CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2026/06/02 1:30 a.m.•19 views

CVE-2026-10565

CVE-2026-10565 affects Open5GS up to 2.7.6, in NGAP Handover’s function gmm_state_security_mode (src/amf/gmm-sm.c). The issue is a race condition caused by manipulation, exploitable remotely with high attack complexity and low likelihood of full compromise; impact includes partial availability. T...

3.1CVSS5AI score0.00224EPSS

Cvelist•added 2026/06/02 1:30 a.m.•36 views

CVE-2026-10565 Open5GS NGAP Handover gmm-sm.c gmm_state_security_mode race condition

3.1CVSS0.00224EPSS

Vulnrichment•added 2026/06/02 1:30 a.m.•9 views

CVE-2026-10565 Open5GS NGAP Handover gmm-sm.c gmm_state_security_mode race condition

3.1CVSS5AI score0.00224EPSS

ATTACKERKB•added 2026/06/02 1:15 a.m.•9 views

CVE-2026-10559

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. The affected element is an unknown function of the file /index.php. Executing a manipulation of the argument page can lead to file inclusion. The attack may be performed from remote. The exploit has been published and may be us...

6.5CVSS6.3AI score0.00227EPSS

Exploits0References6Affected Software1

Vulnrichment•added 2026/06/02 1:15 a.m.•8 views

CVE-2026-10559 SourceCodester Pizzafy Ecommerce System index.php file inclusion

6.5CVSS6.3AI score0.00227EPSS

EUVD•added 2026/06/02 1:15 a.m.•10 views

EUVD-2026-33859

6.5CVSS6.3AI score0.00227EPSS

Vulnrichment•added 2026/06/02 1:0 a.m.•11 views

CVE-2026-10558 SourceCodester Pizzafy Ecommerce System index.php file inclusion

A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is an unknown function of the file /admin/index.php. Performing a manipulation of the argument page results in file inclusion. The attack is possible to be carried out remotely. The exploit is now public and may...

6.5CVSS6.4AI score0.00227EPSS

EUVD•added 2026/06/02 1:0 a.m.•9 views

EUVD-2026-33858

6.5CVSS6.4AI score0.00227EPSS

ATTACKERKB•added 2026/06/02 1:0 a.m.•10 views

CVE-2026-10558

6.5CVSS6.4AI score0.00227EPSS

Exploits0References6Affected Software1

CVE•added 2026/06/02 12:45 a.m.•19 views

CVE-2026-10550

Summary of CVE-2026-10550 (elunez eladmin) : Affects eladmin up to 2.7; the vulnerability targets the Application Deployment Module, specifically the App.java component. The issue arises from manipulating the uploadPath argument, enabling command injection and remote code execution. Public exploi...

6.5CVSS6.3AI score0.01067EPSS

Vulnrichment•added 2026/06/02 12:45 a.m.•9 views

CVE-2026-10550 elunez eladmin Application Deployment App.java command injection

A weakness has been identified in elunez eladmin up to 2.7. This vulnerability affects unknown code of the file App.java of the component Application Deployment Module. This manipulation of the argument uploadPath causes command injection. Remote exploitation of the attack is possible. The exploi...

6.5CVSS6.3AI score0.01067EPSS

ATTACKERKB•added 2026/06/02 12:45 a.m.•10 views

CVE-2026-10550

6.5CVSS6.3AI score0.01067EPSS

Exploits0References6Affected Software1

EUVD•added 2026/06/02 12:31 a.m.•12 views

EUVD-2026-33849

A vulnerability was detected in itsourcecode Fees Management System 1.0. The affected element is an unknown function of the file index.php. Performing a manipulation of the argument page results in cross site scripting. The attack may be initiated remotely. The exploit is now public and may be us...

5.3CVSS4.3AI score0.00273EPSS

EUVD•added 2026/06/02 12:31 a.m.•13 views

EUVD-2026-33852

A flaw has been found in itsourcecode Fees Management System 1.0. The impacted element is an unknown function of the file /managefee.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used...

6.5CVSS5.7AI score0.002EPSS

EUVD•added 2026/06/02 12:31 a.m.•11 views

EUVD-2026-33853

A vulnerability has been found in 1Panel-dev CordysCRM up to 1.6.2. This affects an unknown function of the file backend/framework/src/main/java/cn/cordys/config/RequestParamTrimConfig.java. The manipulation leads to cross site scripting. Remote exploitation of the attack is possible. The exploit...

4.8CVSS4.1AI score0.00251EPSS

Exploits0References10

EUVD•added 2026/06/02 12:31 a.m.•10 views

EUVD-2026-33835

A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function addreview/savereview/getallreviews of the file reviewapp.py. Performing a manipulation of the argument name/comment results in denial of service. The attack requires a local approac...

4.8CVSS5.5AI score0.0012EPSS

EUVD•added 2026/06/02 12:31 a.m.•11 views

EUVD-2026-33833

A security vulnerability has been detected in SGLang 0.5.10.post1. Impacted is an unknown function of the file python/sglang/srt/lora/loramanager.py of the component Inference HTTP Endpoint. Such manipulation of the argument lorapath leads to reachable assertion. The attack can be launched...

6.3CVSS5.2AI score0.00368EPSS

EUVD•added 2026/06/02 12:31 a.m.•14 views

EUVD-2026-33828

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown part of the file /managecourse.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used...

6.5CVSS5.7AI score0.002EPSS

EUVD•added 2026/06/02 12:31 a.m.•10 views

EUVD-2026-33832

A weakness has been identified in code-projects Online Hospital Management System 1.0. This issue affects some unknown processing of the file viewdoctortimings.php. This manipulation of the argument delid causes improper control of resource identifiers. The attack can be initiated remotely. The...

5.1CVSS5.6AI score0.00274EPSS