Skip to main content
CVE-2026-8121 LOW POC Monitor

Denial of service in Open5GS up to version 2.7.7 allows authenticated remote attackers to crash the NSSF (Network Slice Selection Function) component via a crafted PLMN list in the SBI (Service Based Interface) parser. The vulnerability exists in the ogs_sbi_parse_plmn_list function within /lib/sbi/conv.c and has been publicly disclosed with exploit code available; the vendor has not yet released a patch despite early notification.

Denial Of Service Open5gs
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.1%
CVE-2026-8123 LOW POC Monitor

Denial of service in Open5GS up to version 2.7.7 affects the NSSF component's ogs_sbi_discovery_option_add_snssais function, allowing authenticated remote attackers to crash the service via a network request. The vulnerability has been publicly disclosed with exploit code available on GitHub, though the vendor has not yet responded to early notification.

Denial Of Service Open5gs
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-8122 LOW POC Monitor

Denial of service vulnerability in Open5GS up to version 2.7.7 affects the NSSF component's service discovery function, allowing remote authenticated attackers to cause availability impact through manipulation of the ogs_sbi_discovery_option_add_service_names function. Public exploit code exists and the vulnerability carries low CVSS score (2.1) reflecting limited impact scope, though the project has not yet responded to early notification.

Denial Of Service Open5gs
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-8120 LOW POC Monitor

Denial of service in Open5GS up to version 2.7.7 allows authenticated remote attackers to manipulate the NSSF network selection function via the nssf_nnrf_nsselection_handle_get_from_amf_or_vnssf handler in /src/nssf/nnssf-handler.c, causing service unavailability. Public exploit code exists and the vulnerability has been reported to the project, though no patch has been released as of analysis time.

Denial Of Service Open5gs
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-8127 LOW POC Monitor

Improper access controls in eladmin up to version 2.7 allow authenticated remote attackers to bypass user level checks through the checkLevel function in the Users API Endpoint (/rest/UserController.java), resulting in unauthorized access to resources. Publicly available exploit code exists, and the vendor has not responded to early notification of the vulnerability.

Authentication Bypass Java
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-8125 LOW POC Monitor

SQL injection in code-projects Simple Chat System 1.0 allows authenticated remote attackers to execute arbitrary SQL queries via manipulation of the type, length, or business parameters in sendMessage.php, potentially compromising data confidentiality, integrity, and availability. Publicly available exploit code exists and the vulnerability carries a CVSS score of 6.3 with authenticated network access.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-8136 LOW POC Monitor

Cross-site scripting (XSS) in SourceCodester Pharmacy Sales and Inventory System 1.0 allows high-privileged users with user interaction to inject malicious scripts via the Name parameter in /index.php?page=users, affecting application integrity with low severity. The vulnerability requires administrative privileges and user interaction to exploit, limiting real-world impact despite public exploit availability.

XSS PHP
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-8124 LOW POC PATCH Monitor

Resource exhaustion in GPAC up to version 26.02.0 allows local attackers with limited privileges to trigger a denial-of-service condition via the sidx_box_read function in src/isomedia/box_code_base.c. The vulnerability stems from improper validation of allocation size parameters when parsing ISO media files, enabling exhaustion of system memory without requiring elevated privileges. Publicly available exploit code exists, and a patch is available from the vendor.

Denial Of Service Gpac
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-8119 LOW POC Monitor

Denial of service in Open5GS up to version 2.7.7 affects the NSSF component's stream identification function in the nghttp2-server library. Local authenticated attackers can manipulate the ogs_sbi_stream_find_by_id function to cause service unavailability. Publicly available exploit code exists, though the vendor has not yet responded to early disclosure notification.

Denial Of Service Open5gs
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-44987 LOW Monitor

SysReptor is a fully customizable pentest reporting platform. Prior to version 2026.29, users with "User Admin" permissions can change the email addresses of users with "Superuser" permissions. If the SysReptor installation has the "Forgot Password" functionality enabled (non-default), they can reset the Superusers' passwords and authenticate, if the Superuser has no MFA enabled. User managers can then access the Django backend (/admin) or manipulate the settings of the SysReptor installation. Note that user managers have the ability to access all pentest projects by assigning themselves "Project Admin" permissions. This is intentional and by design. This issue has been patched in version 2026.29.

Privilege Escalation Python
NVD GitHub
CVSS 3.1
3.8
EPSS
0.0%
CVE-2026-42195 LOW PATCH Monitor

draw.io is a configurable diagramming and whiteboarding application. Prior to version 29.7.9, the draw.io client accepts a ?gitlab= URL parameter that overrides the GitLab server URL used during OAuth sign-in. A crafted link causes the user's click on draw.io's "Authorize in GitLab" dialog to open a popup on the attacker-controlled host instead of gitlab.com. This can lead to credential fishing and session state token exfiltration. This issue has been patched in version 29.7.9.

Gitlab Open Redirect
NVD GitHub
CVSS 3.1
3.4
EPSS
0.0%
CVE-2026-32803 LOW PATCH Monitor

Dell PowerScale OneFS versions 9.5.0.0 through 9.12.0.1 contain an insufficient logging vulnerability that allows low-privileged local attackers to tamper with information without generating adequate audit trails, enabling attack obfuscation and compliance violation. The vulnerability affects multiple version branches across OneFS 9.5 through 9.12, with no public exploit code identified at time of analysis. CVSS score of 3.3 reflects low-to-medium integrity impact with local access requirement and low complexity.

