|
1091
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in VectifyAI PageIndex up to f50e52975313c6716c02b20a119577a1929decba. Affected by this vulnerability is the function toc_transformer of the file pageindex/page_in…
New
|
CWE-404
CWE-835
Improper Resource Shutdown or Release
Loop with Unreachable Exit Condition ('Infinite Loop')
|
CVE-2026-8318
|
2026-05-12 04:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1092
|
- |
|
-
|
-
|
Uncontrolled Resource Consumption vulnerability in ninenines cowlib (cow_http_te module) allows Excessive Allocation.
The chunked transfer-encoding parser in cow_http_te accepts an unbounded number …
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-7790
|
2026-05-12 04:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1093
|
- |
|
-
|
-
|
Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in ninenines cowlib allows HTTP request splitting and cookie smuggling via unvalidated cookie name and value fields.
cow_co…
New
|
CWE-93
CRLF Injection
|
CVE-2026-43969
|
2026-05-12 04:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1094
|
- |
|
-
|
-
|
WeGIA is a web manager for charitable institutions. In versions prior to 3.7.0, atendido/familiar_docfamiliar.php displays an overly descriptive error message, including database-related details. Thi…
New
|
CWE-200
Information Exposure
|
CVE-2026-42871
|
2026-05-12 04:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1095
|
9.9 |
CRITICAL
Network
|
-
|
-
|
FireFighter is an incident management application. Prior to 0.0.54, the POST /api/v2/firefighter/raid/jira_bot endpoint (CreateJiraBotView) is reachable without authentication (permission_classes = […
New
|
CWE-306
CWE-918
Missing Authentication for Critical Function
Server-Side Request Forgery (SSRF)
|
CVE-2026-42864
|
2026-05-12 04:16 |
2026-05-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1096
|
- |
|
-
|
-
|
Data Space Portal is an open-source Software as a Service (SaaS) solution designed to streamline Dataspace management. From version 2.1.1 to before version 7.3.2, there is insufficient authorization …
New
|
CWE-602
CWE-863
Client-Side Enforcement of Server-Side Security
Incorrect Authorization
|
CVE-2026-42160
|
2026-05-12 04:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1097
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
HID: prodikeys: Check presence of pm->input_ep82
Fake USB devices can send their own report descriptors for which the
input_mappi…
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-43251
|
2026-05-12 03:51 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1098
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
mptcp: pm: in-kernel: always set ID as avail when rm endp
Syzkaller managed to find a combination of actions that was generating
…
Update
|
CWE-667
Improper Locking
|
CVE-2026-43252
|
2026-05-12 03:49 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1099
|
7.5 |
HIGH
Network
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
iommu/amd: move wait_on_sem() out of spinlock
With iommu.strict=1, the existing completion wait path can cause soft
lockups under…
Update
|
CWE-667
Improper Locking
|
CVE-2026-43253
|
2026-05-12 03:40 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1100
|
6.5 |
MEDIUM
Adjacent
|
watchguard
|
agent
|
Stack-based Buffer Overflow vulnerability in the WatchGuard Agent discovery service on Windows allows Overflow Buffers. An unauthenticated attacker on the same local network could exploit this vulner…
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-41287
|
2026-05-12 03:36 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
