Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-14799 — CodeAstro Ecommerce Website my_account.php sql injection

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. Impacted is an unknown function of the file /customer/my_account.php?my_wishlist. The manipulation of the argument delete_wishl…

ecommerce_website | Remote | Injection
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14798 — CodeAstro Apartment Visitor Management System visitor-entry.php sql injection

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /apartment-visitor/visitor-entry.php. The manipulation of t…

Remote | Injection
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14797 — CodeAstro Apartment Visitor Management System edit-apartment.php sql injection

A vulnerability was determined in CodeAstro Apartment Visitor Management System 1.0. This vulnerability affects unknown code of the file /apartment-visitor/edit-apartment.php. Executing a manipulatio…

Remote | Injection
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14796 — CodeAstro Apartment Visitor Management System report.php sql injection

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromd…

Remote | Injection
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14795 — CodeAstro Apartment Visitor Management System action-visitor.php sql injection

A vulnerability has been found in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/action-visitor.php. Such manip…

Remote | Injection
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
5.3 MEDIUM
CVE-2026-14794 — Craft CMS Charts Endpoint ChartsController.php actionGetNewUsersData improper authorizati…

A flaw has been found in Craft CMS up to 4.18.0.1. Affected by this vulnerability is the function actionGetNewUsersData of the file src/controllers/ChartsController.php of the component Charts Endpoi…

Remote | Authorization
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
5.3 MEDIUM
CVE-2026-14793 — Craft CMS reorder-sets Endpoint GlobalsController.php actionReorderSets authorization

A vulnerability was detected in Craft CMS up to 4.18.0.1. Affected is the function actionReorderSets of the file src/controllers/GlobalsController.php of the component reorder-sets Endpoint. The mani…

Remote | Authorization
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.9 MEDIUM
CVE-2026-14792 — Formbricks Survey actions.ts access control

A security vulnerability has been detected in Formbricks 5.0.0. This impacts an unknown function of the file apps/web/modules/survey/link/actions.ts of the component Survey Handler. The manipulation …

Remote | Authorization
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
4.0 MEDIUM
CVE-2026-14791 — crater-invoice-inc crater Invoice Note InvoicesRequest.php getFormattedString cross site …

A weakness has been identified in crater-invoice-inc crater up to 6.0.6. This affects the function getFormattedString of the file app/Http/Requests/InvoicesRequest.php of the component Invoice Note H…

Remote | Cross-Site Scripting
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
3.3 LOW
CVE-2026-14790 — GPAC Media File write_nhml.c nhmldump_send_frame null pointer dereference

A flaw has been found in GPAC 26.02.0. This affects the function nhmldump_send_frame of the file src/filters/write_nhml.c of the component Media File Handler. Executing a manipulation can lead to nul…

| Memory Corruption
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
3.3 LOW
CVE-2026-14789 — radareorg radare2 Memory64ListStream mdmp.c stack-based overflow

A vulnerability was detected in radareorg radare2 up to 6.1.6. Affected by this issue is some unknown functionality of the file libr/bin/format/mdmp/mdmp.c of the component Memory64ListStream Parser.…

| Memory Corruption
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
0.0 NA
CVE-2026-14803 — Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion …

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path (`_decode_value` dispatching to `_decode_array` and `_dec…

| Denial of Service
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
3.3 LOW
CVE-2026-14788 — radareorg radare2 cfile.c r_core_bin_load use after free

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. Affected by this vulnerability is the function r_core_bin_load of the file libr/core/cfile.c. Such manipulation leads to u…

| Memory Corruption
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
3.3 LOW
CVE-2026-14787 — radareorg radare2 pb Print cmd_print.inc cmd_print integer overflow

A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmd_print in the library libr/core/cmd_print.inc of the component pb Print Command Handler. This manipulation…

| Memory Corruption
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
3.3 LOW
CVE-2026-14786 — radareorg radare2 str.c r_str_word_get0set integer overflow

A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function r_str_word_get0set of the file libr/util/str.c. The manipulation results in integer overflow. The attac…

| Memory Corruption
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14784 — vxcontrol PentAGI Docker API client.go sandbox

A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandb…

Remote | Misconfiguration
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
4.3 MEDIUM
CVE-2026-14783 — NousResearch hermes-agent skills_tool.py skill_view path traversal

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skill_view of the file tools/skills_tool.py. Executing a manipulation of the argument Nam…

hermes-agent | Remote | Path Traversal
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
7.5 HIGH
CVE-2026-14778 — SourceCodester Onlne Examination & Learning Management System Enrollment Management ajax_…

A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajax_enroll.php of the component Enrollment …

Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14777 — SourceCodester Onlne Examination & Learning Management System announcements.php unrestric…

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a m…

onlne_examination_learning_management_system | Remote | Misconfiguration
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14776 — SourceCodester Onlne Examination & Learning Management System Filename Extension upload_f…

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /upload_files.php of the …

Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
Showing 20 of 7371 Results