Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

19038 matches found

NVD
NVDadded 2026/02/07 7:15 a.m.4 views

CVE-2026-2076

A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this vulnerability is the function addUser/updateUser/deleteUser of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component User...

8.8CVSS0.00111EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/02/07 6:32 a.m.31 views

CVE-2026-2076 yeqifu warehouse User Management Endpoint UserController.java deleteUser improper authorization

A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this vulnerability is the function addUser/updateUser/deleteUser of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component User...

6.5CVSS0.00111EPSS
Exploits1References6
EUVD
EUVDadded 2026/02/07 6:32 a.m.5 views

EUVD-2026-5747

A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this vulnerability is the function addUser/updateUser/deleteUser of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\UserController.java of the component User...

6.5CVSS5.2AI score0.00111EPSS
Exploits1References6
OSV
OSVadded 2026/02/07 6:16 a.m.2 views

CVE-2026-2075

A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...

8.8CVSS5.4AI score0.00047EPSS
Exploits1References6
Vulnrichment
Vulnrichmentadded 2026/02/07 5:2 a.m.3 views

CVE-2026-2075 yeqifu warehouse Role-Permission Binding RoleController.java saveRolePermission access control

A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...

6.5CVSS5.2AI score0.00047EPSS
Exploits1References6
EUVD
EUVDadded 2026/02/07 5:2 a.m.5 views

EUVD-2026-5748

A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...

6.5CVSS5.1AI score0.00047EPSS
Exploits1References6
Cvelist
Cvelistadded 2026/02/07 5:2 a.m.29 views

CVE-2026-2075 yeqifu warehouse Role-Permission Binding RoleController.java saveRolePermission access control

A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\com\yeqifu\sys\controller\RoleController.java of the component Role-Permission Binding Handler. The...

6.5CVSS0.00047EPSS
Exploits1References6
SUSE CVE
SUSE CVEadded 2026/02/07 12:26 a.m.1 views

SUSE CVE-2026-1580

A security issue was discovered in ingress-nginx where the nginx.ingress.kubernetes.io/auth-method Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to t...

8.8CVSS6.3AI score0.0006EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/02/07 12:24 a.m.1 views

SUSE CVE-2026-24470

Skipper is an HTTP router and reverse proxy for service composition. Prior to version 0.24.0, when running Skipper as an Ingress controller, users with permissions to create an Ingress and a Service of type ExternalName can create routes that enable them to use Skipper's network access to reach...

8.1CVSS5.3AI score0.00044EPSS
Exploits0References3
SUSE CVE
SUSE CVEadded 2026/02/07 12:24 a.m.9 views

SUSE CVE-2026-24514

A security issue was discovered in ingress-nginx where the validating admission controller feature is subject to a denial of service condition. By sending large requests to the validating admission controller, an attacker can cause memory consumption, which may result in the ingress-nginx...

6.5CVSS5.4AI score0.0004EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/02/07 12:0 a.m.5 views

PT-2026-6883

Name of the Vulnerable Software and Affected Versions yeqifu warehouse affected versions not specified Description A security issue exists in yeqifu warehouse related to improper authorization. The issue is present in the addRole, updateRole, and deleteRole functions within the RoleController.jav...

6.5CVSS5.3AI score0.00111EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2026/02/07 12:0 a.m.6 views

PT-2026-6897

Name of the Vulnerable Software and Affected Versions yeqifu warehouse affected versions not specified Description A flaw exists that can lead to improper authorization. The issue affects the addMenu, updateMenu, and deleteMenu functions within the MenuController.java file located in the...

6.5CVSS5.3AI score0.00111EPSS
Exploits1References8
CNNVD
CNNVDadded 2026/02/07 12:0 a.m.4 views

warehouse 授权问题漏洞

Warehouse is a small-scale warehouse logistics management system developed by Yeqifu’s individual developer, based on Spring Boot. There are authorization issues in Warehouse; these issues stem from incorrect operations in the Department Management component, specifically in the file...

8.8CVSS6.6AI score0.00111EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2026/02/07 12:0 a.m.7 views

PT-2026-6910

Name of the Vulnerable Software and Affected Versions SourceCodester Online Class Record System version 1.0 Description A flaw exists in SourceCodester Online Class Record System 1.0 that allows for SQL injection. The issue is located in the file /admin/subject/controller.php. Manipulating the ID...

9.8CVSS5.4AI score0.00048EPSS
Exploits0References10
CNNVD
CNNVDadded 2026/02/07 12:0 a.m.3 views

SourceCodester Online Class Record System SQL注入漏洞

The SourceCodester Online Class Record System is an open-source online classroom recording system developed by SourceCodester. Version 1.0 of the SourceCodester Online Class Record System has a SQL injection vulnerability. This vulnerability arises from incorrect handling of the parameter ID in t...

9.8CVSS7.2AI score0.00048EPSS
Exploits0References6
Snyk
Snykadded 2026/02/06 11:7 p.m.1 views

Authorization Bypass Through User-Controlled Key

Overview Affected versions of this package are vulnerable to Authorization Bypass Through User-Controlled Key via the orderscontroller parameter. An attacker can access sensitive personal information of guest users, such as names, addresses, and phone numbers, by supplying a valid order ID for a...

8.7CVSS5.6AI score0.00035EPSS
Exploits1References2
OSV
OSVadded 2026/02/06 1:15 p.m.2 views

CVE-2026-2018

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

9.8CVSS5.7AI score0.0005EPSS
Exploits1References5
NVD
NVDadded 2026/02/06 1:15 p.m.4 views

CVE-2026-2018

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

9.8CVSS0.0005EPSS
Exploits1References5
CVE
CVEadded 2026/02/06 12:2 p.m.8 views

CVE-2026-2018

The CVE affects itsourcecode School Management System 1.0. The weakness is in /ramonsys/settings/controller.php where manipulation of the ID argument triggers SQL injection, with remote exploitation possible and an exploit published. Multiple sources corroborate: Red Hat and CVE records describe ...

9.8CVSS7.2AI score0.0005EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/02/06 12:2 p.m.29 views

CVE-2026-2018 itsourcecode School Management System controller.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

7.5CVSS0.0005EPSS
Exploits1References5
Rows per page
Query Builder