|
51
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in AstrBotDevs AstrBot up to 4.23.5. Impacted is the function post_file of the file astrbot/dashboard/routes/chat.py of the component File Upload Handler. The manipulatio…
New
|
CWE-22
Path Traversal
|
CVE-2026-8754
|
2026-05-19 02:51 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
52
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in Metasoft 美特软件 MetaCRM up to 6.4.0 Beta06. This impacts an unknown function of the file /common/jsp/upload3.jsp. Executing a manipulation of the argument File can lea…
New
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-8758
|
2026-05-19 02:51 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
53
|
- |
|
-
|
-
|
Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, explorations.get, explorations.replace, and explorations.delete opera…
New
|
CWE-639
CWE-862
Authorization Bypass Through User-Controlled Key
Missing Authorization
|
CVE-2026-44718
|
2026-05-19 02:50 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
54
|
- |
|
-
|
-
|
Mathesar is a web application that makes working with PostgreSQL databases both simple and powerful. From 0.2.0 to before 0.10.0, collaborators.list, tables.metadata.list, explorations.list, and form…
New
|
CWE-862
Missing Authorization
|
CVE-2026-44719
|
2026-05-19 02:50 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
55
|
- |
|
-
|
-
|
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.44, 3.6.15, and 3.7.0-rc.3, there is an information disclosure vulnerability in Traefik's errors (custom error pages) middleware. Whe…
New
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-41181
|
2026-05-19 02:48 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
56
|
- |
|
-
|
-
|
Traefik is an HTTP reverse proxy and load balancer. Prior to 2.11.46, 3.6.17, and 3.7.1, Traefik's Kubernetes Gateway API provider allows a tenant with HTTPRoute creation permissions to expose the RE…
New
|
CWE-284
Improper Access Control
|
CVE-2026-44774
|
2026-05-19 02:48 |
2026-05-16 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
57
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogs_sbi_nf_instance_set_id in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfI…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-8730
|
2026-05-19 02:48 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
58
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in …
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-8743
|
2026-05-19 02:48 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
59
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover_handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation res…
New
|
CWE-119
CWE-416
Incorrect Access of Indexable Resource ('Range Error')
Use After Free
|
CVE-2026-8746
|
2026-05-19 02:48 |
2026-05-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
60
|
6.8 |
MEDIUM
Network
|
-
|
-
|
Dell Live Optics Windows and Personal Edition collectors contain an improper certificate validation vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability leadi…
New
|
CWE-295
Improper Certificate Validation
|
CVE-2026-41119
|
2026-05-19 02:45 |
2026-05-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
