|
621
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in janeczku Calibre-Web up to 0.6.26. The impacted element is the function generate_auth_token of the file cps/kobo_auth.py of the component Endpoint. Such manipulation…
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7709
|
2026-05-6 04:11 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
622
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in YunaiV yudao-cloud up to 3.8.0. This affects the function doFilterInternal of the file JwtAuthenticationTokenFilter.java of the component Ruoyi-Vue-Pro. Perform…
New
|
CWE-287
Improper Authentication
|
CVE-2026-7710
|
2026-05-6 04:11 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
623
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this issue is some unknown functionality of the file cps/cwa_functions.py of the component Admin Endpoint. This …
New
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-7714
|
2026-05-6 04:11 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
624
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in funadmin up to 7.1.0-rc6. This affects the function UploadService::chunkUpload of the file app/common/service/UploadService.php of the component Frontend Chunked Upload Endpo…
New
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-7733
|
2026-05-6 04:11 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
625
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generate_auth_token of the file cps/kobo_auth.py of the component Kobo…
New
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-7713
|
2026-05-6 04:11 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
626
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in Open5GS up to 2.7.7. Affected is the function udm_nudr_dr_handle_subscription_authentication of the file /src/udm/nudr-handler.c of the component authentication…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-7779
|
2026-05-6 04:10 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
627
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function udm_state_operational of the file /src/udm/udm-sm.c of the component smf-registrations Endpoint. …
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-7780
|
2026-05-6 04:10 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
628
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Open5GS up to 2.7.7. Affected by this issue is the function udm_nudm_uecm_handle_amf_registration_update of the file /src/udm/nudm-handler.c of the compo…
New
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-7781
|
2026-05-6 04:10 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
629
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in CodeCanyon Perfex CRM up to 3.4.1. This affects the function Clients::project of the file application/controllers/Clients.php of the component Tenant Handler. The mani…
New
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7782
|
2026-05-6 04:10 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
630
|
- |
|
-
|
-
|
An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled composite index metadata and trigger unintended SQL execution in the backend.
…
Update
|
CWE-89
SQL Injection
|
CVE-2026-5394
|
2026-05-6 03:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
