Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-4562 A security flaw has been discovered in MacCMS 2025.1000.4052. This affects an unknown part of the file application/api/controller/Timming.php of the component Timming API Endpoint. The manipulation re... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7324 Memory safety bugs present in Thunderbird 150.0.0. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitra... | 7.3 | HIGH | โ | 0 |
| CVE-2026-5435 The deprecated functions ns_printrrf, ns_printrr and fp_nquery in the GNU C Library version 2.2 and newer fail to enforce the caller-supplied buffer length, and can result in an out-of-bounds write wh... | 7.3 | HIGH | โ | 0 |
| CVE-2026-35455 immich is a high performance self-hosted photo and video management solution. Prior to 2.7.0, sStored Cross-Site Scripting (XSS) in the 360ยฐ panorama viewer allows any authenticated user to execute ar... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7206 A security flaw has been discovered in dubydu sqlite-mcp up to 0.1.0. The affected element is the function extract_to_json of the file src/entry.py. Performing a manipulation of the argument output_fi... | 7.3 | HIGH | โ | 0 |
| CVE-2026-33080 Filament is a collection of full-stack components for accelerated Laravel development. Versions 4.0.0 through 4.8.4 and 5.0.0 through 5.3.4 have two Filament Table summarizers (Range, Values) that ren... | 7.3 | HIGH | โ | 0 |
| CVE-2026-3780 The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to... | 7.3 | HIGH | โ | 0 |
| CVE-2026-37336 SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_music.php. | 7.3 | HIGH | โ | 0 |
| CVE-2026-37337 SourceCodester Simple Music Cloud Community System v1.0 is vulnerable to SQL Injection in the file /music/view_playlist.php. | 7.3 | HIGH | โ | 0 |
| CVE-2026-25456 Missing Authorization vulnerability in Aarsiv Groups Automated FedEx live/manual rates with shipping labels a2z-fedex-shipping allows Exploiting Incorrectly Configured Access Control Security Levels.T... | 7.3 | HIGH | โ | 0 |
| CVE-2026-3164 A vulnerability was found in itsourcecode News Portal Project 1.0. This issue affects some unknown processing of the file /admin/contactus.php. The manipulation of the argument pagetitle results in sq... | 7.3 | HIGH | โ | 0 |
| CVE-2026-3153 A vulnerability has been found in itsourcecode Document Management System 1.0. Impacted is an unknown function of the file /register.php. Such manipulation of the argument Username leads to sql inject... | 7.3 | HIGH | โ | 0 |
| CVE-2026-3152 A flaw has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/teacher-salary.php. This manipulation of the argument teacher_id caus... | 7.3 | HIGH | โ | 0 |
| CVE-2026-3151 A vulnerability was detected in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /login/login.php. The manipulation of the argument email results in sql ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-3148 A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes s... | 7.3 | HIGH | โ | 0 |
| CVE-2026-3135 A weakness has been identified in itsourcecode News Portal Project 1.0. The impacted element is an unknown function of the file /admin/add-category.php. This manipulation of the argument Category caus... | 7.3 | HIGH | โ | 0 |
| CVE-2026-3026 A vulnerability has been found in erzhongxmu JEEWMS 3.7. Affected by this issue is some unknown functionality of the file /plug-in/ueditor/jsp/getRemoteImage.jsp of the component UEditor. The manipula... | 7.3 | HIGH | โ | 0 |
| CVE-2026-3025 A flaw has been found in ShuoRen Smart Heating Integrated Management Platform 1.0.0. Affected by this vulnerability is an unknown functionality of the file /MP/Service/Webservice/ExampleNodeService.as... | 7.3 | HIGH | โ | 0 |
| CVE-2026-2952 A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/tree_server.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxarg... | 7.3 | HIGH | โ | 0 |
| CVE-2026-2944 A security flaw has been discovered in Tosei Online Store Management System ใใใๅบ่็ฎก็ใทในใใ 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handle... | 7.3 | HIGH | โ | 0 |
| CVE-2026-2912 A vulnerability was found in code-projects Online Reviewer System 1.0. Impacted is an unknown function of the file /system/system/students/assessments/results/studentresult-view.php. The manipulation ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-34856 UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability. | 7.3 | HIGH | โ | 0 |
| CVE-2026-7036 A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal.... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7213 A vulnerability was detected in ef10007 MLOps_MCP 1.0.0. This impacts an unknown function of the file fastmcp_server.py of the component save_file Tool. The manipulation of the argument filename/desti... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7212 A security vulnerability has been detected in edvardlindelof notes-mcp up to 0.1.4. This affects an unknown function of the file notes_mcp.py. The manipulation of the argument root_dir/path leads to p... | 7.3 | HIGH | โ | 0 |
