Skip to main content
CVE-2026-6970 HIGH POC PATCH GHSA This Week

authd prior to version 0.6.4 contains a logic error in primary group ID assignment that can lead to local privilege escalation. When a user's primary group ID (GID) differs from their UID, either because the account was created with authd prior to version 0.5.4 or because the primary group was manually changed via the `authctl group set-gid` command, and the user's identity provider record is updated, authd incorrectly resets the user's primary group ID to their UID upon next login. This causes newly created files and directories to be owned by the wrong group, causing denial of service issues, and potentially granting unintended access to other local users and allowing local privilege escalation.

Privilege Escalation Denial Of Service Authd
NVD GitHub VulDB
CVSS 4.0
7.3
EPSS
0.0%
CVE-2026-25710 HIGH This Week

Pre-NVD disclosure via oss-security: oss-security mailing list - 2026/04/27. positories (GitHub) File archive & mirrors How to verify digital signatures OVE IDs What's new Follow @Openwall on Twitter for new release announcements and other news [<prev day] [month] [year] [list] oss-security mailing list - 2026/04/27 plasma-login-manager: Weaknesses in plasmaloginauthhelper (CVE-2026-25710) (Matthias Gerstner <mgerstner@...e.de>) 1 message Powered by blists - more mailing lists Please check out the Open Source Software Security Wiki , which is counterpart to this mailing list . Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guide

Privilege Escalation Suse
NVD
CVSS 4.0
7.0
EPSS
0.0%
CVE-2026-3006 HIGH NEWS This Week

A race condition in WinFsp enables local privilege escalation to SYSTEM through kernel heap overflow. Authenticated local attackers with low privileges can exploit this timing vulnerability to corrupt kernel memory and execute code at the highest privilege level. Patch available in WinFsp v2.2B1 per vendor release notes. EPSS data not available; no CISA KEV listing indicates exploitation not yet confirmed in the wild, though the vulnerability affects a Windows kernel-mode driver used for file system development.

Buffer Overflow Race Condition Winfsp
NVD GitHub
CVSS 3.1
7.0
EPSS
0.0%
CVE-2026-5394 HIGH PATCH GHSA This Week

An authenticated administrative user who can import or save DataObject class definitions can inject attacker-controlled composite index metadata and trigger unintended SQL execution in the backend. This issue affects pimcore: 12.3.3.

SQLi Pimcore
NVD GitHub VulDB
CVSS 4.0
7.0
EPSS
0.0%
CVE-2026-7113 LOW POC PATCH Monitor

Authentication bypass in hermes-agent 0.8.0 webhook endpoint allows remote attackers to bypass authentication controls via manipulation of the _INSECURE_NO_AUTH parameter, resulting in limited confidentiality and integrity impact. The vulnerability requires high attack complexity and has publicly available exploit code; vendor patch is available but the project has not yet merged the fix despite early notification.

Authentication Bypass Hermes Agent
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.1%
CVE-2026-7112 LOW POC PATCH Monitor

Improper authentication in the API_SERVER_KEY handler of NousResearch hermes-agent 0.8.0 allows remote attackers to bypass authentication checks in the _check_auth function via the API server component. The vulnerability has a CVSS score of 6.3 with high attack complexity, and publicly available exploit code exists. The project has not yet responded to early notification via pull request.

Authentication Bypass Hermes Agent
NVD VulDB GitHub
CVSS 4.0
2.9
EPSS
0.1%
CVE-2026-25908 MEDIUM PATCH This Month

Dell Alienware Command Center (AWCC), versions prior to 6.13.8.0, contain an Execution with Unnecessary Privileges vulnerability in the AWCC. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of Privileges.

Privilege Escalation Dell
NVD
CVSS 3.1
6.7
EPSS
0.0%
CVE-2026-41081 MEDIUM PATCH This Month

Improper Handling of TLS Client Authentication Failure Leading to Anonymous Principal Assignment in Apache Storm Versions Affected: up to 2.8.7 Description: When TLS transport is enabled in Apache Storm without requiring client certificate authentication (the default configuration), the TlsTransportPlugin assigns a fallback principal (CN=ANONYMOUS) if no client certificate is presented or if certificate verification fails. The underlying SSLPeerUnverifiedException is caught and suppressed rather than rejecting the connection. This fail-open behavior means an unauthenticated client can establish a TLS connection and receive a valid principal identity. If the configured authorizer (e.g., SimpleACLAuthorizer) does not explicitly deny access to CN=ANONYMOUS, this may result in unauthorized access to Storm services. The condition is logged at debug level only, reducing visibility in production. Impact: Unauthenticated clients may be assigned a principal identity, potentially bypassing authorization in permissive or misconfigured environments. Mitigation: Users should upgrade to 2.8.7 in which TLS authentication failures are handled in a fail-closed manner. Users who cannot upgrade immediately should: - Enable mandatory client certificate authentication (nimbus.thrift.tls.client.auth.required: true) - Ensure authorization rules explicitly deny access to CN=ANONYMOUS - Review all ACL configurations for implicit default-allow behavior

