Skip to main content
CVE-2026-0850 LOW POC Monitor

Intern Membership Management System versions up to 1.0 contains a vulnerability that allows attackers to sql injection (CVSS 4.7).

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-0842 LOW Monitor

Flycatcher Toys smART Sketcher versions up to 2.0 lack authentication in the Bluetooth Low Energy interface, allowing unauthenticated attackers on the local network to manipulate device functionality and potentially access sensitive data. Public exploit code exists for this vulnerability, and the vendor has not responded to disclosure attempts. No patch is currently available.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-0843 LOW Monitor

SQL injection in jjjfood and jjjshop_food PHP applications through the latitude parameter in /index.php/api/product.category/index allows authenticated attackers to execute arbitrary database queries remotely. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite notification. Affected installations up to version 20260103 should implement immediate mitigation measures.

PHP SQLi
NVD VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2025-15505 LOW Monitor

A vulnerability was found in Luxul XWR-600 versions up to 4.0.1. is affected by cross-site scripting (xss) (CVSS 2.4).

XSS
NVD VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2025-15506 LOW PATCH Monitor

A vulnerability was found in AcademySoftwareFoundation OpenColorIO versions up to 2.5.0. is affected by buffer overflow (CVSS 3.3).

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy