|
81
|
- |
|
-
|
-
|
SWUpdate before 2026.05 is affected by a time-of-check time-of-use (TOCTOU) race condition that allows local unprivileged attackers to escalate privileges to root or install untrusted contents using …
New
|
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2025-41259
|
2026-06-5 01:40 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
82
|
7.2 |
HIGH
Network
|
-
|
-
|
There is a vulnerability in the Supermicro BMC SMTP service at Supermicro AS-2115HS-TNR.
An attacker may obtain administrator privileges and inject specially crafted characters into the SMTP servic…
New
|
CWE-78
OS Command
|
CVE-2026-3820
|
2026-06-5 01:40 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
83
|
- |
|
-
|
-
|
tarfile.data_filter could be bypassed using crafted link entries, including symlinks with empty or directory-like names, to redirect later archive members outside the intended extraction directory. T…
New
|
CWE-22
Path Traversal
|
CVE-2026-7774
|
2026-06-5 01:40 |
2026-06-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
84
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in wonderwhy-er DesktopCommanderMCP 0.2.37. This affects the function readFileFromUrl of the file src/tools/filesystem.ts of the component read_file. Such manipulation …
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-10690
|
2026-06-5 01:37 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
85
|
- |
|
-
|
-
|
An HTML injection vulnerability in the notification email for "Slow Redirect" and "Cloned Website" Canarytokens exists in Thinkst Applied Research Canarytokens, enabling Interface Manipulation, Cross…
New
|
CWE-74
Injection
|
CVE-2026-10729
|
2026-06-5 01:37 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
86
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate.getForEntity of the file crmeb-common/src/main/java/com/zbkj/common/utils/RestTemplateUtil.java of the compone…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-10771
|
2026-06-5 01:37 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
87
|
3.3 |
LOW
Local
|
-
|
-
|
A vulnerability has been found in cilium ebpf up to 0.21.0. This affects the function loadRawSpec of the file btf/btf.go of the component LoadCollectionSpec/LoadCollectionSpecFromReader. Such manipul…
New
|
CWE-189
CWE-190
Numeric Errors
Integer Overflow or Wraparound
|
CVE-2026-10722
|
2026-06-5 01:37 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
88
|
2.5 |
LOW
Local
|
-
|
-
|
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of we…
New
|
CWE-327
CWE-328
Use of a Broken or Risky Cryptographic Algorithm
Use of Weak Hash
|
CVE-2026-10783
|
2026-06-5 01:37 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
89
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData…
New
|
CWE-119
CWE-416
Incorrect Access of Indexable Resource ('Range Error')
Use After Free
|
CVE-2026-10703
|
2026-06-5 01:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
90
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in wonderwhy-er DesktopCommanderMCP up to 0.2.38. This impacts an unknown function of the file src/search-manager.ts of the component start_search. Performing a ma…
New
|
CWE-400
CWE-1333
Uncontrolled Resource Consumption
Inefficient Regular Expression Complexity
|
CVE-2026-10691
|
2026-06-5 01:35 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