Authentication Bypass Apache
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-42410 MEDIUM PATCH This Month

DOM-based cross-site scripting (XSS) in CodexThemes TheGem Theme Elements plugin for Elementor allows authenticated attackers with low privileges to inject malicious scripts that execute in the context of other users' browsers when user interaction occurs. The vulnerability affects versions before 5.12.1.1 and requires authenticated access and user interaction to exploit, limiting real-world risk compared to network-vector XSS but still enabling session hijacking, credential theft, or unauthorized admin actions on WordPress sites using this plugin.

XSS Thegem Theme Elements For Elementor Elementor
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2021-36438 MEDIUM This Month

SQL Injection vulnerability exists in Sourcecodester Online Job Portal phppdo 1.0 ivia the category parameter in /jobportal/index.php. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

SQLi PHP
NVD
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-35902 MEDIUM This Month

Denial of service in MERCURY IP camera MIPC252W version 1.0.5 Build 230306 allows unauthenticated local attackers to trigger persistent authentication failure in the RTSP service by sending repeated requests with invalid Digest authentication parameters, preventing legitimate clients from authenticating and causing service unavailability.

Denial Of Service
NVD GitHub
CVSS 3.1
6.2
EPSS
0.0%
CVE-2026-7116 LOW POC Monitor

Cross-site scripting (XSS) in code-projects Employee Management System 1.0 allows remote attackers to inject malicious scripts via manipulation of the file 370project/mark.php. The vulnerability requires user interaction (UI:R) but can be exploited over the network without authentication. Publicly available exploit code exists and the flaw has moderate impact on integrity (CVSS 4.3).

PHP XSS
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7095 LOW POC Monitor

Reflected cross-site scripting (XSS) in code-projects Employee Management System 1.0 allows remote unauthenticated attackers to inject malicious scripts via the ID parameter in 370project/edit.php. The vulnerability requires user interaction (link click) but has publicly available exploit code and a moderate CVSS score of 4.3, indicating limited but real integrity impact through client-side script execution.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7093 LOW POC Monitor

Code-Projects Invoice System in Laravel 1.0 allows authenticated remote attackers to bypass authorization controls via manipulation of the ID parameter in the /invoice/ endpoint, enabling unauthorized access to invoice data with potential for modification and denial of service. The vulnerability has publicly available exploit code and is actively exploitable against default configurations.

Authentication Bypass Invoice System In Laravel
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7092 LOW POC Monitor

Improper authorization in code-projects Invoice System in Laravel 1.0 allows authenticated remote attackers to bypass access controls via manipulation of the ID parameter in the Profile Handler (/profile/ endpoint), leading to unauthorized read, modification, and denial of service impacts. Public exploit code is available, elevating real-world exploitation risk despite the moderate CVSS score of 6.3.

Authentication Bypass Invoice System In Laravel
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7091 LOW POC Monitor

Improper authorization in code-projects Invoice System in Laravel 1.0 allows authenticated remote attackers to bypass access controls on the User Management Handler (/user endpoint), gaining unauthorized read, write, and availability impact. The vulnerability has a published exploit available and affects all versions of the affected product line.

Authentication Bypass Invoice System In Laravel
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7196 LOW POC Monitor

SQL injection in CodeAstro Online Classroom 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the deleteid parameter in the /guestdetails endpoint, enabling unauthorized data access, modification, or deletion. The vulnerability has publicly available exploit code and a CVSS score of 6.3 reflecting moderate risk with low attack complexity.

SQLi Online Classroom
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7143 LOW POC Monitor

A vulnerability was identified in 1000 Projects Portfolio Management System MCA up to 1.0. This affects an unknown function of the file /admin/block_status.php. The manipulation of the argument q leads to sql injection. The attack can be initiated remotely. The exploit is publicly available and might be used.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7118 LOW POC Monitor

SQL injection in code-projects Employee Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the id or token parameter in 370project/cancel.php, potentially leading to unauthorized data access, modification, or deletion. The vulnerability has a publicly available proof-of-concept and CVSS score of 6.3 (medium severity) with low attack complexity, though exploitation requires valid user credentials.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7117 LOW POC Monitor

SQL injection in code-projects Employee Management System 1.0 allows authenticated remote attackers to manipulate the id and token parameters in 370project/approve.php, enabling unauthorized database queries with low confidentiality, integrity, and availability impact. Publicly available exploit code exists and CVSS score of 6.3 reflects the attack's network accessibility despite requiring low-level authentication.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7115 LOW POC Monitor

SQL injection in code-projects Employee Management System 1.0 allows authenticated remote attackers to manipulate the ID argument in 370project/delete.php, leading to unauthorized database queries with limited confidentiality and integrity impact. Publicly available exploit code exists; CVSS 5.3 reflects moderate risk limited by authentication requirement and restricted data access scope.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7114 LOW POC Monitor

SQL injection in code-projects Employee Management System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via the ID parameter in 370project/edit.php, potentially leading to unauthorized data access or modification. The vulnerability requires valid user credentials (PR:L per CVSS vector) and has publicly available exploit code; however, the limited scope (VC:L, VI:L, VA:L) and requirement for authentication reduce real-world risk compared to the base CVSS score of 5.3.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7144 LOW POC Monitor

A security flaw has been discovered in 1000 Projects Portfolio Management System MCA 1.0. This impacts an unknown function of the file update_passwd_process.php. The manipulation of the argument temp_user results in authorization bypass. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.

PHP Authentication Bypass
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7086 LOW POC Monitor

Path traversal in HBAI-Ltd Toonflow-app up to version 1.1.1 allows authenticated remote attackers to read arbitrary files via manipulation of the url argument in the updateStoryboardUrl function of the Storyboard Export component. The vulnerability has a publicly available exploit, though the vendor disputes its practical exploitability, arguing the affected interface is designed to accept only local or trusted Docker-configured addresses. CVSS 4.3 reflects low confidence (RC:C) and unconfirmed exploitation probability (E:P).

Docker Path Traversal
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7089 LOW POC Monitor

Cross-site scripting (XSS) vulnerability in code-projects Home Service System 1.0 allows remote attackers to inject malicious scripts via the fname and lname parameters in the /booking.php Appointment Booking component. User interaction is required for exploitation. A public exploit is available, and the vulnerability carries moderate risk (CVSS 4.3) with integrity impact through malicious script execution in victim browsers.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-7148 LOW POC Monitor

A flaw has been found in CodeAstro Online Classroom 1.0. This affects an unknown part of the file /addnewfaculty. Executing a manipulation of the argument fname can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.

SQLi Online Classroom
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-38936 MEDIUM This Month

A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/selectindices.php via the namecontains parameter

PHP XSS
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-38935 MEDIUM This Month

A reflected cross-site scripting (XSS) vulnerability exists in diskover-community <= 2.3.5 in public/view.php via the doctype parameter

PHP XSS
NVD GitHub
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-29971 MEDIUM This Month

Reflected cross-site scripting (XSS) in WebFileSys 2.31.1 allows remote attackers to execute arbitrary JavaScript in victims' browsers via unencoded user input reflected into HTML and JavaScript contexts. Attack requires victim interaction (UI:R) but affects cross-site scope, enabling session hijacking, credential theft, or malware delivery. EPSS score of 0.01% indicates extremely low baseline exploitation probability despite public exploit code availability on GitHub.

XSS
NVD GitHub VulDB
CVSS 3.1
6.1
EPSS
0.0%
CVE-2026-3087 MEDIUM This Month

If `shutil.unpack_archive()` is given a ZIP archive with an absolute Windows path containing a drive (`C:\\...`) then the archive will be extracted outside the target directory which is different than other operating systems. Only Windows is affected by this vulnerability.

Microsoft Path Traversal
NVD GitHub VulDB
CVSS 4.0
6.0
EPSS
0.0%
CVE-2026-3867 MEDIUM This Month

Improper ownership management in Moxa Secure Router allows low-privileged authenticated users to access exported configuration files containing hashed administrative passwords, enabling credential disclosure. The vulnerability is confined to scenarios where configuration files have been exported and requires valid user credentials to exploit; no impact to system integrity or availability has been identified.

Information Disclosure
NVD
CVSS 4.0
6.0
EPSS
0.0%
CVE-2026-7134 LOW POC Monitor

A vulnerability was identified in code-projects Online Lot Reservation System 1.0. Affected is an unknown function of the file /edithousepic.php. Such manipulation of the argument image leads to unrestricted upload. The attack can be launched remotely. The exploit is publicly available and might be used.

PHP File Upload
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-7133 LOW POC Monitor

A vulnerability was determined in code-projects Online Lot Reservation System 1.0. This impacts an unknown function of the file /activity.php. This manipulation of the argument directory causes unrestricted upload. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized.

