CVE-2026-11513

A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument Date results in sql injection. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2026-11512

A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2026-11511

A weakness has been identified in Bolt CMS up to 3.7.5. This vulnerability affects unknown code of the file src/Storage/Field/Type/TextType.php of the component HTML Attribute Handler. Executing a manipulation of the argument style can lead to HTML injection. It is possible to launch the attack...

CVE-2026-11510

A security flaw has been discovered in CodeAstro Leave Management System 1.0. This affects an unknown part of the file /admin/addleave.php. Performing a manipulation of the argument typeofleave results in sql injection. It is possible to initiate the attack remotely. The exploit has been released...

CVE-2026-11515

A vulnerability has been found in SourceCodester Barangay Resident Profiling and Information Management System 1.0. The impacted element is an unknown function of the file passswordreset.php of the component Password Reset Handler. Such manipulation of the argument newpassword with the input...

CVE-2026-11509

A vulnerability was identified in CodeAstro Leave Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/searchstaffforupdation.php. Such manipulation of the argument Name leads to sql injection. The attack may be performed from remote...

CVE-2026-11523

A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-based buffer overflow. The attack can be launched remotely. Th...

CVE-2026-11504

A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...

CVE-2026-11517

A vulnerability was determined in UTT HiPER 2610G up to 3.0.0-171107. This impacts the function strcpy of the file /goform/formConfigDnsFilterGlobal. Executing a manipulation of the argument GroupName can lead to buffer overflow. The attack can be executed remotely. The exploit has been publicly...

CVE-2026-11503

A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function formfastsettingwifiset of the file /goform/fastsettingwifiset of the component Wi-Fi Configuration Endpoint. Such manipulation of the argument ssid leads to stack-based buffer overflow. The...

CVE-2026-11505

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

Windows Kernel Elevation of Privilege Vulnerability

Use after free in Windows Kernel allows an authorized attacker to elevate privileges locally...

Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

Windows Collaborative Translation Framework (CTFMON) Elevation of Privilege Vulnerability

Improper link resolution before file access 'link following' in Windows Collaborative Translation Framework allows an authorized attacker to elevate privileges locally...

Remote Desktop Client Remote Code Execution Vulnerability

Heap-based buffer overflow in Remote Desktop Client allows an unauthorized attacker to execute code over a network...

Windows Performance Monitor Remote Code Execution Vulnerability

Integer underflow wrap or wraparound in Windows Performance Monitor allows an unauthorized attacker to execute code over a network...

Exploit for Deserialization of Untrusted Data in Facebook React

React2ShellExploit CVE-2025-55182 I created simple react2she...

auto_exploiter

Auto-Exploiter Framework ⚠️ LEGAL DISCLAIMER — Authorised...

Exploit for Use After Free in Redis

redis-server from 7.2.0 until 8.6.3, the Remote Code Execution...

Update Chrome: Google patches actively exploited vulnerability and 73 others

Google has issued updates for the Chrome browser, patching a number of high‑severity vulnerabilities. The update includes fixes for 74 vulnerabilities, including one that is being actively exploited in the wild. The stable channel has been updated to 149.0.7827.102/.103 for Windows/Mac, and...