| CVE-2026-4624 A vulnerability was detected in SourceCodester Online Library Management System 1.0. The impacted element is an unknown function of the file /home.php of the component Parameter Handler. Performing a ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-4838 A flaw has been found in SourceCodester Malawi Online Market 1.0. The impacted element is an unknown function of the file /display.php. Executing a manipulation of the argument ID can lead to sql inje... | 7.3 | HIGH | โ | 0 |
| CVE-2026-4612 A vulnerability has been found in itsourcecode Free Hotel Reservation System 1.0. This affects an unknown part of the file /hotel/admin/mod_users/index.php?view=edit&id=8 of the component Parameter Ha... | 7.3 | HIGH | โ | 0 |
| CVE-2026-2848 A flaw has been found in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /classes/Master.php?f=register of the component Re... | 7.3 | HIGH | โ | 0 |
| CVE-2026-2691 A vulnerability has been found in itsourcecode Event Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/manage_register.php. Such manipulation of the argume... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7194 A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=save_product. This manipulation of the argument ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-2549 A vulnerability has been found in zhanghuanhao LibrarySystem ๅพไนฆ้ฆ็ฎก็็ณป็ป up to 1.1.1. This impacts an unknown function of the file BookController.java. The manipulation leads to improper access controls. ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-2629 A weakness has been identified in jishi node-sonos-http-api up to 3776f0ee2261c924c7b7204de121a38100a08ca7. Affected is the function Promise of the file lib/tts-providers/mac-os.js of the component TT... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7147 A vulnerability was detected in JoeCastrom mcp-chat-studio up to 1.5.0. Affected by this issue is some unknown functionality of the file server/routes/llm.js of the component LLM Models API. Performin... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7062 A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation lea... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7063 A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performing... | 7.3 | HIGH | โ | 0 |
| CVE-2026-31569 In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Handle the case that EIOINTC's coremap is empty EIOINTC's coremap in eiointc_update_sw_coremap() can be empty, cur... | 7.3 | HIGH | โ | 0 |
| CVE-2026-30616 Jaaz 1.0.30 contains a remote code execution vulnerability in its MCP STDIO command execution handling. A remote attacker can send crafted network requests to the network-accessible Jaaz application, ... | 7.3 | HIGH | โ | 0 |
| CVE-2025-68022 Missing Authorization vulnerability in soporteblue Plugin BlueX for WooCommerce bluex-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Plugin ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7131 A vulnerability has been found in code-projects Online Lot Reservation System up to 1.0. The impacted element is an unknown function of the file /loginuser.php. The manipulation of the argument email/... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7127 A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This vulnerability affects unknown code of the file /ajax.php?action=delete_receiving. This manipulation of th... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7126 A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects an unknown part of the file /ajax.php?action=save_category. The manipulation of the argument... | 7.3 | HIGH | โ | 0 |
| CVE-2026-4850 A security flaw has been discovered in code-projects Simple Laundry System 1.0. Affected is an unknown function of the file /checkregisitem.php of the component Parameter Handler. The manipulation of ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-6126 A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing... | 7.3 | HIGH | โ | 0 |
| CVE-2026-5034 A flaw has been found in code-projects Accounting System 1.0. Affected by this issue is some unknown functionality of the file /edit_costumer.php of the component Parameter Handler. This manipulation ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-5971 A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xml_fill of the file metagpt/actions/action_node.py of the component XML Handler. Exec... | 7.3 | HIGH | โ | 0 |
| CVE-2026-4528 A vulnerability was determined in trueleaf ApiFlow 0.9.7. The impacted element is the function validateUrlSecurity of the file packages/server/src/service/proxy/http_proxy.service.ts of the component ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-4623 A security vulnerability has been detected in DefaultFuction Jeson-Customer-Relationship-Management-System up to 1b4679c4d06b90d31dd521c2b000bfdec5a36e00. This affects an unknown function of the file ... | 7.3 | HIGH | โ | 0 |
| CVE-2026-4632 A weakness has been identified in itsourcecode Online Enrollment System 1.0. This vulnerability affects unknown code of the file /sms/user/index.php?view=add of the component Parameter Handler. Execut... | 7.3 | HIGH | โ | 0 |
| CVE-2026-7088 A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing a manipulat... | 7.3 | HIGH | โ | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.