PHP File Upload
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-7110 LOW POC Monitor

Cross-site scripting (XSS) in code-projects Invoice System in Laravel 1.0 allows authenticated remote attackers to inject malicious scripts via the item name/description parameter in the /item endpoint. The vulnerability requires user interaction (UI:P) and affects only the integrity of victim data (VI:L), but publicly available exploit code exists and the attack vector is network-accessible.

XSS Invoice System In Laravel
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-7090 LOW POC Monitor

Stored cross-site scripting (XSS) in code-projects Chat System 1.0 allows high-privilege remote attackers to inject malicious scripts via the msg parameter in /admin/send_message.php, affecting the Chat Interface component. The vulnerability requires admin-level authentication and user interaction (viewing the crafted message), but publicly available exploit code exists and the issue is actively being leveraged. With a CVSS score of 2.4, the impact is limited to integrity violations with no confidentiality or availability loss, but the presence of public POC and active exploitation elevates practical risk despite low severity metrics.

PHP XSS
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-7179 LOW POC Monitor

A security vulnerability has been detected in OSPG binwalk up to 2.4.3. This vulnerability affects the function read_null_terminated_string of the file src/binwalk/plugins/winceextract.py of the component WinCE Extraction Plugin. Such manipulation of the argument self.file_name leads to path traversal. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used. The project maintainer confirms this issue: "I accept the existence of the Path Traversal vulnerability. However, as stated in the Github link, it reached EOL and as a result no actions should be expected." The GitHub repository mentions, that "[u]sers and contributors should migrate to binwalk v3." This vulnerability only affects products that are no longer supported by the maintainer.

Path Traversal Binwalk
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-7135 LOW POC PATCH Monitor

A security flaw has been discovered in GPAC up to 26.03-DEV-rev105-g8f39a1eb3-master. Affected by this vulnerability is the function elng_box_read of the file src/isomedia/box_code_base.c of the component MP4Box. Performing a manipulation of the argument elng results in out-of-bounds read. The attack needs to be approached locally. The exploit has been released to the public and may be used for attacks. The patch is named cf6ac48c972eaaee2af270adc3f36615325deb3e. The affected component should be upgraded.

Buffer Overflow Information Disclosure Gpac
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-7157 MEDIUM This Month

A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of the file src/aider_mcp_server/server.py of the component aider_ai_code. This manipulation of the argument relative_editable_files causes command injection. Remote exploitation of the attack is possible. The exploit has been published and may be used. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The project was informed of the problem early through an issue report but has not responded yet.

Command Injection
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
1.0%
CVE-2026-7067 MEDIUM Monitor

Command injection in D-Link DIR-822 A_101 udhcpd DHCP service allows remote unauthenticated attackers to execute arbitrary commands via a malicious Hostname parameter in DHCP requests. The vulnerability affects an end-of-life product with publicly disclosed exploit code available, creating significant risk for organizations unable to migrate away from legacy hardware.

Command Injection D-Link
NVD VulDB
CVSS 4.0
5.5
EPSS
0.8%
CVE-2026-22077 MEDIUM This Month

OPPO Wallet APP contains a trusted domain validation bypass flaw that allows local attackers with user interaction to hijack account tokens and disclose sensitive information. The vulnerability affects all versions of OPPO Wallet APP and exploits improper domain verification in protected interface access controls, enabling token theft through local attack vector.

Information Disclosure Oppo Wallet App
NVD
CVSS 4.0
5.6
EPSS
0.0%
CVE-2026-7183 MEDIUM PATCH This Month

A vulnerability has been found in aligungr UERANSIM up to 3.2.7. The affected element is the function rls::DecodeRlsMessage in the library src/lib/rls/rls_pdu.cpp of the component Radio Link Simulation Layer. The manipulation of the argument pduLength leads to uncaught exception. The attack may be initiated remotely. Upgrading to version 3.2.8 is sufficient to fix this issue. The identifier of the patch is ca1a66fffe282767bb08618af9f848e3b68ea47b. It is suggested to upgrade the affected component. This behavior is related to CVE-2024-37877. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

Information Disclosure Ueransim
NVD VulDB GitHub
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7149 MEDIUM This Month

A vulnerability has been found in dexhunter kaggle-mcp up to 406127ffcb2b91b8c10e20e6c2ca787fbc1dc92d. This vulnerability affects the function prepare_kaggle_dataset of the file src/kaggle_mcp/server.py. The manipulation of the argument competition_id leads to path traversal. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. This product adopts a rolling release strategy to maintain continuous delivery. Therefore, version details for affected or updated releases cannot be specified. The project was informed of the problem early through an issue report but has not responded yet.

