Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40969 matches found

Positive Technologies
Positive Technologiesadded 2026/05/10 12:0 a.m.10 views

PT-2026-39440

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A remote denial of service can be triggered in the sm-policies endpoint. The issue exists within the pcf nbsf management handle register function located in the src/pcf/nbsf-handler.c file...

7.5CVSS6.1AI score0.00477EPSS
Exploits1References11
Positive Technologies
Positive Technologiesadded 2026/05/10 12:0 a.m.12 views

PT-2026-39456

A flaw has been found in Wavlink NU516U1 240425. The impacted element is the function sys login1 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. T...

6.5CVSS6.4AI score0.04944EPSS
Exploits1References5
Positive Technologies
Positive Technologiesadded 2026/05/10 12:0 a.m.6 views

PT-2026-39451

A vulnerability was identified in Open5GS up to 2.7.7. This affects the function pcf npcf smpolicycontrol handle delete of the file src/pcf/sm-sm.c of the component delete Endpoint. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit is publicly availabl...

6.9CVSS5.7AI score0.00487EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2026/05/10 12:0 a.m.9 views

PT-2026-39438

A vulnerability was detected in Devs Palace ERP Online up to 4.0.0. This affects an unknown function of the file /inventory/customer-save. The manipulation results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted ear...

4.8CVSS4.2AI score0.00202EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/09 10:15 p.m.5 views

CVE-2026-8211 codelibs Fess JSP File AdminDesignAction.java update code injection

A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/codelibs/fess/app/web/admin/design/AdminDesignAction.java of the component JSP File Handler. The manipulation of the argument content results in code injection. The attack may...

5.8CVSS5.6AI score0.00244EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/09 10:15 p.m.5 views

CVE-2026-8211

A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/codelibs/fess/app/web/admin/design/AdminDesignAction.java of the component JSP File Handler. The manipulation of the argument content results in code injection. The attack may...

5.8CVSS5.6AI score0.00244EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/05/09 9:32 p.m.8 views

EUVD-2026-28939

A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java of the component SVG File Handler. The manipulation results in cross site...

5.3CVSS4.2AI score0.00269EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/09 9:32 p.m.9 views

EUVD-2026-28920

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wlPass is directly passed by the attacker/so we can control the EncrypType/wlPass results in os...

6.5CVSS5.6AI score0.04844EPSS
Exploits1References5
EUVD
EUVDadded 2026/05/09 9:32 p.m.9 views

EUVD-2026-28919

A vulnerability was identified in Wavlink NU516U1 M16U1V240425. This affects the function wifiregion of the file /cgi-bin/adm.cgi. Such manipulation of the argument skiplist1/skiplist2 leads to os command injection. The attack can be launched remotely. The exploit is publicly available and might ...

6.5CVSS5.7AI score0.05344EPSS
Exploits1References5
EUVD
EUVDadded 2026/05/09 9:32 p.m.10 views

EUVD-2026-28921

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS5.5AI score0.00206EPSS
Exploits0References5
NVD
NVDadded 2026/05/09 9:16 p.m.53 views

CVE-2026-8196

A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java of the component mLogin Endpoint. This manipulation causes authorization bypass. The attack...

6.3CVSS0.00463EPSS
Exploits0References4
NVD
NVDadded 2026/05/09 8:16 p.m.15 views

CVE-2026-8195

A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java of the component SVG File Handler. The manipulation results in cross site...

5.3CVSS0.00269EPSS
Exploits0References4
CVE
CVEadded 2026/05/09 8:15 p.m.14 views

CVE-2026-8196

Summary: CVE-2026-8196 affects JeecgBoot 3.9.1, specifically the mLogin Endpoint. The vulnerability arises in the LoginController.java file under jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/, where an unspecified manipulation allows an authorization bypa...

6.3CVSS5.2AI score0.00463EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/09 8:15 p.m.57 views

CVE-2026-8196 JeecgBoot mLogin Endpoint LoginController.java authorization

A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java of the component mLogin Endpoint. This manipulation causes authorization bypass. The attack...

6.3CVSS0.00463EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/09 8:15 p.m.6 views

CVE-2026-8196

A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java of the component mLogin Endpoint. This manipulation causes authorization bypass. The attack...

6.3CVSS5.2AI score0.00463EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/09 8:15 p.m.7 views

CVE-2026-8196 JeecgBoot mLogin Endpoint LoginController.java authorization

A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java of the component mLogin Endpoint. This manipulation causes authorization bypass. The attack...

6.3CVSS5.2AI score0.00463EPSS
Exploits0References4
CVE
CVEadded 2026/05/09 8:0 p.m.17 views

CVE-2026-8195

CVE-2026-8195 affects JeecgBoot up to 3.9.1. The vulnerability is a cross-site scripting issue in the SVG File Handler component, specifically in jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java. The manipulation is remote and the exploi...

5.3CVSS4.2AI score0.00269EPSS
Exploits0References4
CVE
CVEadded 2026/05/09 6:45 p.m.15 views

CVE-2026-8193

CVE-2026-8193 affects Akaunting 3.1.21, specifically the Invoice PDF Rendering component’s dompdf.php file. The vulnerability arises from unknown processing in that file, enabling a remote attacker to manipulate inputs to achieve server-side request forgery (SSRF). Exploitation is indicated as po...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/09 6:45 p.m.7 views

CVE-2026-8193

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/09 6:45 p.m.32 views

CVE-2026-8193 Akaunting Invoice PDF Rendering dompdf.php server-side request forgery

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS0.00206EPSS
Exploits0References4
Rows per page
Query Builder