|
3561
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the ar…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-7707
|
2026-05-6 06:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3562
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-37539
|
2026-05-6 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3563
|
7.5 |
HIGH
Network
|
-
|
-
|
An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Binary_Data_Transfer_DM16 causing a denial of service via crafted CAN fra…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-42467
|
2026-05-6 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3564
|
7.5 |
HIGH
Network
|
-
|
-
|
AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but …
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-42485
|
2026-05-6 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3565
|
8.4 |
HIGH
Local
|
-
|
-
|
flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function.
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-30363
|
2026-05-6 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3566
|
6.1 |
MEDIUM
Network
|
-
|
-
|
wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog.
|
CWE-79
Cross-site Scripting
|
CVE-2026-38669
|
2026-05-6 05:24 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3567
|
- |
|
-
|
-
|
Beets is the media library management system. Prior to version 2.10.0, the bundled web UI uses Underscore template interpolation mode <%= ... %> for untrusted metadata fields. In this runtime, <%= ..…
|
CWE-79
Cross-site Scripting
|
CVE-2026-42052
|
2026-05-6 05:24 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3568
|
7.5 |
HIGH
Network
|
-
|
-
|
Boundary Community Edition and Boundary Enterprise (“Boundary”) workers are vulnerable to a denial-of-service condition during node enrollment TLS handshakes. An attacker with network access to the w…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-7776
|
2026-05-6 05:24 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3569
|
- |
|
-
|
-
|
Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of th…
|
CWE-89
SQL Injection
|
CVE-2026-40329
|
2026-05-6 05:24 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3570
|
- |
|
-
|
-
|
Masa CMS is an open source content management system. In versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, a SQL injection vulnerability exists in the …
|
CWE-89
SQL Injection
|
CVE-2026-40330
|
2026-05-6 05:24 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