Path Traversal
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7178 MEDIUM This Month

A weakness has been identified in ChatGPTNextWeb NextChat up to 2.16.1. This affects the function storeUrl of the file app/api/artifacts/route.ts of the component Artifacts Endpoint. This manipulation of the argument ID causes server-side request forgery. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

SSRF Nextchat
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7146 MEDIUM This Month

A security vulnerability has been detected in AlejandroArciniegas mcp-data-vis up to de5a51525a69822290eaee569a1ab447b490746d. Affected by this vulnerability is the function axios of the file src/servers/web-scraper/server.js of the component HTTP Request Handler. Such manipulation leads to server-side request forgery. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. This product operates on a rolling release basis, ensuring continuous delivery. Consequently, there are no version details for either affected or updated releases. The project was informed of the problem early through an issue report but has not responded yet.

SSRF
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7158 MEDIUM This Month

A vulnerability has been found in dmitryglhf mcp-url-downloader up to 4b8cf2de55f6e8864a77d108e8a94a5b8e4394c6. Affected by this issue is the function _validate_url_safe of the file src/mcp_url_downloader/server.py. Such manipulation of the argument url leads to server-side request forgery. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The project was informed of the problem early through an issue report but has not responded yet.

SSRF
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-31687 MEDIUM PATCH This Month

Denial of service in Linux kernel GPIO OMAP driver allows local authenticated users to crash the system via a deadlock condition triggered by improper driver registration from probe() callback. The vulnerability stems from registering the omap_mpuio_driver within omap_gpio_probe(), which violates driver core locking rules and creates a potential deadlock when device_lock enforcement was strengthened in commit dc23806a7c47. EPSS score of 0.03% reflects low exploitation probability despite availability of patched kernel versions.

Red Hat Suse Information Disclosure Linux
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-7130 MEDIUM This Month

SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows remote unauthenticated attackers to manipulate the ID parameter in /ajax.php?action=delete_category, enabling arbitrary SQL query execution with confidentiality and integrity impact. CVSS 6.9 reflects network accessibility and low privilege requirements; publicly available exploit code exists per description.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-7128 MEDIUM This Month

SQL injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows remote unauthenticated attackers to manipulate the ID parameter in /ajax.php?action=save_type, enabling arbitrary SQL query execution with confidentiality and integrity impact. Publicly disclosed exploit code is available, significantly increasing real-world risk despite the moderate CVSS score of 6.9.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-31689 MEDIUM PATCH This Month

Denial of service in the Linux kernel EDAC (Error Detection and Correction) subsystem due to improper initialization ordering in edac_mc_alloc(). When memory allocation fails during EDAC memory controller initialization, the error path calls put_device() before device_initialize() is executed, triggering a null pointer dereference in kobject_put() that causes a kernel panic or system crash. This affects Linux systems with EDAC support enabled across multiple kernel versions from 5.19 through 7.0.

Red Hat Suse Denial Of Service Null Pointer Dereference Linux
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-31691 MEDIUM PATCH This Month

In the Linux kernel, the following vulnerability has been resolved: igb: remove napi_synchronize() in igb_down() When an AF_XDP zero-copy application terminates abruptly (e.g., kill -9), the XSK buffer pool is destroyed but NAPI polling continues. igb_clean_rx_irq_zc() repeatedly returns the full budget, preventing napi_complete_done() from clearing NAPI_STATE_SCHED. igb_down() calls napi_synchronize() before napi_disable() for each queue vector. napi_synchronize() spins waiting for NAPI_STATE_SCHED to clear, which never happens. igb_down() blocks indefinitely, the TX watchdog fires, and the TX queue remains permanently stalled. napi_disable() already handles this correctly: it sets NAPI_STATE_DISABLE. After a full-budget poll, __napi_poll() checks napi_disable_pending(). If set, it forces completion and clears NAPI_STATE_SCHED, breaking the loop that napi_synchronize() cannot. napi_synchronize() was added in commit 41f149a285da ("igb: Fix possible panic caused by Rx traffic arrival while interface is down"). napi_disable() provides stronger guarantees: it prevents further scheduling and waits for any active poll to exit. Other Intel drivers (ixgbe, ice, i40e) use napi_disable() without a preceding napi_synchronize() in their down paths. Remove redundant napi_synchronize() call and reorder napi_disable() before igb_set_queue_napi() so the queue-to-NAPI mapping is only cleared after polling has fully stopped.

Red Hat Suse Intel Information Disclosure Linux
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
Prev Page 3 of 4 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy