Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-10186 — code-projects Online Hospital Management System patient.php sql injection

A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulati…

| Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
0.0 NA
CVE-2026-10185 — SourceCodester Hospitals Patient Records Management System Users.php save sql injection

A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argum…

| Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
0.0 NA
CVE-2026-10184 — SourceCodester Hospitals Patient Records Management System Users.php delete sql injection

A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of th…

| Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
8.6 HIGH
CVE-2026-49490 — OpenCATS - SQL Injection in DataGrid Filter Handling for Tags Column

OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
8.5 HIGH
CVE-2026-49489 — OpenCATS - SQL Injection in DataGrid sortDirection Parameter

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can in…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10181 — TRENDnet TEW-432BRP formSysCmd stack-based overflow

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results …

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
0.0 NA
CVE-2026-10183 — TRENDnet TEW-432BRP formWlanSetup stack-based overflow

A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-base…

| Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
0.0 NA
CVE-2026-10182 — TRENDnet TEW-432BRP formWlanSetup command injection

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee …

| Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10180 — TRENDnet TEW-432BRP formSysCmd command injection

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection.…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10179 — TRENDnet TEW-432BRP formSetWlanEncrypt stack-based overflow

A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
7.5 HIGH
CVE-2026-10178 — code-projects Online Music Site AdminEditAlbum.php sql injection

A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID res…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10177 — Aider-AI Aider AWS EC2 Metadata Endpoint api_docs.py requests.get server-side request for…

A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file api_docs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads …

Remote | Server-Side Request Forgery
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10176 — Aider-AI Aider Code Generation Workflow sql injection

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injec…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10175 — Aider-AI Aider Architect Mode auth.py editor_coder.run code injection

A security flaw has been discovered in Aider-AI Aider 0.86.3. Affected by this vulnerability is the function editor_coder.run of the file auth.py of the component Architect Mode. Performing a manipul…

aider | Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10174 — Aider-AI Aider Pre-commit Hook args.py protection mechanism

A vulnerability was identified in Aider-AI Aider 0.86.3. Affected is an unknown function of the file aider/args.py of the component Pre-commit Hook Handler. Such manipulation of the argument git-comm…

aider | Remote | Misconfiguration
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
5.0 MEDIUM
CVE-2026-10173 — Orthanc Explorer 2 URL StudyList.vue cross site scripting

A weakness has been identified in Orthanc Explorer 2 up to 1.12.0. The impacted element is an unknown function of the file WebApplication/src/components/StudyList.vue of the component URL Handler. Th…

explorer_2 | Remote | Cross-Site Scripting
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10172 — Bdtask Multi-Store Inventory Management System Component Module.php upload unrestricted u…

A security flaw has been discovered in Bdtask Multi-Store Inventory Management System 1.0. The affected element is the function Upload of the file application/modules/dashboard/controllers/Module.php…

multi-store_inventory_management_system | Remote | Misconfiguration
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
5.8 MEDIUM
CVE-2026-10171 — code-projects Online Music Site AdminUpdateAlbum.php sql injection

A vulnerability has been found in code-projects Online Music Site 1.0. This affects an unknown part of the file /Administrator/PHP/AdminUpdateAlbum.php. Such manipulation of the argument ID leads to …

online_music_site | Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10170 — code-projects Visitor Management System phone_0.php sql injection

A flaw has been found in code-projects Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /vms/php/phone_0.php. This manipulation of the argument phone ca…

visitor_management_system | Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
3.7 LOW
CVE-2026-10169 — OUSL-GROUP-BrinaryBrains School Student Management System Forgot Password Endpoint Login.…

A vulnerability was detected in OUSL-GROUP-BrinaryBrains School Student Management System up to 1e70e5ad1125b86dca4ee086eb6bb121f17708b6. Affected by this vulnerability is the function ajax_forgot_pa…

school_student_management_system | Remote | Authentication
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
Showing 20 of 6867 Results