|
191
|
- |
|
-
|
-
|
A stored
cross-site scripting (XSS) vulnerability has been identified in the web
management interface of TP-Link's TL-SG108PE v5 switch due to improper sanitation of the SYSNAM
configuration paramete…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-34127
|
2026-05-30 05:25 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
192
|
7.7 |
HIGH
Network
|
-
|
-
|
FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery (SSRF) vulnerability allows an authenticated attacker to bypass the global isInternalAddress network pro…
New
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-44285
|
2026-05-30 05:23 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
193
|
6.3 |
MEDIUM
Network
|
-
|
-
|
FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, the JavaScript sandbox worker at projects/code-sandbox/src/pool/worker.ts:356 blocks dynamic import() with the regex /\bimport\s*\(/.t…
New
|
CWE-94
CWE-184
Code Injection
Incomplete Blacklist
|
CVE-2026-44287
|
2026-05-30 05:23 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
194
|
9.9 |
CRITICAL
Network
|
-
|
-
|
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header va…
New
|
CWE-93
CWE-444
CRLF Injection
HTTP Request Smuggling
|
CVE-2026-45372
|
2026-05-30 05:23 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
195
|
5.3 |
MEDIUM
Network
|
-
|
-
|
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.43.4, negative chunk-size in chunked Transfer-Encoding causes unbounded memory allocation and process cras…
New
|
CWE-20
CWE-770
CWE-1285
Improper Input Validation
Allocation of Resources Without Limits or Throttling
Improper Validation of Specified Index, Position, or Offset in Input
|
CVE-2026-45352
|
2026-05-30 05:23 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
196
|
- |
|
-
|
-
|
cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::set_trusted_proxies() with a non-empty trusted-proxy list, an att…
New
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-46527
|
2026-05-30 05:23 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
197
|
8.8 |
HIGH
Network
|
-
|
-
|
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel …
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-44420
|
2026-05-30 05:22 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
198
|
8.8 |
HIGH
Network
|
-
|
-
|
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs.…
New
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-44421
|
2026-05-30 05:22 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
199
|
7.5 |
HIGH
Network
|
-
|
-
|
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without track…
New
|
CWE-415
CWE-416
Double Free
Use After Free
|
CVE-2026-44422
|
2026-05-30 05:22 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
200
|
- |
|
-
|
-
|
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/pl…
New
|
CWE-787
Out-of-bounds Write
|
CVE-2026-45700
|
2026-05-30 05:22 |
2026-05-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
