EUVD-2026-31782

A vulnerability was detected in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2. Affected by this vulnerability is an unknown functionality of the file /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree. Performing a manipulation of the argument...

Delta Electronics DIAView 安全漏洞

Delta Electronics DIAView is an industrial configuration software developed by Delta Electronics in China. Delta Electronics DIAView has a security vulnerability, which stems from the possibility for unverified remote attackers to access the configured database...

OpenKM SQL注入漏洞

OpenKM is a document management system developed by OpenKM Company in Spain. This system offers features such as version control, file history, and file sharing. Version OpenKM 6.3.12 has a SQL injection vulnerability; this vulnerability stems from an unlimited SQL execution flaw, which could all...

itsourcecode Student Transcript Processing System SQL注入漏洞

itsourcecode Student Transcript Processing System is an open-source student transcript processing system developed by itsourcecode. Version 1.0 of the itsourcecode Student Transcript Processing System has a SQL injection vulnerability. This vulnerability arises from improper handling of the...

Important: kernel-livepatch-6.1.168-203.330

Issue Overview: PinTheft is a Linux local privilege escalation exploit for an RDS zerocopy double-free that can be turned into a page-cache overwrite through iouring fixed buffers. Affected Packages: kernel-livepatch-6.1.168-203.330 Issue Correction: Please ensure you have live patching enabled...

PT-2026-43282

Name of the Vulnerable Software and Affected Versions IBM Cloud Pak for Data System - Cyclops versions 11.3.0.2 through Interim Fix 002 Description SQL injection allows a remote attacker to send specially crafted SQL statements to the system. This could enable the attacker to view, add, modify, o...

PT-2026-43390

CISA added an actively exploited Drupal SQL injection to its KEV catalog and gave federal agencies until Wednesday evening to patch. If you're running Drupal in production and haven't patched CVE-2025-50329, you're exposed to trivial database compromise. No auth required. cybersecurity infosec...

Das Parking Management System SQL注入漏洞

Das Parking Management System is a parking management system developed by Das Real Technology Co., Ltd. Version 6.2.0 of Das Parking Management System has a SQL injection vulnerability. This vulnerability arises from improper handling of parameters during the execution of code in the Search API...

PT-2026-43440

Name of the Vulnerable Software and Affected Versions Pterodactyl versions prior to 1.12.3 Description The Client API contains a logic flaw allowing users to bypass assigned limits for database allocations. This occurs because the database locking mechanism within the controllers is ineffective...

PT-2026-43426

Name of the Vulnerable Software and Affected Versions code-projects Project Management System version 1.0 Description A SQL injection issue exists within the Login component in the chk.php file. This flaw allows a remote attacker to manipulate an unknown function to execute arbitrary SQL commands...

IBM Db2 日志信息泄露漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain a vulnerability related to log information leakage. This vulnerability stems from the storage of potentially sensitive information in log files, which may allow...

IBM Cloud Pak for Data System SQL注入漏洞

IBM Cloud Pak for Data System is an enterprise data and AI integration platform provided by IBM. Version 11.3.0.2 of IBM Cloud Pak for Data System, as well as the Interim Fix 002, contain a SQL injection vulnerability. This vulnerability allows for SQL injection attacks, potentially enabling remo...

ROS-20260526-73-0012

Vulnerability in mongodb-org related to a flaw in the use of assert. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

itsourcecode Electronic Judging System SQL注入漏洞

itsourcecode Electronic Judging System is an open-source electronic judging system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System has a SQL injection vulnerability. This vulnerability arises from improper handling of the judgeid parameter by an unknown functi...

PT-2026-43277

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description IBM Db2 for Linux, UNIX, and Windows, including DB2 Connect Server, stores potentially sensitive information in log files. This data could be accessed an...

CVE-2026-42773

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection. This issue affects eMagicOne Store Manager: from n/a through 1.3.2...

CVE-2026-42774

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Crocoblock JetEngine allows SQL Injection. This issue affects JetEngine: from n/a through 3.8.8.1...

CVE-2026-48837 WordPress Unlimited Elements For Elementor plugin <= 2.0.8 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...

EUVD-2026-31759

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elements For Elementor: from n/a through 2.0.8...

EUVD-2026-31707

A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirmloggedin of the file /studentdel.php. The manipulation of the argument ID results in sql injection. The attack may be launched...