|
1
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in r-huijts mcp-server-rijksmuseum up to 1.0.4. Affected is the function open_image_in_browser of the file src/index.ts of the component MCP Interface. Performing …
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7653
|
2026-05-3 01:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in ruvnet sublinear-time-solver 1.5.0. Affected by this vulnerability is the function export_state of the file src/consciousness-explorer/mcp/server.js of the component MCP …
New
|
CWE-22
Path Traversal
|
CVE-2026-7645
|
2026-05-3 01:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in ChatGPTNextWeb NextChat up to 2.16.1. Affected is the function addMcpServer of the file app/mcp/actions.ts. The manipulation leads to improper authorization. Remote …
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7644
|
2026-05-3 00:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in ChatGPTNextWeb NextChat up to 2.16.1. This impacts an unknown function of the file Next.js of the component API Endpoint. Executing a manipulation can lead to permissive cros…
New
|
CWE-346
CWE-942
Origin Validation Error
Permissive Cross-domain Policy with Untrusted Domains
|
CVE-2026-7643
|
2026-05-3 00:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function download_website of the file src/index.ts of the component MCP Interface. Performing a manipulation o…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7642
|
2026-05-3 00:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in Totolink N300RH 6.1c.1353_B20190305. This impacts the function setUploadSetting of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument FileName leads to…
New
|
CWE-73
External Control of File Name or Path
|
CVE-2026-7633
|
2026-05-3 00:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in code-projects Online Hospital Management System 1.0. This affects an unknown function of the file /viewappointment.php. This manipulation of the argument delid cause…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7632
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in code-projects Online Hospital Management System 1.0. The impacted element is an unknown function of the component Registration Handler. The manipulation of the argument U…
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7631
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in innocommerce InnoShop up to 0.7.8. The affected element is the function InstallServiceProvider::boot of the file innopacks/install/src/InstallServiceProvider.php of …
New
|
CWE-287
Improper Authentication
|
CVE-2026-7630
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7629
|
2026-05-2 23:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
