Vulnerabilidades CVE
Base de datos de vulnerabilidades CVE enriquecida con datos de CISA KEV y NVD
| CVE ID | CVSS | Severidad | KEV | Avistamientos |
|---|---|---|---|---|
| CVE-2026-5532 A vulnerability was found in ScrapeGraphAI scrapegraph-ai up to 1.74.0. The affected element is the function create_sandbox_and_execute of the file scrapegraphai/nodes/generate_code_node.py of the com... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-4954 A security vulnerability has been detected in mingSoft MCMS up to 5.5.0. Impacted is the function list of the file net/mingsoft/cms/action/web/ContentAction.java of the component Web Content List Endp... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2075 A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\co... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2851 A vulnerability was determined in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This vulnerability affects the function addInport/updateInport/deleteInport of the file dataset\repos... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3767 A weakness has been identified in itsourcecode sanitize or validate this input 1.0. Affected is an unknown function of the file /admin/teacher-attendance.php. Executing a manipulation of the argument ... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3102 A vulnerability was determined in exiftool up to 13.49 on macOS. This issue affects the function SetMacOSTags of the file lib/Image/ExifTool/MacOS.pm of the component PNG File Parser. This manipulatio... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3797 A security vulnerability has been detected in Tiandy Video Surveillance System θ§ι’ηζ§εΉ³ε° 7.17.0. The impacted element is the function uploadFile of the file /src/com/tiandy/easy7/core/rest/CLS_REST_File.... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2076 A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this vulnerability is the function addUser/updateUser/deleteUser of the file dataset\repo... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3771 A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. This vulnerability affects unknown code of the file /accomodation.php. Such manipulation of the argument q leads ... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-5327 A security flaw has been discovered in efforthye fast-filesystem-mcp up to 3.5.1. The affected element is the function handleGetDiskUsage of the file src/index.ts. Performing a manipulation results in... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2077 A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function addRole/updateRole/deleteRole of the file dataset\... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3800 A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. Affected is the function doInsert of the file /controller.php?action=add. Such manipulation of the argument image... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3163 A vulnerability has been found in SourceCodester Website Link Extractor 1.0. This vulnerability affects the function file_get_contents of the component URL Handler. The manipulation leads to server-si... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3052 A vulnerability was found in DataLinkDC dinky up to 1.2.5. The impacted element is the function proxyUba of the file dinky-admin/src/main/java/org/dinky/controller/FlinkProxyController.java of the com... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3806 A weakness has been identified in SourceCodester/janobe Resort Reservation System 1.0. This issue affects some unknown processing of the file /room_rates.php. This manipulation of the argument q cause... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-34626 Acrobat Reader versions 26.001.21411, 24.001.30360, 24.001.30362 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability ... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-5126 A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function file_get_contents. This manipulation causes server-side request forgery. The attack is possible to b... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-6571 A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGroupAction of the file /app/controller/systemRole.class.php. Executing a manipula... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-5302 CORS misconfiguration in CoolerControl/coolercontrold <4.0.0 allows unauthenticated remote attackers to read data and send commands to the service via malicious websites | 6.3 | MEDIUM | β | 0 |
| CVE-2026-32921 OpenClaw before 2026.3.8 contains an approval bypass vulnerability in system.run where mutable script operands are not bound across approval and execution phases. Attackers can obtain approval for scr... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-7044 A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can b... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-5103 A weakness has been identified in Totolink A3300R 17.0.0cu.557_b20221024. This issue affects the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument enable causes c... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2860 A security vulnerability has been detected in feng_ha_ha/megagao ssm-erp and production_ssm up to 4288d53bd35757b27f2d070057aefb2c07bdd097. Impacted is an unknown function of the file EmployeeControll... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-5102 A security flaw has been discovered in Totolink A3300R 17.0.0cu.557_b20221024. This vulnerability affects the function setSmartQosCfg of the file /cgi-bin/cstecgi.cgi of the component Parameter Handle... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-5104 A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557_b20221024. Impacted is the function setStaticRoute of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ip lea... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2078 A vulnerability was detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addPermission/updatePermission/deletePermission of the file dataset\repos\war... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3961 A vulnerability was determined in zyddnys manga-image-translator up to beta-0.3. The affected element is the function to_pil_image of the file manga-image-translator-main/server/request_extraction.py ... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2556 A security vulnerability has been detected in cskefu up to 8.0.1. This issue affects some unknown processing of the file com/cskefu/cc/controller/resource/MediaController.java of the component Endpoin... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2194 A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function start_proxy_client_email. Executing a manipulation can lead to command injection. The attack can be executed remotely.... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2977 A security vulnerability has been detected in FastApiAdmin up to 2.2.0. This affects the function upload_controller of the file /backend/app/api/v1/module_common/file/controller.py of the component Sc... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-4196 A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-4195 A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1... | 6.3 | MEDIUM | β | 0 |
| CVE-2025-15597 A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. Such manipulation leads ... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2558 A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/net_handler.go. This manipulation of the argument url causes server-side request forg... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2560 A vulnerability has been found in kalcaddle kodbox up to 1.64.05. The impacted element is the function run of the file plugins/fileThumb/lib/VideoResize.class.php of the component Media File Preview P... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2978 A vulnerability was detected in FastApiAdmin up to 2.2.0. This vulnerability affects the function upload_file_controller of the file /backend/app/api/v1/module_system/params/controller.py of the compo... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2561 A vulnerability was found in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This affects the function web_get_ddns_uptime of the file /jdcapi of the component jdcweb_rpc. Performing a manipulation re... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3792 A vulnerability was found in SourceCodester Sales and Inventory System 1.0. This affects an unknown part of the file purchase_invoice.php of the component GET Parameter Handler. The manipulation of th... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2562 A vulnerability was determined in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. This impacts the function cast_streen of the file /jdcapi of the component jdcweb_rpc. Executing a manipulation of the... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2563 A vulnerability was identified in JingDong JD Cloud Box AX6600 up to 4.5.1.r4533. Affected is the function set_stcreenen_deabled_status/get_status of the file /f/service/controlDevice of the component... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3051 A vulnerability has been found in DataLinkDC dinky up to 1.2.5. The affected element is the function getProjectDir of the file dinky-admin/src/main/java/org/dinky/utils/GitRepository.java of the compo... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2979 A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function user_avatar_upload_controller of the file /backend/app/api/v1/module_system/user/controller.py of the component Sched... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-6994 A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query Parameter... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-3790 A flaw has been found in SourceCodester Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file check_supplier_details.php of the component POST Paramete... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2852 A vulnerability was identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This issue affects the function addSales/updateSales/deleteSales of the file dataset\repos\warehouse\... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-2146 A security flaw has been discovered in guchengwuyue yshopmall up to 1.9.1. This affects the function updateAvatar of the file /api/users/updateAvatar of the component co.yixiang.utils.FileUtil. Perfor... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-7093 A vulnerability was found in code-projects Invoice System in Laravel 1.0. Affected by this vulnerability is an unknown functionality of the file /invoice/ of the component Invoice Endpoint. Performing... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-6576 A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Inte... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-7045 A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessor#doDetermineDatasource of the file dynamic-datasource-sprin... | 6.3 | MEDIUM | β | 0 |
| CVE-2026-5606 A security flaw has been discovered in PHPGurukul Online Shopping Portal Project 2.1. The affected element is an unknown function of the file /order-details.php of the component Parameter Handler. The... | 6.3 | MEDIUM | β | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.