|
551
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. T…
Update
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-9422
|
2026-05-30 01:16 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
552
|
- |
|
-
|
-
|
Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: This candidate was issued in error. Notes: All references and descriptions in this candidate have been removed to prevent accid…
New
|
-
|
CVE-2026-9194
|
2026-05-30 01:16 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
553
|
7.3 |
HIGH
Network
|
-
|
-
|
IO::Compress versions from 2.207 before 2.220 for Perl ship a zipdetails CLI tool that crashes with undefined subroutine on Info-ZIP Unix Extra Field with 8-byte UID or GID.
When decode_ux() in bin/…
Update
|
CWE-755
Improper Handling of Exceptional Conditions
|
CVE-2026-48961
|
2026-05-30 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
554
|
7.5 |
HIGH
Network
|
-
|
-
|
IO::Uncompress::Unzip versions before 2.220 for Perl allow CPU exhaustion via per-byte read loop in fastForward.
fastForward() compares length $offset (the digit count of the offset, 1 to 19) agains…
Update
|
CWE-407
Inefficient Algorithmic Complexity
|
CVE-2026-48959
|
2026-05-30 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
555
|
2.0 |
LOW
Network
|
-
|
-
|
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mod…
New
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-47713
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
556
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-46843
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
557
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network ac…
New
|
CWE-284
Improper Access Control
|
CVE-2026-46842
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
558
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Vulnerability in Oracle REST Data Services (component: General). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network…
New
|
CWE-200
Information Exposure
|
CVE-2026-46841
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
559
|
10.0 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in Oracle REST Data Services (component: Backend-as-a-Service). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows unauthenticated attacker…
New
|
CWE-284
CWE-287
CWE-306
Improper Access Control
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-46840
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
560
|
9.9 |
CRITICAL
Network
|
-
|
-
|
Vulnerability in Oracle REST Data Services (component: Core). Supported versions that are affected are 24.2.0-26.1.0. Easily exploitable vulnerability allows low privileged attacker with network acc…
New
|
CWE-284
Improper Access Control
|
CVE-2026-46839
|
2026-05-30 01:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
