|
211
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in lm-sys fastchat up to 0.2.36. Impacted is the function add_text of the component Arena Side-by-Side View Handler. The manipulation results in incorrect control flow. T…
New
|
CWE-670
Always-Incorrect Control Flow Implementation
|
CVE-2026-6608
|
2026-04-20 15:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
212
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in lm-sys fastchat up to 0.2.36. This issue affects the function api_generate of the component Worker API Endpoint. The manipulation leads to resource consu…
New
|
CWE-400
CWE-404
Uncontrolled Resource Consumption
Improper Resource Shutdown or Release
|
CVE-2026-6607
|
2026-04-20 14:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
213
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function _process_audio_block of the file src/agentscope/agent/_agent_base.py. Executing a manipul…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6606
|
2026-04-20 14:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
214
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function _get_bytes_from_web_url of the file src/agentscope/_utils/_common.py of the component Internal Ser…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6605
|
2026-04-20 14:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
215
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function _parse_url/prepare_image/openai_audio_to_text of the file src/agentscope/tool/_multi_modal…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-6604
|
2026-04-20 14:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
216
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function execute_python_code/execute_shell_command of the file src/AgentScope/tool/_coding/…
New
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-6603
|
2026-04-20 14:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
217
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The ma…
New
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-6602
|
2026-04-20 13:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
218
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown function of the component Datatables. The manipulation leads to resource consumption. Remote exploitation o…
New
|
CWE-400
CWE-404
Uncontrolled Resource Consumption
Improper Resource Shutdown or Release
|
CVE-2026-6601
|
2026-04-20 13:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
219
|
3.5 |
LOW
Network
|
-
|
-
|
A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file src/frontend/src/modals/IOModal/components/chatView/chatMessage/components/edit-message.tsx of …
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6600
|
2026-04-20 13:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
220
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/install_mcp_config of the file src/backend/base/langflow/api/v1/mcp_projects.py of…
New
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-6599
|
2026-04-20 13:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
