CVE-2026-8774

creationtimestamp| type| source ---|---|--- 2026-05-18 02:52:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm3unooxqv2p...

CVE-2026-8769

creationtimestamp| type| source ---|---|--- 2026-05-18 02:48:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm3ugxspdh2i...

CVE-2026-8768

creationtimestamp| type| source ---|---|--- 2026-05-18 02:45:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm3uayr2oq2n...

CVE-2026-8770

creationtimestamp| type| source ---|---|--- 2026-05-18 02:42:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm3u3moehp2c...

CVE-2026-8773

creationtimestamp| type| source ---|---|--- 2026-05-18 02:34:51+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm3to4hlhf2e...

CVE-2026-8765

creationtimestamp| type| source ---|---|--- 2026-05-18 02:32:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm3tkbhxqc2q...

CVE-2026-36438

creationtimestamp| type| source ---|---|--- 2026-05-18 01:00:04+00:00| seen| https://t.me/GithubRedTeam/84611 2026-05-18 09:00:04+00:00| published-proof-of-concept| Telegram/x3hQR0-UI2JUxQyjcWHc5kHBpfVh3Jms4Hr2XANxyksqy3E...

GHSA-JCC7-9WPM-MJ36

creationtimestamp| type| source ---|---|--- 2026-05-18 00:07:08+00:00| seen| https://gist.github.com/MarisollieNULL/a118747c6ccbbc3d057b25e0b11923bd 2026-05-18 11:49:53+00:00| seen| https://gist.github.com/MarisollieNULL/91df2a5b8be5f9f07e9a52a1b572afe4...

PT-2026-41671

Name of the Vulnerable Software and Affected Versions opensourcepos Open Source Point of Sale versions prior to 3.4.3 Description A flaw in the Employee Login component allows for the use of a weak hash. The issue is located in the Login function within the app/Models/Employee.php file. This...

dify 安全漏洞

Dify is an open-source LLM application development platform created by LangGenius. Versions of Dify prior to 1.14.1 contained security vulnerabilities. These vulnerabilities were due to an authorization bypass issue, which allowed authenticated users to modify user settings and enable tracking...

FacturaScripts 跨站脚本漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to 2025.7 contained a cross-site scripting vulnerability. This vulnerability occurred due to the fsNick cookie parameter value being reflected directly into HTML, which...

FacturaScripts 信息泄露漏洞

FacturaScripts is an open-source ERP software developed by Carlos Garcia, a Spanish developer. Versions of FacturaScripts prior to version 2026 contained a vulnerability related to information leakage. This vulnerability stemmed from the Library module not clearing the EXIF/XMP/IPTC metadata...

Open Source Point of Sale 路径遍历漏洞

Open Source Point of Sale is an open-source sales point system based on the Open Source Point of Sale framework. Versions of Open Source Point of Sale 3.4.2 and earlier have a path traversal vulnerability. This vulnerability arises from the operation of the getPicThumb function in the...

Open Source Point of Sale 加密问题漏洞

Open Source Point of Sale is an open-source sales point system based on the Open Source Point of Sale framework. Versions of Open Source Point of Sale 3.4.2 and earlier had encryption-related vulnerabilities. These vulnerabilities stemmed from a function in the Employee Login component called...

Flawfinder 2.0.20

Flawfinder searches through source code for potential security flaws, listing potential security flaws sorted by risk, with the most potentially dangerous flaws shown first. This risk level depends not only on the function, but on the values of the parameters of the function...

TinyIce: Missing authentication on WebRTC ingest endpoint allows unauthorized stream injection

TinyIce's WebRTC source-ingest HTTP endpoint, POST /webrtc/source-offer?mount=, accepted any inbound WebRTC SDP offer with no authentication check. The handler routed the offer to WebRTCManager.HandleSourceOffer, which then accepted whatever audio/video tracks the peer published and broadcast the...

GHSA-QGP8-V765-QXX9

creationtimestamp| type| source ---|---|--- 2026-05-17 23:06:40+00:00| seen| https://gist.github.com/MarisollieNULL/935455fadca48e7a3343eb0015eb0b69...

CVE-2026-8764

creationtimestamp| type| source ---|---|--- 2026-05-17 22:47:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm3gxmclzx2p 2026-05-18 00:00:35+00:00| seen| https://gist.github.com/ichintu/01265631529ef2fa634b46e58e87a890 2026-05-18 02:42:10+00:00| seen|...

CVE-2026-8507

creationtimestamp| type| source ---|---|--- 2026-05-17 20:32:47+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mm37goz7cd25 2026-05-17 22:43:00+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm3gontrtv2e 2026-05-18 00:00:39+00:00| seen|...

CVE-2026-8721

creationtimestamp| type| source ---|---|--- 2026-05-17 20:22:45+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3mm36uqfydx2b 2026-05-17 22:32:30+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mm3g4qzayl2p 2026-05-30 11:00:53+00:00| seen|...