|
3881
|
6.6 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a…
|
CWE-287
Improper Authentication
|
CVE-2026-5959
|
2026-04-25 03:02 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3882
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executi…
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-5960
|
2026-04-25 03:02 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3883
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in code-projects Simple IT Discussion Forum 1.0. This vulnerability affects unknown code of the file /topic-details.php. The manipulation of the argument po…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5961
|
2026-04-25 03:02 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3884
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /crud.php. The manipulation of the argument user_Id result…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-5985
|
2026-04-25 03:02 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3885
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Zod jsVideoUrlParser up to 0.5.1. The impacted element is the function getTime in the library lib/util.js. This manipulation of the argument timestamp causes ineffic…
|
CWE-400
CWE-1333
Uncontrolled Resource Consumption
Inefficient Regular Expression Complexity
|
CVE-2026-5986
|
2026-04-25 03:02 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3886
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in Sanluan PublicCMS up to 6.202506.d. This affects the function AbstractFreemarkerView.doRender of the file publiccms-parent/publiccms-core/src/main/java/c…
|
CWE-791
CWE-1336
Incomplete Filtering of Special Elements
Improper Neutralization of Special Elements Used in a Template Engine
|
CVE-2026-5987
|
2026-04-25 03:02 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3887
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_set_pipapo: split gc into unlink and reclaim phase
Yiming Qian reports Use-after-free in the pipapo set type:
Un…
|
CWE-416
Use After Free
|
CVE-2026-23351
|
2026-04-25 03:02 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3888
|
7.8 |
HIGH
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
netfilter: nft_set_pipapo: dividir la recolección de basura en una fase de desvinculación y una fase de recuperación
Yiming Qian…
|
CWE-416
Use After Free
|
CVE-2026-23351
|
2026-04-25 03:02 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3889
|
6.4 |
MEDIUM
Network
|
-
|
-
|
The Webling plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 3.9.0 due to insufficient input sanitization, insufficient output escaping, and mis…
|
CWE-79
Cross-site Scripting
|
CVE-2026-1263
|
2026-04-25 03:01 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3890
|
4.3 |
MEDIUM
Network
|
-
|
-
|
The Aruba HiSpeed Cache plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.0.4. This is due to missing nonce verification on the `ahsc_ajax_reset…
|
CWE-352
Origin Validation Error
|
CVE-2026-1924
|
2026-04-25 03:01 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
