|
561
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of the file src/aider_mcp_server/server.py …
New
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7157
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
562
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function _validate_url_safe of the file src/mcp_url_downl…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7158
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
563
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in ChatGPTNextWeb NextChat up to 2.16.1. Affected by this issue is the function proxyHandler of the file app/api/[provider]/[...path]/route.ts. The manipulation re…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7177
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
564
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulatio…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7178
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
565
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This impacts an unknown function of the file /ajax.php?action=save_product. This manipulation of the argument…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7194
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
566
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in CodeAstro Online Classroom 1.0. Affected is an unknown function of the file /guestdetails. Such manipulation of the argument deleteid leads to sql inject…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7196
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
567
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this vulnerability is an unknown functionality of the file /ajax.php?action=delete_product. Perform…
New
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7199
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
568
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. Affected by this issue is some unknown functionality of the file /index.php?page=types. Executing a manipulation of th…
New
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7200
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
569
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A security vulnerability has been detected in OSPG binwalk up to 2.4.3. This vulnerability affects the function read_null_terminated_string of the file src/binwalk/plugins/winceextract.py of the comp…
New
|
CWE-22
Path Traversal
|
CVE-2026-7179
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
570
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in duartium papers-mcp-server 9ceb3812a6458ba7922ca24a7406f8807bc55598. Impacted is the function search_papers of the file src/main.py. Such manipulation of the argumen…
New
|
CWE-22
Path Traversal
|
CVE-2026-7205
|
2026-04-29 10:00 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
