|
1
|
4.3 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability has been found in AV Stumpfl Pixera Two Media Server up to 25.1 R2. The affected element is an unknown function of the component Service Port 1338. Such manipulation leads to path tra…
New
|
CWE-22
Path Traversal
|
CVE-2026-7704
|
2026-05-4 02:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in AV Stumpfl Pixera Two Media Server up to 25.2 R2. Impacted is an unknown function of the component Websocket API. This manipulation causes code injection. The attack can be i…
New
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-7703
|
2026-05-4 02:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview E…
New
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7702
|
2026-05-4 01:15 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Telegram Desktop up to 6.7.5. This vulnerability affects the function RequestButton of the file Telegram/SourceFiles/boxes/url_auth_box.cpp of the compon…
New
|
CWE-404
CWE-476
Improper Resource Shutdown or Release
NULL Pointer Dereference
|
CVE-2026-7701
|
2026-05-4 01:15 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in langflow-ai langflow up to 1.8.4. This affects the function eval of the file src/lfx/src/lfx/components/llm_operations/lambda_filter.p of the component LambdaFilterC…
New
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-7700
|
2026-05-4 00:15 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in Dromara MaxKey up to 3.5.13. Affected by this issue is the function StrUtils.checkSqlInjection of the file StrUtils.java. Performing a manipulation of the argum…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7699
|
2026-05-4 00:15 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo.…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7698
|
2026-05-3 23:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand_submit.php. This manipulation of the argument ID causes…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7697
|
2026-05-3 23:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This impacts an unknown function of the file /SubstationWEBV2/main/uploadH5Files. T…
New
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-7696
|
2026-05-3 22:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This affects an unknown function of the file /SubstationWEBV2/main/elecMaxMinA…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7695
|
2026-05-3 22:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
