|
1121
|
- |
|
-
|
-
|
Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to version 2.53.0, an authenticated user could supply specially crafted content in certain…
|
CWE-74
Injection
|
CVE-2026-46546
|
2026-06-10 10:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1122
|
- |
|
-
|
-
|
SimpleBLE is a cross-platform library and bindings for Bluetooth Low Energy (BLE). Prior to version 0.14.0, there are multiple stack-based buffer overflow vulnerabilities in SimpleBLE. There is a sta…
|
CWE-121
CWE-787
Stack-based Buffer Overflow
Out-of-bounds Write
|
CVE-2026-44634
|
2026-06-10 10:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1123
|
4.3 |
MEDIUM
Network
|
-
|
-
|
BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the friends REST API that allows any authenticated attacker to enumerate another user's complete friend list. Attackers…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-53675
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1124
|
7.1 |
HIGH
Network
|
-
|
-
|
BuddyPress 14.4.0 contains a regular expression injection vulnerability in the activity mention resolver that, when username compatibility mode is enabled, allows attackers to manipulate a REGEXP dat…
|
CWE-943
Improper Neutralization of Special Elements in Data Query Logic
|
CVE-2026-53674
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1125
|
8.1 |
HIGH
Network
|
-
|
-
|
BuddyPress 14.4.0 contains an insecure direct object reference vulnerability in the messages REST API that allows authenticated attackers to access arbitrary private message threads by supplying a us…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-53673
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1126
|
6.8 |
MEDIUM
Network
|
-
|
-
|
SubjectDnX509PrincipalExtractor does not correctly handle certain malformed X.509 certificate CN values, which can lead to reading the wrong value for the username. In a carefully crafted certificate…
|
CWE-287
Improper Authentication
|
CVE-2026-47838
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1127
|
7.5 |
HIGH
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote, unauthenticated denial-of-service vulnerability in Me…
|
CWE-248
Uncaught Exception
|
CVE-2026-46545
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1128
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.5.0, a remote peer can crash any full node by sending a RequestBatch…
|
CWE-617
Reachable Assertion
|
CVE-2026-46543
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1129
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, a denial-of-service vulnerability exists in the Ed25519 multisi…
|
CWE-617
Reachable Assertion
|
CVE-2026-46542
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1130
|
7.5 |
HIGH
Network
|
-
|
-
|
Nimiq is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.4.0, iIn handle_dht_get(), the DhtResults accumulator is only initia…
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-46541
|
2026-06-10 09:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
