|
91
|
- |
|
-
|
-
|
Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence.
Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both head…
New
|
CWE-444
HTTP Request Smuggling
|
CVE-2026-40561
|
2026-05-3 14:15 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
92
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function start_lan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid l…
New
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7675
|
2026-05-3 12:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
93
|
8.8 |
HIGH
Network
|
-
|
-
|
A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function start_single_service of the component Web Management Interface. Executing a manipulation…
New
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7674
|
2026-05-3 11:17 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
94
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in crmeb_java up to 1.3.4. This vulnerability affects unknown code of the file crmeb/crmeb-service/src/main/java/com/zbkj/service/service/impl/UploadServiceImpl.java of t…
New
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-7673
|
2026-05-3 11:17 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
95
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in youlaitech youlai-boot up to 2.21.1. This affects the function getUserList of the file src/main/java/com/youlai/boot/system/controller/UserController.jav…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7672
|
2026-05-3 09:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
96
|
3.7 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The impacted element is an unknown function of the file /TwoFactor. Such manipulation leads to improper restr…
New
|
CWE-307
CWE-799
mproper Restriction of Excessive Authentication Attempts
Improper Control of Interaction Frequency
|
CVE-2026-7671
|
2026-05-3 09:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
97
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/UserSel.aspx. This manipulation of the argument DeptIDList causes sql inje…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7670
|
2026-05-3 08:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
98
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
New
|
-
|
CVE-2026-6481
|
2026-05-3 08:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
99
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function get_tokenizer of the file python/sglang/srt/utils/hf_transformers_utils.py of the component HuggingFace Transf…
New
|
CWE-20
CWE-502
Improper Input Validation
Deserialization of Untrusted Data
|
CVE-2026-7669
|
2026-05-3 07:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
100
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in MikroTik RouterOS 6.49.8. This vulnerability affects the function ASN1_STRING_data in the library nova/lib/www/scep.p of the component SCEP Endpoint. The manipulatio…
New
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2026-7668
|
2026-05-3 06:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
