PT-2026-30456

Name of the Vulnerable Software and Affected Versions griptape versions 0.19.4 Description A security issue exists in the FileManagerTool component of griptape. The functions load files from disk, list files from disk, save content to file, and save memory artifacts to disk are susceptible to pat...

PT-2026-30421

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. The manipulation of the argument email results in sql injection. The attack may be launched remotel...

PT-2026-30444

A vulnerability was detected in SourceCodester/jkev Record Management System 1.0. Affected by this vulnerability is an unknown functionality of the file index.php of the component Login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The...

PT-2026-30429

A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function is safe ast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack m...

PT-2026-30441

Name of the Vulnerable Software and Affected Versions Technostrobe HI-LED-WR120-G2 version 5.5.0.1R6.03.30 Description A security flaw exists in Technostrobe HI-LED-WR120-G2 version 5.5.0.1R6.03.30. Manipulation of an unknown function can lead to cross-site request forgery. This attack can be...

PT-2026-30412

A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation of the argument firstName leads to sql injection. The attack can be launched remotely. The exploit...

PT-2026-30402

A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /login credentials.txt of the component HTTP GET Request Handler. The manipulation leads to cleartext storage in a file or on disk. The attack may be initiated...

SUSE CVE-2026-5318

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

SUSE CVE-2026-5342

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

CVE-2026-5526

A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been...

CVE-2026-5472

A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. The affected element is an unknown function of the file /adminpanel/settings.php of the component Profile Picture Handler. This manipulation of the argument File causes unrestrict...

CVE-2026-5467

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

Vulnerability fixed in Fortinet's FortiClient EMS

Fortinet has fixed a vulnerability in FortiClient EMS. The vulnerability involves improper access controls in FortiClient EMS. Unauthenticated attackers can bypass security controls by sending specially crafted requests and execute unauthorized code or commands. The vulnerability can be exploited...

PT-2026-30385

Name of the Vulnerable Software and Affected Versions Tenda 4G03 Pro versions 1.0 through 1.1 and 04.03.01.53 Description A security flaw exists in Tenda 4G03 Pro. The issue involves improper access controls related to an unknown functionality within the /bin/httpd file. The attack can be perform...

PT-2026-30387

Name of the Vulnerable Software and Affected Versions MoussaabBadla code-screenshot-mcp versions up to 0.1.0 Description A security issue exists in the HTTP Interface component of MoussaabBadla code-screenshot-mcp. This allows for os command injection, potentially enabling remote attacks. The...

PT-2026-30386

A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible t...

Linux Distros Unpatched Vulnerability : CVE-2026-5315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF...

CVE-2026-5414

A security flaw has been discovered in Newgen OmniDocs up to 12.0.00. Affected by this issue is some unknown functionality of the file /omnidocs/WebApiRequestRedirection. The manipulation of the argument DocumentId results in improper control of resource identifiers. The attack may be performed...

CVE-2026-5484

A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible...

CVE-2026-5484 BookStackApp BookStack Chapter Export ExportFormatter.php chapterToMarkdown access control

A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible...