Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
3.3 LOW
CVE-2026-14787 — radareorg radare2 pb Print cmd_print.inc cmd_print integer overflow

A weakness has been identified in radareorg radare2 up to 6.1.6. Affected is the function cmd_print in the library libr/core/cmd_print.inc of the component pb Print Command Handler. This manipulation…

| Memory Corruption
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
3.3 LOW
CVE-2026-14786 — radareorg radare2 str.c r_str_word_get0set integer overflow

A security flaw has been discovered in radareorg radare2 up to 6.1.6. This impacts the function r_str_word_get0set of the file libr/util/str.c. The manipulation results in integer overflow. The attac…

| Memory Corruption
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14784 — vxcontrol PentAGI Docker API client.go sandbox

A vulnerability was identified in vxcontrol PentAGI up to 2.1.0. This affects an unknown function of the file backend/pkg/docker/client.go of the component Docker API. The manipulation leads to sandb…

Remote | Misconfiguration
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
4.3 MEDIUM
CVE-2026-14783 — NousResearch hermes-agent skills_tool.py skill_view path traversal

A vulnerability was determined in NousResearch hermes-agent 2026.5.29.2. The impacted element is the function skill_view of the file tools/skills_tool.py. Executing a manipulation of the argument Nam…

hermes-agent | Remote | Path Traversal
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
7.5 HIGH
CVE-2026-14778 — SourceCodester Onlne Examination & Learning Management System Enrollment Management ajax_…

A security vulnerability has been detected in SourceCodester Onlne Examination & Learning Management System 1.0. This affects an unknown part of the file /ajax_enroll.php of the component Enrollment …

Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14777 — SourceCodester Onlne Examination & Learning Management System announcements.php unrestric…

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a m…

onlne_examination_learning_management_system | Remote | Misconfiguration
Jul 06, 2026 Jul 06, 2026
Jul 06, 2026
Jul 06, 2026
6.5 MEDIUM
CVE-2026-14776 — SourceCodester Onlne Examination & Learning Management System Filename Extension upload_f…

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /upload_files.php of the …

Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
6.5 MEDIUM
CVE-2026-14775 — SourceCodester Onlne Examination & Learning Management System process_lesson.php unrestri…

A vulnerability was identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected is an unknown function of the file /process_lesson.php. Such manipulation of the argument…

onlne_examination_learning_management_system | Remote | Misconfiguration
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
6.5 MEDIUM
CVE-2026-14774 — itsourcecode Hospital Management System paymentdischarge.php sql injection

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes s…

hospital_management_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
6.5 MEDIUM
CVE-2026-14773 — itsourcecode Hospital Management System payment.php sql injection

A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injectio…

hospital_management_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.7 LOW
CVE-2026-10657 — Out-of-bounds read in Zephyr DNS resolver mDNS suffix check (memcmp past string NUL)

Zephyr's DNS resolver detects mDNS (.local) queries in dns_resolve_name_internal() (subsys/net/lib/dns/resolve.c) with memcmp(strrchr(query, '.'), ".local", 7), which always reads a fixed 7 bytes fro…

zephyr zephyr | Memory Corruption
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
4.6 MEDIUM
CVE-2026-10656 — NULL-pointer dereference DoS in MAX32 USB device controller transfer-completion handlers

The MAX32xxx USB device controller driver (drivers/usb/udc/udc_max32.c, compatible adi_max32_usbhs) dereferenced an endpoint buffer in its OUT and IN transfer-completion handlers without checking it …

zephyr zephyr | Memory Corruption
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
4.3 MEDIUM
CVE-2026-59520 — WordPress CrawlWP SEO plugin <= 3.0.16 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery (CSRF) vulnerability in properfraction CrawlWP SEO allows Cross Site Request Forgery. This issue affects CrawlWP SEO: from n/a through 3.0.16.

Remote | Cross-Site Request Forgery
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
5.3 MEDIUM
CVE-2026-59519 — WordPress FormLayer plugin <= 1.0.6 - Sensitive Data Exposure vulnerability

Insertion of Sensitive Information Into Sent Data vulnerability in Softaculous FormLayer allows Retrieve Embedded Sensitive Data. This issue affects FormLayer: from n/a through 1.0.6.

Remote | Information Disclosure
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
5.3 MEDIUM
CVE-2026-59511 — WordPress Exclusive Addons Elementor plugin <= 2.7.9.9 - Sensitive Data Exposure vulnerab…

Insertion of Sensitive Information Into Sent Data vulnerability in Tim Strifler Exclusive Addons Elementor allows Retrieve Embedded Sensitive Data. This issue affects Exclusive Addons Elementor: fro…

Remote | Information Disclosure
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14772 — SourceCodester Class and Exam Timetabling System edit_course1.php sql injection

A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The impacted element is an unknown function of the file /edit_course1.php. The manipulation of the argume…

class_and_exam_timetabling_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14771 — SourceCodester Class and Exam Timetabling System edit_exam1.php sql injection

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The affected element is an unknown function of the file /edit_exam1.php. Executing a manipulation of the argument …

class_and_exam_timetabling_system | Remote | Injection
Jul 05, 2026 Jul 06, 2026
Jul 05, 2026
Jul 06, 2026
7.5 HIGH
CVE-2026-14770 — SourceCodester Class and Exam Timetabling System edit_room.php sql injection

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /edit_room.php. Performing a manipulation of the argument ID results …

class_and_exam_timetabling_system | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14769 — code-projects Real State Services pay.php sql injection

A security vulnerability has been detected in code-projects Real State Services 1.0. This issue affects some unknown processing of the file /pay.php. Such manipulation of the argument Bankname leads …

real_state_services | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14768 — code-projects Real State Services builderHome.php sql injection

A weakness has been identified in code-projects Real State Services 1.0. This vulnerability affects unknown code of the file /builderHome.php. This manipulation of the argument loc causes sql injecti…

real_state_services | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
Showing 20 of 7433 Results