Lucene search
K

662 matches found

CVE
CVE
added 2026/04/27 2:0 a.m.10 views

CVE-2026-7077

CVE-2026-7077 affects itsourcecode Courier Management System 1.0. The vulnerability is in an unknown function of the file /edit_parcel.php where manipulating the argument ID leads to an SQL injection. It is exploitable remotely and the exploit is publicly available. CVSS metrics indicate network-...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.11 views

PT-2026-35340

A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit parcel.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be...

7.5CVSS7.3AI score0.00254EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.9 views

itsourcecode Courier Management System 注入漏洞

itsourcecode Courier Management System is an open-source courier management system developed by itsourcecode. Version 1.0 of the itsourcecode Courier Management System has a vulnerability related to parameter handling in the file/editparcel.php, which may lead to SQL injection attacks...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2026/04/15 12:0 a.m.11 views

VulnCheck KEV: CVE-2025-55184

A pre-authentication denial of service vulnerability exists in React Server Components versions 19.0.0, 19.0.1 19.1.0, 19.1.1, 19.1.2, 19.2.0 and 19.2.1, including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafe...

7.5CVSS5.9AI score0.65592EPSS
In wildExploits10References2
RedhatCVE
RedhatCVE
added 2026/04/10 7:56 p.m.7 views

CVE-2026-23869

A flaw was found in react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack. Specially crafted HTTP requests to server function endpoints can result in an excessive consumption of CPU resources for up to a minute, causing an error that is catchable. Mitigation Red Hat has...

7.5CVSS5.7AI score0.01551EPSS
Exploits4References4
Github Security Blog
Github Security Blog
added 2026/04/10 3:35 p.m.12 views

React Server Components have a Denial of Service Vulnerability

Impact A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack versions 19.0.0, 19.1.0 and 19.2.0. The vulnerability is triggered by sending specially crafted HTTP requests...

7.5CVSS5.8AI score0.01551EPSS
Exploits4References4Affected Software3
F5 Networks
F5 Networks
added 2026/04/09 9:43 a.m.10 views

K000160686: React framework vulnerability CVE-2026-23869

Security Advisory Description A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. T...

7.5CVSS5.9AI score0.01551EPSS
Exploits4
Snyk
Snyk
added 2026/04/08 9:10 p.m.11 views

Allocation of Resources Without Limits or Throttling

Overview react-server-dom-parcel is a React Server Components bindings for DOM using Parcel. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...

8.7CVSS5.8AI score0.01551EPSS
Exploits4References3
NVD
NVD
added 2026/04/08 8:16 p.m.5 views

CVE-2026-23869

A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...

7.5CVSS0.01551EPSS
Exploits4References4
Cvelist
Cvelist
added 2026/04/08 7:11 p.m.20 views

CVE-2026-23869

A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...

7.5CVSS0.01551EPSS
Exploits4References1
Vulnrichment
Vulnrichment
added 2026/04/08 7:11 p.m.6 views

CVE-2026-23869

A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...

7.5CVSS5.9AI score0.01551EPSS
Exploits4References1
ATTACKERKB
ATTACKERKB
added 2026/04/08 7:11 p.m.13 views

CVE-2026-23869

A denial of service vulnerability exists in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack and react-server-dom-webpack versions 19.0.0 through 19.0.4, 19.1.0 through 19.1.5, and 19.2.0 through 19.2.4. The vulnerability is triggered ...

7.5CVSS7.3AI score0.01551EPSS
Exploits4References2Affected Software3
CNNVD
CNNVD
added 2026/04/08 12:0 a.m.11 views

React 安全漏洞

React is a JavaScript library developed by Meta for building user interfaces. There is a security vulnerability in React, which stems from excessive CPU usage when handling specially crafted HTTP requests, potentially leading to denial of service attacks. The following versions are affected:...

7.5CVSS7.3AI score0.01551EPSS
Exploits4References1
RedhatCVE
RedhatCVE
added 2026/03/04 1:57 a.m.6 views

CVE-2026-0007

In writeToParcel of WindowInfo.cpp, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.6CVSS6.1AI score0.00094EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/04 1:57 a.m.7 views

CVE-2026-26892

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...

7.2CVSS6AI score0.00268EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/04 1:57 a.m.5 views

CVE-2026-26891

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...

2.7CVSS6AI score0.003EPSS
Exploits1References1
OSV
OSV
added 2026/03/03 8:16 p.m.6 views

CVE-2026-26891

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...

2.7CVSS5.9AI score0.003EPSS
Exploits1References1
OSV
OSV
added 2026/03/03 8:16 p.m.4 views

CVE-2026-26892

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...

7.2CVSS5.9AI score0.00268EPSS
Exploits1References1
NVD
NVD
added 2026/03/03 8:16 p.m.5 views

CVE-2026-26891

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...

2.7CVSS0.003EPSS
Exploits1References1
NVD
NVD
added 2026/03/03 8:16 p.m.6 views

CVE-2026-26892

Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...

7.2CVSS0.00268EPSS
Exploits1References1
Rows per page
Query Builder