CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 2 days ago•10 views

CVE-2026-10878

Summary of vulnerability : CVE-2026-10878 affects D-Link DWR-M920 firmware versions 1.1.50 and 1.1.70. The issue resides in the function sub_41C8E8 of /boafrm/formSmsManage, where manipulation of the argument action_value leads to a command injection . The vulnerability enables remote exploitatio...

8.8CVSS6.5AI score0.00075EPSS

Exploits1References6Affected Software1

Positive Technologies•added 2 days ago•7 views

PT-2026-46902

Graphite before 1.3.15 has an integer underflow and resultant out-of-bounds write via Graphite actions, because slotat does not ensure that an offset is within the allowed slot-map range...

7.3CVSS5.8AI score0.00012EPSS

Exploits0References3

Positive Technologies•added 2 days ago•7 views

PT-2026-46959

A security vulnerability has been detected in tittuvarghese CollegeManagementSystem 3e476335cfbfb9a049e09f474c7ec885f69a9df3/a38852979f7e27ae67b610dce5979500ef8ebe01. The impacted element is an unknown function of the file dashboard page/forms/upload student data.php of the component Student Data...

6.5CVSS6.2AI score0.00043EPSS

Cvelist•added 2 days ago•27 views

CVE-2026-37737

sanic-cors version 2.2.0 and prior contains an improper regular expression in the trymatch function in saniccors/core.py that uses re.match without end-anchoring. This allows an attacker to bypass CORS origin allowlists by registering a domain that begins with a trusted origin string, to gain...

0.00015EPSS

Positive Technologies•added 2 days ago•8 views

PT-2026-47034

Name of the Vulnerable Software and Affected Versions AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL versions prior to 4.0.1 Description An untrusted search path issue exists in the GlobalDatabasePlugin. This allows a remote authenticated low-privilege actor to escalate privileges to thos...

8.6CVSS5.5AI score0.00129EPSS

Exploits0References5

Positive Technologies•added 2 days ago•5 views

PT-2026-46912

Improper Authentication, Missing authentication for critical function, Weak Authentication vulnerability in DTS Electronics Industry and Trade Ltd. Co. Redline WR3200 allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Redline WR3200: from 7.1.3 before 7.1.8...

9.8CVSS5.5AI score0.0005EPSS

Exploits0References2

Positive Technologies•added 2 days ago•8 views

PT-2026-47062

🚨 Multiple Critical Vulnerabilities Disclosed in DbGate Several severe vulnerabilities in DbGate can allow attackers to achieve remote code execution: • CVE-2026-47668 - Unauthenticated RCE via JSON Script Runner dbgate-serve • CVE-2026-47669 - Zip Slip arbitrary file write leading to RCE •...

6AI score

Exploits1References1

Positive Technologies•added 2 days ago•8 views

PT-2026-46977

A security vulnerability has been detected in SourceCodester Ship Ferry Ticket Reservation System 1.0. Impacted is an unknown function of the file /admin/?page=user/manage user. The manipulation of the argument Username leads to cross site scripting. It is possible to initiate the attack remotely...

4.8CVSS3.6AI score0.00033EPSS

CVE•added 3 days ago•12 views

CVE-2026-10876

CVE-2026-10876 affects SourceCodester Ship Ferry Ticket Reservation System 1.0. The vulnerability is described as an improper authorization due to manipulation of an argument on an endpoint under /admin/, with the affected function being unknown. It allows remote exploitation and the exploit has ...

6.5CVSS6.3AI score0.00043EPSS

Exploits0References6

CVE•added 3 days ago•6 views

CVE-2026-10874

CVE-2026-10874 affects projectworlds Online Art Gallery Shop Project 1.0. The vulnerability resides in an unknown function within /admin/adminHome.php, where manipulating the parameter social_insta leads to a SQL injection. Exploitation may be remote and publicly available. CVSS metrics in the so...

6.5CVSS6.5AI score0.00028EPSS

Exploits0References5

NVD•added 3 days ago•5 views

CVE-2026-45287

OpenTelemetry-Go is the Go implementation of OpenTelemetry. Prior to version 0.0.17, go.opentelemetry.io/otel/schema/v1.0 and go.opentelemetry.io/otel/schema/v1.1 leaks one file descriptor on each successful ParseFile call. ParseFile opens the schema file and passes it to Parse without closing it...

2.1CVSS0.00013EPSS

Exploits0References3

Cvelist•added 3 days ago•30 views

CVE-2026-10813 LMCache KV Cache utils.py hex_hash_to_int16 weak hash

A flaw has been found in LMCache up to 0.4.6. This affects the function hexhashtoint16 of the file lmcache/integration/vllm/utils.py of the component KV Cache Handler. Executing a manipulation can lead to use of weak hash. The attack needs to be launched locally. The attack requires a high level ...

3.6CVSS0.00009EPSS

NVD•added 3 days ago•7 views

CVE-2026-10806

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...

6.5CVSS0.00043EPSS

Exploits0References6

ATTACKERKB•added 3 days ago•3 views

CVE-2019-25733

NetShareWatcher 1.5.8.0 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input. Attackers can craft a payload with overwritten SEH and NSEH pointers through the Restrictions custom filter field to...

Exploits0References4Affected Software1

Cvelist•added 3 days ago•31 views

CVE-2019-25733 NetShareWatcher 1.5.8.0 SEH Buffer Overflow

8.6CVSS0.00013EPSS

EUVD•added 3 days ago•4 views

EUVD-2019-20169

CVE•added 3 days ago•7 views

CVE-2019-25733

NetShareWatcher 1.5.8.0 contains a structured exception handler (SEH) buffer overflow in which a malicious input in the Restrictions custom filter field can overwrite SEH/NSEH pointers and cause code execution when Find is invoked. This is a local vulnerability with high impact (CVSSv3.1/8.4, CVS...

Vulnrichment•added 3 days ago•6 views

CVE-2019-25733 NetShareWatcher 1.5.8.0 SEH Buffer Overflow