|
661
|
8.3 |
HIGH
Network
|
-
|
-
|
Use after free in WebGL in Google Chrome prior to 148.0.7778.216 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (C…
New
|
CWE-416
Use After Free
|
CVE-2026-9970
|
2026-05-30 00:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
662
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in code-projects Employee Management System 1.0. This impacts an unknown function of the file /myprofile.php. Such manipulation of the argument ID leads to …
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-9416
|
2026-05-30 00:16 |
2026-05-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
663
|
4.8 |
MEDIUM
Network
|
-
|
-
|
A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` function by sending a malicious HTTP request. This v…
New
|
CWE-444
HTTP Request Smuggling
|
CVE-2026-6324
|
2026-05-30 00:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
664
|
4.6 |
MEDIUM
Physics
|
-
|
-
|
Uncontrolled resource consumption in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-veh…
New
|
CWE-307
CWE-400
CWE-770
mproper Restriction of Excessive Authentication Attempts
Uncontrolled Resource Consumption
Allocation of Resources Without Limits or Throttling
|
CVE-2026-49324
|
2026-05-30 00:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
665
|
4.3 |
MEDIUM
Physics
|
-
|
-
|
Weak authentication between the Wireless Control Module (WCM) and the Engine Control Module (ECM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with…
New
|
CWE-327
CWE-798
CWE-1390
Use of a Broken or Risky Cryptographic Algorithm
Use of Hard-coded Credentials
Weak Authentication
|
CVE-2026-49323
|
2026-05-30 00:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
666
|
4.3 |
MEDIUM
Physics
|
-
|
-
|
Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to…
New
|
CWE-294
CWE-327
CWE-1390
Authentication Bypass by Capture-replay
Use of a Broken or Risky Cryptographic Algorithm
Weak Authentication
|
CVE-2026-49322
|
2026-05-30 00:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
667
|
- |
|
-
|
-
|
WWBN AVideo is an open source video platform. In 29.0 and earlier, plugin/AuthorizeNet/processPayment.json.php credits the logged-in user's wallet based only on the attacker-controlled amount POST pa…
New
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-47696
|
2026-05-30 00:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
668
|
5.0 |
MEDIUM
Network
|
-
|
-
|
Local Deep Research is an AI-powered research assistant for deep, iterative research. Prior to 1.6.10, the URL checking logic in local-deep-research has a logical flaw that could be bypassed by attac…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-46526
|
2026-05-30 00:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
669
|
- |
|
-
|
-
|
WWBN AVideo is an open source video platform. In 29.0 and earlier, view/update.php reads $_POST['updateFile'] as a relative path under updatedb/ and passes it to PHP's file() for line-by-line executi…
New
|
CWE-22
Path Traversal
|
CVE-2026-45731
|
2026-05-30 00:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
670
|
5.7 |
MEDIUM
Network
|
-
|
-
|
WWBN AVideo is an open source video platform. In 29.0 and earlier, there is a cross-site request forgery vulnerability on the 2FA toggle. plugin/LoginControl/set.json.php accepts POST type=set2FA val…
New
|
CWE-306
CWE-352
Missing Authentication for Critical Function
Origin Validation Error
|
CVE-2026-45610
|
2026-05-30 00:16 |
2026-05-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
