|
511
|
6.1 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 16.1.0 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that under certain conditions could have allowed an una…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-5262
|
2026-04-24 05:38 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
512
|
4.3 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.11 before 18.11.1 that could have allowed an authenticated user to access titles of confidential or private issues in pub…
New
|
CWE-863
Incorrect Authorization
|
CVE-2026-5377
|
2026-04-24 05:37 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
513
|
8.1 |
HIGH
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.10 before 18.10.4 and 18.11 before 18.11.1 that could have allowed an unauthenticated user to execute arbitrary JavaScrip…
New
|
CWE-41
Improper Resolution of Path Equivalence
|
CVE-2026-5816
|
2026-04-24 05:30 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
514
|
5.4 |
MEDIUM
Network
|
gitlab
|
gitlab
|
GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.2 before 18.9.6, 18.10 before 18.10.4, and 18.11 before 18.11.1 that could have allowed a user to use invalidated or inco…
New
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-6515
|
2026-04-24 05:18 |
2026-04-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
515
|
5.8 |
MEDIUM
Network
|
free5gc
|
free5gc
udr
|
free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. In versions up to and including 1.4.2, a fail-open request handling …
New
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-40343
|
2026-04-24 04:44 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
516
|
7.5 |
HIGH
Network
|
free5gc
|
free5gc
pcf
|
free5GC UDR is the Policy Control Function (PCF) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. A memory leak vulnerability in versions prior to 1.4.3 allows any…
New
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-41135
|
2026-04-24 04:41 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
517
|
5.3 |
MEDIUM
Network
|
free5gc
|
amf
free5gc
|
free5GC AMF provides Access & Mobility Management Function (AMF) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. Prior to version 1.4.3, the `HTTPUEContextTransfe…
New
|
CWE-440
Expected Behavior Violation
|
CVE-2026-41136
|
2026-04-24 04:39 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
518
|
7.5 |
HIGH
Network
|
free5gc
|
free5gc
|
free5GC is an open-source implementation of the 5G core network. In versions 4.2.1 and below of the UDR service, the handler for creating or updating Traffic Influence Subscriptions checks whether th…
Update
|
CWE-285
CWE-636
Improper Authorization
Not Failing Securely ('Failing Open')
|
CVE-2026-40248
|
2026-04-24 04:20 |
2026-04-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
519
|
6.5 |
MEDIUM
Network
|
wwbn
|
avideo
|
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the endpoint `plugin/Live/view/Live_restreams/list.json.php` contains an Insecure Direct Object Reference (IDOR) vulnerabilit…
New
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2026-40907
|
2026-04-24 04:12 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
520
|
5.3 |
MEDIUM
Network
|
wwbn
|
avideo
|
WWBN AVideo is an open source video platform. In versions 29.0 and prior, the file `git.json.php` at the web root executes `git log -1` and returns the full output as JSON to any unauthenticated user…
New
|
CWE-200
Information Exposure
|
CVE-2026-40908
|
2026-04-24 04:09 |
2026-04-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
