|
331
|
- |
|
-
|
-
|
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can set the ticket transcript channel to a cha…
New
|
CWE-200
Information Exposure
|
CVE-2026-47177
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
332
|
- |
|
-
|
-
|
PenguinMod-BackendApi is the backend api for penguinmod. Prior to version 1.0.0, a NoSQL injection vulnerability in the password reset endpoint allows any authenticated user to change the password of…
New
|
CWE-20
CWE-943
Improper Input Validation
Improper Neutralization of Special Elements in Data Query Logic
|
CVE-2026-47181
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
333
|
- |
|
-
|
-
|
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the latest release suppresses mentions in several moderation commands, but /unban an…
New
|
CWE-116
Improper Encoding or Escaping of Output
|
CVE-2026-47188
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
334
|
- |
|
-
|
-
|
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.5, the AutoMod remove flow looks up and deletes rules by global database ID without ver…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-47189
|
2026-06-12 05:58 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
335
|
7.3 |
HIGH
Network
|
-
|
-
|
KanaDojo contains a command injection vulnerability that allows an attacker with pull request access to execute arbitrary shell commands by inserting shell metacharacters into the version or changes …
New
|
CWE-78
OS Command
|
CVE-2026-48547
|
2026-06-12 05:57 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
336
|
7.6 |
HIGH
Network
|
-
|
-
|
An integer overflow flaw was found in the SASL I/O layer of 389 Directory Server (389-ds-base). In sasl_io_start_packet(), adding sizeof(uint32_t) to a crafted SASL packet length prefix of 0xFFFFFFFC…
New
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-11774
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
337
|
- |
|
-
|
-
|
Idira Endpoint Privilege Manager Agent versions prior to 26.5 exhibit improper access control within high-privileged agent components. A local, low-privileged attacker could exploit this by manipulat…
New
|
CWE-269
Improper Privilege Management
|
CVE-2026-45176
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
338
|
- |
|
-
|
-
|
Idira Secrets Manager SaaS Edge versions prior to 1.8 exhibit improper access control within its internal authentication components. A remote, unauthenticated attacker could exploit this by submittin…
New
|
CWE-284
Improper Access Control
|
CVE-2026-45177
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
339
|
- |
|
-
|
-
|
Idira Secrets Manager Self-Hosted versions 13.8.0 and lower exhibit improper access control within internal cluster endpoints. A remote, authenticated attacker possessing standard node-level credenti…
New
|
CWE-284
Improper Access Control
|
CVE-2026-45178
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
340
|
- |
|
-
|
-
|
Vim is an open source, command line text editor. Prior to version 9.2.0495, a Vimscript code injection vulnerability exists in s:NetrwBookHistSave() in the netrw plugin (runtime/pack/dist/opt/netrw/a…
New
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-47162
|
2026-06-12 05:56 |
2026-06-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
