Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
10692
Total
727
Critical
3080
High
3407
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-7088 | HIGH | 7.3 | A weakness has been identified in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=save_receiving. Executing … | Apr 27, 2026 |
| CVE-2026-7087 | HIGH | 7.3 | A security flaw has been discovered in SourceCodester Pharmacy Sales and Inventory System 1.0. Impacted is an unknown function of the file /ajax.php?action=save_sales. Performing a … | Apr 27, 2026 |
| CVE-2026-7086 | MEDIUM | 4.3 | A vulnerability was identified in HBAI-Ltd Toonflow-app up to 1.1.1. This issue affects the function updateStoryboardUrl of the file replaceUrl.ts of the component Storyboard Export. … | Apr 27, 2026 |
| CVE-2026-7085 | MEDIUM | 5.0 | A vulnerability was determined in HBAI-Ltd Toonflow-app up to 1.1.1. This vulnerability affects the function z.url of the file src/routes/setting/about/downloadApp.ts of the component downloadApp Endpoint. … | Apr 27, 2026 |
| CVE-2026-7084 | MEDIUM | 6.3 | A vulnerability was found in HBAI-Ltd Toonflow-app up to 1.1.1. This affects the function fetch of the file src/routes/setting/vendorConfig/getCodeByLink.ts of the component getCodeByLink Endpoint. The … | Apr 27, 2026 |
| CVE-2026-7083 | MEDIUM | 4.7 | A vulnerability has been found in likeadmin-likeshop likeadmin_php up to 1.9.6. Affected by this issue is the function queryResult of the file server\app\adminapi\lists\tools\DataTableLists.php of the … | Apr 27, 2026 |
| CVE-2026-7082 | HIGH | 8.8 | A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. … | Apr 27, 2026 |
| CVE-2026-7081 | HIGH | 8.8 | A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of … | Apr 27, 2026 |
| CVE-2026-3868 | UNKNOWN | — | An improper handling of the length parameter inconsistency vulnerability has been identified in Moxa’s Secure Router. Because of improper validation of length parameters in the … | Apr 27, 2026 |
| CVE-2026-3867 | UNKNOWN | — | An improper ownership management vulnerability has been identified in Moxa’s Secure Router. Because of improper ownership management, a low-privileged authenticated user may access a configuration … | Apr 27, 2026 |
| CVE-2026-7106 | HIGH | 8.8 | The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.0.0. This is due to … | Apr 27, 2026 |
| CVE-2026-7080 | HIGH | 8.8 | A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation … | Apr 27, 2026 |
| CVE-2026-7079 | HIGH | 8.8 | A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipulation of … | Apr 27, 2026 |
| CVE-2026-7078 | HIGH | 8.8 | A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component httpd. … | Apr 27, 2026 |
| CVE-2026-7077 | HIGH | 7.3 | A vulnerability was identified in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /edit_parcel.php. The manipulation of the … | Apr 27, 2026 |
| CVE-2026-3006 | HIGH | 7.0 | Successful exploitation of the race condition vulnerability could allow an attacker to trigger a kernel heap overflow, potentially leading to local privilege escalation and granting … | Apr 27, 2026 |
| CVE-2026-7076 | HIGH | 7.3 | A vulnerability was determined in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /edit_branch.php. Executing a manipulation of the argument … | Apr 27, 2026 |
| CVE-2026-7075 | HIGH | 7.3 | A vulnerability was found in itsourcecode Construction Management System 1.0. This issue affects some unknown processing of the file /locations.php. Performing a manipulation of the … | Apr 27, 2026 |
| CVE-2026-7074 | HIGH | 7.3 | A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument … | Apr 27, 2026 |
| CVE-2026-7073 | HIGH | 7.3 | A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument … | Apr 27, 2026 |
| CVE-2026-7072 | HIGH | 7.3 | A vulnerability was detected in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the … | Apr 27, 2026 |
| CVE-2026-7071 | MEDIUM | 5.3 | A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /users/user-cvs/. The … | Apr 27, 2026 |
| CVE-2026-7070 | HIGH | 7.3 | A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the … | Apr 27, 2026 |
| CVE-2026-7069 | HIGH | 8.0 | A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. … | Apr 27, 2026 |
| CVE-2026-7068 | HIGH | 8.8 | A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation leads to … | Apr 27, 2026 |