Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-8752 — h2oai h2o-3 Rapids setproperty Primitive AstSetProperty.java exec access control

A weakness has been identified in h2oai h2o-3 up to 7402. This vulnerability affects the function exec of the file h2o-core/src/main/java/water/rapids/ast/prims/misc/AstSetProperty.java of the compon…

| Authorization
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
0.0 NA
CVE-2026-8751 — h2oai h2o-3 JAR Model.java importBinaryModel deserialization

A security flaw has been discovered in h2oai h2o-3 up to 7402. This affects the function importBinaryModel of the file h2o-core/src/main/java/hex/Model.java of the component JAR Handler. Performing a…

| Injection
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
5.5 MEDIUM
CVE-2026-8750 — h2oai h2o-3 ImportFile API PersistNFS.java importFiles information disclosure

A vulnerability was identified in h2oai h2o-3 up to 7402. Affected by this issue is the function importFiles of the file h2o-core/src/main/java/water/persist/PersistNFS.java of the component ImportFi…

Remote | Information Disclosure
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
6.5 MEDIUM
CVE-2026-8747 — Z-BlogPHP Commend Approval c_system_event.php CheckComment improper authorization

A weakness has been identified in Z-BlogPHP 1.7.4.3430. This affects the function CheckComment of the file zb_system/function/c_system_event.php of the component Commend Approval Handler. This manipu…

Remote | Authorization
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
4.3 MEDIUM
CVE-2026-8746 — Open5GS NRF nghttp2-server.c discover_handler use after free

A security flaw has been discovered in Open5GS up to 2.7.7. Affected by this issue is the function discover_handler in the library /lib/sbi/nghttp2-server.c of the component NRF. The manipulation res…

Remote | Memory Corruption
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
4.3 MEDIUM
CVE-2026-8745 — Open5GS AUSF nausf-handler.c ogs_timer_add denial of service

A vulnerability was identified in Open5GS up to 2.7.7. Affected by this vulnerability is the function ogs_timer_add in the library /src/ausf/nausf-handler.c of the component AUSF. The manipulation le…

Remote | Denial of Service
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
4.3 MEDIUM
CVE-2026-8744 — Open5GS NRF context.c ogs_sbi_nf_service_add denial of service

A vulnerability was determined in Open5GS up to 2.7.7. Affected is the function ogs_sbi_subscription_data_add/ogs_sbi_nf_service_add in the library /lib/sbi/context.c of the component NRF. Executing …

Remote | Denial of Service
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
6.5 MEDIUM
CVE-2026-8743 — Open5GS AMF/MME context.c ran_ue_find_by_amf_ue_ngap_id improper authorization

A vulnerability was found in Open5GS up to 2.7.6. This impacts the function ran_ue_find_by_amf_ue_ngap_id of the file src/amf/context.c of the component AMF/MME. Performing a manipulation results in …

Remote | Authorization
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
3.1 LOW
CVE-2026-8741 — EMQX QoS 2 PUBLISH Packet emqx_persistent_session_ds.erl race condition

A vulnerability has been found in EMQX up to 6.2.0. This affects an unknown function of the file apps/emqx/src/emqx_persistent_session_ds.erl of the component QoS 2 PUBLISH Packet Handler. Such manip…

Remote | Race Condition
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
6.5 MEDIUM
CVE-2026-8740 — Sanluan PublicCMS templateResult API TemplateResultDirective.java execute special element…

A flaw has been found in Sanluan PublicCMS 5.202506.d. The impacted element is the function execute of the file publiccms-core/src/main/java/com/publiccms/views/directive/tools/TemplateResultDirectiv…

Remote | Injection
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
5.5 MEDIUM
CVE-2026-8739 — Sanluan PublicCMS SafeConfigComponent.java getSignKey hard-coded key

A vulnerability was detected in Sanluan PublicCMS 5.202506.d. The affected element is the function getSignKey of the file publiccms-core/src/main/java/com/publiccms/logic/component/config/SafeConfigC…

Remote | Cryptography
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
6.5 MEDIUM
CVE-2026-8738 — Sanluan PublicCMS Trade Payment Flow TradeOrderController.java AccountGatewayComponent.pa…

A security vulnerability has been detected in Sanluan PublicCMS 5.202506.d. Impacted is the function TradeOrderController.pay/TradePaymentController.pay/AccountGatewayComponent.pay of the file public…

Remote | Authorization
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
5.5 MEDIUM
CVE-2026-8737 — Sanluan PublicCMS Trade Address Query TradeAddressListDirective.java execute missing auth…

A weakness has been identified in Sanluan PublicCMS 5.202506.d. This issue affects the function execute of the file publiccms-trade/src/main/java/com/publiccms/views/directive/trade/TradeAddressListD…

Remote | Authentication
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
4.3 MEDIUM
CVE-2026-8736 — Oinone Pamirs RestController LocalFileClient.java request.getParameter path traversal

A security flaw has been discovered in Oinone Pamirs up to 7.2.0. This vulnerability affects the function request.getParameter of the file LocalFileClient.java of the component RestController. Perfor…

| Path Traversal
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
6.5 MEDIUM
CVE-2026-8735 — Oinone Pamirs appConfigQuery PamirsParserConfig.java JsonUtils.parseMap deserialization

A vulnerability was identified in Oinone Pamirs up to 7.2.0. This affects the function JsonUtils.parseMap of the file PamirsParserConfig.java of the component appConfigQuery Interface. Such manipulat…

Remote | Injection
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
7.5 HIGH
CVE-2026-8734 — Oinone Pamirs queryListByWrapper RSQLToSQLNodeConnector.makeVariable sql injection

A vulnerability was determined in Oinone Pamirs up to 7.2.0. Affected by this issue is the function RSQLToSQLNodeConnector.makeVariable of the component queryListByWrapper Interface. This manipulatio…

Remote | Injection
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
7.5 HIGH
CVE-2026-8733 — Investintech SlimPDFReader SlimPDFReader.exe sub_3B4610 stack-based overflow

A vulnerability was found in Investintech SlimPDFReader up to 2.0.13. Affected by this vulnerability is the function sub_3B4610 of the file SlimPDFReader.exe. The manipulation results in stack-based …

Remote | Memory Corruption
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
4.3 MEDIUM
CVE-2026-8731 — Open5GS NRF client.c ogs_sbi_client_add denial of service

A vulnerability has been found in Open5GS up to 2.7.7. Affected is the function ogs_sbi_client_add in the library /lib/sbi/client.c of the component NRF. The manipulation of the argument client_pool …

Remote | Denial of Service
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
4.3 MEDIUM
CVE-2026-8730 — Open5GS NRF context.c ogs_sbi_nf_instance_set_id denial of service

A flaw has been found in Open5GS up to 2.7.6. This impacts the function ogs_sbi_nf_instance_set_id in the library /lib/sbi/context.c of the component NRF. Executing a manipulation of the argument nfI…

Remote | Denial of Service
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
4.3 MEDIUM
CVE-2026-8729 — Open5GS NRF message.c denial of service

A vulnerability was detected in Open5GS up to 2.7.7. This affects an unknown function in the library /lib/sbi/message.c of the component NRF. Performing a manipulation of the argument service-names/s…

Remote | Denial of Service
May 17, 2026 May 17, 2026
May 17, 2026
May 17, 2026
Showing 20 of 6220 Results