CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cvelist•added yesterday•2 views

CVE-2026-10876 SourceCodester Ship Ferry Ticket Reservation System admin improper authorization

A weakness has been identified in SourceCodester Ship Ferry Ticket Reservation System 1.0. This affects an unknown function of the file /admin/. This manipulation of the argument page causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made available...

CVE•added yesterday•8 views

CVE-2026-10876

6.5CVSS6.3AI score

NVD•added yesterday•0 views

CVE-2026-10906

Use after free in WebAuthentication in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE•added yesterday•4 views

CVE-2026-11301

Inappropriate implementation in LiveCaption in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially perform out of bounds memory access via malicious network traffic. Chromium security severity: Low...

5.8AI score

Cvelist•added yesterday•2 views

CVE-2026-11034

Insufficient validation of untrusted input in Tab Group Sync in Google Chrome on Android prior to 149.0.7827.53 allowed a remote attacker to inject arbitrary scripts or HTML UXSS via malicious network traffic. Chromium security severity: Medium...

Cvelist•added yesterday•2 views

CVE-2026-11024

Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Chromium security severity: Medium...

CVE•added yesterday•1 views

CVE-2026-11024

CVE-2026-11024 concerns a stack buffer overflow in Skia within Google Chrome, allowing a remote attacker to potentially exploit stack corruption via a crafted HTML page. Affected software: Google Chrome using Skia, prior to version 149.0.7827.53. Root cause: stack overflow in Skia implementation....

6AI score

CVE•added yesterday•2 views

CVE-2026-10995

The CVE-2026-10995 entry describes a heap buffer overflow in Google Chrome’s TabStrip prior to version 149.0.7827.53. The issue can be triggered by a user-supplied crafted HTML page where the attacker coerces the user into performing specific UI gestures, potentially allowing heap corruption. Doc...

6AI score

Cvelist•added yesterday•6 views

CVE-2026-10815 LakshayD02 Hostel-Management-System-PHP Admin Dashboard index.php authorization

A vulnerability was found in LakshayD02 Hostel-Management-System-PHP up to f87e67c283bab6f718faf2fec6ae39a13bd7036b. This issue affects some unknown processing of the file hostel/index.php of the component Admin Dashboard Page. The manipulation of the argument ID results in missing authorization...

NVD•added yesterday•5 views

CVE-2026-10808

A vulnerability was identified in itsourcecode Fees Management System 1.0. This affects an unknown function of the file /managestudent.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be use...

EUVD•added yesterday•4 views

EUVD-2026-34267

A security vulnerability has been detected in itsourcecode Fees Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /receipt.php. Such manipulation of the argument efid leads to sql injection. The attack may be performed from remote. The exploit has been...

6.5CVSS5.6AI score

EUVD•added yesterday•3 views

EUVD-2026-34261

A weakness has been identified in itsourcecode Fees Management System up to 1.0. Affected is an unknown function of the file /navbar.php. This manipulation of the argument page causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been made available to t...

5.3CVSS4.3AI score

Cvelist•added yesterday•5 views

CVE-2026-10808 itsourcecode Fees Management System manage_student.php sql injection

CVE•added yesterday•5 views

CVE-2026-10808

The CVE-2026-10808 entry concerns itsourcecode Fees Management System 1.0. A SQL injection vulnerability exists in the /manage_student.php script, triggered by manipulating the ID parameter. This affects an unknown function within that file. The issue allows remote exploitation, and a public expl...

6.5CVSS6.5AI score

ATTACKERKB•added yesterday•3 views

CVE-2026-10807

A vulnerability was determined in mjperpinosa stumasy. The impacted element is an unknown function of the file application/PHP/objects/profiles/changeprofileimage.php. Executing a manipulation of the argument prprofileimage can lead to unrestricted upload. The attack may be launched remotely. The...

6.5CVSS6.4AI score

Cvelist•added yesterday•6 views

CVE-2026-10806 mjperpinosa stumasy add_post.php unrestricted upload

A vulnerability was found in mjperpinosa stumasy. The affected element is an unknown function of the file application/PHP/objects/updates/addpost.php. Performing a manipulation of the argument upfiletopost results in unrestricted upload. The attack may be initiated remotely. The exploit has been...