|
4571
|
8.2 |
HIGH
Network
|
flowiseai
|
flowise
|
Flowise is a drag & drop user interface to build a customized large language model flow. Prior to 3.1.0, Flowise contains an authentication bypass vulnerability that allows an unauthenticated attacke…
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-41273
|
2026-04-25 01:35 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4572
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
In the Linux kernel, the following vulnerability has been resolved:
wifi: rsi: Don't default to -EOPNOTSUPP in rsi_mac80211_config
This triggers a WARN_ON in ieee80211_hw_conf_init and isn't the ex…
|
NVD-CWE-noinfo
|
CVE-2026-23373
|
2026-04-25 01:35 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4573
|
5.5 |
MEDIUM
Local
|
linux
|
linux_kernel
|
En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:
wifi: rsi: No usar -EOPNOTSUPP por defecto en rsi_mac80211_config
Esto activa un WARN_ON en ieee80211_hw_conf_init y no es el co…
|
NVD-CWE-noinfo
|
CVE-2026-23373
|
2026-04-25 01:35 |
2026-03-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4574
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ProgressionStudios Vayvo vayvo-progression allows Reflected XSS.This issue affects Vayvo: from n/…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25373
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4575
|
7.1 |
HIGH
Network
|
-
|
-
|
Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') vulnerabilidad en ProgressionStudios Vayvo vayvo-progression permite XSS Reflejado. Este problema…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25373
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4576
|
7.1 |
HIGH
Network
|
-
|
-
|
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eyecix Addon Jobsearch Chat addon-jobsearch-chat allows Reflected XSS.This issue affects Addon Jo…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25376
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4577
|
7.1 |
HIGH
Network
|
-
|
-
|
Vulnerabilidad de Neutralización Incorrecta de la Entrada Durante la Generación de Páginas Web ('cross-site scripting') en eyecix Addon Jobsearch Chat addon-jobsearch-chat permite XSS Reflejado. Este…
|
CWE-79
Cross-site Scripting
|
CVE-2026-25376
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4578
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eyecix Addon Jobsearch Chat addon-jobsearch-chat allows SQL Injection.This issue affects Addon Jo…
|
CWE-89
SQL Injection
|
CVE-2026-25377
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4579
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Neutralización Incorrecta de Elementos Especiales utilizados en un Comando SQL ('Inyección SQL') vulnerabilidad en eyecix Addon Jobsearch Chat addon-jobsearch-chat permite la inyección SQL. Este prob…
|
CWE-89
SQL Injection
|
CVE-2026-25377
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4580
|
8.1 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in jwsthemes StreamVid streamvid allows PHP Local File Inclusion.This issue affec…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-25379
|
2026-04-25 01:35 |
2026-03-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
