662 matches found
CVE-2026-7077
CVE-2026-7077 affects itsourcecode Courier Management System 1.0. The vulnerability is in an unknown function of the file /edit_parcel.php where manipulating the argument ID leads to an SQL injection. It is exploitable remotely and the exploit is publicly available. CVSS metrics indicate network-...
PT-2026-35340
A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit parcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...
itsourcecode Courier Management System 注入漏洞
itsourcecode Courier Management System is an open-source courier management system developed by itsourcecode. Version 1.0 of the itsourcecode Courier Management System has a vulnerability related to parameter handling in the file/editparcel.php, which may lead to SQL injection attacks...
VulnCheck KEV: CVE-2025-55184
A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafe...
CVE-2026-23869
A flaw was found in react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack. Specially crafted HTTP requests to server function endpoints can result in an excessive consumption of CPU resources for up to a minute, causing an error that is catchable. Mitigation Red Hat has...
React Server Components have a Denial of Service Vulnerability
Impact A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack versions 19.0.0, 19.1.0 and 19.2.0. The vulnerability is triggered by sending specially crafted HTTP requests...
K000160686: React framework vulnerability CVE-2026-23869
Security Advisory Description A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. T...
Allocation of Resources Without Limits or Throttling
Overview react-server-dom-parcel is a React Server Components bindings for DOM using Parcel. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...
CVE-2026-23869
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...
CVE-2026-23869
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...
CVE-2026-23869
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...
CVE-2026-23869
A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...
React 安全漏洞
React is a JavaScript library developed by Meta for building user interfaces. There is a security vulnerability in React, which stems from excessive CPU usage when handling specially crafted HTTP requests, potentially leading to denial of service attacks. The following versions are affected:...
CVE-2026-0007
In writeToParcel of WindowInfo.cpp, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-26892
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...
CVE-2026-26891
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...
CVE-2026-26891
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...
CVE-2026-26892
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...
CVE-2026-26891
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...
CVE-2026-26892
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...