|
1131
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in TransformerOptimus SuperAGI up to 0.0.14. Affected by this issue is the function Upload of the file superagi/controllers/resources.py of the component Multipart Uplo…
Update
|
CWE-22
Path Traversal
|
CVE-2026-6615
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1132
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in TransformerOptimus SuperAGI up to 0.0.14. This affects the function extract_with_bs4/extract_with_3k/extract_with_lxml of the file superagi/helper/webpag…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6616
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1133
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in langgenius dify up to 0.6.9. This vulnerability affects the function get_api_tool_provider_remote_schema of the file api/services/tools/api_tools_manage_service.py of …
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6617
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1134
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in langgenius dify up to 1.13.3. This issue affects the function parse_openai_plugin_json_to_tool_bundle of the file api/core/tools/utils/parser.py of the component ApiBasedTool…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6618
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1135
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in langgenius dify up to 1.13.3. Impacted is the function openInNewTab of the file web/app/components/base/image-uploader/image-preview.tsx of the component ImagePrevie…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6619
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1136
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in SonicCloudOrg sonic-server up to 2.0.0. The affected element is the function Upload of the file FileTool.java of the component File Upload Endpoint. The manipulation of t…
Update
|
CWE-22
Path Traversal
|
CVE-2026-6620
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1137
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in 1024bit extend-deep up to 0.1.6. The impacted element is an unknown function of the file index.js. This manipulation of the argument __proto__ causes improperly cont…
Update
|
CWE-94
CWE-1321
Code Injection
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2026-6621
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1138
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\_route=customers/edit/ of the component Customer Handler. Such manipulati…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6622
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1139
|
2.4 |
LOW
Network
|
-
|
-
|
A security flaw has been discovered in BichitroGan ISP Billing Software 2025.3.20. This impacts an unknown function of the file /?_route=settings/users-view/ of the component Profile Page Handler. Pe…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6623
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1140
|
2.4 |
LOW
Network
|
-
|
-
|
A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\_route=pool/add of the component Pool List Interface. Executing a manipula…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6624
|
2026-04-23 05:22 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
