|
81
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: virt_wifi: remove SET_NETDEV_DEV to avoid use-after-free
Currently we execute `SET_NETDEV_DEV(dev, &priv->lowerdev->dev)` f…
New
|
-
|
CVE-2026-31695
|
2026-05-3 16:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
82
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
fuse: reject oversized dirents in page cache
fuse_add_dirent_to_cache() computes a serialized dirent size from the
server-control…
New
|
-
|
CVE-2026-31694
|
2026-05-3 16:16 |
2026-05-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
83
|
7.8 |
HIGH
Local
|
-
|
-
|
In the Linux kernel, the following vulnerability has been resolved:
cifs: some missing initializations on replay
In several places in the code, we have a label to signify
the start of the code wher…
Update
|
-
|
CVE-2026-31693
|
2026-05-3 16:16 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
84
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in jsbroks COCO Annotator up to 0.11.1. Affected by this vulnerability is an unknown functionality of the file backend/webserver/api/datasets.py of the comp…
New
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7681
|
2026-05-3 15:15 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
85
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in jsbroks COCO Annotator up to 0.11.1. Affected is an unknown function of the file backend/webserver/api/datasets.py of the component Data Endpoint. Executing a manipu…
New
|
CWE-22
Path Traversal
|
CVE-2026-7680
|
2026-05-3 15:15 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
86
|
7.2 |
HIGH
Network
|
-
|
-
|
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submit_nex_form() function in versions up to,…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-5063
|
2026-05-3 15:15 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
87
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This impacts the function getAccessToken of the file yudao-module-system-biz/src/main/java/io/github/ruoyi/common/oauth2/servi…
New
|
CWE-287
Improper Authentication
|
CVE-2026-7679
|
2026-05-3 14:15 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
88
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in YunaiV yudao-cloud up to 2026.01. This affects the function getDataBySQL of the file yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoView…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7678
|
2026-05-3 14:15 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
89
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNotic…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7677
|
2026-05-3 14:15 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
90
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in kerwincui FastBee up to 1.2.1. The affected element is the function ToolController.download of the file springboot/fastbee-open-api/src/main/java/com/fastbee/data/control…
New
|
CWE-22
Path Traversal
|
CVE-2026-7676
|
2026-05-3 14:15 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
