|
3131
|
5.5 |
MEDIUM
Local
|
opentelemetry
|
ebpf_instrumentation
|
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the custom CappedConcurrentHashMap introduced for Java TLS state tracking…
|
CWE-401
CWE-770
Missing Release of Memory after Effective Lifetime
Allocation of Resources Without Limits or Throttling
|
CVE-2026-45682
|
2026-06-4 01:51 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3132
|
4.3 |
MEDIUM
Network
|
mintplexlabs
|
anythingllm
|
AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to 1.13.0, an approved mobile device token created in single-user mod…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-47713
|
2026-06-4 01:51 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3133
|
7.5 |
HIGH
Network
|
opentelemetry
|
ebpf_instrumentation
|
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI replays BPF probe hits into histogram observations by looping once pe…
|
CWE-400
CWE-834
Uncontrolled Resource Consumption
Excessive Iteration
|
CVE-2026-45680
|
2026-06-4 01:51 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3134
|
6.5 |
MEDIUM
Network
|
opentelemetry
|
ebpf_instrumentation
|
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, OBI exports raw Redis error text as the span status message. Because Redi…
|
CWE-117
CWE-532
Improper Output Neutralization for Logs
Inclusion of Sensitive Information in Log Files
|
CVE-2026-45679
|
2026-06-4 01:50 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3135
|
7.5 |
HIGH
Network
|
opentelemetry
|
ebpf_instrumentation
|
OpenTelemetry eBPF Instrumentation provides eBPF instrumentation based on the OpenTelemetry standard. Prior to version 0.9.0, the Postgres protocol parser assumes BIND message payloads contain a vali…
|
CWE-20
CWE-754
Improper Input Validation
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-45678
|
2026-06-4 01:50 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3136
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2026-9642
|
2026-06-4 01:16 |
2026-05-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3137
|
7.4 |
HIGH
Network
|
-
|
-
|
SIP signaling stack in Verizon IMS (unspecified version) implements SIP signaling without IPsec integrity protection (missing Security-Client/Security-Server headers and ESP traffic), which allows an…
|
-
|
CVE-2026-10629
|
2026-06-4 01:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3138
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in php-censor up to 2.1.6. This affects an unknown function of the file src/Model/Build/GitBuild.php of the component Webhook Endpoint. Performing a manipulation of the argu…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-10273
|
2026-06-4 01:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3139
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in raisulislamg4 student_management_system_by_php up to 310d950e09013d5133c6b9210aff9444382d16d1. The affected element is an unknown function of the file add_user_check…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-10227
|
2026-06-4 01:16 |
2026-06-1 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3140
|
7.8 |
HIGH
Local
|
google
|
android
|
In multiple locations, there is a possible tapjacking due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti…
|
CWE-269
Improper Privilege Management
|
CVE-2026-0009
|
2026-06-4 01:16 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
