CVE-2026-27679 - Due to missing authorization checks in the SAP S/4HANA frontend OData Service (Manage Reference Stru

CVE-2026-27678 - Due to missing authorization checks in the SAP S/4HANA backend OData Service (Manage Reference Struc

CVE-2026-27677 - Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Reference Equipment), a

CVE-2026-27676 - Due to missing authorization checks in the SAP S/4HANA OData Service (Manage Technical Object Struct

CVE-2026-27675 - SAP Landscape Transformation contains a vulnerability in an RFC-exposed function module that could a

CVE-2026-27674 - Due to a Code Injection vulnerability in SAP NetWeaver Application Server Java (Web Dynpro Java), an

CVE-2026-27673 - Due to a missing authorization check, SAP S/4HANA (Private Cloud and On-Premise) allows an authentic

CVE-2026-27672 - The Material Master application does not enforce authorization checks for authenticated users when e

CVE-2026-24318 - Due to an Insecure session management vulnerability in SAP Business Objects Business Intelligence Pl

CVE-2026-0512 - Due to a Cross-Site Scripting (XSS) vulnerability in the SAP Supplier Relationship Management (SICF

CVE-2026-6203 - The User Registration & Membership plugin for WordPress is vulnerable to Open Redirect in versions u

CVE-2026-5086 - Crypt::SecretBuffer versions before 0.019 for Perl is suseceptible to timing attacks. For example,

CVE-2026-39979 - jq is a command-line JSON processor. In commits before 2f09060afab23fe9390cce7cb860b10416e1bf5f, the

CVE-2026-39956 - jq is a command-line JSON processor. In commits after 69785bf77f86e2ea1b4a20ca86775916889e91c9, the

CVE-2026-6224 - A security flaw has been discovered in nocobase plugin-workflow-javascript up to 2.0.23. This issue

CVE-2026-6220 - A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function Se

CVE-2026-4786 - Mitgation of CVE-2026-4519 was incomplete. If the URL contained "%action" the mitigation could be by

CVE-2026-40312 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-40311 - ImageMagick is free and open-source software used for editing and manipulating digital images. Versi

CVE-2026-40310 - ImageMagick is free and open-source software used for editing and manipulating digital images. Versi

CVE-2026-40183 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-40169 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-34238 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-33947 - jq is a command-line JSON processor. In versions 1.8.1 and below, functions jv_setpath(), jv_getpath

CVE-2026-33908 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-33905 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-33902 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-22566 - An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play

CVE-2026-22565 - An Improper Input Validation vulnerability could allow a malicious actor with access to the UniFi Pl

CVE-2026-22564 - An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play

CVE-2026-22563 - A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious

CVE-2026-22562 - A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability

CVE-2026-6219 - A vulnerability was determined in aandrew-me ytDownloader up to 3.20.2. This affects the function ch

CVE-2026-6218 - A vulnerability was found in aandrew-me ytDownloader up to 3.20.2. Affected by this issue is the fun

CVE-2026-6216 - A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function o

CVE-2026-33901 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-33900 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-33899 - ImageMagick is free and open-source software used for editing and manipulating digital images. In ve

CVE-2026-33740 - EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below,

CVE-2026-33659 - EspoCRM is an open source customer relationship management application. In versions 9.3.3 and below,

CVE-2026-32272 - Craft Commerce is an ecommerce platform for Craft CMS. In versions 5.0.0 through 5.5.4, an SQL injec

CVE-2026-32271 - Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through 4.10.2 and 5.0.0 th

CVE-2026-31280 - An issue in the Bluetooth RFCOMM service of Parani M10 Motorcycle Intercom v2.1.3 allows unauthorize

CVE-2026-26460 - A HTML Injection vulnerability exists in the Dashboard module of Vtiger CRM 8.4.0. The application f

CVE-2025-70936 - Vtiger CRM 8.4.0 contains a reflected cross-site scripting (XSS) vulnerability in the MailManager mo

CVE-2025-51414 - In Phpgurukul Online Course Registration v3.1, an arbitrary file upload vulnerability was discovered

CVE-2026-6215 - A weakness has been identified in DbGate up to 7.1.4. The impacted element is the function apiServer

CVE-2026-6202 - A security flaw has been discovered in code-projects Easy Blog Site 1.0. This affects an unknown fun

CVE-2026-6201 - A vulnerability was identified in CodeAstro Online Job Portal 1.0. The impacted element is an unknow

CVE-2026-33657 - EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below hav

CVE-2026-33534 - EspoCRM is an open source customer relationship management application. Versions 9.3.3 and below hav

CVE-2026-32605 - nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the A

CVE-2026-32270 - Craft Commerce is an ecommerce platform for Craft CMS. In versions 4.0.0 through 4.10.2 and 5.0.0 th

CVE-2026-31048 - An issue in the <code>pickle</code> protocol of Pyro v3.x allows attackers to execute arbitrary code

CVE-2026-6200 - A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebty

CVE-2026-6199 - A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file

CVE-2026-6198 - A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticS

CVE-2026-6197 - A flaw has been found in Tenda F456 1.0.0.5. This vulnerability affects the function formWrlsafeset

CVE-2026-40044 - Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execu

CVE-2026-40043 - Pachno 1.0.6 contains an authentication bypass vulnerability in the runSwitchUser() action that allo

CVE-2026-40042 - Pachno 1.0.6 contains an XML external entity injection vulnerability that allows unauthenticated att

CVE-2026-40041 - Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform ar

CVE-2026-40040 - Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to u

CVE-2026-40039 - Pachno 1.0.6 contains an open redirection vulnerability that allows attackers to redirect users to a

CVE-2026-40038 - Pachno 1.0.6 contains a stored cross-site scripting vulnerability that allows attackers to execute a

CVE-2026-29955 - The `/registercrd` endpoint in KubePlus 4.14 in the kubeconfiggenerator component is vulnerable to c

CVE-2026-6196 - A vulnerability was detected in Tenda F456 1.0.0.5. This affects the function fromexeCommand of the

CVE-2026-6195 - A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by thi

CVE-2026-6194 - A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is

CVE-2026-6100 - Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.G

CVE-2026-32316 - jq is a command-line JSON processor. An integer overflow vulnerability exists through version 1.8.1

CVE-2026-28291 - simple-git enables running native Git commands from JavaScript. Versions up to and including 3.31.1

CVE-2025-3756 - A vulnerability exists in the command handling of the IEC 61850 communication stack included in the

CVE-2026-6193 - A security flaw has been discovered in PHPGurukul Daily Expense Tracking System 1.1. Affected is an

CVE-2026-6192 - A vulnerability was identified in uclouvain openjpeg up to 2.5.4. This impacts the function opj_pi_i

CVE-2026-6191 - A vulnerability was determined in itsourcecode Construction Management System 1.0. This affects an u

CVE-2026-6190 - A vulnerability was found in itsourcecode Construction Management System 1.0. The impacted element i

CVE-2026-6189 - A vulnerability has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affect

CVE-2026-39940 - ChurchCRM is an open-source church management system. Prior to 7.0.0, it was possible in many places

CVE-2026-36952 - Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in the file /otas/

CVE-2026-36950 - Sourcecodester Online Thesis Archiving System v1.0 is vulnerable to SQL injection in /otas/projects_

CVE-2026-36948 - Sourcecodester Online Thesis Archiving System v1.0 is vulnerale to SQL injection in the file /otas/v

CVE-2026-33555 - An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received

CVE-2026-23891 - Decidim is a participatory democracy framework. In versions below 0.30.5 and 0.31.0.rc1 through 0.31

CVE-2026-6231 - The bson_validate function may return early on specific inputs and incorrectly report success. This

CVE-2026-6188 - A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unkn

CVE-2026-6187 - A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. This issue a

CVE-2026-6186 - A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerabilit

CVE-2026-6184 - A weakness has been identified in code-projects Simple Content Management System 1.0. This affects a

CVE-2026-36938 - Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/ro

CVE-2026-36937 - Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in /orms/admin/re

CVE-2026-34188 - Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command In

CVE-2026-34186 - Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injectio

CVE-2026-30813 - Improper Neutralization of Special Elements used in an SQL Command vulnerability allows SQL Injectio

CVE-2026-30812 - Improper Neutralization of Input During Web Page Generation vulnerability allows Stored Cross-Site S

CVE-2026-30811 - Missing Authorization vulnerability allows Exposure of Sensitive Information via configuration endpo

CVE-2026-30809 - Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command In

CVE-2026-30806 - Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command In

CVE-2026-30804 - Unrestricted Upload of File with Dangerous Type vulnerability allows Remote Code Execution via file

CVE-2025-69627 - Nitro PDF Pro for Windows 14.41.1.4 contains a heap use-after-free vulnerability in the implementati

CVE-2025-69624 - Nitro PDF Pro for Windows 14.41.1.4 contains a NULL pointer dereference vulnerability in the JavaScr

CVE-2025-66769 - A NULL pointer dereference in Nitro PDF Pro for Windows v14.41.1.4 allows attackers to cause a Denia

CVE-2025-63743 - Cross-Site Scripting vulnerability in the Snipe-IT web-based asset management system v8.3.0 to up an

CVE-2025-31991 - Rate Limiting for attempting a user login is not being properly enforced, making HCL DevOps Velocity

CVE-2026-6183 - A security flaw has been discovered in code-projects Simple Content Management System 1.0. Affected

CVE-2026-6182 - A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by th

CVE-2026-36945 - Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection

CVE-2026-36944 - Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerale to SQL injection

CVE-2026-36943 - Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection

CVE-2026-36942 - Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL injection in the file /orms

CVE-2026-36941 - Sourcecodester Online Resort Management System v1.0 is vulnerable to SQL Injection in the file /orms

CVE-2026-33858 - Dag Authors, who normally should not be able to execute code in the webserver context could craft XC

CVE-2026-31283 - In Totara LMS v19.1.5 and before, the forgot password API does not implement rate limiting for the t

CVE-2026-31282 - Totara LMS v19.1.5 and before is vulnerable to Incorrect Access Control. The login page code can be

CVE-2026-31281 - Totara LMS v19.1.5 and before is vulnerable to HTLM Injection. An attacker can inject malicious HTLM

CVE-2026-30999 - A heap buffer overflow in the av_bprint_finalize() function of FFmpeg v8.0.1 allows attackers to cau

CVE-2026-30998 - An improper resource deallocation and closure vulnerability in the tools/zmqsend.c component of FFmp

CVE-2026-30997 - An out-of-bounds read in the read_global_param() function (libavcodec/av1dec.c) of FFmpeg v8.0.1 all

CVE-2026-29628 - A stack overflow in the experimental/tinyobj_loader_opt.h file of tinyobjloader commit d56555b allow

CVE-2026-1462 - A vulnerability in the `TFSMLayer` class of the `keras` package, version 3.13.0, allows attacker-con

CVE-2025-66236 - Before Airflow 3.2.0, it was unclear that secure Airflow deployments require the Deployment Manager

CVE-2026-36947 - Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL Injection

CVE-2026-36946 - Sourcecodester Computer and Mobile Repair Shop Management System v1.0 is vulnerable to SQL injection

CVE-2026-31428 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: fix u

CVE-2026-31427 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_sip: fi

CVE-2026-31426 - In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: clean up handlers on

CVE-2026-31425 - In the Linux kernel, the following vulnerability has been resolved: rds: ib: reject FRMR registrati

CVE-2026-31424 - In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: restrict x

CVE-2026-31423 - In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_hfsc: fix divide

CVE-2026-31422 - In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_flow: fix NULL p

