CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/05/26 3:30 a.m.•5 views

CVE-2026-9526

A vulnerability was found in itsourcecode Electronic Judging System 1.0. This vulnerability affects unknown code of the file /admin/editteam.php. The manipulation of the argument numid results in sql injection. The attack may be launched remotely. The exploit has been made public and could be use...

7.5CVSS6.9AI score0.00039EPSS

Exploits0References5Affected Software1

Vulnrichment•added 2026/05/26 3:30 a.m.•8 views

CVE-2026-9526 itsourcecode Electronic Judging System edit_team.php sql injection

7.5CVSS6.9AI score0.00039EPSS

Cvelist•added 2026/05/26 3:30 a.m.•34 views

CVE-2026-9526 itsourcecode Electronic Judging System edit_team.php sql injection

7.5CVSS0.00039EPSS

EUVD•added 2026/05/26 3:30 a.m.•7 views

EUVD-2026-31786

7.5CVSS5.7AI score0.00039EPSS

RedHat Linux•added 2026/05/26 3:26 a.m.•13 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

A flaw was found in the X.Org X server. This integer underflow vulnerability, specifically in the XKB compatibility map handling, allows an attacker with local or remote X11 server access to trigger a buffer read overrun. This can lead to memory-safety violations and potentially a denial of servi...

7.8CVSS6AI score0.00005EPSS

RedHat Linux•added 2026/05/26 3:26 a.m.•9 views

xorg: xwayland: X.Org X server: Use-after-free vulnerability leads to server crash and potential memory corruption

A flaw was found in the X.Org X server. This use-after-free vulnerability occurs in the XSYNC fence triggering logic, specifically within the miSyncTriggerFence function. An attacker with access to the X11 server can exploit this without user interaction, leading to a server crash and potentially...

7.8CVSS5.8AI score0.00005EPSS

RedHat Linux•added 2026/05/26 3:16 a.m.•10 views

xorg: xwayland: X.Org X server: Denial of Service via integer underflow in XKB compatibility map handling

7.8CVSS6AI score0.00005EPSS

Vulnrichment•added 2026/05/26 3:0 a.m.•5 views

CVE-2026-9525 itsourcecode Electronic Judging System edit_judge.php sql injection

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /admin/editjudge.php. The manipulation of the argument judgeid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may ...

EUVD•added 2026/05/26 3:0 a.m.•9 views

EUVD-2026-31784

Cvelist•added 2026/05/26 3:0 a.m.•37 views

CVE-2026-9525 itsourcecode Electronic Judging System edit_judge.php sql injection

7.5CVSS0.00039EPSS

CVE•added 2026/05/26 3:0 a.m.•11 views

CVE-2026-9525

CVE-2026-9525 affects itsourcecode Electronic Judging System 1.0. The vulnerability is an SQL injection in /admin/edit_judge.php via the judge_id parameter, potentially exploitable remotely. CVSS metrics indicate NETWORK access, LOW integrity/availability impact and PROOF-OF-CONCEPT exploit matur...

ATTACKERKB•added 2026/05/26 3:0 a.m.•6 views

CVE-2026-9525

Exploits0References5Affected Software1

NVD•added 2026/05/26 2:16 a.m.•7 views

CVE-2026-9518

A vulnerability was identified in hemant6488 CodeIgniter-StudentManagementSystem. The impacted element is the function addStudent of the file viewstudents.php of the component Students Controller. The manipulation of the argument Name leads to cross site scripting. The attack is possible to be...

5.3CVSS0.00035EPSS

RedhatCVE•added 2026/05/26 2:12 a.m.•6 views

CVE-2026-22678

Webmin before 2.641 contains a stored cross-site scripting vulnerability in the email template description field of the System and Server Status module that allows low-privileged authenticated attackers to execute arbitrary JavaScript in the browser context of administrators by injecting...

5.4CVSS5.9AI score0.00029EPSS

RedhatCVE•added 2026/05/26 2:12 a.m.•9 views

CVE-2021-47965

WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor component that allows attackers to upload dangerous file types without validation. Attackers can upload arbitrary files through the filemanager upload endpoint to achieve remote co...

9.8CVSS6.5AI score0.00319EPSS

RedhatCVE•added 2026/05/26 2:12 a.m.•8 views

CVE-2026-34960

barebox prior to version 2026.04.0 contains an out-of-bounds read vulnerability in DHCP option parsing within the dhcpmessagetype function that fails to verify the options pointer remains within received packet bounds. An attacker on the same broadcast domain can send a crafted DHCP Offer or ACK...

7.1CVSS5.8AI score0.00013EPSS

RedHat Linux•added 2026/05/26 2:0 a.m.•10 views

xorg: xwayland: X.Org X server: Information exposure and denial of service via out-of-bounds memory access

A flaw was found in the X.Org X server's XKB key types request validation. A local attacker could send a specially crafted request to the X server, leading to an out-of-bounds memory access vulnerability. This could result in the disclosure of sensitive information or cause the server to crash,...

7.8CVSS5.7AI score0.00005EPSS

ATTACKERKB•added 2026/05/26 1:42 a.m.•4 views

CVE-2026-4795

A missing authorization vulnerability in Zyxel GS1200-5v3 firmware versions through 1.00ACPS.2C0, GS1200-8v3 firmware versions through 1.00ACPT.2C0, GS1200-5HPv3 firmware versions through 1.00ACPU.2C0, GS1200-8HPv3 firmware versions through 1.00ACPV.2C0, and GS1200-10v3 firmware versions through...

6.5CVSS5.8AI score0.00042EPSS

Exploits0References2Affected Software5

CVE•added 2026/05/26 1:42 a.m.•24 views

CVE-2026-4795

CVE-2026-4795 describes a missing authorization vulnerability in Zyxel GS1200 series switches (GS1200-5v3/8v3/5HPv3/8HPv3/10v3) up to firmware versions noted. The issue allows a LAN-based, unauthenticated attacker to read the system configuration from a log file via a crafted HTTP request. The co...

6.5CVSS5.8AI score0.00042EPSS