CVE-2026-4210

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability i...

PT-2026-28651

Name of the Vulnerable Software and Affected Versions code-projects Simple Laundry System version 1.0 Description A security flaw exists in code-projects Simple Laundry System. The issue involves a SQL injection affecting the file /checkregisitem.php within the Parameter Handler component. The...

wvp-GB28181-pro 代码问题漏洞

WVP-GB28181-Pro is a video monitoring platform developed by individual developer 648540858. Versions of WVP-GB28181-Pro 2.7.4 and earlier have code vulnerabilities. These vulnerabilities stem from a deserialization issue in the function GenericFastJsonRedisSerializer within the component API...

PuTTY 数据伪造问题漏洞

PuTTY is a set of free Telnet, Rlogin, and SSH clients developed by Simon Tatham. This software is primarily used for remote management of Linux systems. Version 0.83 of PuTTY has a vulnerability related to data manipulation, stemming from improper handling of encrypted signatures in the Ed25519...

Medium: qt5-qt3d

Issue Overview: A vulnerability classified as critical has been found in Open Asset Import Library Assimp 5.4.3. This affects the function Assimp::AC3DImporter::ConvertObjectSection of the file code/AssetLib/AC/ACLoader.cpp of the component AC3D File Handler. The manipulation of the argument tmp...

LLM-Claw 安全漏洞

LLM-Claw is an open-source AI agent framework developed by CLAW LLM. Versions 0.1.0, 0.1.1, 0.1.1a, and 0.1.1a-p1 of LLM-Claw contain security vulnerabilities. These vulnerabilities stem from a buffer overflow in the agentdeployinit function within the Agent Deployment component, which may lead t...

Dataease SQLBot 数据伪造问题漏洞

Dataease SQLBot is a robot plugin developed by Dataease as open source. Versions of Dataease SQLBot 1.5.1 and earlier contained a data manipulation vulnerability. This vulnerability stemmed from improper verification of the encrypted signature for the validateEmbedded function in the JWT Token...

openbabel 代码问题漏洞

OpenBabel is an open-source chemistry toolkit software developed by Open Babel. Versions of OpenBabel 3.1.1 and earlier contained code vulnerabilities. These vulnerabilities stemmed from a null pointer dereferencing in the OBAtom::GetExplicitValence function in the isrc/atom.cpp file, which could...

RuoYi-Vue-Plus 安全漏洞

RuoYi-Vue-Plus is a development framework created by the dromara organization in China. Versions of RuoYi-Vue-Plus 5.5.3 and earlier contain security vulnerabilities. These vulnerabilities stem from a lack of authorization checks in the SaServletFilter function of the Workflow Module component,...

LibrarySystem 访问控制错误漏洞

LibrarySystem is a book management system developed by Walton’s individual developers. Versions of LibrarySystem prior to 1.1.1 contained an access control vulnerability. This vulnerability stemmed from improper access control in the BookController.java file, which could lead to remote attacks...

JeecgBoot 代码问题漏洞

JeecgBoot is a Java low-code platform developed by Jeecg Corporation, designed for enterprise web applications. Version 3.9.1 of JeecgBoot contains a code vulnerability. This vulnerability stems from a deserialization issue in the importDocumentFromZip function of the component in the file...

cskefu（春松客服） 跨站脚本漏洞

cskefu Chunsong Customer Service is an open-source, free intelligent customer service system developed by Chatopera in China. Versions of cskefu prior to 8.0.1 contained a cross-site scripting vulnerability. This vulnerability originated from a cross-site scripting issue in the Upload function of...

PT-2026-6984

Name of the Vulnerable Software and Affected Versions Tenda RX3 version 16.03.13.11 Description A stack-based buffer overflow exists in the set qosMib list function located in the /goform/formSetQosBand file. Manipulation of arguments to this function can trigger the overflow, allowing for remote...

PT-2026-7006

Name of the Vulnerable Software and Affected Versions code-projects Contact Management System version 1.0 Description A security flaw exists in the Contact Management System. The issue involves improper authentication due to manipulation of the ID argument within the CRUD Endpoint component. This...

PT-2026-6909

Name of the Vulnerable Software and Affected Versions PHPGurukul Beauty Parlour Management System version 1.1 Description A flaw exists in PHPGurukul Beauty Parlour Management System that allows for SQL injection. This issue is located in the /admin/accepted-appointment.php file. Manipulation of...

WeKan 访问控制错误漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.20 contained a security vulnerability related to access control. This vulnerability stemmed from an unknown function in the Attachment Migration component, specifically the file...

WeKan 访问控制错误漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.20 contained a security vulnerability related to access control. This vulnerability stemmed from an unknown function in the Attachment Storage component, specifically the file models/attachments.js, whi...

WeKan 访问控制错误漏洞

WeKan is an open-source dashboard application developed by WeKan. Versions of WeKan prior to 8.20 contained a security vulnerability related to access control. This vulnerability stemmed from an unknown function in the models/boards.js file within the component’s REST endpoint, which had improper...

Ziroom ZHOME A0101 安全漏洞

Ziroom ZHOME A0101 is a smart home hardware device developed by Ziroom Corporation. The version 1.0.1.0 of Ziroom ZHOME A0101 contains a security vulnerability. This vulnerability stems from the Dropbear SSH Service component using default credentials, which may lead to remote attacks...

SourceCodester Medical Certificate Generator App 安全漏洞

The SourceCodester Medical Certificate Generator App is an open-source medical certification generator developed by SourceCodester. Version 1.0 of the SourceCodester Medical Certificate Generator App contains a security vulnerability. This vulnerability stems from an unknown issue involving...