|
4201
|
6.5 |
MEDIUM
Network
|
mattermost
|
mattermost_server
|
Mattermost versions 11.6.x <= 11.6.0, 11.5.x <= 11.5.3, 11.4.x <= 11.4.4, 10.11.x <= 10.11.14 fail to filter nil elements from outgoing webhook attachment payloads before processing, which allows an …
|
CWE-754
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-4915
|
2026-06-2 02:57 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4202
|
3.3 |
LOW
Local
|
-
|
-
|
A weakness has been identified in janet-lang janet up to 1.41.0. This vulnerability affects the function unmarshal_one_fiber of the file src/core/marsh.c. Executing a manipulation can lead to integer…
|
CWE-189
CWE-190
Numeric Errors
Integer Overflow or Wraparound
|
CVE-2026-10268
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4203
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in decolua 9router up to 0.4.0. This issue affects the function isAuthenticated of the file src/dashboardGuard.js of the component HTTP Header Handler. The …
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-10269
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4204
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0. The affected element is an unknown function of the file admin/ of the component Admin Endpoint.…
|
CWE-698
CWE-705
Execution After Redirect (EAR)
Incorrect Control Flow Scoping
|
CVE-2026-10271
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4205
|
6.5 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0. The impacted element is an unknown function of the file admin/deleteform.php. Such man…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-10272
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4206
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in indrasishbanerjee aem-mcp-server up to b5f833aef9b5dfd17a5991b3b18a8a11edbdc583. This impacts the function getAssetMetadata of the file src/mcp-server.ts of the comp…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-10274
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4207
|
5.0 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in OpenSC up to 0.26.1. This affects the function test_kpgen_certwrite of the file src/tools/pkcs11-tool.c of the component pkcs11-tool Key Generation Module. This manipulation …
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-10275
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4208
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in Paolo GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.
This issue affects GeoDirectory: from n/a through 2.8.157.
|
CWE-862
Missing Authorization
|
CVE-2026-42671
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4209
|
9.3 |
CRITICAL
Network
|
-
|
-
|
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wp Directory Kit WP Directory Kit allows Blind SQL Injection.
This issue affects WP Directory Ki…
|
CWE-89
SQL Injection
|
CVE-2026-42672
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4210
|
7.5 |
HIGH
Network
|
-
|
-
|
Insertion of Sensitive Information Into Sent Data vulnerability in Logtivity Activity Logs Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity allows Retrieve Embedded Sensit…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-42673
|
2026-06-2 02:57 |
2026-06-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
