|
5531
|
8.8 |
HIGH
Network
|
-
|
-
|
NVIDIA BioNeMo Core for Linux contains a vulnerability where a user could cause a path traversal by loading a malicious file. A successful exploit of this vulnerability might lead to code execution, …
|
CWE-29
Path Traversal: '\..\filename'
|
CVE-2026-24217
|
2026-05-22 00:26 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5532
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in libsolv. This stack-based buffer overflow vulnerability occurs in libsolv's Debian metadata parser when processing specially crafted Debian repository metadata. An attacker could …
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-9150
|
2026-05-22 00:26 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5533
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in libsolv. This heap buffer overflow vulnerability occurs when a victim processes a specially crafted `.solv` file containing negative size values in the `repo_add_solv` function. T…
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-9149
|
2026-05-22 00:26 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5534
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Mattermost versions 11.5.x <= 11.5.1 fail to validate team-level run_create permission against the target team when creating a playbook run which allows an authenticated team member to create runs in…
|
CWE-863
Incorrect Authorization
|
CVE-2026-4055
|
2026-05-22 00:26 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5535
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Mattermost Mobile Apps versions <=2.37 11.4 2.0.37 11.0.4 11.1.3 11.3.2 10.11.11.0 fail to properly validate the SSO authentication callback origin which allows an attacker controlling a malicious Ma…
|
CWE-352
Origin Validation Error
|
CVE-2026-22880
|
2026-05-22 00:26 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5536
|
8.0 |
HIGH
Network
|
-
|
-
|
Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to check integration URL for path traversal which allows an malicious authenticated user to call an…
|
CWE-22
Path Traversal
|
CVE-2026-4858
|
2026-05-22 00:26 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5537
|
8.4 |
HIGH
Network
|
-
|
-
|
Zohocorp ManageEngine ADSelfService Plus version before 6525, DataSecurity Plus before 6264 and RecoveryManager Plus before 6313 are vulnerable to Authenticated Remote code execution in the agent mac…
|
CWE-77
Command Injection
|
CVE-2026-2740
|
2026-05-22 00:26 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5538
|
7.1 |
HIGH
Network
|
-
|
-
|
Exposure of private personal information to an unauthorized actor, Insufficiently Protected Credentials vulnerability in Digital Operations Services Inc. WifiBurada allows Authentication Bypass.
Thi…
|
CWE-359
CWE-522
Exposure of Private Personal Information to an Unauthorized Actor
Insufficiently Protected Credentials
|
CVE-2025-13477
|
2026-05-22 00:24 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5539
|
7.5 |
HIGH
Network
|
-
|
-
|
Authorization bypass through User-Controlled key vulnerability in PosCube Hardware Software and Consulting Ltd. QR Menu allows Exploitation of Trusted Identifiers.
This issue affects QR Menu: throug…
|
CWE-639
Authorization Bypass Through User-Controlled Key
|
CVE-2025-13479
|
2026-05-22 00:24 |
2026-05-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5540
|
5.7 |
MEDIUM
Network
|
-
|
-
|
Insufficient session expiration vulnerability in Turkiye Electricity Transmission Corporation (TEİAŞ) Mobile Application allows Session Hijacking.
This issue affects Mobile Application: from 1.6.2 b…
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-1815
|
2026-05-22 00:24 |
2026-05-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
