CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/06/01 12:30 a.m.•12 views

EUVD-2026-33529

7.5CVSS6.9AI score0.00263EPSS

NVD•added 2026/06/01 12:16 a.m.•11 views

CVE-2026-10203

A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The manipulation results in sql injection. The attack can be launched...

6.5CVSS0.00196EPSS

NVD•added 2026/06/01 12:16 a.m.•10 views

CVE-2026-10204

A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. This manipulation causes sql injection. The attack may be initiated...

6.5CVSS0.00192EPSS

NVD•added 2026/06/01 12:16 a.m.•15 views

CVE-2026-10201

A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. Executing a manipulation can lead to divide by zero. The attack needs to be launched locally. The exploit has be...

4.8CVSS0.00112EPSS

OSV•added 2026/06/01 12:16 a.m.•6 views

DEBIAN-CVE-2026-10201

4.8CVSS5.3AI score0.00112EPSS

Exploits0References1

OSV•added 2026/06/01 12:16 a.m.•5 views

UBUNTU-CVE-2026-10201

4.8CVSS5.3AI score0.00112EPSS

Exploits0References9

Cvelist•added 2026/06/01 12:15 a.m.•35 views

CVE-2026-10206 D-Link DI-8400 dbsrv.asp stack-based overflow

A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used...

9CVSS0.005EPSS

Vulnrichment•added 2026/06/01 12:15 a.m.•9 views

CVE-2026-10206 D-Link DI-8400 dbsrv.asp stack-based overflow

9CVSS6.1AI score0.005EPSS

Vulnrichment•added 2026/06/01 12:0 a.m.•11 views

CVE-2026-10205 Metasoft 美特软件 MetaCRM upload.jsp unrestricted upload

A security vulnerability has been detected in Metasoft 美特软件 MetaCRM 6.4.0. The impacted element is an unknown function of the file develop/systparam/softlogo/upload.jsp. Such manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed publicly an...

6.5CVSS6.2AI score0.00201EPSS

CVE•added 2026/06/01 12:0 a.m.•19 views

CVE-2026-10205

CVE-2026-10205 affects Metasoft MetaCRM 6.4.0. The vulnerability is in develop/systparam/softlogo/upload.jsp, described as an unrestricted upload via an unknown function, enabling remote exploitation. Public disclosure and exploit availability are indicated; vendor has not responded. The CVSS-bas...

6.5CVSS6.2AI score0.00201EPSS

ATTACKERKB•added 2026/06/01 12:0 a.m.•10 views

CVE-2026-10205

6.5CVSS6.2AI score0.00201EPSS

Exploits0References5Affected Software1

Positive Technologies•added 2026/06/01 12:0 a.m.•15 views

PT-2026-45500

A vulnerability was identified in hiraishikentaro wezterm-mcp 0.1.0. The affected element is an unknown function of the file src/wezterm executor.ts of the component switch pane/write to specific pane. The manipulation of the argument request.params.arguments.pane id leads to os command injection...

6.5CVSS5.6AI score0.01088EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•14 views

PT-2026-45279

A flaw has been found in CodeAstro Ingredients Stock Management System 1.0. This vulnerability affects unknown code of the file /Ingredients-Stock/stock manager.php. This manipulation of the argument txt search category causes sql injection. The attack may be initiated remotely. The exploit has...

6.5CVSS6.5AI score0.002EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•16 views

PT-2026-45498

A vulnerability was found in j3k0 mcp-google-workspace up to 831790e7d5c2663325733d9f5579cc339a267c4c. This issue affects the function saveToDisk of the file src/tools/gmail.ts of the component MCP Gmail Tool. Performing a manipulation results in improper access controls. It is possible to initia...

6.5CVSS5.4AI score0.00276EPSS

Exploits0References9

Positive Technologies•added 2026/06/01 12:0 a.m.•12 views

PT-2026-45350

A security flaw has been discovered in jeecgboot The server processes these URLs up to 3.9.1. This affects the function FileDownloadUtils.download2DiskFromNet of the file /airag/app/debug of the component Cloud Instance Metadata Endpoint. The manipulation results in server-side request forgery. T...

6.5CVSS6.2AI score0.0027EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•14 views

PT-2026-45401

A security vulnerability has been detected in itsourcecode Online House Rental System 1.0. This affects an unknown function of the file /manage tenant.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed...

7.5CVSS5.7AI score0.00263EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•14 views

PT-2026-45421

A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has be...

9CVSS6.2AI score0.00484EPSS

Positive Technologies•added 2026/06/01 12:0 a.m.•19 views

PT-2026-45661

A security flaw has been discovered in ggml-org whisper.cpp up to 1.8.2. This vulnerability affects the function whisper model load of the file ggml/src/ggml.c. The manipulation results in null pointer dereference. Attacking locally is a requirement. The exploit has been released to the public an...

4.8CVSS5.4AI score0.00112EPSS