Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-14689 — CodeAstro Apartment Visitor Management System add-apartment.php sql injection

A security flaw has been discovered in CodeAstro Apartment Visitor Management System 1.0. The impacted element is an unknown function of the file /apartment-visitor/add-apartment.php. The manipulatio…

Remote
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
0.0 NA
CVE-2026-14570 — Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from …

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery. "Crypt::DSA::Util::makerandom forces the high bit…

Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14688 — itsourcecode Online Hotel Management System login.php sql injection

A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. The affected element is an unknown function of the file /admin/login.php. The manipulation of the argument email lea…

Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
5.5 MEDIUM
CVE-2026-14687 — 666ghj BettaFish InsightEngine search-result Deduplication agent.py _deduplicate_results …

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function _deduplicate_results of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplica…

Remote
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.3 LOW
CVE-2026-14686 — HdrHistogram Range Check DoubleHistogram.java org.HdrHistogram.DoubleHistogram.recordValu…

A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of …

Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.3 LOW
CVE-2026-14685 — HdrHistogram AbstractHistogram AbstractHistogram.java recordValueWithCount state issue

A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the compo…

Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.3 LOW
CVE-2026-14684 — HdrHistogram AbstractHistogram.java memory allocation

A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java.…

Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.3 LOW
CVE-2026-14683 — HdrHistogram AbstractHistogram.java memory allocation

A vulnerability was detected in HdrHistogram up to 2.2.2. Affected by this issue is the function org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer of the file src/main/java/org/HdrHis…

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
7.5 HIGH
CVE-2026-14660 — code-projects Online Job Portal login.php sql injection

A vulnerability was found in code-projects Online Job Portal 1.0. The affected element is an unknown function of the file login.php. Performing a manipulation of the argument txtUser/txtPass results …

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
6.5 MEDIUM
CVE-2026-14659 — itsourcecode Hospital Management System patientappointment.php sql injection

A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /patientappointment.php. Such manipulation of the argument patiente leads to…

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
6.5 MEDIUM
CVE-2026-14658 — code-projects Assessment Management marking-scheme.php sql injection

A vulnerability was detected in code-projects Assessment Management 1.0. This vulnerability affects unknown code of the file /lecturer/marking-scheme.php. The manipulation of the argument smarksrange…

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
6.5 MEDIUM
CVE-2026-14657 — code-projects Assessment Management Database Query marking-scheme.php sql injection

A flaw has been found in code-projects Assessment Management 1.0. This issue affects some unknown processing of the file /lecturer/marking-scheme.php of the component Database Query Handler. This man…

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
5.0 MEDIUM
CVE-2026-14656 — code-projects Assessment Management remove-user.php cross site scripting

A security vulnerability has been detected in code-projects Assessment Management 1.0. This affects an unknown part of the file /admin/remove-user.php. The manipulation of the argument ID leads to cr…

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
3.3 LOW
CVE-2026-14655 — code-projects Assessment Management view-users.php cross site scripting

A weakness has been identified in code-projects Assessment Management 1.0. Affected by this issue is some unknown functionality of the file admin/view-users.php. Executing a manipulation of the argum…

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
7.5 HIGH
CVE-2026-14654 — SourceCodester Simple and Nice Shopping Cart Script girlsproductdeletequery.php sql injec…

A vulnerability was identified in SourceCodester Simple and Nice Shopping Cart Script 1.0. Affected is an unknown function of the file /admin/girlsproductdeletequery.php. Such manipulation of the arg…

Remote
Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
7.5 HIGH
CVE-2026-14653 — SourceCodester Simple and Nice Shopping Cart Script mensproductdeletequery.php sql inject…

A vulnerability was determined in SourceCodester Simple and Nice Shopping Cart Script 1.0. This impacts an unknown function of the file /admin/mensproductdeletequery.php. This manipulation of the arg…

Remote
Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
7.5 HIGH
CVE-2026-14652 — SourceCodester Simple and Nice Shopping Cart Script Admin Login login.php sql injection

A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of t…

Remote
Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
3.3 LOW
CVE-2026-14651 — connorskees grass visitor denial of service

A vulnerability has been found in connorskees grass up to 0.13.4. The impacted element is the function grass_compiler::selector::extend/grass_compiler::evaluate::visitor. The manipulation leads to de…

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
4.8 MEDIUM
CVE-2024-1248 — Role Overwriting via Silent JIT Provisioning in Multiple WSO2 Products Enables Privilege …

The silent Just-In-Time (JIT) provisioning feature in federated authentication implementations fails to properly segregate user roles during account creation when a federated user shares a username w…

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
3.3 LOW
CVE-2026-14650 — connorskees grass UTF-8 Character raw_to_parse_error denial of service

A flaw has been found in connorskees grass up to 0.13.4. The affected element is the function grass_compiler::raw_to_parse_error of the component UTF-8 Character Handler. Executing a manipulation can…

Jul 04, 2026 Jul 04, 2026
Jul 04, 2026
Jul 04, 2026
Showing 20 of 7469 Results