Lucene search
K

2325 matches found

EUVD
EUVD
added 2026/06/06 3:15 p.m.15 views

EUVD-2026-34970

A security vulnerability has been detected in Jinher OA 1.0. This affects an unknown function of the file nextselectplan.aspx. Such manipulation of the argument httpOID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor...

7.5CVSS7AI score0.00259EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-5839

A vulnerability was identified in PHPGurukul News Portal Project 4.1. This issue affects some unknown processing of the file /admin/add-subcategory.php. Such manipulation of the argument sucatdescription leads to sql injection. The attack may be launched remotely. The exploit is publicly availabl...

5.8CVSS5.5AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-10222

A security flaw has been discovered in NousResearch hermes-agent up to 2026.4.30. Affected by this issue is the function sanitizeenvlines of the file hermescli/config.py. The manipulation results in injection. It is possible to launch the attack remotely. The attack requires a high level of...

6.3CVSS5.5AI score0.00266EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.9 views

CVE-2026-10210

A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function sanitizepromptdescription of the file astrbot/core/skills/skillmanager.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and...

6.5CVSS6.1AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.18 views

CVE-2026-10223

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. This affects the function scanmemorycontent of the file tools/memorytool.py. This manipulation causes injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used f...

6.5CVSS6.2AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.10 views

CVE-2026-10661

A vulnerability has been found in ahujasid blender-mcp up to 7636d13bded82eca58eb93c3f4cd8708dfdfbe8b. Impacted is the function Open of the file src/blendermcp/server.py. The manipulation of the argument inputimageurl leads to injection. Remote exploitation of the attack is possible. The exploit...

5.3CVSS5AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:47 p.m.11 views

CVE-2026-6599

A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function getclientip/installmcpconfig of the file src/backend/base/langflow/api/v1/mcpprojects.py of the component Model Context Protocol Configuration API. Performing a manipulation of the argument...

6.5CVSS6.2AI score0.00232EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:43 p.m.9 views

CVE-2026-8097

A security flaw has been discovered in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /askquery.php. The manipulation of the argument squeryx results in sql injection. The attack may be performed from remote. The exploit has been released to the public and may...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.14 views

CVE-2026-5831

A security flaw has been discovered in Agions taskflow-ai up to 2.1.8. This impacts an unknown function of the file src/mcp/server/handlers.ts of the component terminalexecute. Performing a manipulation results in os command injection. The attack is possible to be carried out remotely. Upgrading ...

6.5CVSS6.1AI score0.0111EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:33 p.m.10 views

CVE-2026-9528

A vulnerability was identified in itsourcecode Electronic Judging System 1.0. Impacted is an unknown function of the file /admin/deletejudge.php. Such manipulation of the argument judgeid leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be...

7.5CVSS7.1AI score0.00319EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:32 p.m.9 views

CVE-2026-6164

A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a manipulation of the argument cata results in sql injection. The attack can be initiated remotely. The exploit has been released to the publi...

7.5CVSS7AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.12 views

CVE-2026-6189

A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=login. Such manipulation of the argument Username leads to sql injection. It is possible to launch the attack remotely. The exploit ha...

7.5CVSS7AI score0.00268EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:31 p.m.14 views

CVE-2026-6004

A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument catid results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and m...

7.5CVSS7.1AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.10 views

CVE-2026-7155

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass leads to os command injection. The attack may be initiated...

10CVSS7.4AI score0.01766EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:17 p.m.12 views

CVE-2026-6029

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument User results in os command injection. The attack may be launched remotely. Th...

10CVSS7.5AI score0.02981EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 12:31 a.m.11 views

EUVD-2026-34630

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

6AI score0.00211EPSS
Exploits0References3
NVD
NVD
added 2026/06/04 11:16 p.m.9 views

CVE-2026-10873

A vulnerability was determined in Shibby Tomato 1.28.0000. Impacted is the function rstatspath of the file /bin/rstats of the component Web UI. Executing a manipulation can lead to os command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be...

8.6CVSS0.02695EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.35 views

CVE-2026-11186

Inappropriate implementation in CSS in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted HTML page. Chromium security severity: Medium...

0.00159EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/04 11:5 p.m.35 views

CVE-2026-11169

Inappropriate implementation in XML in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via a crafted XML file. Chromium security severity: Medium...

0.00211EPSS
Exploits0References2
CVE
CVE
added 2026/06/04 11:5 p.m.22 views

CVE-2026-11122

CVE-2026-11122 affects Google Chrome (Chromium) before 149.0.7827.53. The issue is an Inappropriate implementation in Keyboard, enabling a remote attacker to inject arbitrary scripts/HTML (UXSS) via a crafted HTML page. Affected product/versions include Chrome/Chromium across platforms; Debian ad...

6.1CVSS6AI score0.00159EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder