CVE Vulnerabilities
CVE vulnerability database enriched with CISA KEV and NVD data
| CVE ID | CVSS | Severity | KEV | Sightings |
|---|---|---|---|---|
| CVE-2026-7020 A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The manip... | 5.6 | MEDIUM | — | 0 |
| CVE-2026-7022 A security vulnerability has been detected in SmythOS sre up to 0.0.15. Affected is the function AgentRuntime of the file packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts of the compone... | 7.3 | HIGH | — | 0 |
| CVE-2026-7023 A vulnerability was detected in ByteDance coze-studio up to 0.5.1. Affected by this vulnerability is the function ExecuteSQL of the file backend/domain/memory/database/service/database_impl.go of the ... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-7024 A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServle... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-7025 A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The ma... | 7.3 | HIGH | — | 0 |
| CVE-2026-7028 A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php of the component All Jobs Page. Perfo... | 4.7 | MEDIUM | — | 0 |
| CVE-2026-7039 A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description le... | 7.8 | HIGH | — | 0 |
| CVE-2026-7090 A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send_message.php of the component Chat Interface. The manipulation of the argument ms... | 2.4 | LOW | — | 0 |
| CVE-2026-7091 A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the component User Management Handler. This manipulation causes improper aut... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-7094 A vulnerability was determined in ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78. Affected by this issue is some unknown functionality of the file src/puppeteer/ind... | 7.3 | HIGH | — | 0 |
| CVE-2026-7095 A vulnerability was identified in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. The manipulation of the argument ID leads to cross site sc... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-7114 A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. This manipulation of the argument ID causes sql injection.... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-7115 A vulnerability was identified in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file 370project/delete.php. Such manipulation of the argument ID leads to... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-7116 A security flaw has been discovered in code-projects Employee Management System 1.0. This issue affects some unknown processing of the file 370project/mark.php. Performing a manipulation results in cr... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-1744 A vulnerability was found in D-Link DSL-6641K N8.TR069.20131126. Affected by this issue is the function doSubmitPPP of the file sp_pppoe_user.js. The manipulation of the argument Username results in c... | 2.4 | LOW | — | 0 |
| CVE-2026-1745 A vulnerability was determined in SourceCodester Medical Certificate Generator App 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. Remote exploitation of the at... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-1746 A vulnerability was identified in JeecgBoot 3.9.0. This vulnerability affects unknown code of the file /JeecgBoot/sys/api/loadDictItemByKeyword of the component Online Report API. Such manipulation of... | 6.3 | MEDIUM | — | 0 |
| CVE-2025-61647 Vulnerability in Wikimedia Foundation CheckUser. This vulnerability is associated with program files src/Api/Rest/Handler/UserInfoHandler.Php. This issue affects CheckUser: from a3dc1bbcc33acbcca6831... | N/A | NONE | — | 0 |
| CVE-2026-1802 A security flaw has been discovered in Ziroom ZHOME A0101 1.0.1.0. This issue affects the function macAddrClone of the file luci\controller\api\zrMacClone.lua. The manipulation of the argument macType... | 7.3 | HIGH | — | 0 |
| CVE-2026-1810 A vulnerability was detected in bolo-blog bolo-solo up to 2.6.4. The impacted element is the function unpackFilteredZip of the file src/main/java/org/b3log/solo/bolo/prop/BackupService.java of the com... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2075 A security flaw has been discovered in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected is the function saveRolePermission of the file dataset\repos\warehouse\src\main\java\co... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2076 A weakness has been identified in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this vulnerability is the function addUser/updateUser/deleteUser of the file dataset\repo... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2077 A security vulnerability has been detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. Affected by this issue is the function addRole/updateRole/deleteRole of the file dataset\... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2078 A vulnerability was detected in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function addPermission/updatePermission/deletePermission of the file dataset\repos\war... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2089 A vulnerability was found in SourceCodester Online Class Record System 1.0. This vulnerability affects unknown code of the file /admin/subject/controller.php. Performing a manipulation of the argument... | 7.3 | HIGH | — | 0 |
| CVE-2026-2105 A flaw has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The affected element is the function addDept/updateDept/deleteDept of the file dataset\repos\warehouse\src\mai... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2106 A vulnerability has been found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. The impacted element is the function addNotice/updateNotice/deleteNotice/batchDeleteNotice of the fil... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2107 A vulnerability was found in yeqifu warehouse up to aaf29962ba407d22d991781de28796ee7b4670e4. This affects the function loadAllLoginfo/deleteLoginfo/batchDeleteLoginfo of the file dataset\repos\wareho... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2109 A vulnerability was identified in jsbroks COCO Annotator up to 0.11.1. Affected is an unknown function of the file /api/undo/ of the component Delete Category Handler. Such manipulation of the argumen... | 5.4 | MEDIUM | — | 0 |
| CVE-2026-2110 A security flaw has been discovered in Tasin1025 SwiftBuy up to 0f5011372e8d1d7edfd642d57d721c9fadc54ec7. Affected by this vulnerability is an unknown functionality of the file /login.php. Performing ... | 3.7 | LOW | — | 0 |
| CVE-2026-2163 A vulnerability was identified in D-Link DIR-600 up to 2.15WWb02. This vulnerability affects unknown code of the file ssdp.cgi. Such manipulation of the argument HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER... | 4.7 | MEDIUM | — | 0 |
| CVE-2026-2164 A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the file /seller/assets/backend/profile/addadhar.php. Performing a manipulation of th... | 7.3 | HIGH | — | 0 |
| CVE-2026-2165 A weakness has been identified in detronetdip E-commerce 1.0.0. Impacted is an unknown function of the file /Admin/assets/backend/seller/add_seller.php of the component Account Creation Endpoint. Exec... | 7.3 | HIGH | — | 0 |
| CVE-2026-2166 A security vulnerability has been detected in code-projects Online Reviewer System 1.0. The affected element is an unknown function of the file /login/index.php of the component Login. The manipulatio... | 7.3 | HIGH | — | 0 |
| CVE-2026-2167 A vulnerability was detected in Totolink WA300 5.2cu.7112_B20190227. The impacted element is the function setAPNetwork of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument Ipaddr results... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2218 A vulnerability was determined in D-Link DCS-933L up to 1.14.11. This affects an unknown function of the file /setSystemAdmin of the component alphapd. This manipulation of the argument AdminID causes... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2220 A vulnerability was identified in code-projects Online Reviewer System 1.0. This impacts an unknown function of the file /system/system/admins/assessments/pretest/btn_functions.php. Such manipulation ... | 7.3 | HIGH | — | 0 |
| CVE-2026-2221 A security flaw has been discovered in code-projects Online Reviewer System 1.0. Affected is an unknown function of the file /login/index.php of the component Login. Performing a manipulation of the a... | 7.3 | HIGH | — | 0 |
| CVE-2026-2222 A weakness has been identified in code-projects Online Reviewer System 1.0. Affected by this vulnerability is an unknown functionality of the file /system/system/admins/manage/users/btn_functions.php.... | 2.4 | LOW | — | 0 |
| CVE-2026-2223 A security vulnerability has been detected in code-projects Online Reviewer System 1.0. Affected by this issue is some unknown functionality of the file /system/system/students/assessments/pretest/tak... | 7.3 | HIGH | — | 0 |
| CVE-2026-2224 A vulnerability was detected in code-projects Online Reviewer System 1.0. This affects an unknown part of the file /system/system/admins/manage/users/btn_functions.php. The manipulation of the argumen... | 3.5 | LOW | — | 0 |
| CVE-2026-2259 A vulnerability has been found in aardappel lobster up to 2025.4. Affected by this issue is the function lobster::Parser::ParseStatements in the library dev/src/lobster/parser.h of the component Parsi... | 3.3 | LOW | — | 0 |
| CVE-2025-15570 A vulnerability was found in ckolivas lrzip up to 0.651. This impacts the function lzma_decompress_buf of the file stream.c. Performing a manipulation results in use after free. Attacking locally is a... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-15571 A security vulnerability has been detected in ckolivas lrzip up to 0.651. This vulnerability affects the function ucompthread of the file stream.c. Such manipulation leads to null pointer dereference.... | 3.3 | LOW | — | 0 |
| CVE-2025-15572 A vulnerability has been found in wasm3 up to 0.5.0. The affected element is the function NewCodePage. The manipulation leads to memory leak. The attack must be carried out locally. The exploit has be... | 3.3 | LOW | — | 0 |
| CVE-2026-2469 Versions of the package directorytree/imapengine before 1.22.3 are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') via the id() functio... | 7.6 | HIGH | — | 0 |
| CVE-2026-2658 A vulnerability was found in newbee-ltd newbee-mall up to a069069b07027613bf0e7f571736be86f431faee. Affected is an unknown function of the component Multiple Endpoints. Performing a manipulation resul... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-2616 A vulnerability has been found in Beetel 777VR1 up to 01.00.09. The impacted element is an unknown function of the component Web Management Interface. The manipulation leads to hard-coded credentials.... | 8.8 | HIGH | — | 0 |
| CVE-2026-2617 A vulnerability was found in Beetel 777VR1 up to 01.00.09. This affects an unknown function of the component Telnet Service/SSH Service. The manipulation results in insecure default initialization of ... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-2618 A vulnerability was determined in Beetel 777VR1 up to 01.00.09. This impacts an unknown function of the component SSH Service. This manipulation causes risky cryptographic algorithm. The attack is pos... | 3.7 | LOW | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.