|
2621
|
- |
|
-
|
-
|
A user with physical access to a smartphone can bypass authentication mechanism of Kidsview mobile application and grant himself full access to the device owner's account by interacting with applicat…
|
CWE-288
CWE-359
Authentication Bypass Using an Alternate Path or Channel
Exposure of Private Personal Information to an Unauthorized Actor
|
CVE-2026-8990
|
2026-05-29 03:00 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2622
|
- |
|
-
|
-
|
A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe wi…
|
CWE-22
CWE-269
CWE-284
CWE-732
Path Traversal
Improper Privilege Management
Improper Access Control
Incorrect Permission Assignment for Critical Resource
|
CVE-2026-9789
|
2026-05-29 02:58 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2623
|
7.5 |
HIGH
Network
|
free5gc
|
free5gc
|
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF terminates the entire process when a stored PFD-subscription notifyUri cannot be reached. In PfdChangeNo…
|
CWE-20
CWE-617
CWE-755
Improper Input Validation
Reachable Assertion
Improper Handling of Exceptional Conditions
|
CVE-2026-44319
|
2026-05-29 02:50 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2624
|
7.5 |
HIGH
Network
|
free5gc
|
free5gc
|
free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF PATCH /3gpp-pfd-management/v1/{afId}/transactions/{transId}/applications/{appId} handler panics with a n…
|
CWE-476
CWE-754
NULL Pointer Dereference
Improper Check for Unusual or Exceptional Conditions
|
CVE-2026-44322
|
2026-05-29 02:37 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2625
|
4.3 |
MEDIUM
Network
|
ibm
|
business_automation_workflow
|
IBM Business Automation Workflow containers and traditional may leak information about its database structure in error messages.
|
CWE-209
Information Exposure Through an Error Message
|
CVE-2026-1248
|
2026-05-29 02:19 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2626
|
6.6 |
MEDIUM
Network
|
jenkins
|
active_directory
|
Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default.
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-48918
|
2026-05-29 02:17 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2627
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
|
-
|
CVE-2026-9818
|
2026-05-29 02:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2628
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the arg…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9531
|
2026-05-29 02:16 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2629
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in Edimax EW-7438RPn 1.31. This impacts the function formSDHCP of the file /goform/formSDHCP. Such manipulation of the argument submit-url leads to stack-based buffer o…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-9482
|
2026-05-29 02:16 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2630
|
7.5 |
HIGH
Network
|
-
|
-
|
Taipy 4.1.1, fixed in commit 129fd40, contains a path traversal vulnerability in the ElementLibrary.get_resource() method in taipy/gui/extension/library.py that allows unauthenticated attackers to es…
|
CWE-22
Path Traversal
|
CVE-2026-48544
|
2026-05-29 02:16 |
2026-05-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
