Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-41501 | CRITICAL | 9.8 | electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:130. The runLinux() function appends attacker-controlled remote version strings … | May 08, 2026 |
| CVE-2026-41500 | CRITICAL | 9.8 | electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to version 3.3.8, a command injection vulnerability exists in github.com/elcterm/electerm/npm/install.js:150. The runMac() function appends attacker-controlled remote releaseInfo.name directly … | May 08, 2026 |
| CVE-2026-41498 | LOW | 3.3 | Kimai is an open-source time tracking application. Prior to version 2.54.0, the Team API endpoints use #[IsGranted('edit_team')] instead of #[IsGranted('edit', 'team')], causing Symfony TeamVoter to … | May 08, 2026 |
| CVE-2026-8128 | HIGH | 7.3 | A vulnerability was found in SourceCodester SUP Online Shopping 1.0. The affected element is an unknown function of the file /admin/viewmsg.php. Performing a manipulation of … | May 08, 2026 |
| CVE-2026-8127 | MEDIUM | 6.3 | A vulnerability has been found in eladmin up to 2.7. Impacted is the function checkLevel of the file /rest/UserController.java of the component Users API Endpoint. … | May 08, 2026 |
| CVE-2026-8126 | HIGH | 7.3 | A flaw has been found in SourceCodester Comment System 1.0. This issue affects some unknown processing of the file post_comment.php. This manipulation of the argument … | May 08, 2026 |
| CVE-2026-6737 | UNKNOWN | — | An Exposed IOCTL with Insufficient Access Control vulnerability in AsusPTPFilter allows a local user to bypass driver security mechanisms and obtain restricted touchpad information or … | May 08, 2026 |
| CVE-2026-3508 | UNKNOWN | — | An Out-of-bounds Read vulnerability in the IOCTL handler in ASUS System Control Interface allows a local user to cause system crash (BSOD) via a read … | May 08, 2026 |
| CVE-2026-8125 | MEDIUM | 6.3 | A vulnerability was detected in code-projects Simple Chat System 1.0. This vulnerability affects unknown code of the file sendMessage.php. The manipulation of the argument type/length/business … | May 08, 2026 |
| CVE-2026-8124 | LOW | 3.3 | A security vulnerability has been detected in GPAC up to 26.02.0. This affects the function sidx_box_read of the file src/isomedia/box_code_base.c. The manipulation leads to allocation … | May 08, 2026 |
| CVE-2026-8123 | MEDIUM | 4.3 | A vulnerability was determined in Open5GS up to 2.7.7. This impacts the function ogs_sbi_discovery_option_add_snssais in the library /lib/sbi/message.c of the component NSSF. This manipulation causes … | May 08, 2026 |
| CVE-2026-8122 | MEDIUM | 4.3 | A vulnerability was found in Open5GS up to 2.7.7. This affects the function ogs_sbi_discovery_option_add_service_names in the library /lib/sbi/message.c of the component NSSF. The manipulation results … | May 08, 2026 |
| CVE-2026-8121 | MEDIUM | 4.3 | A vulnerability has been found in Open5GS up to 2.7.7. The impacted element is the function ogs_sbi_parse_plmn_list in the library /lib/sbi/conv.c of the component NSSF. … | May 08, 2026 |
| CVE-2026-8120 | MEDIUM | 4.3 | A flaw has been found in Open5GS up to 2.7.7. The affected element is the function nssf_nnrf_nsselection_handle_get_from_amf_or_vnssf of the file /src/nssf/nnssf-handler.c of the component NSSF. … | May 08, 2026 |
| CVE-2026-8119 | LOW | 3.3 | A vulnerability was detected in Open5GS up to 2.7.7. Impacted is the function ogs_sbi_stream_find_by_id in the library /lib/sbi/nghttp2-server.c of the component NSSF. Performing a manipulation … | May 08, 2026 |
| CVE-2026-8117 | MEDIUM | 4.3 | A security vulnerability has been detected in SourceCodester Pizzafy Ecommerce System 1.0. This issue affects some unknown processing of the file /admin/index.php. Such manipulation of … | May 08, 2026 |
| CVE-2026-8116 | MEDIUM | 6.3 | A weakness has been identified in huangjunsen0406 xiaozhi-mcphub up to 1.0.3. This vulnerability affects unknown code of the file src/controllers/dxtController.ts. This manipulation of the argument … | May 08, 2026 |
| CVE-2026-8115 | MEDIUM | 5.3 | A security flaw has been discovered in gyoridavid short-video-maker up to 1.3.4. This affects an unknown part of the file src/server/routers/rest.ts of the component REST … | May 07, 2026 |
| CVE-2026-6411 | HIGH | 7.3 | This vulnerability, in the MAXHUB Pivot client application versions prior to v1.36.2, may allow an attacker to obtain encrypted tenant email addresses and related metadata … | May 07, 2026 |
| CVE-2026-42880 | CRITICAL | 9.6 | Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. From versions 3.2.0 to before 3.2.11 and 3.3.0 to before 3.3.9, there is a … | May 07, 2026 |
| CVE-2026-2710 | UNKNOWN | — | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | May 07, 2026 |
| CVE-2026-8114 | MEDIUM | 6.3 | A vulnerability was identified in JeecgBoot up to 3.9.1. Affected by this issue is some unknown functionality of the file /sys/dict/loadTreeData of the component JSON … | May 07, 2026 |
| CVE-2026-8113 | MEDIUM | 4.3 | A vulnerability was determined in 8421bit MiniClaw up to 43905b934cf76489ab28e4d17da28ee97970f91f. Affected by this vulnerability is the function isPathInside of the file src/kernel.ts of the component … | May 07, 2026 |
| CVE-2026-8112 | MEDIUM | 6.3 | A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os … | May 07, 2026 |
| CVE-2026-8106 | UNKNOWN | — | A reflected HTML injection vulnerability was identified in the GitHub Enterprise Server Management Console login page that could allow credential theft. The redirect_to query parameter … | May 07, 2026 |