KeePassXC 代码问题漏洞

KeePassXC is an open-source cross-platform password manager. KeePassXC has code vulnerabilities, which stem from uncontrolled OpenSSL configuration paths, potentially leading to local privilege escalation...

PraisonAI 代码问题漏洞

PraisonAI is a low-code multi-agent collaboration framework developed by Mervin Praison. Versions of PraisonAI prior to 1.5.128 contained code vulnerabilities. These vulnerabilities stemmed from the webcrawl’s httpx backtracking path, which directly passed the user-provided URL to...

GeoNode 代码问题漏洞

GeoNode is an open-source platform that facilitates the creation, sharing, and collaborative use of geospatial data. Versions of GeoNode prior to 4.4.5 and 5.0.2 have code vulnerabilities due to insufficient validation of the docurl parameter, which may lead to server-side request forgeing attack...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.1.26 have code vulnerabilities. These vulnerabilities stem from incorrect operations on the src/agents/tools/web-fetch.ts file, which may lead to server-side request forgery attac...

Juniper Networks Junos OS EX/QFX 代码问题漏洞

Juniper Networks Junos OS EX/QFX is a type of switch produced by Juniper Networks. This product provides dedicated electrical signal pathways between any two network nodes that are connected as access switches. There were code-related vulnerabilities in versions of Juniper Networks Junos OS EX/QF...

Juniper Networks Junos OS SRX 代码问题漏洞

Juniper Networks Junos OS SRX is a network operating system specifically designed for hardware devices used by Juniper Networks. This operating system provides secure programming interfaces and the Junos SDK. There are code vulnerabilities in Juniper Networks Junos OS SRX, which stem from imprope...

OpenClaw 代码问题漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.25 had code vulnerabilities. These vulnerabilities stemmed from insufficient protection configurations for multiple channel extensions, which could lead to server-side request...

Sonicverse 代码问题漏洞

Sonicverse is an open-source, hosted real-time radio audio streaming solution developed by Sonicverse. There are code-related vulnerabilities in Sonicverse; these vulnerabilities stem from the API client accepting user-controlled URLs with insufficient validation. This could allow authenticated...

Red Hat Quay 代码问题漏洞

Red Hat Quay is a distributed container image repository provided by the American company Red Hat. It is primarily used for building, distributing, and deploying containers. Red Hat Quay has code-related vulnerabilities. These vulnerabilities arise from the possibility of tampering with the...

WordPress plugin MP3 Audio Player for Music, Radio & Podcast by Sonaar 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

LoLLMs 代码问题漏洞

LoLLMs is a large language and multimodal system personally developed by Saifeddine ALOUI. LoLLMs has code vulnerabilities; these vulnerabilities stem from an insufficient conversation expiration mechanism after password reset, which may allow attackers to maintain persistent access to compromise...

NVIDIA DALI 代码问题漏洞

NVIDIA DALI is a data loading and preprocessing library developed by NVIDIA Corporation in the United States. NVIDIA DALI has code-related vulnerabilities; these vulnerabilities stem from the possibility of deserializing unreliable data, which may lead to the execution of arbitrary code...

OpenAM 代码问题漏洞

OpenAM is an integrated access management solution developed by the OpenAM Consortium. It provides authentication, authorization, and federation features. Versions of OpenAM prior to 16.0.6 have code vulnerabilities due to an insecure Java deserialization issue with the jato.clientSession...

CVE-2026-5650

The CVE-2026-5650 entry concerns code-projects Online Application System for Admission 1.0. A vulnerability affects an unknown function within the file /enrollment/database/oas.sql, enabling manipulation that leads to insecure storage of sensitive information. The attack is described as remotely ...

Red Hat Enterprise Linux 10 代码问题漏洞

Red Hat Enterprise Linux 10 is a Linux operating system designed for enterprise users by the American company Red Hat. Red Hat Enterprise Linux 10 has code-related vulnerabilities, which stem from specially crafted malicious archive files. These vulnerabilities may lead to hidden file injections...

Student-Management-System 代码问题漏洞

Student-Management-System is an open-source student information management system developed by Cyber-III. Versions of Student-Management-System with the code ID 1a938fa61e9f735078e9b291d2e6215b4942af3f and earlier versions have code-related vulnerabilities. These vulnerabilities stem from incorre...

MCP Browser Agent 代码问题漏洞

The MCP Browser Agent is an AI proxy tool for browser automation and web interaction, developed by Iván Luna. Versions of the MCP Browser Agent prior to 0.8.0 have code vulnerabilities that stem from incorrect handling of parameters request.params.name and request.params.arguments, which may lead...

Brave CMS 代码问题漏洞

Brave CMS is a blog and news content management system developed by Razvan Zamfir, based on Laravel. Versions of Brave CMS prior to 2.0.6 had code vulnerabilities; these vulnerabilities stemmed from unrestricted file uploads via the CKEditor endpoint, which could lead to remote code execution...

Laravel File Manager 代码问题漏洞

Laravel File Manager is a file manager developed by Aleksandr Manekin. The Laravel File Manager v2.0.0-alpha7 and v2.0 versions have code vulnerabilities. These vulnerabilities stem from the possibility of arbitrary file uploads, which could allow authenticated attackers to upload malicious files...

SourceCodester Record Management System 代码问题漏洞

SourceCodester Record Management System is an open-source record management system developed by SourceCodester. Version 1.0 of the SourceCodester Record Management System has code-related vulnerabilities; these vulnerabilities stem from incorrect operations with the saveemp.php file, which may le...