|
211
|
3.5 |
LOW
Network
|
-
|
-
|
A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the arg…
Update
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-7021
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in SmythOS sre up to 0.0.15. Affected is the function AgentRuntime of the file packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts of the compon…
Update
|
CWE-287
Improper Authentication
|
CVE-2026-7022
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument f_text/f_slug/f_limit/f_emai…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7015
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the component ushki Plugin. Performing a manipulation of the argument f_ushka_new/f_ushk results in cross site…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7016
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/…
Update
|
CWE-320
CWE-321
Key Management Errors
Use of Hard-coded Cryptographic Key
|
CVE-2026-7018
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
216
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The mani…
Update
|
CWE-22
Path Traversal
|
CVE-2026-7020
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in ByteDance coze-studio up to 0.5.1. Affected by this vulnerability is the function ExecuteSQL of the file backend/domain/memory/database/service/database_impl.go of the…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7023
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The m…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7025
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was identified in D-Link DSL-2740R EU_01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to …
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7027
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php of the component All Jobs Page. Perf…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7028
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
