Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21827 matches found

NVD
NVDadded 2026/04/02 2:16 p.m.3 views

CVE-2026-5338

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function actionsetsystemsettings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The...

7.2CVSS0.0043EPSS
Exploits1References5
CVE
CVEadded 2026/04/02 2:0 p.m.5 views

CVE-2026-5338

CVE-2026-5338 affects Tenda G103 1.0.0.5. The vulnerability is in the Setting Handler’s Setting System component, specifically the file system.lua and its function action_set_system_settings . Manipulating the argument lanIp leads to a remote command injection , with exploitation disclosed public...

7.2CVSS5.6AI score0.0043EPSS
Exploits1References5Affected Software1
Cvelist
Cvelistadded 2026/04/02 2:0 p.m.23 views

CVE-2026-5338 Tenda G103 Setting system.lua action_set_system_settings command injection

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function actionsetsystemsettings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The...

5.8CVSS0.0043EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/04/02 2:0 p.m.1 views

CVE-2026-5338 Tenda G103 Setting system.lua action_set_system_settings command injection

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function actionsetsystemsettings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The...

5.8CVSS5.6AI score0.0043EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/04/02 1:45 p.m.1 views

CVE-2026-5334

A weakness has been identified in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file /enrollment/index.php?view=edit&id=3 of the component Parameter Handler. This manipulation of the argument deptid causes sql injection. The attack is possible to be carried out...

7.5CVSS6.8AI score0.00039EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/02 12:45 p.m.1 views

CVE-2026-5330

A vulnerability was found in SourceCodester/mayurik Best Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=deleteuser of the component User Delete Handler. Performing a manipulation of the argument ID results in improper access...

6.9CVSS6.3AI score0.00057EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/04/02 12:45 p.m.5 views

CVE-2026-5330

The CVE affects SourceCodester/mayuri_k Best Courier Management System 1.0. Affected component: /ajax.php?action=delete_user (User Delete Handler). The issue arises from manipulating the ID argument, leading to improper access controls. Exploitation is possible remotely and public exploits exist ...

6.9CVSS6.3AI score0.00057EPSS
Exploits0References4
EUVD
EUVDadded 2026/04/02 12:31 p.m.3 views

EUVD-2026-18183

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

6.3CVSS5.8AI score0.00027EPSS
Exploits0References7
NVD
NVDadded 2026/04/02 11:16 a.m.2 views

CVE-2026-5326

A vulnerability was identified in SourceCodester Leave Application System 1.0. Impacted is an unknown function of the file /index.php?page=manageuser of the component User Information Handler. Such manipulation of the argument ID leads to authorization bypass. The attack can be executed remotely...

6.9CVSS0.00015EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2026/04/02 10:53 a.m.2 views

CVE-2026-5255

A vulnerability was detected in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /delstaffinfo.php of the component Parameter Handler. The manipulation of the argument userid results in cross site scripting. The attack may be launched remotely. The exploit is now...

6.1CVSS4.4AI score0.00056EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/02 10:53 a.m.1 views

CVE-2026-5257

A vulnerability has been found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the file /delstaffinfo.php of the component Parameter Handler. Such manipulation of the argument userid leads to sql injection. The attack can be executed remotely. The exploit...

9.8CVSS6.9AI score0.00045EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/04/02 10:53 a.m.2 views

CVE-2026-5256

A flaw has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modify.php of the component Parameter Handler. This manipulation of the argument firstName causes sql injection. Remote exploitation of the attack is possible. The exploit has be...

9.8CVSS6.8AI score0.00045EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/04/02 10:45 a.m.32 views

CVE-2026-5326 SourceCodester Leave Application System User Information index.php authorization

A vulnerability was identified in SourceCodester Leave Application System 1.0. Impacted is an unknown function of the file /index.php?page=manageuser of the component User Information Handler. Such manipulation of the argument ID leads to authorization bypass. The attack can be executed remotely...

6.9CVSS0.00015EPSS
Exploits0References5
NVD
NVDadded 2026/04/02 10:16 a.m.4 views

CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

8.1CVSS0.00029EPSS
Exploits0References6
NVD
NVDadded 2026/04/02 10:16 a.m.5 views

CVE-2026-5245

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

8.1CVSS0.00027EPSS
Exploits0References6
OSV
OSVadded 2026/04/02 10:16 a.m.1 views

DEBIAN-CVE-2026-5245

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

8.1CVSS5.8AI score0.00027EPSS
Exploits0References1
ATTACKERKB
ATTACKERKBadded 2026/04/02 9:45 a.m.1 views

CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

6.3CVSS5.5AI score0.00029EPSS
Exploits0References7Affected Software1
Cvelist
Cvelistadded 2026/04/02 9:45 a.m.27 views

CVE-2026-5246 Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

6.3CVSS0.00029EPSS
Exploits0References6
Debian CVE
Debian CVEadded 2026/04/02 9:45 a.m.3 views

CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

8.1CVSS5.1AI score0.00029EPSS
Exploits0
CVE
CVEadded 2026/04/02 9:45 a.m.6 views

CVE-2026-5246

CVEs details (CVE-2026-5246) : Affects Cesanta Mongoose up to version 7.20. The vulnerability is in the function mg_tls_verify_cert_signature (mongoose.c) within the P-384 Public Key Handler. Remote exploitation could lead to an authorization bypass. Exploitation is described as complex, and ther...

8.1CVSS5.5AI score0.00029EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder