|
1381
|
- |
|
-
|
-
|
An issue was discovered in the PaperCut Hive Ricoh embedded application. When the "Deep Logging" (diagnostic) mode is enabled, the application inadvertently records administrative credentials in plai…
|
CWE-532
Inclusion of Sensitive Information in Log Files
|
CVE-2026-7824
|
2026-05-8 00:10 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1382
|
- |
|
-
|
-
|
A type confusion vulnerability in Qt SVG allows an attacker to cause an application crash via a crafted SVG image.
When processing SVG marker references, the renderer retrieves a node by its id at…
|
CWE-122
CWE-843
Heap-based Buffer Overflow
Type Confusion
|
CVE-2026-6210
|
2026-05-8 00:10 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1383
|
7.5 |
HIGH
Network
|
-
|
-
|
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to version 2.0.39, the queryParentSQL() function in the core database package co…
|
CWE-89
SQL Injection
|
CVE-2026-41640
|
2026-05-8 00:08 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1384
|
- |
|
-
|
-
|
In Jupyter Notebook versions 7.0.0 through 7.5.5, JupyterLab versions 4.5.6 and earlier, and the corresponding @jupyter-notebook/help-extension and @jupyterlab/help-extension packages before 7.5.6 an…
|
CWE-79
Cross-site Scripting
|
CVE-2026-40171
|
2026-05-8 00:07 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1385
|
- |
|
-
|
-
|
OpenMRS Core is an open source electronic medical record system platform. In versions 2.7.8 and earlier and versions 2.8.0 through 2.8.5, the `/openmrs/moduleResources/{moduleid}` endpoint is vulnera…
|
CWE-22
Path Traversal
|
CVE-2026-40075
|
2026-05-8 00:06 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1386
|
7.5 |
HIGH
Network
|
-
|
-
|
GoBGP is an open source Border Gateway Protocol (BGP) implementation in the Go Programming Language. In version 4.3.0, a remote Denial of Service (DoS) vulnerability exists in GoBGP due to a nil poin…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-41642
|
2026-05-8 00:06 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1387
|
9.6 |
CRITICAL
Network
|
-
|
-
|
OpenC3 COSMOS provides the functionality needed to send commands to and receive data from one or more embedded systems. Prior to version 7.0.0-rc3, the Script Runner widget allows users to execute Py…
|
CWE-250
Execution with Unnecessary Privileges
|
CVE-2026-42088
|
2026-05-8 00:05 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1388
|
5.3 |
MEDIUM
Network
|
flowiseai
|
flowise
|
A security flaw has been discovered in FlowiseAI Flowise up to 3.0.12. Affected is the function Login of the file packages/server/src/enterprise/services/account.service.ts of the component API Respo…
|
CWE-200
CWE-284
CWE-312
Information Exposure
Improper Access Control
Cleartext Storage of Sensitive Information
|
CVE-2026-8026
|
2026-05-8 00:04 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1389
|
5.9 |
MEDIUM
Network
|
-
|
-
|
OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15.0-beta.1 and earlier, the AzureVmMetaDataRequestor class makes HTTP requests to the Azure VM insta…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-41483
|
2026-05-8 00:04 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1390
|
5.3 |
MEDIUM
Adjacent
|
-
|
-
|
OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-end over HTTP. In versions 1.15.0 and earlier, when a request to the configured back-end or collecto…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-41484
|
2026-05-8 00:04 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
