40965 matches found
CVE-2026-7707
A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udrnudrdrhandlesubscriptioncontext of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the argument pei results in denial of service. The attack can be launched remotely. The exploit has been made...
CVE-2026-7709
A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generateauthtoken of the file cps/koboauth.py of the component Endpoint. Such manipulation of the argument userid leads to improper authorization. The attack may be launched remotely. The...
CVE-2026-7710
A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Performing a manipulation of the argument mock-token results in improper authentication. Remote...
CVE-2026-7709
CVE-2026-7709 affects janeczku Calibre-Web up to 0.6.26. The vulnerable element is the function generate_auth_token in cps/kobo_auth.py of the Endpoint component. The issue stems from manipulation of the argument user_id , causing improper authorization. The vulnerability can be exploited remotel...
CVE-2026-7709 janeczku Calibre-Web Endpoint kobo_auth.py generate_auth_token improper authorization
A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generateauthtoken of the file cps/koboauth.py of the component Endpoint. Such manipulation of the argument userid leads to improper authorization. The attack may be launched remotely. The...
EUVD-2026-26849
A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generateauthtoken of the file cps/koboauth.py of the component Endpoint. Such manipulation of the argument userid leads to improper authorization. The attack may be launched remotely. The...
CVE-2026-7708 Open5GS UDR subscription.c ogs_dbi_subscription_data denial of service
A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogsdbisubscriptiondata in the library /lib/dbi/subscription.c of the component UDR. This manipulation of the argument supiid causes denial of service. The attack may be initiated remotely. The exploit has...
CVE-2026-7708
Summary: CVE-2026-7708 affects Open5GS up to 2.7.7, targeting the UDR component. The vulnerability lies in the function ogs_dbi_subscription_data (library path /lib/dbi/subscription.c), where manipulating the argument supi_id leads to a denial of service. Remote initiation is possible according t...
CVE-2026-7708
A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogsdbisubscriptiondata in the library /lib/dbi/subscription.c of the component UDR. This manipulation of the argument supiid causes denial of service. The attack may be initiated remotely. The exploit has...
EUVD-2026-26847
A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogsdbisubscriptiondata in the library /lib/dbi/subscription.c of the component UDR. This manipulation of the argument supiid causes denial of service. The attack may be initiated remotely. The exploit has...
CVE-2026-7708 Open5GS UDR subscription.c ogs_dbi_subscription_data denial of service
A vulnerability was determined in Open5GS up to 2.7.7. The affected element is the function ogsdbisubscriptiondata in the library /lib/dbi/subscription.c of the component UDR. This manipulation of the argument supiid causes denial of service. The attack may be initiated remotely. The exploit has...
CVE-2026-7707 Open5GS UDR nudr-handler.c udr_nudr_dr_handle_subscription_context denial of service
A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udrnudrdrhandlesubscriptioncontext of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the argument pei results in denial of service. The attack can be launched remotely. The exploit has been made...
EUVD-2026-26844
A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmmhandleservicerequest of the file /src/amf/gmm-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2026-7706 Open5GS AMF gmm-handler.c gmm_handle_service_request denial of service
A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function gmmhandleservicerequest of the file /src/amf/gmm-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be initiated remotely. The exploit has been disclosed to the public a...
CVE-2026-7706
Open5GS AMF vulnerability CVE-2026-7706 affects the function gmm_handle_service_request in the file /src/amf/gmm-handler.c. The issue enables a remote denial of service. Public exploit exists per the description, and the project was notified via issue reports with no public response noted. Affect...
CVE-2026-7705
JD Cloud JDCOS 4.5.1.r4518 is affected. The vulnerability targets the /jdcap Service Interface’s set_iptv_info function, where manipulating the vid argument enables remote command injection. Exploitation is possible remotely and a published exploit exists. Vendor was contacted early but did not r...
CVE-2026-7705 JD Cloud JDCOS Service jdcap set_iptv_info command injection
A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function setiptvinfo of the file /jdcap of the component Service Interface. Executing a manipulation of the argument vid can lead to command injection. It is possible to launch the attack remotely. The exploit has...
CVE-2026-7701
A security vulnerability has been detected in Telegram Desktop up to 6.7.5. This vulnerability affects the function RequestButton of the file Telegram/SourceFiles/boxes/urlauthbox.cpp of the component Bot API. The manipulation of the argument loginurl leads to null pointer dereference. It is...
CVE-2026-7702
A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview Endpoint. The manipulation results in authorization bypass. It is possible to launch the attack...
EUVD-2026-26841
A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown function of the component Websocket API. This manipulation causes code injection. The attack can be initiated remotely. The exploit has been published and may be used. Upgrading to version 25.2 R3 is...