路径遍历漏洞
AstrBot is an open-source multi-platform LLM chatbot and development framework developed by AstrBot. Versions of AstrBot 4.23.5 and earlier contained a path traversal vulnerability. This vulnerability stemmed from the improper handling of the postfile function in the File Upload Handler component...
PT-2026-41569
Name of the Vulnerable Software and Affected Versions MetaCRM versions prior to 6.4.0 Beta06 Description An unrestricted file upload issue exists in the '/common/jsp/upload3.jsp' file. A remote attacker can exploit this by manipulating the File argument, allowing the upload of unauthorized files...
Open5GS 安全漏洞
Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.7 and earlier contain security vulnerabilities. These vulnerabilities stem from the ogstimeradd function in the nausf-handler.c file within the...
PT-2026-41538
A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation results in use after free. The attack can be launched remotely. The exploit has been released to the...
PT-2026-41519
A vulnerability was determined in Oinone Pamirs up to 7.2.0. Affected by this issue is the function RSQLToSQLNodeConnector.makeVariable of the component queryListByWrapper Interface. This manipulation causes sql injection. The attack can be initiated remotely. The exploit has been publicly...
PT-2026-41542
Name of the Vulnerable Software and Affected Versions h2oai h2o-3 versions prior to 7402 Description A weakness in the Rapids setproperty Primitive Handler allows remote attackers to bypass access controls. The issue resides in the exec function within the file...
PT-2026-41566
Name of the Vulnerable Software and Affected Versions fishaudio Bert-VITS2 versions prior to 8f7fbd8c4770965225d258db548da27dc8dd934c Description A path traversal flaw exists in the Model Handler component, specifically within the get all models function of the hiyoriUI.py file. This issue allows...
PT-2026-41591
A weakness has been identified in linlinjava litemall up to 1.8.0. Affected is an unknown function of the component Admin Endpoint. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for...
PT-2026-41567
Name of the Vulnerable Software and Affected Versions fishaudio Bert-VITS2 versions up to 8f7fbd8c4770965225d258db548da27dc8dd934c Description A path traversal issue exists in the Gradio Interface component. A remote attacker can manipulate the data dir argument within the generate config functio...
PT-2026-41525
A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigComponent.java. The manipulation of the argument privatefile key results in use of hard-coded...
SUSE CVE-2026-8582
Object lifecycle issue in Dawn in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: Medium...