|
871
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) was discovered to contain a stack overflow in the wl_radio parameter of the formwrlSSIDget function. This vulnerability allo…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36772
|
2026-06-11 03:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
872
|
5.3 |
MEDIUM
Network
|
-
|
-
|
An arbitrary file deletion vulnerability in the /api/delete-temp-license/{file} endpoint of bookcars v8.3 allows unauthenticated attackers to delete arbitrary files via supplying directory traversal …
New
|
CWE-22
Path Traversal
|
CVE-2026-36726
|
2026-06-11 03:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
873
|
8.8 |
HIGH
Network
|
-
|
-
|
An unrestricted file rename vulnerability in the /api/create-user component of bookcars v8.3 allows authenticated attackers to leverage directory traversal sequences to move arbitrary files from temp…
New
|
CWE-22
Path Traversal
|
CVE-2026-36723
|
2026-06-11 03:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
874
|
5.4 |
MEDIUM
Network
|
-
|
-
|
An authenticated arbitrary file upload vulnerability in the /api/create-car-image component of bookcars v8.3 allows attackers to execute arbitrary code via uploading a crafted file.
New
|
CWE-434
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-36722
|
2026-06-11 03:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
875
|
4.7 |
MEDIUM
Network
|
-
|
-
|
In ScreenConnect™ versions prior to 26.2, input
validation within the Host Pass creation functionality could allow an
authenticated user with Host Pass creation privileges the ability to specify a
to…
New
|
CWE-1284
Improper Validation of Specified Quantity in Input
|
CVE-2026-11596
|
2026-06-11 03:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
876
|
2.5 |
LOW
Local
|
gradio_project
|
gradio
|
A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of we…
Update
|
CWE-327
CWE-328
Use of a Broken or Risky Cryptographic Algorithm
Use of Weak Hash
|
CVE-2026-10783
|
2026-06-11 03:06 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
877
|
7.0 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
|
Untrusted search path in Windows Storage allows an authorized attacker to elevate privileges locally.
Update
|
CWE-426
Untrusted Search Path
|
CVE-2026-47648
|
2026-06-11 02:54 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
878
|
8.2 |
HIGH
Local
|
microsoft
|
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2022
windows_server_2025
|
Out-of-bounds read in Windows Hyper-V allows an unauthorized attacker to execute code locally.
Update
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-47652
|
2026-06-11 02:53 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
879
|
7.9 |
HIGH
Local
|
microsoft
|
windows_10_1607
windows_10_1809
windows_10_21h2
windows_10_22h2
windows_11_23h2
windows_11_24h2
windows_11_25h2
windows_11_26h1
windows_server_2012
windows_server_2016
w…
|
Protection mechanism failure in Windows Boot Manager allows an authorized attacker to bypass a security feature locally.
Update
|
CWE-693
Protection Mechanism Failure
|
CVE-2026-47656
|
2026-06-11 02:52 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
880
|
4.7 |
MEDIUM
Local
|
snowflake
|
streamlit
|
A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation l…
Update
|
CWE-327
CWE-328
Use of a Broken or Risky Cryptographic Algorithm
Use of Weak Hash
|
CVE-2026-10804
|
2026-06-11 02:47 |
2026-06-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
