|
3261
|
7.3 |
HIGH
Network
|
-
|
-
|
A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byom_handler/proc_wrapper.py of the component Engine Handler. Executing…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-7711
|
2026-05-6 04:13 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3262
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in MindsDB up to 26.01. Affected is the function pickle.loads of the component Pickle Handler. The manipulation leads to deserialization. The attack is poss…
|
CWE-20
CWE-502
Improper Input Validation
Deserialization of Untrusted Data
|
CVE-2026-7712
|
2026-05-6 04:13 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3263
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This affects an unknown function of the file /SubstationWEBV2/main/elecMaxMinA…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7695
|
2026-05-6 04:11 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3264
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This impacts an unknown function of the file /SubstationWEBV2/main/uploadH5Files. T…
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-7696
|
2026-05-6 04:11 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3265
|
4.7 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in AMTT Hotel Broadband Operation System 1.0. Affected is an unknown function of the file /manager/card/cardhand_submit.php. This manipulation of the argument ID causes…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7697
|
2026-05-6 04:11 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3266
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo.…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7698
|
2026-05-6 04:11 |
2026-05-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3267
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in Dromara MaxKey up to 3.5.13. Affected by this issue is the function StrUtils.checkSqlInjection of the file StrUtils.java. Performing a manipulation of the argum…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7699
|
2026-05-6 04:11 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3268
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in langflow-ai langflow up to 1.8.4. This affects the function eval of the file src/lfx/src/lfx/components/llm_operations/lambda_filter.p of the component LambdaFilterC…
|
CWE-74
CWE-94
Injection
Code Injection
|
CVE-2026-7700
|
2026-05-6 04:11 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3269
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in toeverything AFFiNE up to 0.26.3. This issue affects the function allowDocPreview of the file /workspace/:workspaceId/:docId of the component Public Markdown Preview E…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-7702
|
2026-05-6 04:11 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3270
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function set_iptv_info of the file /jdcap of the component Service Interface. Executing a manipulation of the argum…
|
CWE-74
CWE-77
Injection
Command Injection
|
CVE-2026-7705
|
2026-05-6 04:11 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
