Drupal core - Moderately critical - Gadget Chain - SA-CORE-2026-002

Drupal core contains a chain of methods that could be exploitable when an insecure deserialization vulnerability exists on the site. This so-called "gadget chain" presents no direct threat, but is a vector that can be used to achieve remote code execution or SQL injection if the application...

PT-2026-33053

Name of the Vulnerable Software and Affected Versions Apache SkyWalking versions 9.7.0 through 10.3.0 Description The SkyWalking OAP '/debugging/config/dump' endpoint may leak sensitive configuration information related to MySQL or PostgreSQL. Recommendations Upgrade to version 10.4.0...

Insufficient Session Expiration

Overview pyload-ng is a The free and open-source Download Manager written in pure Python Affected versions of this package are vulnerable to Insufficient Session Expiration due to the caching of user roles and permissions in the session at login, which are not refreshed after changes in the...

pyLoad has Stale Session Privilege After Role/Permission Change (Privilege Revocation Bypass)

Summary pyLoad caches role and permission in the session at login and continues to authorize requests using these cached values, even after an admin changes the user's role/permissions in the database. As a result, an already logged-in user can keep old revoked privileges until logout/session...

GHSA-9PP3-53P2-WW9V @vendure/core has a SQL Injection vulnerability

Summary An unauthenticated SQL injection vulnerability exists in the Vendure Shop API. A user-controlled query string parameter is interpolated directly into a raw SQL expression without parameterization or validation, allowing an attacker to execute arbitrary SQL against the database. This affec...

SQL Injection

Overview @vendure/core is an A modern, headless ecommerce framework Affected versions of this package are vulnerable to SQL Injection via the ProductService.findOneBySlug function in Admin and Vendure Shop API. An attacker can execute arbitrary SQL commands on the database by supplying a crafted...

CVE-2026-35032

Jellyfin (pre-10.11.7) has a vulnerability chain in the LiveTV M3U tuner endpoint (POST /LiveTv/TunerHosts) where tuner URLs aren’t validated, enabling local file reads via non-HTTP paths and SSRF via HTTP URLs. Exploitation is possible by any authenticated user because EnableLiveTvManagement def...

CVE-2026-36232

A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $GET'classId' is directly concatenated into the SQL query without any sanitization or validation...

CVE-2026-36233

A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without the need for...

CVE-2026-6037

A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This affects an unknown function of the file /util/AddVehicleFunction.php. This manipulation of the argument BRANCHID causes sql injection. The attack is possible to be carried out remotely. The exploit has be...

CVE-2026-35596

Vikunja is an open-source self-hosted task management platform. Prior to 2.3.0, the hasAccessToLabel function contains a SQL operator precedence bug that allows any authenticated user to read any label that has at least one task association, regardless of project access. Label titles, description...

EUVD-2025-209446

In manikandan580 School-management-system 1.0, a time-based blind SQL injection vulnerability exists in /studentms/admin/between-date-reprtsdetails.php through the fromdate POST parameter...

CVE-2026-33120

Untrusted pointer dereference in SQL Server allows an authorized attacker to execute code over a network...

CVE-2026-32176

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...

CVE-2026-32176 SQL Server Elevation of Privilege Vulnerability

...

CVE-2026-32167

Improper neutralization of special elements used in an sql command 'sql injection' in SQL Server allows an authorized attacker to elevate privileges locally...

CVE-2026-32167 SQL Server Elevation of Privilege Vulnerability

...

CVE-2026-39809

A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiClientEMS 7.4.0 through 7.4.5, FortiClientEMS 7.2.0 through 7.2.12, FortiClientEMS 7.0 all versions may allow attacker to execute unauthorized code or commands via sending crafted...

CVE-2026-38528

Krayin CRM v2.2.x was discovered to contain a SQL injection vulnerability via the rottenlead parameter at /Lead/LeadDataGrid.php...

SQL Injection

Overview krayin/laravel-crm is a hand tailored CRM framework built on some of the hottest opensource technologies such as Laravel a PHP framework and Vue.js a progressive Javascript framework. Affected versions of this package are vulnerable to SQL Injection via the rottenlead parameter in the...