Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
20648
Total
1489
Critical
6270
High
6549
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-13508 | MEDIUM | 5.5 | A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impacts an unknown function of the file src/khoj/routers/api_chat.py of the component Conversation Sharing … | Jun 28, 2026 |
| CVE-2026-13507 | MEDIUM | 5.0 | A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function str_to_uint64 of the file openviking/storage/vectordb/utils/str_to_uint64.py of the component Local VectorDB Primary-key … | Jun 28, 2026 |
| CVE-2026-49048 | CRITICAL | 9.8 | The Joomla extension JoomCCK exposes a front-end controller task, that builds two SQL statements by directly concatenating a user-supplied request parameter into the query string … | Jun 28, 2026 |
| CVE-2026-13504 | LOW | 3.5 | A vulnerability has been found in code-projects Project Management System 1.0. This vulnerability affects unknown code of the file /mail.php of the component Mail Compose … | Jun 28, 2026 |
| CVE-2026-13503 | MEDIUM | 5.3 | A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component … | Jun 28, 2026 |
| CVE-2026-13502 | MEDIUM | 4.5 | A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. … | Jun 28, 2026 |
| CVE-2026-13501 | MEDIUM | 5.3 | A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of … | Jun 28, 2026 |
| CVE-2026-13500 | HIGH | 7.3 | A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action … | Jun 28, 2026 |
| CVE-2026-13499 | MEDIUM | 4.3 | A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file login_register.php of the component Registration Handler. Performing a … | Jun 28, 2026 |
| CVE-2026-13498 | HIGH | 7.3 | A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of … | Jun 28, 2026 |
| CVE-2026-13497 | MEDIUM | 6.3 | A vulnerability was determined in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /appointment.php. This manipulation of the … | Jun 28, 2026 |
| CVE-2026-13496 | MEDIUM | 6.3 | A vulnerability was found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /ajaxmedicine.php. The manipulation of the … | Jun 28, 2026 |
| CVE-2026-13495 | MEDIUM | 4.7 | A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminprofile.php. The manipulation of the argument … | Jun 28, 2026 |
| CVE-2026-13493 | LOW | 3.1 | A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversation_api.py of the component Workflow … | Jun 28, 2026 |
| CVE-2026-13491 | LOW | 3.7 | A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqtt_protocol.cc of the component MQTT Goodbye … | Jun 28, 2026 |
| CVE-2026-13490 | LOW | 3.7 | A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such … | Jun 28, 2026 |
| CVE-2026-13489 | LOW | 3.1 | A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcp_server.cc of the … | Jun 28, 2026 |
| CVE-2026-13488 | HIGH | 7.3 | A security flaw has been discovered in SourceCodester Class and Exam Timetabling System 1.0/7.php. Affected by this vulnerability is an unknown functionality of the file … | Jun 28, 2026 |
| CVE-2026-13487 | HIGH | 7.3 | A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /archive.php. The manipulation of the … | Jun 28, 2026 |
| CVE-2026-13486 | HIGH | 7.3 | A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/6.php. This impacts an unknown function of the file /preview6.php. Executing a manipulation of … | Jun 28, 2026 |
| CVE-2026-13485 | HIGH | 7.3 | A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. This affects an unknown function of the file /preview.php. Performing a manipulation of … | Jun 28, 2026 |
| CVE-2026-13484 | MEDIUM | 5.0 | A vulnerability has been found in MLflow up to 4666cffc7912ea606d592fc38d6a75e2935f65e7. The impacted element is an unknown function of the component Experiment-scoped Label Schema CRUD API. … | Jun 28, 2026 |
| CVE-2026-13483 | LOW | 3.1 | A flaw has been found in arc53 DocsGPT up to 0.18.0. The affected element is the function encrypt_credentials of the file application/security/encryption.py of the component … | Jun 28, 2026 |
| CVE-2026-13482 | LOW | 3.7 | A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is the function username.encode of the file sky/users/server.py of the component User ID Handler. … | Jun 28, 2026 |
| CVE-2026-10646 | HIGH | 7.4 | Zephyr's BSD-sockets getaddrinfo() implementation (subsys/net/lib/sockets/getaddrinfo.c) passes a pointer to a stack-allocated state object (struct getaddrinfo_state ai_state) as the user_data of an asynchronous DNS resolver query. … | Jun 28, 2026 |