|
4491
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in 666ghj MiroFish up to 0.1.2. The impacted element is the function SimulationIPCClient.send_command of the file backend/app/services/simulation_ipc.py of the componen…
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7058
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4492
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in liyupi yu-picture up to a053632c41340152bf75b66b3c543d129123d8ec. This impacts the function PageRequest of the file yu-picture-backend/src/main/java/com/yupi/yupictu…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7060
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4493
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in Toowiredd chatgpt-mcp-server up to 0.1.0. Affected by this issue is some unknown functionality of the file src/services/docker.service.ts of the component MCP/HTTP. …
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7061
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4494
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation le…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7062
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4495
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performin…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7063
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4496
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7064
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4497
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the comp…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7065
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4498
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function exec_openstack of the file server.py. The manipulati…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7066
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4499
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7070
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4500
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Usern…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7072
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
