|
6271
|
9.8 |
CRITICAL
Network
|
mozilla
|
firefox
thunderbird
|
Other issue in the WebRTC component. This vulnerability was fixed in Firefox ESR 140.10.2 and Thunderbird 140.10.2.
|
CWE-94
Code Injection
|
CVE-2026-8094
|
2026-05-12 00:12 |
2026-05-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6272
|
7.5 |
HIGH
Network
|
google
|
android
|
In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
|
NVD-CWE-noinfo
|
CVE-2025-71253
|
2026-05-12 00:11 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6273
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /askquery.php. The manipulation of the argument squeryx results in sql injec…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-8097
|
2026-05-12 00:11 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6274
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in code-projects Feedback System 1.0. Impacted is an unknown function of the file /admin/checklogin.php. Such manipulation of the argument email leads to sq…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-8098
|
2026-05-12 00:11 |
2026-05-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6275
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The LatePoint plugin for WordPress is vulnerable to Account Takeover via Weak Password Recovery Mechanism in the unauthenticated guest booking flow in versions up to, and including, 5.5.0 This is due…
|
CWE-640
Weak Password Recovery Mechanism for Forgotten Password
|
CVE-2026-7652
|
2026-05-12 00:11 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6276
|
6.3 |
MEDIUM
Adjacent
|
-
|
-
|
A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such manipulation leads to missing authe…
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-8185
|
2026-05-12 00:11 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6277
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including…
|
CWE-200
Information Exposure
|
CVE-2026-8198
|
2026-05-12 00:11 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6278
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-8193
|
2026-05-12 00:11 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6279
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component Dispatcher. The manipulation of the argu…
|
CWE-352
CWE-862
Origin Validation Error
Missing Authorization
|
CVE-2026-8194
|
2026-05-12 00:11 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6280
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/C…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-8195
|
2026-05-12 00:11 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
