CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Vulnrichment•added 2026/05/26 12:45 p.m.•5 views

CVE-2026-9544 Shenzhen Sixun Software Sixun Shanghui Group Business Management System PayConfig sql injection

A vulnerability was found in Shenzhen Sixun Software Sixun Shanghui Group Business Management System 10. Affected by this vulnerability is an unknown functionality of the file /api/Dinner/PayConfig. Performing a manipulation of the argument tableno results in sql injection. The attack is possible...

7.5CVSS6.8AI score0.00259EPSS

OSV•added 2026/05/26 9:37 a.m.•3 views

MAL-2026-4813 Malicious code in noteparse (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 270d4c797fe34bc0b9598608f45add8721f1fa80d1488e4fae750e3a7b38419e noteparse 1.1.27 ships live MinIO credentials in configReader.py endpoint uicfile.uniview.com, accesskey 'uicpro', secretkey 'uicpropass123' that are...

5.8AI score

RedHat Linux•added 2026/05/26 9:30 a.m.•13 views

mysql: InnoDB unspecified vulnerability (CPU Apr 2026)

Oracle CPU describes the issue as following: Vulnerability in the MySQL Server product of Oracle MySQL component: InnoDB. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via...

4.9CVSS7.2AI score0.00323EPSS

Exploits0References6

IBM Security Bulletins•added 2026/05/26 6:46 a.m.•8 views

Security Bulletin: IBM OpenPages is affected by multiple security vulnerabilities of DB2 Database Server (April 2026)

Summary IBM® Db2® Database Server is shipped as a supporting program of IBM OpenPages. Information about security vulnerabilities affecting IBM Db2 Database Server has been published in multiple security bulletins. Vulnerability Details Refer to the security bulletins listed in the...

5.8AI score

Exploits0Affected Software1

NVD•added 2026/05/26 5:16 a.m.•7 views

CVE-2026-9526

A vulnerability was found in itsourcecode Electronic Judging System 1.0. This vulnerability affects unknown code of the file /admin/editteam.php. The manipulation of the argument numid results in sql injection. The attack may be launched remotely. The exploit has been made public and could be use...

7.5CVSS0.00319EPSS

NVD•added 2026/05/26 4:16 a.m.•12 views

CVE-2026-9523

A vulnerability was detected in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 3000WEBV2. Affected by this vulnerability is an unknown functionality of the file /SubstationWEBV2/app/..;/calc/getCalcmeterDetailDayListTree. Performing a manipulation of the argument...

7.5CVSS0.00319EPSS

CVE•added 2026/05/26 4:0 a.m.•14 views

CVE-2026-9528

The CVE-2026-9528 entry concerns itsourcecode Electronic Judging System 1.0. Affected component: /admin/delete_judge.php; vulnerability arises from manipulation of the judge_id parameter, enabling SQL injection. Attacker can exploit remotely; public exploit is available per the description. No re...

7.5CVSS7AI score0.00319EPSS

Vulnrichment•added 2026/05/26 3:30 a.m.•8 views

CVE-2026-9526 itsourcecode Electronic Judging System edit_team.php sql injection

7.5CVSS6.9AI score0.00319EPSS

ATTACKERKB•added 2026/05/26 3:0 a.m.•7 views

CVE-2026-9525

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /admin/editjudge.php. The manipulation of the argument judgeid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may ...

7.5CVSS6.8AI score0.00319EPSS

Exploits0References5Affected Software1

EUVD•added 2026/05/26 2:30 a.m.•9 views

EUVD-2026-31782

7.5CVSS6.9AI score0.00319EPSS

Cvelist•added 2026/05/26 2:30 a.m.•38 views

CVE-2026-9523 Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform getCalcmeterDetailDayListTree sql injection

7.5CVSS0.00319EPSS

CNNVD•added 2026/05/26 12:0 a.m.•13 views

Delta Electronics DIAView 安全漏洞

Delta Electronics DIAView is an industrial configuration software developed by Delta Electronics in China. Delta Electronics DIAView has a security vulnerability, which stems from the possibility for unverified remote attackers to access the configured database...

9.8CVSS5.8AI score0.00053EPSS

CNNVD•added 2026/05/26 12:0 a.m.•7 views

IBM Db2 日志信息泄露漏洞

IBM Db2 is a relational database management system developed by IBM. Versions 11.5.0 to 11.5.9 and 12.1.0 to 12.1.4 of IBM Db2 contain a vulnerability related to log information leakage. This vulnerability stems from the storage of potentially sensitive information in log files, which may allow...

5.5CVSS5.8AI score0.00143EPSS

CNNVD•added 2026/05/26 12:0 a.m.•6 views

itsourcecode Electronic Judging System SQL注入漏洞

itsourcecode Electronic Judging System is an open-source electronic judging system developed by itsourcecode. Version 1.0 of the itsourcecode Electronic Judging System has a SQL injection vulnerability. This vulnerability arises from improper handling of the judgeid parameter by an unknown functi...

7.5CVSS7.1AI score0.00319EPSS

Positive Technologies•added 2026/05/26 12:0 a.m.•8 views

PT-2026-43277

Name of the Vulnerable Software and Affected Versions IBM Db2 versions 11.5.0 through 11.5.9 IBM Db2 versions 12.1.0 through 12.1.4 Description IBM Db2 for Linux, UNIX, and Windows, including DB2 Connect Server, stores potentially sensitive information in log files. This data could be accessed an...

5.5CVSS5.8AI score0.00143EPSS

Exploits0References3

Positive Technologies•added 2026/05/26 12:0 a.m.•6 views

PT-2026-43390

CISA added an actively exploited Drupal SQL injection to its KEV catalog and gave federal agencies until Wednesday evening to patch. If you're running Drupal in production and haven't patched CVE-2025-50329, you're exposed to trivial database compromise. No auth required. cybersecurity infosec...

5.9AI score