|
771
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding.
This issue affects Pizzy Library: from 1.0.0.26250 before 1.3.9.26250.
New
|
CWE-799
Improper Control of Interaction Frequency
|
CVE-2026-5233
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
772
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Access Control, Missing Authorization vulnerability in MIA Technology Inc. Pizzy Library allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects Pizzy Li…
New
|
CWE-284
CWE-862
Improper Access Control
Missing Authorization
|
CVE-2026-5230
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
773
|
7.8 |
HIGH
Local
|
microsoft
|
visual_studio_code
|
Inclusion of functionality from untrusted control sphere in Visual Studio Code allows an unauthorized attacker to elevate privileges locally.
Update
|
CWE-94
CWE-829
Code Injection
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2026-47292
|
2026-06-15 23:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
774
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 2.0.14 to before version 2.1.0, authenticated users can claim the dashboard Host through N…
New
|
CWE-284
Improper Access Control
|
CVE-2026-53520
|
2026-06-15 23:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
775
|
10.0 |
CRITICAL
Network
|
-
|
-
|
Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion.
This issue affects WooCommerce PDF Invoice Builde…
New
|
CWE-94
Code Injection
|
CVE-2026-52704
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
776
|
8.8 |
HIGH
Network
|
-
|
-
|
Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation.
This issue affects Masteriyo - LMS: from n/a through 2.2.0.
New
|
CWE-266
Incorrect Privilege Assignment
|
CVE-2026-49111
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
777
|
7.5 |
HIGH
Network
|
-
|
-
|
Insertion of Sensitive Information Into Sent Data vulnerability in Stiofan GetPaid allows Retrieve Embedded Sensitive Data.
This issue affects GetPaid: from n/a through 2.8.49.
New
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-49064
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
778
|
8.8 |
HIGH
Network
|
-
|
-
|
Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation.
This issue affects Faust.Js: from n/a through 1.8.7.
New
|
CWE-288
Authentication Bypass Using an Alternate Path or Channel
|
CVE-2026-49062
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
779
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Subscriber Broken Access Control in Really Simple SSL <= 9.5.9 versions.
New
|
CWE-862
Missing Authorization
|
CVE-2026-48969
|
2026-06-15 23:16 |
2026-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
780
|
6.4 |
MEDIUM
Network
|
-
|
-
|
Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool. From version 0.20.0 to before version 2.0.10, an authenticated Nezha dashboard user can create or updat…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-47268
|
2026-06-15 23:16 |
2026-06-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
