eMPIA AVACAST 代码问题漏洞

eMPIA AVACAST is a USB video capture and encoding device developed by eMPIA in Taiwan, China. eMPIA AVACAST has a code vulnerability that stems from an unreferenced service path. This vulnerability could allow privileged local attackers to place malicious executable files in specific directories...

CVE-2026-7196

A security vulnerability has been detected in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /guestdetails. Such manipulation of the argument deleteid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be...

MCP Chat Studio 代码问题漏洞

MCP Chat Studio is a testing and development platform for MCP servers, developed by JoeCastrom. Versions of MCP Chat Studio 1.5.0 and earlier contained code vulnerabilities. These vulnerabilities stemmed from unknown functions in the LLM Models API component file server/routes/llm.js, which...

Pagekit 代码问题漏洞

Pagekit is a modular and lightweight CMS Content Management System developed under open source. Versions of Pagekit 1.0.18 and earlier have code vulnerabilities. These vulnerabilities stem from improper handling of parameters in the files/index.php/admin/system/update/download, which may lead to...

@netlify/agent-runner-cli (>=1.83.1 <=1.94.0-netlifydb.4), feishu-claude-bot (=0.1.0) +1 more potentially affected by CVE-2026-40068 via @anthropic-ai/claude-code (>=2.1.63 <=2.1.81)

@anthropic-ai/claude-code NPM version =2.1.63, =1.83.1, =1.2.2, =1.2.3 Source cves: CVE-2026-40068 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-16301567...

PowerDNS Recursor（pdns_recursor） 代码问题漏洞

PowerDNS Recursor pdnsrecursor is a domain name resolution server developed by the Dutch company PowerDNS. There is a code vulnerability in PowerDNS Recursor, which stems from the ability for attackers to send responses that lead to null pointer dereferencing. Due to lack of consistency checks,...

UNIX Symbolic Link (Symlink) Following

Overview @anthropic-ai/claude-code is an Use Claude, Anthropic's AI assistant, right from your terminal. Claude can understand your codebase, edit files, run terminal commands, and handle entire workflows for you. Affected versions of this package are vulnerable to UNIX Symbolic Link Symlink...

1shot (>=0.0.1 <=0.0.2), @4via6/relay (=1.2.0) +170 more potentially affected by CVE-2026-39861 via @anthropic-ai/claude-code (>=2.0.0 <=2.1.63)

@anthropic-ai/claude-code NPM version =2.0.0, =0.0.1, =2.1.0, =0.0.0-dev-20260312143810, =1.5.6, =0.2.5, =4.10.0, =2.1.2, =0.3.0, =0.3.3, =0.3.0, =0.2.0, =0.3.5 and more Source cves: CVE-2026-39861 Source advisory: SNYK:JS-ANTHROPICAICLAUDECODE-16191021...

WWBN AVideo 代码问题漏洞

WWBN AVideo is a video platform building system developed by the WWBN team using PHP. Versions of WWBN AVideo prior to 29.0 contained code vulnerabilities. These vulnerabilities stemmed from the isSSRFSafeURL function in objects/functions.php, which had a short-circuit syntax within the same...

mirai-exploit

Vulnerability Details CVE ID: CVE-2026-22812 Affe...

PraisonAI Code Issue Vulnerability

PraisonAI is a low-code multi-intelligent body collaboration framework. PraisonAI suffers from a code issue vulnerability that stems from the FileTools.downloadfile function validating the target path but not validating the url parameter, which can be exploited by an attacker to cause the attacke...

Microsoft Windows Redirected Drive Buffering 代码问题漏洞

Microsoft Windows Redirected Drive Buffering is a core network file system component of the American company Microsoft, providing support and buffering management for various network micro-redirector drivers, such as the SMB protocol. There are code-related vulnerabilities in Microsoft Windows...

Exploit for SQL Injection in Devcode Openstamanager

CVE-2025-69215: OpenSTAManager has an SQL Injection in the Sta...

EmoCheck 代码问题漏洞

EmoCheck is an open-source detection tool for Emotet malware developed by the JPCERT Coordination Center. EmoCheck has a code vulnerability that stems from insecure loading of dynamic link libraries, which may allow arbitrary code to be executed...

exploit-code-management

Viết code python deploy 1 web với các yêu cấu sau - Thực hiện co...

pyLoad 代码问题漏洞

pyLoad is an open-source download manager written in Python. Versions of pyLoad 0.5.0b3.dev96 and earlier have code vulnerabilities. These vulnerabilities stem from the parseurls API function’s lack of URL validation and protocol restrictions, which may allow authenticated users to access interna...

Technostrobe HI-LED-WR120-G2 代码问题漏洞

Technostrobe HI-LED-WR120-G2 is a high-brightness industrial strobe lighting device from the Canadian company Technostrobe. The version 5.5.0.1R6.03.30 of Technostrobe HI-LED-WR120-G2 contains a code vulnerability. This vulnerability stems from incorrect handling of the cwd parameter in the file...

CampCodes Complete Online Learning Management System 代码问题漏洞

CampCodes Complete Online Learning Management System is an online learning system developed by the Philippine company CampCodes. Version 1.0 of the Campcodes Complete Online Learning Management System has a code vulnerability. This vulnerability stems from improper upload restrictions in the...

PraisonAI 安全漏洞

PraisonAI is a low-code multi-intelligent body collaboration framework. PraisonAI suffers from a security vulnerability that stems from the fact that the three-layer sandboxing of the executecode function can be completely bypassed, which can be exploited by an attacker to cause the execution of...

OpenSTAManager 代码问题漏洞

OpenSTAManager is an open-source management software developed by Devcode, used for technical assistance and billing purposes. Versions of OpenSTAManager prior to 2.10.2 contained code vulnerabilities. These vulnerabilities stemmed from the oauth2.php file being an unvalidated endpoint. Attackers...