|
441
|
4.6 |
MEDIUM
Network
|
-
|
-
|
PPTAgent is an agentic framework for reflective PowerPoint generation. Prior to commit 418491a, there is an arbitrary file write vulnerability via `save_generated_slides`. This issue has been patched…
New
|
CWE-22
Path Traversal
|
CVE-2026-42080
|
2026-05-6 05:19 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
442
|
- |
|
-
|
-
|
ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. Libmodsecurity is one component of the ModSecurity v3 project. A segmentation fault occu…
New
|
CWE-125
Out-of-bounds Read
|
CVE-2026-30923
|
2026-05-6 05:16 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
443
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function create_document/open_document of the file src/mcp-server.ts of the component MCP Interface. The manipu…
New
|
CWE-22
Path Traversal
|
CVE-2026-7738
|
2026-05-6 05:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
444
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element is an unknown function of the file request_blood.php. The manipulation results in unrestricted upload…
New
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-7732
|
2026-05-6 05:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
445
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Ha…
New
|
CWE-74
CWE-88
Injection
Argument Injection
|
CVE-2026-7725
|
2026-05-6 05:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
446
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Telegram Desktop up to 6.7.5. This vulnerability affects the function RequestButton of the file Telegram/SourceFiles/boxes/url_auth_box.cpp of the compon…
Update
|
CWE-404
CWE-476
Improper Resource Shutdown or Release
NULL Pointer Dereference
|
CVE-2026-7701
|
2026-05-6 05:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
447
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was identified in Dolibarr ERP CRM up to 23.0.2. This affects the function _checkValForAPI of the file htdocs/expedition/class/expedition.class.php of the component Shipments API Endp…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7688
|
2026-05-6 05:16 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
448
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a…
Update
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7629
|
2026-05-6 05:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
449
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in JeecgBoot up to 3.9.1. Affected by this issue is the function checkPathTraversalBatch of the file FileDownloadUtils.jav of the component LoadFile Endpoint. This mani…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7603
|
2026-05-6 05:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
450
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in mem0ai mem0 up to 1.0.11. This affects the function pickle.load/pickle.dump of the file mem0/vector_stores/faiss.py. Performing a manipulation results in deserialization.…
Update
|
CWE-20
CWE-502
Improper Input Validation
Deserialization of Untrusted Data
|
CVE-2026-7597
|
2026-05-6 05:16 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
