Latest CVE Vulnerabilities

4.8 MEDIUM

CVE-2026-3407 — YosysHQ yosys BLIF File rtlil.h set heap-based overflow

A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes h…

| Memory Corruption

Mar 02, 2026 Mar 02, 2026

Mar 02, 2026

9.8 CRITICAL

CVE-2026-3406 — projectworlds Online Art Gallery Shop Registration registration.php sql injection

A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The mani…

online_art_gallery_shop | Remote | Injection

Mar 02, 2026 Mar 03, 2026

Mar 02, 2026

Mar 03, 2026

8.1 HIGH

CVE-2026-3405 — thinkgem JeeSite Connection path traversal

A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possi…

jeesite | Remote | Path Traversal

Mar 02, 2026 Mar 03, 2026

Mar 02, 2026

Mar 03, 2026

8.1 HIGH

CVE-2026-3404 — thinkgem JeeSite Endpoint CasOutHandler.java xml external entity reference

A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulatio…

jeesite | Remote | XML External Entity

Mar 02, 2026 Mar 09, 2026

Mar 02, 2026

Mar 09, 2026

4.8 MEDIUM

CVE-2026-3403 — PHPGurukul Student Record Management System edit-subject.php cross site scripting

A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Su…

student_record_system | Remote | Cross-Site Scripting

Mar 02, 2026 Mar 03, 2026

Mar 02, 2026

Mar 03, 2026

4.8 MEDIUM

CVE-2026-3402 — PHPGurukul Student Record Management System edit-course.php cross site scripting

A security vulnerability has been detected in PHPGurukul Student Record Management System up to 1.0. This vulnerability affects unknown code of the file /edit-course.php. Such manipulation of the arg…

student_record_system | Remote | Cross-Site Scripting

Mar 02, 2026 Mar 03, 2026

Mar 02, 2026

Mar 03, 2026

6.6 MEDIUM

CVE-2026-3401 — SourceCodester Web-based Pharmacy Product Management System session expiration

A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of th…

web-based_pharmacy_product_management_system | Remote | Authentication

Mar 02, 2026 Mar 03, 2026

Mar 02, 2026

Mar 03, 2026

9.8 CRITICAL

CVE-2026-3400 — Tenda AC15 TextEditingConversion stack-based overflow

A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument w…

ac15_firmware ac15 | Remote | Memory Corruption

Mar 02, 2026 Mar 03, 2026

Mar 02, 2026

Mar 03, 2026

9.0 HIGH

CVE-2026-3399 — Tenda F453 httpd GstDhcpSetSer fromGstDhcpSetSer buffer overflow

A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. The manipulation of th…

f453_firmware f453 | Remote | Memory Corruption

Mar 01, 2026 Mar 03, 2026

Mar 01, 2026

Mar 03, 2026

9.0 HIGH

CVE-2026-3398 — Tenda F453 httpd AdvSetWan fromAdvSetWan buffer overflow

A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. Executing a manipulation of the argument wanmode/PPP…

f453_firmware f453 | Remote | Memory Corruption

Mar 01, 2026 Mar 03, 2026

Mar 01, 2026

Mar 03, 2026

Browse by Apps

Latest CVE Feed

Cookie Preferences