CVE-2026-3137 CodeAstro Food Ordering System food_ordering.exe stack-based overflow

A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file foodordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has been disclosed public...

CVE-2026-3137

A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file foodordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has been disclosed public...

CVE-2026-3137 CodeAstro Food Ordering System food_ordering.exe stack-based overflow

A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file foodordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has been disclosed public...

CVE-2026-3137

CodeAstro Food Ordering System 1.0 is affected by a stack-based buffer overflow in the file food_ordering.exe. The vulnerability is exploitable locally and has publicly disclosed exploit information. The available sources consistently describe the impact as high (confidentiality, integrity, and a...

CodeAstro Food Ordering System 安全漏洞

The CodeAstro Food Ordering System is a food ordering system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Food Ordering System has a security vulnerability. This vulnerability stems from a stack buffer overflow in the foodordering.exe file, which may allow for the execution of...

PT-2026-21815

A security vulnerability has been detected in CodeAstro Food Ordering System 1.0. This affects an unknown function of the file food ordering.exe. Such manipulation leads to stack-based buffer overflow. The attack can only be performed from a local environment. The exploit has been disclosed...

CVE-2026-24494

SQL Injection vulnerability in the /api/integrations/getintegrations endpoint of Order Up Online Ordering System 1.0 allows an unauthenticated attacker to access sensitive backend database data via a crafted storeid parameter in a POST request...

Online Ordering System 安全漏洞

The Online Ordering System is a multi-store ordering system developed by Janobe’s individual developer. It can be used by any small business. Version 1.0 of the Online Ordering System has a security vulnerability. This vulnerability stems from the API/integrations/getintegrations endpoint, where...

CVE-2026-27007

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...

CVE-2026-27007 OpenClaw's sandbox config hash sorted primitive arrays and suppressed needed container recreation

OpenClaw is a personal AI assistant. Prior to version 2026.2.15, normalizeForHash in src/agents/sandbox/config-hash.ts recursively sorted arrays that contained only primitive values. This made order-sensitive sandbox configuration arrays hash to the same value even when order changed. In OpenClaw...

SUSE CVE-2026-23223

In the Linux kernel, the following vulnerability has been resolved: xfs: fix UAF in xchkbtreecheckblockowner We cannot dereference bs-cur when trying to determine if bs-cur aliases bs-sc-sa.bno,rmapcur after the latter has been freed. Fix this by sampling before type before any freeing could...

SQL Injection

Overview ghost is a publishing platform Affected versions of this package are vulnerable to SQL Injection in the the slug filter ordering logic in the Content API. An attacker can access and read arbitrary data from the database by injecting crafted SQL queries through the filter parameter in API...

CVE-2026-23223

In the Linux kernel, the following vulnerability has been resolved: xfs: fix UAF in xchkbtreecheckblockowner We cannot dereference bs-cur when trying to determine if bs-cur aliases bs-sc-sa.bno,rmapcur after the latter has been freed. Fix this by sampling before type before any freeing could...

CVE-2026-23223 xfs: fix UAF in xchk_btree_check_block_owner

In the Linux kernel, the following vulnerability has been resolved: xfs: fix UAF in xchkbtreecheckblockowner We cannot dereference bs-cur when trying to determine if bs-cur aliases bs-sc-sa.bno,rmapcur after the latter has been freed. Fix this by sampling before type before any freeing could...

CVE-2026-2136

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

CVE-2026-2136

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

CVE-2026-2136

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

CVE-2026-2136

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

EUVD-2026-5812

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

CVE-2026-2136 projectworlds Online Food Ordering System view-ticket.php sql injection

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...