Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.5 HIGH
CVE-2026-14746 — code-projects Real State Services addprojectrent.php sql injection

A security vulnerability has been detected in code-projects Real State Services 1.0. Affected is an unknown function of the file /addprojectrent.php. The manipulation of the argument amen leads to sq…

real_state_services | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14745 — code-projects Real State Services single-list_rent.php sql injection

A weakness has been identified in code-projects Real State Services 1.0. This impacts an unknown function of the file /single-list_rent.php. Executing a manipulation of the argument ID can lead to sq…

real_state_services | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14744 — code-projects Real State Services normalHomeRent.php sql injection

A security flaw has been discovered in code-projects Real State Services 1.0. This affects an unknown function of the file /normalHomeRent.php. Performing a manipulation of the argument loc results i…

real_state_services | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14743 — code-projects Real State Services normalHomeSale.php sql injection

A vulnerability was identified in code-projects Real State Services 1.0. The impacted element is an unknown function of the file /normalHomeSale.php. Such manipulation of the argument loc leads to sq…

real_state_services | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.1 LOW
CVE-2026-14742 — langchain-ai langgraph Task Result Cache _cache.py _freeze weak hash

A vulnerability was determined in langchain-ai langgraph up to 1.2.4. The affected element is the function _freeze of the file libs/langgraph/langgraph/_internal/_cache.py of the component Task Resul…

Remote | Cryptography
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.7 LOW
CVE-2026-14738 — exo-explore exo Vision Feature Cache vision.py _image_cache_key weak hash

A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function _image_cache_key of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. …

Remote | Cryptography
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14737 — Hanwang e-Face General Management Platform querySysAuthStr.do sql injection

A vulnerability was identified in Hanwang e-Face General Management Platform 6.3.5.4. This impacts an unknown function of the file /sysAuthStr/querySysAuthStr.do. The manipulation of the argument ord…

e-face_general_management_platform | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14736 — Ruijie RG-UAC user_auth_commit.php unrestricted upload

A vulnerability was found in Ruijie RG-UAC up to 1.0-R1.8.2.p5. The impacted element is an unknown function of the file user_auth_commit.php. Performing a manipulation of the argument upload_image re…

rg-uac | Remote | Authentication
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14735 — code-projects Smart Parking System parkings.php sql injection

A vulnerability has been found in code-projects Smart Parking System 1.0. The affected element is an unknown function of the file /parkings/parkings.php. Such manipulation of the argument street/city…

smart_parking_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14734 — SourceCodester Class and Exam Timetabling System edit_product.php sql injection

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_product.php. This manipulation of the argument ID causes sql injection…

class_and_exam_timetabling_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14733 — SourceCodester Class and Exam Timetabling System edit_coursea.php sql injection

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. This issue affects some unknown processing of the file /edit_coursea.php. The manipulation of the argument ID res…

class_and_exam_timetabling_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14732 — SourceCodester Class and Exam Timetabling System edit_exam.php sql injection

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This vulnerability affects unknown code of the file /edit_exam.php. The manipulation of the argumen…

class_and_exam_timetabling_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
6.5 MEDIUM
CVE-2026-14731 — itsourcecode Hospital Management System patientreport.php sql injection

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to…

hospital_management_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
6.5 MEDIUM
CVE-2026-14730 — itsourcecode Hospital Management System patientprofile.php sql injection

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /patientprofile.php. Performing a manipulation of …

hospital_management_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
6.5 MEDIUM
CVE-2026-14725 — SourceCodester Online Boat Reservation System session expiration

A vulnerability was identified in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality. Such manipulation leads to session expiration. It is p…

online_boat_reservation_system | Remote | Authentication
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
5.3 MEDIUM
CVE-2026-14723 — AD-Security AD_Miner Cache analyse_cache.py request_a deserialization

A vulnerability was determined in AD-Security AD_Miner 1.9.0. Affected is the function request_a of the file ad_miner/scripts/analyse_cache.py of the component Cache Handler. This manipulation of the…

| Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14722 — tiddly-gittly TidGi-Desktop Git Repository Import loadWikiTiddlersWithSubWikis.ts code in…

A vulnerability was found in tiddly-gittly TidGi-Desktop up to 0.13.0. This impacts an unknown function of the file src/services/wiki/wikiWorker/loadWikiTiddlersWithSubWikis.ts of the component Git R…

Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
9.0 HIGH
CVE-2026-14721 — UTT HiPER 1250GW Web Endpoint ConfigWirelessBase_5g stack-based overflow

A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase_5g of the component Web Endpoint. The manipulatio…

hiper_1250gw | Remote | Memory Corruption
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14719 — SourceCodester Onlne Examination & Learning Management System Registration Endpoint regis…

A flaw has been found in SourceCodester Onlne Examination & Learning Management System 1.0. The impacted element is an unknown function of the file register.php of the component Registration Endpoint…

Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
4.8 MEDIUM
CVE-2026-14781 — Keycloak-services: keycloak-services: oidc email_verified claim incorrectly applied to us…

A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly synchronizes the email_verified claim. When an OIDC identity provider is configured with trustEmail=true and th…

single_sign-on data_grid build_of_keycloak | Remote | Authentication
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
Showing 20 of 7391 Results