CVE-2026-10620

A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

EUVD-2026-34023

A flaw has been found in code-projects Student Admission System 1.0. Affected is an unknown function of the file /index.php. This manipulation of the argument eid/did causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2026-10619

Technical details about CVE-2026-10619 are not publicly available in the provided documents. Monitor for updates.

CVE-2026-10619 sayan365 student-management-system improper authentication

A vulnerability was detected in sayan365 student-management-system up to 7f3c9ce7d410332335c2affac93a385485051800. This impacts an unknown function. The manipulation results in improper authentication. The attack can be executed remotely. The exploit is now public and may be used. This product...

CVE-2026-10619 sayan365 student-management-system improper authentication

A vulnerability was detected in sayan365 student-management-system up to 7f3c9ce7d410332335c2affac93a385485051800. This impacts an unknown function. The manipulation results in improper authentication. The attack can be executed remotely. The exploit is now public and may be used. This product...

CVE-2026-42290 vulnerabilities

Vulnerabilities for packages: vitess...

CVE-2026-35368 vulnerabilities

Vulnerabilities for packages: uutils...

GHSA-29H4-R29X-HCHV vulnerabilities

Vulnerabilities for packages: airflow...

CVE-2026-41018 vulnerabilities

Vulnerabilities for packages: airflow...

OPENSUSE-SU-2026:20892-1 Security update for yq

This update for yq fixes the following issues: Changes in yq: - Fix multiple CVEs: CVE-2026-27136 GO-2026-5030 CVE-2026-25681 GO-2026-5029 CVE-2026-25680 GO-2026-5028 CVE-2026-42502 GO-2026-5027 CVE-2026-42506 GO-2026-5025 bsc1267053 CVE-2026-39821 GO-2026-5026 bsc1267199 - update to v4.53.2 Add...

CVE-2026-1871

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

EUVD-2026-33981

A vulnerability was determined in DedeCMS 5.7.88. The affected element is the function TrimMsg of the file /plus/feedback.php of the component Feedback Handler. Executing a manipulation of the argument msg can lead to sql injection. The attack can be launched remotely. The exploit has been public...

CVE-2026-49943

CZ.NIC BIRD Internet Routing Daemon (up to version 2.19.0) is affected by a stack-based buffer overflow in the BGP AS_PATH mask matching implementation (nest/a-path.c). The as_path_match() routine uses a fixed-size stack capable of 2048 + 1 pm_pos entries, while parse_path() expands AS_PATH segme...

CVE-2026-42654

Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Swings Wallet System for WooCommerce allows Password Recovery Exploitation. This issue affects Wallet System for WooCommerce: from n/a through 2.7.5...

CVE-2026-1871

TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful exploitation causes the affected RTSP core service process to...

CVE-2026-1871

CVE-2026-1871 affects TP-Link Tapo C200 v5. The issue is a stack-based buffer overflow in the RTSP authentication handling caused by improper validation of Authorization header lengths. Exploitation triggers a crash of the RTSP core service and an automatic system reboot, resulting in a DoS that ...

xwayland: xorg: X.Org X server: Information disclosure and denial of service via out-of-bounds read in XKB geometry processing.

A flaw was found in the X.Org X server. This out-of-bounds read vulnerability in the XKB geometry processing, specifically within the CheckSetGeom and XkbAddGeomKeyAlias functions, allows an attacker to read uninitialized or out-of-bounds memory. An attacker with a connection to the X11 server,...

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

CVE-2026-10245

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is the function createsupplier of the file /ShowForm/createsupplier/main. Executing a manipulation of the argument companyname can lead to cross site scripting. The attack can be launched...

CVE-2026-10257

A security flaw has been discovered in itsourcecode Content Management System 1.0. This issue affects some unknown processing of the file /admin/updatessimg.php. The manipulation of the argument topicid results in sql injection. The attack can be executed remotely. The exploit has been released t...