Latest CVE Feed
CVE Intelligence
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
Score
Vulnerability
Published
7.3
HIGH
CVE-2026-37430
— Qihang WMS Arbitrary Code Execution Vulnerability
An arbitrary file upload vulnerability in the ShopOrderImportController.java component of qihang-wms commit 75c15a allows attackers to execute arbitrary code via uploading a crafted file.
Remote
|
Misconfiguration
May 13, 2026
May 14, 2026
May 13, 2026
May 14, 2026
6.5
MEDIUM
CVE-2026-37429
— Qihang WMS SQL Injection
qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysUserMapper.xml file. This vulnerability allows attackers to access sensitive dat…
Remote
|
Injection
May 13, 2026
May 13, 2026
May 13, 2026
May 13, 2026
6.5
MEDIUM
CVE-2026-37428
— Qihang WMS SQL Injection Vulnerability
qihang-wms commit 75c15a was discovered to contain a SQL injection vulnerability via the datascope parameter in the SysDeptMapper.xml file. This vulnerability allows attackers to access sensitive dat…
Remote
|
Injection
May 13, 2026
May 13, 2026
May 13, 2026
May 13, 2026