|
891
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Totolink WA300 5.2cu.7112_B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7720
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
892
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Totolink WA300 5.2cu.7112_B20190227. This affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument hostTi…
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7721
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
893
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in PrefectHQ prefect up to 3.6.21. This impacts the function endswith of the file /api/health of the component Health Check API. Performing a manipulation results in impr…
New
|
CWE-287
Improper Authentication
|
CVE-2026-7722
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
894
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in PrefectHQ prefect up to 3.6.13. Affected is an unknown function of the file /api/events/in of the component WebSocket Endpoint. Executing a manipulation can lead to missing a…
New
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-7723
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
895
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in PrefectHQ prefect up to 3.6.28.dev1. Affected by this vulnerability is the function validate_restricted_url of the component Webhook/Notification. The manipulation l…
New
|
CWE-362
CWE-367
Race Condition
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-7724
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
896
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in Shandong Hoteam Software PDM Product Data Management System up to 8.3.9. This affects the function GetQueryMachineGridOnePageData of the file /Base/BaseService.asmx/…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7727
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
897
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in ryanjoachim mcp-rtfm 0.1.0. This vulnerability affects the function get_doc_content/read_doc/update_doc of the component MCP Interface. Such manipulation of the argu…
New
|
CWE-22
Path Traversal
|
CVE-2026-7728
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
898
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in pixelsock directus-mcp 1.0.0. This issue affects the function validateUrl of the file index.ts of the component MCP Interface. Performing a manipulation of the …
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7729
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
899
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in privsim mcp-test-runner 0.2.0. Impacted is the function child_process.spawn of the file src/index.ts of the component MCP Interface. Executing a manipulation of the …
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7730
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
900
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in code-projects BloodBank Managing System 1.0. The affected element is an unknown function of the file get_state.php. The manipulation of the argument G_ST…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7731
|
2026-05-5 00:18 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
