|
1131
|
2.6 |
LOW
Adjacent
|
-
|
-
|
A vulnerability has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. Impacted is the function files of the file libs/chatchat-server/chatchat/server/api_server/openai_routes.py of the c…
New
|
CWE-362
CWE-367
Race Condition
Time-of-check Time-of-use (TOCTOU) Race Condition
|
CVE-2026-7846
|
2026-05-6 01:16 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1132
|
2.6 |
LOW
Adjacent
|
-
|
-
|
A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py …
New
|
CWE-327
CWE-328
Use of a Broken or Risky Cryptographic Algorithm
Use of Weak Hash
|
CVE-2026-7845
|
2026-05-6 01:16 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1133
|
6.3 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability was detected in chatchat-space Langchain-Chatchat up to 0.3.1.3. This vulnerability affects the function files/list_files/retrieve_file/retrieve_file_content/delete_file of the file l…
New
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-7844
|
2026-05-6 01:16 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1134
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix allows a denial of service via the long-poll transport's NDJSON body handling.
In 'Elixir.Phoenix.Trans…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-32689
|
2026-05-6 01:16 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1135
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Buffer Overflow vulnerability exists in Assimp versions up to 6.0.2 in the FBX Importer. The vulnerability occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file…
Update
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2025-70067
|
2026-05-6 01:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1136
|
4.9 |
MEDIUM
Network
|
sonicwall
|
sonicos
|
A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacker to crash a firewall.
Update
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-0206
|
2026-05-6 01:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1137
|
6.8 |
MEDIUM
Adjacent
|
sonicwall
|
sonicos
|
A post-authentication Path Traversal vulnerability in SonicOS allows an attacker to interact with usually restricted services.
Update
|
CWE-35
Path Traversal: '.../...//'
|
CVE-2026-0205
|
2026-05-6 01:12 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1138
|
8.0 |
HIGH
Adjacent
|
sonicwall
|
sonicos
|
A vulnerability in the access control mechanism of SonicOS may allow certain management interface functions to be accessible under specific conditions.
Update
|
CWE-306
CWE-1390
Missing Authentication for Critical Function
Weak Authentication
|
CVE-2026-0204
|
2026-05-6 01:11 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1139
|
5.5 |
MEDIUM
Local
|
wireshark
|
wireshark
|
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.4
Update
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-6525
|
2026-05-6 00:42 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1140
|
7.8 |
HIGH
Local
|
entechtaiwan
|
tvicport
|
An issue in the TVicPort64.sys component of EnTech Taiwan TVicPort Product v4.0, File v5.2.1.0 allows attackers to escalate privileges via sending crafted IOCTL 0x80002008 requests.
|
CWE-20
CWE-269
Improper Input Validation
Improper Privilege Management
|
CVE-2026-30769
|
2026-05-5 23:31 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
