|
761
|
4.3 |
MEDIUM
Network
|
-
|
-
|
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.221, while investigating the ThreadPolicy::delete issue reported previously, the same missing mailbox m…
|
CWE-285
Improper Authorization
|
CVE-2026-48810
|
2026-05-30 05:21 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
762
|
9.1 |
CRITICAL
Network
|
-
|
-
|
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0,…
|
CWE-22
Path Traversal
|
CVE-2026-44650
|
2026-05-30 05:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
763
|
7.5 |
HIGH
Network
|
-
|
-
|
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0,…
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-44648
|
2026-05-30 05:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
764
|
- |
|
-
|
-
|
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0,…
|
CWE-79
Cross-site Scripting
|
CVE-2026-44651
|
2026-05-30 05:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
765
|
- |
|
-
|
-
|
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0,…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-44652
|
2026-05-30 05:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
766
|
8.5 |
HIGH
Network
|
-
|
-
|
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0,…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-46372
|
2026-05-30 05:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
767
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, CreateOrderFromCartAction::execute previously created the Order row before checking and incrementing the discount's total_use counter. Un…
|
CWE-362
Race Condition
|
CVE-2026-47741
|
2026-05-30 05:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
768
|
9.8 |
CRITICAL
Network
|
-
|
-
|
SillyTavern is a locally installed user interface that allows users to interact with text generation large language models, image generation engines, and text-to-speech voice models. Prior to 1.18.0,…
|
CWE-290
CWE-306
CWE-346
CWE-807
Authentication Bypass by Spoofing
Missing Authentication for Critical Function
Origin Validation Error
Reliance on Untrusted Inputs in a Security Decision
|
CVE-2026-44649
|
2026-05-30 05:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
769
|
8.1 |
HIGH
Network
|
-
|
-
|
Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user withou…
|
CWE-285
CWE-862
Improper Authorization
Missing Authorization
|
CVE-2026-47740
|
2026-05-30 05:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
770
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Sub-form Livewire components used in the product editor (Edit, Inventory, Seo, Shipping, Files) had no authorization on their store() met…
|
CWE-862
Missing Authorization
|
CVE-2026-47742
|
2026-05-30 05:17 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
