|
171
|
5.5 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability was detected in 8421bit MiniClaw 0.8.0/0.9.0. This issue affects the function resolveSkillScriptPath of the file src/kernel.ts of the component System Command Handler. The manipulatio…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-8235
|
2026-05-12 01:17 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
172
|
3.5 |
LOW
Adjacent
|
-
|
-
|
A vulnerability was found in Dotouch XproUPF 2.0.0-release-088aa7c4. This impacts the function vlib_worker_loop in the library /usr/xpro/upf/tools/libs/libvlib.so of the component UPF Process. The ma…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8232
|
2026-05-12 01:17 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
173
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Open5GS up to 2.7.7. Affected by this vulnerability is the function pcf_sess_sbi_discover_and_send of the component sm-policies Endpoint. Performing a manipulation result…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8223
|
2026-05-12 01:17 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
174
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in Industrial Application Software IAS Canias ERP 8.03. Impacted is the function Runtime.getRuntime.exec of the component RMI Interface. Performing a manipulation …
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-8217
|
2026-05-12 01:17 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
175
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption…
New
|
CWE-400
CWE-404
Uncontrolled Resource Consumption
Improper Resource Shutdown or Release
|
CVE-2026-8187
|
2026-05-12 01:17 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
176
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the library lib/sbi/client.c of the component NF. Performing a manipulation resul…
New
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2026-8186
|
2026-05-12 01:17 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
177
|
- |
|
-
|
-
|
Corteza contains a SQL injection vulnerability in its Microsoft SQL Server (MSSQL) backend when filtering Compose records by the meta field.This issue affects corteza: 2024.9.8.
New
|
CWE-89
SQL Injection
|
CVE-2026-6093
|
2026-05-12 01:17 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
178
|
2.2 |
LOW
Local
|
-
|
-
|
GrapheneOS before 2026050400 allows attackers to discover the real IP address of a VPN user as a consequence of a registerQuicConnectionClosePayload optimization, because an application can let syste…
New
|
CWE-441
Confused Deputy
|
CVE-2026-45182
|
2026-05-12 01:17 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
179
|
- |
|
-
|
-
|
Angular Expressions provides expressions for the Angular.JS web framework as a standalone module. Prior to 1.5.2, an attacker can write a malicious expression using filters that escapes the sandbox t…
New
|
CWE-95
Eval Injection
|
CVE-2026-44643
|
2026-05-12 01:17 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
180
|
- |
|
-
|
-
|
FastGPT is an AI Agent building platform. Prior to version 4.14.17, an unauthenticated Server-Side Request Forgery (SSRF) vulnerability allows attackers (or authenticated users with App editing privi…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-44286
|
2026-05-12 01:17 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
