|
4371
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
Stack-based buffer overflow vulnerabilities exist in several underlying management service components accessed through the command-line interface of the AOS-8 and AOS-10 Operating Systems. An authent…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-44859
|
2026-05-15 03:41 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4372
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with adm…
|
CWE-89
SQL Injection
|
CVE-2026-44860
|
2026-05-15 03:41 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4373
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with adm…
|
CWE-89
SQL Injection
|
CVE-2026-44861
|
2026-05-15 03:41 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4374
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with adm…
|
CWE-89
SQL Injection
|
CVE-2026-44862
|
2026-05-15 03:41 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4375
|
6.5 |
MEDIUM
Network
|
liquidjs
|
liquidjs
|
LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.7, a circular block reference in {% layout %} / {% block %} causes an infinite recursive loo…
|
CWE-674
Uncontrolled Recursion
|
CVE-2026-41311
|
2026-05-15 03:40 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4376
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with adm…
|
CWE-89
SQL Injection
|
CVE-2026-44863
|
2026-05-15 03:40 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4377
|
7.2 |
HIGH
Network
|
arubanetworks
|
arubaos
sd-wan
|
SQL injection vulnerabilities exist in several underlying service components accessible through the AOS-8 and AOS-10 command-line interface and management protocol. An authenticated attacker with adm…
|
CWE-89
SQL Injection
|
CVE-2026-44864
|
2026-05-15 03:40 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4378
|
6.5 |
MEDIUM
Network
|
argoproj
|
argo_workflows
|
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. From version 4.0.0 to before version 4.0.5, a nil pointer dereference in server/auth/g…
|
CWE-476
NULL Pointer Dereference
|
CVE-2026-42183
|
2026-05-15 03:40 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4379
|
5.3 |
MEDIUM
Network
|
mem0
|
mem0
|
The mem0 1.0.0 server lacks authentication and authorization controls for its memory creation API endpoint (POST /memories). The endpoint allows unauthenticated users to submit arbitrary memory recor…
|
CWE-306
CWE-862
Missing Authentication for Critical Function
Missing Authorization
|
CVE-2026-31245
|
2026-05-15 03:39 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4380
|
6.5 |
MEDIUM
Network
|
mem0
|
mem0
|
The mem0 1.0.0 server lacks authentication and authorization controls for its memory deletion API endpoint (DELETE /memories/{memory_id}). The endpoint allows unauthenticated users to delete arbitrar…
|
CWE-306
CWE-862
Missing Authentication for Critical Function
Missing Authorization
|
CVE-2026-31244
|
2026-05-15 03:38 |
2026-05-13 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