CVE-2026-31421 - In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL poi

CVE-2026-31420 - In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test i

CVE-2026-31419 - In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-fre

CVE-2026-31418 - In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logicall

CVE-2026-31417 - In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accu

CVE-2026-31416 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: accou

CVE-2026-31415 - In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6_da

CVE-2026-31414 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect:

CVE-2026-36923 - Sourcecodester Cab Management System 1.0 is vulnerable to SQL Injection in the file /cms/admin/booki

CVE-2026-36922 - Sourcecodester Cab Management System v1.0 is vulnerable to SQL injection in the file /cms/admin/cate

CVE-2026-36920 - Sourcecodester Online Reviewer System v1.0 is vulnerable to SQL Injection in the file /system/system

CVE-2026-36919 - Sourcecodester Online Reviewer System v1.0 is vulnerale to SQL Injection in the file /system/system/

CVE-2026-36874 - Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_stude

CVE-2026-36873 - Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_admin

CVE-2026-36872 - Sourcecodester Basic Library System v1.0 is vulnerable to SQL Injection in /librarysystem/load_book.

CVE-2026-34476 - Server-Side Request Forgery via SW-URL Header vulnerability in Apache SkyWalking MCP. This issue af

CVE-2026-6204 - LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability

CVE-2026-2728 - LibreNMS versions before 26.3.0 are affected by an authenticated Cross-site Scripting vulnerability

CVE-2026-35565 - Stored Cross-Site Scripting (XSS) via Unsanitized Topology Metadata in Apache Storm UI Versions Af

CVE-2026-35337 - Deserialization of Untrusted Data vulnerability in Apache Storm. Versions Affected: before 2.8.6.

CVE-2025-15632 - A vulnerability has been found in 1Panel-dev MaxKB up to 2.4.2. Impacted is an unknown function of t

CVE-2026-4810 - A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit (ADK) vers

CVE-2026-0234 - An improper verification of cryptographic signature vulnerability exists in Cortex XSOAR and Cortex

CVE-2026-0233 - A certificate validation vulnerability in Palo Alto Networks Autonomous Digital Experience Manager o

CVE-2026-0232 - A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows allows a

CVE-2026-6168 - A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function set

CVE-2026-6167 - A vulnerability was detected in code-projects Faculty Management System 1.0. Impacted is an unknown

CVE-2026-6166 - A security vulnerability has been detected in code-projects Vehicle Showroom Management System 1.0.

CVE-2026-5936 - An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to

CVE-2026-5085 - Solstice::Session versions through 1440 for Perl generates session ids insecurely. The _generateSes

CVE-2026-40436 - The ZTE ZXEDM iEMS product has a password reset vulnerability for any user.Because the management of

CVE-2026-3830 - The Product Filter for WooCommerce by WBW WordPress plugin before 3.1.3 does not sanitize and escape

CVE-2026-34866 - Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerab

CVE-2026-34865 - Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerab

CVE-2025-15441 - The Form Maker by 10Web WordPress plugin before 1.15.38 does not properly prepare SQL queries when

CVE-2026-6165 - A weakness has been identified in code-projects Vehicle Showroom Management System 1.0. This vulnera

CVE-2026-6164 - A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affec

CVE-2026-6163 - A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by thi

CVE-2026-40447 - Integer overflow or wraparound vulnerability in Samsung Open Source Escargot allows undefined behavi

CVE-2026-21014 - Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to acces

CVE-2026-21013 - Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to

CVE-2026-21012 - External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local

CVE-2026-21011 - Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allo

CVE-2026-21010 - Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to t

CVE-2026-21009 - Improper check for exceptional conditions in Recents prior to SMR Apr-2026 Release 1 allows physical

CVE-2026-21008 - Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacke

CVE-2026-21007 - Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows phys

CVE-2026-21006 - Improper access control in Samsung DeX prior to SMR Apr-2026 Release 1 allows physical attackers to

CVE-2026-6162 - A vulnerability has been found in PHPGurukul Company Visitor Management System 2.0. This impacts an

CVE-2026-6161 - A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown pa

CVE-2026-6160 - A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the functio