Dell Information Disclosure
NVD VulDB
CVSS 3.1
3.3
EPSS
0.0%
CVE-2026-44916 LOW Monitor

Server-side template injection in OpenStack Ironic through version 35.x allows authenticated administrators to disclose sensitive information by rendering unsandboxed Jinja2 templates in the instance_info['ks_template'] parameter. The vulnerability requires high-privilege user interaction and has low confidentiality impact with no integrity or availability consequences.

Information Disclosure Ssti Ironic
NVD VulDB
CVSS 3.1
3.0
EPSS
0.0%
CVE-2026-44928 LOW PATCH Monitor

The EqualsUri function in uriparser before version 1.0.2 incorrectly classifies structurally distinct URIs as equivalent due to flawed absolutePath comparison logic when a host is present. An attacker can craft two different URIs that the library treats as identical, potentially bypassing URI-based access control checks or authentication mechanisms that rely on URI comparison. The vulnerability affects all versions before 1.0.2 and requires local access with high attack complexity; the impact is limited to integrity (logic bypass) with no confidentiality or availability impact.

Information Disclosure Uriparser
NVD GitHub VulDB
CVSS 3.1
2.9
EPSS
0.0%
CVE-2026-44927 LOW PATCH Monitor

Pointer difference truncation to signed int in uriparser before version 1.0.2 allows local attackers to cause integer overflow and data integrity issues through specially crafted URI inputs. The vulnerability stems from unsafe casting of pointer arithmetic results (afterLast - first) to int, which can overflow on systems where pointer differences exceed INT_MAX, leading to buffer overflows, incorrect memory calculations, and potential information disclosure. While CVSS score is low (2.9) due to local attack vector and high complexity, the fix adds comprehensive overflow detection using SIZE_MAX checks, indicating real risk in applications processing untrusted URIs locally.

Information Disclosure Uriparser
NVD GitHub VulDB
CVSS 3.1
2.9
EPSS
0.0%
CVE-2026-42794 LOW PATCH Monitor

Reflected cross-site scripting (XSS) in absinthe_plug GraphiQL interface allows unauthenticated attackers to execute arbitrary JavaScript in victims' browsers via the query GET parameter. The vulnerability exploits incomplete input escaping in the js_escape/1 function, which fails to escape backslashes before embedding user-controlled query strings into inline JavaScript. An attacker can bypass existing single-quote and newline escaping by prefixing a quote with a backslash (e.g., \'), breaking out of the string context. Vendor-released patch available (version 1.10.2 and later); exploitation requires user interaction (clicking a malicious link).

XSS Absinthe Plug
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-44286 LOW Monitor

Server-side request forgery (SSRF) in FastGPT prior to version 4.14.17 allows authenticated users with App editing privileges to bypass SSRF protections in the lafModule workflow node's fetchData function, enabling arbitrary HTTP requests to internal and private network addresses via unvalidated user-controlled URLs passed to axios without filtering against the application's isInternalAddress blocklist.

SSRF Fastgpt
NVD GitHub
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-41889 LOW PATCH Monitor

SQL injection vulnerability in pgx (Go PostgreSQL driver) prior to version 5.9.2 allows authenticated attackers to manipulate queries when the non-default simple protocol is used in conjunction with dollar-quoted string literals containing attacker-controlled placeholder-like text. The vulnerability requires specific configuration (simple protocol mode enabled) and precise SQL structure (dollar-quoted strings with embedded placeholder syntax), making exploitation unlikely in typical deployments but possible in applications explicitly using QueryExecModeSimpleProtocol.

PostgreSQL SQLi
NVD GitHub VulDB
CVSS 4.0
2.3
EPSS
0.0%
CVE-2026-44428 LOW PATCH GHSA Monitor

MCP Registry's GitHub OIDC token exchange allows cross-registry replay attacks due to use of a shared global audience string instead of registry-specific identifiers. An attacker controlling or observing any registry deployment can capture a legitimately issued OIDC token and replay it to another registry instance sharing the same codebase to obtain publish-capable JWTs for the victim GitHub owner namespace, breaking deployment isolation. The vulnerability affects all versions prior to 1.7.6; vendor-released patch available.

Authentication Bypass SSRF Microsoft
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-8117 LOW Monitor

Reflected cross-site scripting (XSS) in SourceCodester Pizzafy Ecommerce System 1.0 via the page parameter in /admin/index.php allows remote attackers to inject malicious scripts that execute in a victim's browser with user interaction. CVSS 2.1 (low) reflects the requirement for user click-through; however, the vulnerability is disclosed publicly with proof-of-concept code available.

XSS PHP
NVD GitHub VulDB
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-6737 LOW Monitor

AsusPTPFilter driver allows local authenticated users to bypass security mechanisms via crafted IOCTL requests, potentially leaking restricted touchpad information or disabling the touchpad entirely. The vulnerability requires local access and low-level privileges but impacts the integrity and availability of the touchpad subsystem. CVSS 2.0 reflects limited scope (low severity across confidentiality, integrity, availability), but the attack vector is local and requires existing user privileges.

Authentication Bypass Asusptpfilter
NVD
CVSS 4.0
2.0
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy