CVE-2026-3693

A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...

EUVD-2026-10188

A flaw has been found in Freedom Factory dGEN1 up to 20260221. Affected by this vulnerability is the function TokenBalanceContentProvider of the component org.ethereumphone.walletmanager.testing123. Executing a manipulation can lead to improper authorization. The attack requires local access. The...

PT-2026-23921

Name of the Vulnerable Software and Affected Versions libpng versions up to 1.6.55 Description A heap-based buffer overflow exists in the do pnm2png function within the pnm2png.c file of the pnm2png component. The issue is triggered by manipulating the width and height arguments. Exploitation is...

PT-2026-23958

Name of the Vulnerable Software and Affected Versions SourceCodester Employee Task Management System version 1.0 Description A flaw exists in SourceCodester Employee Task Management System that allows for SQL injection. The issue is located in the GET Parameter Handler component, specifically...

PT-2026-23974

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. The affected element is an unknown function of the file showhistory.php. The manipulation results in cross site scripting. It is possible to launch the attack remotely. The exploit has been made public and could b...

CVE-2026-3671

A flaw has been found in Freedom Factory dGEN1 up to 20260221. Affected by this vulnerability is the function TokenBalanceContentProvider of the component org.ethereumphone.walletmanager.testing123. Executing a manipulation can lead to improper authorization. The attack requires local access. The...

CVE-2026-3671

The CVE-2026-3671 entry concerns Freedom Factory dGEN1 (up to 20260221) with a flaw in the TokenBalanceContentProvider function of org.ethereumphone.walletmanager.testing123. The underlying issue permits local manipulation that leads to improper authorization, affecting confidentiality (PARTIAL) ...

CVE-2026-3671

A flaw has been found in Freedom Factory dGEN1 up to 20260221. Affected by this vulnerability is the function TokenBalanceContentProvider of the component org.ethereumphone.walletmanager.testing123. Executing a manipulation can lead to improper authorization. The attack requires local access. The...

CVE-2026-3661 Wavlink WL-NU516U1 adm.cgi ota_new_upgrade command injection

A flaw has been found in Wavlink WL-NU516U1 240425. This affects the function otanewupgrade of the file /cgi-bin/adm.cgi. This manipulation of the argument model causes command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. The vendor wa...

PT-2026-23882

Name of the Vulnerable Software and Affected Versions Freedom Factory dGEN1 versions up to 20260221 Description A flaw exists in the TokenBalanceContentProvider function within the org.ethereumphone.walletmanager.testing123 component. A manipulation of this function can lead to improper...

CVE-2026-3487

A vulnerability was found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/class-result.php. Performing a manipulation of the argument coursecode results in sql injection. The attack can be initiated remotely. The exploit has been made...

CVE-2026-3485

A flaw has been found in D-Link DIR-868L 110b03. This affects the function sub1BF84 of the component SSDP Service. This manipulation of the argument ST causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. This vulnerability...

CVE-2026-3485

CVE-2026-3485 affects the D-Link DIR-868L, specifically the SSDP Service’s function sub_1BF84. Manipulation of the ST argument causes an OS command injection. The vulnerability is remotely exploitable and, per the provided PT-2026-22824 entry, the exploit has been published. The affected devices ...

CVE-2026-3413

A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /adminsinglestudent.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may...

PT-2026-22824

Name of the Vulnerable Software and Affected Versions D-Link DIR-868L version 110b03 Description A flaw exists in the SSDP Service component, specifically within the sub 1BF84 function, of the D-Link DIR-868L. Manipulation of the ST argument can lead to operating system command injection. This...

CVE-2026-3386

A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wrencompiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...

EUVD-2026-9148

A flaw has been found in itsourcecode University Management System 1.0. This vulnerability affects unknown code of the file /adminsinglestudent.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may...

PT-2026-22548

Name of the Vulnerable Software and Affected Versions itsourcecode University Management System version 1.0 Description A flaw has been identified in itsourcecode University Management System version 1.0. The issue resides in unknown code within the /admin single student.php file. Manipulation of...

PT-2026-22535

A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulation can lead to xml external entity reference. The attack may be performed from remote. Attacks of...

CVE-2026-3386

A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wrencompiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...