CVE-2026-6159 - A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerabi

CVE-2026-6158 - A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUbo

CVE-2026-40446 - Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source E

CVE-2026-35553 - Bluetooth ACPI Drivers provided by Dynabook Inc. contain a stack-based buffer overflow vulnerability

CVE-2026-34864 - Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of

CVE-2026-34863 - Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulner

CVE-2026-34862 - Race condition vulnerability in the power consumption statistics module. Impact: Successful exploita

CVE-2026-34861 - Race condition vulnerability in the thermal management module. Impact: Successful exploitation of th

CVE-2026-34859 - UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will a

CVE-2026-34858 - UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability

CVE-2026-34857 - UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability

CVE-2026-34855 - Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vuln

CVE-2026-34854 - UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will a

CVE-2026-34849 - UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerabi

CVE-2026-25209 - Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This

CVE-2026-25208 - Integer overflow vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue af

CVE-2026-25207 - Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers.This issue

CVE-2026-25206 - Out-of-bounds read vulnerability in Samsung Open Source Escargot allows Resource Leak Exposure.This

CVE-2026-25205 - Heap-based buffer overflow vulnerability in Samsung Open Source Escargot allows out-of-bounds write.

CVE-2026-21003 - Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 al

CVE-2026-6157 - A vulnerability was detected in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function set

CVE-2026-6156 - A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects th

CVE-2026-6155 - A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function

CVE-2026-6154 - A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element i

CVE-2026-6153 - A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. Impacted is

CVE-2026-34867 - Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vu

CVE-2026-34860 - Access control vulnerability in the memo module. Impact: Successful exploitation of this vulnerabili

CVE-2026-34856 - UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability

CVE-2026-34853 - Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerabi

CVE-2026-34852 - Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerab

CVE-2026-34851 - Race condition vulnerability in the event notification module. Impact: Successful exploitation of th

CVE-2026-34850 - Race condition vulnerability in the notification service. Impact: Successful exploitation of this vu

CVE-2026-28553 - Vulnerability of improper permission control in the theme setting module. Impact: Successful exploit

CVE-2026-6179 - Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run

CVE-2026-6152 - A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue a

CVE-2026-6151 - A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerabilit

CVE-2026-6150 - A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown p

CVE-2026-6149 - A flaw has been found in code-projects Vehicle Showroom Management System 1.0. Affected by this issu

CVE-2026-6148 - A vulnerability was detected in code-projects Vehicle Showroom Management System 1.0. Affected by th

CVE-2026-6143 - A security flaw has been discovered in farion1231 cc-switch up to 3.12.3. Affected by this issue is

CVE-2026-6142 - A vulnerability was identified in tushar-2223 Hotel Management System up to bb1f3b3666124b888f1e4bcf

CVE-2026-6141 - A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up to 2.3.0. Affected is

CVE-2026-6140 - A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function Upload

CVE-2026-6139 - A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function U

CVE-2026-25204 - Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows d

CVE-2026-6138 - A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function

CVE-2026-6137 - A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function

CVE-2026-6136 - A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the functio

CVE-2026-6135 - A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fro

CVE-2026-6134 - A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the

CVE-2026-6133 - A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeU

CVE-2026-6132 - A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is t

CVE-2026-6131 - A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability i

CVE-2026-6130 - A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransp

CVE-2026-6129 - A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unk

CVE-2026-40396 - Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after ti

CVE-2026-40395 - Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service (daemon panic) f

CVE-2026-40394 - Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" d

CVE-2026-40393 - In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because

CVE-2026-40386 - In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote deco

CVE-2026-40385 - In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be u

CVE-2019-25713 - MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute

CVE-2019-25712 - BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allo

CVE-2019-25711 - SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attacker

CVE-2019-25710 - Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin d

CVE-2019-25709 - CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the applicatio

CVE-2019-25708 - Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attack

CVE-2019-25707 - eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to exec

CVE-2019-25706 - Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers