Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
5.0 MEDIUM
CVE-2026-10173 — Orthanc Explorer 2 URL StudyList.vue cross site scripting

A weakness has been identified in Orthanc Explorer 2 up to 1.12.0. The impacted element is an unknown function of the file WebApplication/src/components/StudyList.vue of the component URL Handler. Th…

Remote | Cross-Site Scripting
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10172 — Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted u…

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php…

Remote | Misconfiguration
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
5.8 MEDIUM
CVE-2026-10171 — code-projects Online Music Site AdminUpdateAlbum.php sql injection

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to …

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10170 — code-projects Visitor Management System phone_0.php sql injection

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone_0.php. This manipulation of the argument phone ca…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
3.7 LOW
CVE-2026-10169 — OUSL-GROUP-BrinaryBrains School Student Management System Forgot Password Endpoint Login.…

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajax_forgot_pa…

Remote | Authentication
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10168 — OUSL-GROUP-BrinaryBrains School Student Management System Parents.php marks resource inje…

A security vulnerability has been detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected is the function marks of the file appl…

Remote | Path Traversal
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
7.5 HIGH
CVE-2026-10167 — OUSL-GROUP-BrinaryBrains School Student Management System MY_Controller Login.php sign_au…

A weakness has been identified in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. This impacts the function sign_auth_cookie of the file appl…

Remote | Authentication
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
5.3 MEDIUM
CVE-2026-8382 — Advanced Custom Fields (ACF®) <= 6.8.1 - Unauthenticated Arbitrary Post Modification via …

The Advanced Custom Fields (ACF®) plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 6.8.1. This is due to the plugin not properly verifying that a user …

Remote | Authorization
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10166 — Edimax BR-6478AC POST Request formWlbasic command injection

A vulnerability was determined in Edimax BR-6478AC 1.23. The affected element is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. This manipulation of t…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10165 — Edimax BR-6478AC POST Request formWanTcpipSetup stack-based overflow

A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manip…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10164 — Edimax BR-6478AC POST Request formUSBFolder buffer overflow

A vulnerability was found in Edimax BR-6478AC 1.23. Impacted is the function formUSBFolder of the file /goform/formUSBFolder of the component POST Request Handler. The manipulation of the argument Sh…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10163 — Edimax BR-6478AC POST Request formUSBAccount buffer overflow

A vulnerability has been found in Edimax BR-6478AC 1.23. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. The manipulation of t…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10162 — TRENDnet TEW-432BRP formSetPassword stack-based overflow

A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file /goform/formSetPassword. Executing a manipulation of the argument webpage can…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10161 — TRENDnet TEW-432BRP formResetStatistic stack-based overflow

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument status_stat…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10160 — TRENDnet TEW-432BRP formSetEnableWizard stack-based overflow

A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10159 — TRENDnet TEW-432BRP formSysLog stack-based overflow

A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument current_page…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10158 — TRENDnet TEW-432BRP formPortFw stack-based overflow

A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument server_name results in stack-b…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
7.5 HIGH
CVE-2026-10157 — Open5GS NGAP PathSwitchRequest Message ngap-handler.c improper authentication

A vulnerability was identified in Open5GS up to 2.7.6. This impacts an unknown function of the file src/amf/ngap-handler.c of the component NGAP PathSwitchRequest Message Handler. The manipulation le…

Remote | Authentication
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
4.3 MEDIUM
CVE-2026-10156 — Open5GS nf-instances Endpoint nnrf-handler.c handle_amf_info resource consumption

A vulnerability was determined in Open5GS up to 2.7.7. This affects the function handle_amf_info in the library /lib/sbi/nnrf-handler.c of the component nf-instances Endpoint. Executing a manipulatio…

open5gs | Remote | Denial of Service
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
5.8 MEDIUM
CVE-2026-10155 — Bdtask Multi-Store Inventory Management System Accounts Report Accounts.php accounts_repo…

A vulnerability was found in Bdtask Multi-Store Inventory Management System 1.0. The impacted element is the function accounts_report_search of the file application/modules/accounts/controllers/Accou…

May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
Showing 20 of 6898 Results