Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.0 MEDIUM
CVE-2026-10173 — Orthanc Explorer 2 URL StudyList.vue cross site scripting

A weakness has been identified in Orthanc Explorer 2 up to 1.12.0. The impacted element is an unknown function of the file WebApplication/src/components/StudyList.vue of the component URL Handler. Th…

Remote | Cross-Site Scripting
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10172 — Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted u…

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php…

Remote | Misconfiguration
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
5.8 MEDIUM
CVE-2026-10171 — code-projects Online Music Site AdminUpdateAlbum.php sql injection

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to …

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10170 — code-projects Visitor Management System phone_0.php sql injection

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone_0.php. This manipulation of the argument phone ca…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
3.7 LOW
CVE-2026-10169 — OUSL-GROUP-BrinaryBrains School Student Management System Forgot Password Endpoint Login.…

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajax_forgot_pa…

Remote | Authentication
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10168 — OUSL-GROUP-BrinaryBrains School Student Management System Parents.php marks resource inje…

A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file appl…

Remote | Path Traversal
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
7.5 HIGH
CVE-2026-10167 — OUSL-GROUP-BrinaryBrains School Student Management System MY_Controller Login.php sign_au…

A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function sign_auth_cookie of the file appl…

Remote | Authentication
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
5.3 MEDIUM
CVE-2026-8382 — Advanced Custom Fields (ACF®) <= 6.8.1 - Unauthenticated Arbitrary Post Modification via …

The Advanced Custom Fields (ACF®) plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.8.1. This is due to the plugin not properly verifying that a user …

Remote | Authorization
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10166 — Edimax BR-6478AC POST Request formWlbasic command injection

A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. This manipulation of t…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10165 — Edimax BR-6478AC POST Request formWanTcpipSetup stack-based overflow

A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manip…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10164 — Edimax BR-6478AC POST Request formUSBFolder buffer overflow

A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument Sh…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10163 — Edimax BR-6478AC POST Request formUSBAccount buffer overflow

A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of t…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10162 — TRENDnet TEW-432BRP formSetPassword stack-based overflow

A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file /goform/formSetPassword. Executing a manipulation of the argument webpage can…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10161 — TRENDnet TEW-432BRP formResetStatistic stack-based overflow

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument status_stat…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10160 — TRENDnet TEW-432BRP formSetEnableWizard stack-based overflow

A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10159 — TRENDnet TEW-432BRP formSysLog stack-based overflow

A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument current_page…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10158 — TRENDnet TEW-432BRP formPortFw stack-based overflow

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument server_name results in stack-b…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
7.5 HIGH
CVE-2026-10157 — Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation le…

Remote | Authentication
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
4.3 MEDIUM
CVE-2026-10156 — Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handle_amf_info in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulatio…

open5gs | Remote | Denial of Service
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
5.8 MEDIUM
CVE-2026-10155 — Bdtask Multi-Store Inventory Management System Accounts Report Accounts.php accounts_repo…

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts_report_search of the file application/modules/accounts/controllers/Accou…

multi-store_inventory_management_system | Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
Showing 20 of 6898 Results