Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
23889
Total
1707
Critical
7494
High
7633
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-10211 | MEDIUM | 6.3 | A vulnerability was determined in AstrBotDevs AstrBot 4.23.6. Affected by this issue is the function _normalize_rw_path of the file astrbot/core/tools/computer_tools/fs.py. This manipulation causes incorrect authorization. … | Jun 01, 2026 |
| CVE-2026-10210 | MEDIUM | 6.3 | A vulnerability was found in AstrBotDevs AstrBot 4.23.6. Affected by this vulnerability is the function _sanitize_prompt_description of the file astrbot/core/skills/skill_manager.py. The manipulation results in injection. … | Jun 01, 2026 |
| CVE-2026-10209 | MEDIUM | 6.3 | A vulnerability has been found in code-projects Online Hospital Management System 1.0. Affected is an unknown function of the file appointmentdetail.php of the component Appointment … | Jun 01, 2026 |
| CVE-2026-10208 | HIGH | 7.3 | A flaw has been found in code-projects Online Hospital Management System 1.php. This impacts the function login_user of the file login_1.php. Executing a manipulation of … | Jun 01, 2026 |
| CVE-2026-10206 | HIGH | 8.8 | A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument … | Jun 01, 2026 |
| CVE-2026-10205 | MEDIUM | 6.3 | A security vulnerability has been detected in Metasoft 美特软件 MetaCRM 6.4.0. The impacted element is an unknown function of the file develop/systparam/softlogo/upload.jsp. Such manipulation leads … | Jun 01, 2026 |
| CVE-2026-10204 | MEDIUM | 6.3 | A weakness has been identified in OFCMS 1.1.3. The affected element is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SysUserController.java of the component JSON Query Interface. … | Jun 01, 2026 |
| CVE-2026-10203 | MEDIUM | 6.3 | A security flaw has been discovered in OFCMS 1.1.3. Impacted is the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemParamController.java of the component JSON Query Interface. The … | Jun 01, 2026 |
| CVE-2026-10202 | MEDIUM | 6.3 | A vulnerability was identified in OFCMS 1.1.3. This issue affects the function Query of the file \ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\system\SystemDictController.java of the component JSON Query Interface. The manipulation … | Jun 01, 2026 |
| CVE-2026-10201 | LOW | 3.3 | A vulnerability was determined in Assimp up to 6.0.4. This vulnerability affects the function FBXExporter::WriteObjects of the file FBXExporter.cpp of the component UV Channel Handler. … | Jun 01, 2026 |
| CVE-2026-10200 | MEDIUM | 5.3 | A vulnerability was found in Assimp up to 6.0.4. This affects the function glTFCommon::CopyValue in the library glTFCommon.h of the component 4x4 Matrix Parser. Performing … | May 31, 2026 |
| CVE-2026-10199 | LOW | 3.3 | A vulnerability has been found in Assimp up to 6.0.4. Affected by this issue is the function glTF2::LazyDict in the library glTF2Asset.h. Such manipulation of … | May 31, 2026 |
| CVE-2026-10198 | LOW | 3.3 | A flaw has been found in Assimp up to 6.0.4. Affected by this vulnerability is the function Assimp::glTFImporter::ImportMeshes of the file glTFImporter.cpp of the component … | May 31, 2026 |
| CVE-2026-48210 | MEDIUM | 5.7 | An improper default configuration in OTRS 2026.3.1 causes ticket article forwarding actions to enforce the “Is visible for customer” flag by default and prevent users … | May 31, 2026 |
| CVE-2026-10197 | LOW | 3.3 | A vulnerability was detected in Assimp up to 6.0.4. Affected is the function glTF2Importer::ImportEmbeddedTextures in the library code/AssetLib/glTF2/glTF2Importer.cpp of the component TF File Handler. The … | May 31, 2026 |
| CVE-2026-8796 | UNKNOWN | — | Sereal::Decoder versions before 5.005 for Perl allow heap out-of-bounds read via crafted input. In Perl/Decoder/srl_decoder.c, srl_read_object() and srl_read_hash() process a COPY tag, a back-reference whose … | May 31, 2026 |
| CVE-2026-10194 | MEDIUM | 6.3 | A weakness has been identified in OFFIS DCMTK 3.7.0. This affects the function DcmQueryRetrieveIndexDatabaseHandle::deleteOldestImages of the file dcmqrdb/libsrc/dcmqrdbi.cc of the component dcmqrscp. Executing a manipulation … | May 31, 2026 |
| CVE-2026-10193 | MEDIUM | 6.3 | A security flaw has been discovered in OFCMS up to 1.1.3. The impacted element is the function Query of the file ofcms-admin\src\main\java\com\ofsoft\cms\admin\controller\ComnController.java of the component … | May 31, 2026 |
| CVE-2026-10192 | HIGH | 8.8 | A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the file /bin/httpd. Such manipulation of the argument Time … | May 31, 2026 |
| CVE-2026-10191 | HIGH | 8.8 | A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function cgiWifiMacFilterSet of the file /bin/httpd. This manipulation of the argument wifiMacFilterSet.macList.mac causes stack-based … | May 31, 2026 |
| CVE-2026-10190 | MEDIUM | 6.5 | A vulnerability was found in Tenda W12 3.0.0.7(4763). This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The … | May 31, 2026 |
| CVE-2026-10189 | HIGH | 8.8 | A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec … | May 31, 2026 |
| CVE-2026-10188 | HIGH | 8.8 | A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac … | May 31, 2026 |
| CVE-2026-10187 | CRITICAL | 9.8 | A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management … | May 31, 2026 |
| CVE-2026-10186 | HIGH | 7.3 | A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. … | May 31, 2026 |