|
491
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The m…
Update
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-7025
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
492
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in MaxSite CMS up to 109.3. This issue affects some unknown processing of the component Guestbook Plugin. Such manipulation of the argument f_text/f_slug/f_limit/f_emai…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7015
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
493
|
2.4 |
LOW
Network
|
-
|
-
|
A vulnerability was found in MaxSite CMS up to 109.3. Impacted is an unknown function of the component ushki Plugin. Performing a manipulation of the argument f_ushka_new/f_ushk results in cross site…
Update
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-7016
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
494
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in Datavane Datavines up to 13607645e14a4982468cfdbcf75c85cde63bae71. The affected element is an unknown function of the file datavines-core/src/main/java/io/datavines/…
Update
|
CWE-320
CWE-321
Key Management Errors
Use of Hard-coded Cryptographic Key
|
CVE-2026-7018
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
495
|
5.6 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The mani…
Update
|
CWE-22
Path Traversal
|
CVE-2026-7020
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
496
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServl…
Update
|
CWE-22
Path Traversal
|
CVE-2026-7024
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
497
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php of the component All Jobs Page. Perf…
Update
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7028
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
498
|
7.8 |
HIGH
Local
|
-
|
-
|
A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description l…
Update
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7039
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
499
|
3.7 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler. Performing a manipulation…
Update
|
CWE-200
CWE-284
Information Exposure
Improper Access Control
|
CVE-2026-7041
|
2026-04-29 10:00 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
500
|
7.3 |
HIGH
Network
|
-
|
-
|
A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create_app of the file backend/app/__init__.py of the component REST API Endpoint. Executing a manipulation can lead to…
Update
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-7042
|
2026-04-29 10:00 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
