Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
12618
Total
849
Critical
3639
High
3952
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-5013 | MEDIUM | 5.3 | A vulnerability has been found in elecV2 elecV2P up to 3.8.3. Impacted is the function path.join of the file /store/:key. The manipulation of the argument … | Mar 28, 2026 |
| CVE-2026-5012 | HIGH | 7.3 | A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can … | Mar 28, 2026 |
| CVE-2026-5011 | MEDIUM | 6.3 | A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. … | Mar 28, 2026 |
| CVE-2026-5007 | MEDIUM | 5.3 | A vulnerability was identified in kazuph mcp-docs-rag up to 0.5.0. Affected is the function cloneRepository of the file src/index.ts of the component add_git_repository/add_text_file. The manipulation … | Mar 28, 2026 |
| CVE-2026-3256 | UNKNOWN | — | HTTP::Session versions through 0.53 for Perl defaults to using insecurely generated session ids. HTTP::Session defaults to using HTTP::Session::ID::SHA1 to generate session ids using a SHA-1 … | Mar 28, 2026 |
| CVE-2025-15604 | UNKNOWN | — | Amon2 versions before 6.17 for Perl use an insecure random_string implementation for security functions. In versions 6.06 through 6.16, the random_string function will attempt to … | Mar 28, 2026 |
| CVE-2026-5004 | HIGH | 8.8 | A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation … | Mar 28, 2026 |
| CVE-2026-5003 | MEDIUM | 5.3 | A vulnerability was found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. This affects the function handle_index of the file rag_system/api_server.py of the component Web Interface. Performing … | Mar 28, 2026 |
| CVE-2026-5002 | HIGH | 7.3 | A vulnerability has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The impacted element is the function _route_using_overviews of the file backend/server.py of the component … | Mar 28, 2026 |
| CVE-2026-5001 | HIGH | 7.3 | A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is the function do_POST of the file backend/server.py. This manipulation causes … | Mar 28, 2026 |
| CVE-2026-5000 | HIGH | 7.3 | A vulnerability was detected in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Impacted is the function LocalGPTHandler of the file backend/server.py of the component API Endpoint. The … | Mar 28, 2026 |
| CVE-2026-4999 | MEDIUM | 6.3 | A security vulnerability has been detected in z-9527 admin up to 72aaf2dd05cf4ec2e98f390668b41e128eec5ad2. This issue affects the function uploadFile of the file /server/utils/upload.js of the component … | Mar 28, 2026 |
| CVE-2026-4998 | HIGH | 7.3 | A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/code_execution/code_executor.py of the component … | Mar 28, 2026 |
| CVE-2026-4997 | MEDIUM | 5.3 | A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function is_sql_query_safe of the file pandasai/helpers/sql_sanitizer.py. Performing a manipulation … | Mar 28, 2026 |
| CVE-2026-4996 | HIGH | 7.3 | A vulnerability was identified in Sinaptik AI PandasAI up to 0.1.4. Affected by this issue is the function delete_question_and_answers/delete_docs/update_question_answer/update_docs/get_relevant_question_answers_by_id/get_relevant_docs_by_id of the file extensions/ee/vectorstores/lancedb/pandasai_lancedb/lancedb.py of the … | Mar 28, 2026 |
| CVE-2026-2595 | MEDIUM | 5.4 | The Quads Ads Manager for Google AdSense plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2.0.98.1 due to … | Mar 28, 2026 |
| CVE-2018-25225 | HIGH | 8.4 | SIPP 3.3 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious input in the configuration file. … | Mar 28, 2026 |
| CVE-2018-25224 | HIGH | 8.4 | PMS 0.42 contains a stack-based buffer overflow vulnerability that allows local unauthenticated attackers to execute arbitrary code by supplying malicious values in the configuration file. … | Mar 28, 2026 |
| CVE-2018-25223 | CRITICAL | 9.8 | Crashmail 1.6 contains a stack-based buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending malicious input to the application. Attackers can … | Mar 28, 2026 |
| CVE-2018-25222 | HIGH | 8.4 | SC v7.16 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input that exceeds buffer boundaries. Attackers … | Mar 28, 2026 |
| CVE-2018-25221 | CRITICAL | 9.8 | EChat Server 3.1 contains a buffer overflow vulnerability in the chat.ghp endpoint that allows remote attackers to execute arbitrary code by supplying an oversized username … | Mar 28, 2026 |
| CVE-2018-25220 | CRITICAL | 9.8 | Bochs 2.6-5 contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized input string to the application. Attackers … | Mar 28, 2026 |
| CVE-2017-20229 | CRITICAL | 9.8 | MAWK 1.3.3-17 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by exploiting inadequate boundary checks on user-supplied input. … | Mar 28, 2026 |
| CVE-2017-20228 | HIGH | 8.4 | Flat Assembler 1.71.21 contains a stack-based buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying oversized input to the application. Attackers … | Mar 28, 2026 |
| CVE-2017-20227 | CRITICAL | 9.8 | JAD Java Decompiler 1.5.8e-1kali1 and prior contains a stack-based buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying overly long input that … | Mar 28, 2026 |