|
591
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability was determined in kerwincui FastBee up to 1.2.1. The impacted element is the function Add of the file springboot/fastbee-admin/src/main/java/com/fastbee/web/controller/system/SysNotic…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7677
|
2026-05-6 04:15 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
592
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410_221110. This issue affects the function set_sys_adm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes …
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7690
|
2026-05-6 04:14 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
593
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110. Impacted is the function set_sys_cmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command lea…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7691
|
2026-05-6 04:14 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
594
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410_221110. The affected element is the function ping_ddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS re…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7692
|
2026-05-6 04:14 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
595
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in YunaiV yudao-cloud up to 2026.01. This affects the function getDataBySQL of the file yudao-module-report-biz/src/main/java/io/github/ruoyi/report/service/impl/GoView…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7678
|
2026-05-6 04:13 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
596
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in YunaiV yudao-cloud up to 2026.01. This impacts the function getAccessToken of the file yudao-module-system-biz/src/main/java/io/github/ruoyi/common/oauth2/servi…
New
|
CWE-287
Improper Authentication
|
CVE-2026-7679
|
2026-05-6 04:13 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
597
|
7.2 |
HIGH
Network
|
-
|
-
|
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to Stored Cross-Site Scripting via POST parameter key names in the submit_nex_form() function in versions up to,…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-5063
|
2026-05-6 04:13 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
598
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in jsbroks COCO Annotator up to 0.11.1. Affected is an unknown function of the file backend/webserver/api/datasets.py of the component Data Endpoint. Executing a manipu…
New
|
CWE-22
Path Traversal
|
CVE-2026-7680
|
2026-05-6 04:13 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
599
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in jsbroks COCO Annotator up to 0.11.1. Affected by this vulnerability is an unknown functionality of the file backend/webserver/api/datasets.py of the comp…
New
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7681
|
2026-05-6 04:13 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
600
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in eyeo Adblock Plus up to 4.36.2 on Chrome. Affected by this vulnerability is the function postMessage of the file premium.preload.js of the component Legacy Premium Activa…
New
|
CWE-266
CWE-284
Incorrect Privilege Assignment
Improper Access Control
|
CVE-2026-7686
|
2026-05-6 04:13 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
