Skip to main content
CVE-2026-10257 LOW POC Monitor

SQL injection in itsourcecode Content Management System 1.0 exposes the admin-facing endpoint /admin/update_ss_img.php to database manipulation via the unsanitized topic_id parameter. Low-privilege authenticated attackers can exploit this remotely with no user interaction required, achieving partial read, write, and availability impact against the underlying database. A public exploit is available (CVSS temporal E:P; GitHub PoC linked in references), elevating practical risk despite the moderate 6.3 base score. No active exploitation confirmed via CISA KEV at time of analysis.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-10256 LOW POC Monitor

SQL injection in itsourcecode Content Management System 1.0 exposes the database to read, modify, and partial denial-of-service via a crafted comment submission. The vulnerable endpoint /save_comment.php fails to sanitize the Name parameter before incorporating it into SQL queries, allowing an authenticated low-privilege attacker to manipulate database logic directly. A publicly available proof-of-concept exploit exists (GitHub issue linked in VulDB entry), elevating real-world risk despite the absence of a CISA KEV listing.

PHP SQLi
NVD VulDB GitHub
CVSS 4.0
2.1
EPSS
0.0%
CVE-2026-10234 LOW POC Monitor

Stored or reflected cross-site scripting in sendportal's Campaign Handler allows an authenticated low-privilege remote attacker to inject malicious script via the 'content' argument at the /webview/ endpoint, affecting all versions up to and including 3.0.1. A victim user must interact with the crafted content for the payload to execute, resulting in low-integrity impact with no confidentiality or availability consequences. No public exploit identified at time of analysis is incorrect here - publicly available exploit code exists (E:P in CVSS temporal), and the vendor has not responded to the coordinated disclosure, leaving no patch available.

XSS Sendportal
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-10228 LOW POC Monitor

Reflected or stored cross-site scripting (XSS) in raisulislamg4's student_management_system_by_php allows authenticated remote attackers to inject malicious scripts via the Message argument in admission_form_check.php. The vulnerability requires a victim to interact with a crafted link or page, triggering script execution in the context of another user's browser session. A public exploit exists per the GitHub issue report; however, the vendor has not responded to disclosure and no patch has been released.

XSS PHP
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-10299 LOW POC Monitor

Insecure Direct Object Reference (IDOR) in code-projects Online Hospital Management System 1.0 allows a high-privileged remote attacker to manipulate the `delid` parameter in `viewdoctortimings.php`, resulting in unauthorized modification or deletion of doctor timing records beyond the attacker's intended access scope. The CVSS 4.0 score of 2.0 reflects the high privilege prerequisite (PR:H), low integrity impact (VI:L), and low availability impact (VA:L) to the vulnerable component. No public exploit identified at time of analysis as active exploitation - however, publicly available exploit code exists, documented in a GitHub proof-of-concept writeup.

Information Disclosure PHP
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.1%
CVE-2026-10248 LOW POC Monitor

CSV injection in SourceCodester Pharmacy Sales and Inventory System 1.0 allows high-privileged remote attackers to embed malicious spreadsheet formula payloads via the Address and Company Name fields in the Supplier Creation Interface, which are then written unsanitized to exported CSV files. When downstream staff open the exported file in a spreadsheet application such as Microsoft Excel or LibreOffice Calc, the injected formulas execute in that client application's context, enabling information disclosure, data manipulation, or further client-side exploitation. A publicly available proof-of-concept exists (GitHub), though no active exploitation has been confirmed and this CVE is not listed in the CISA KEV catalog.

Information Disclosure Pharmacy Sales And Inventory System
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.1%
CVE-2026-10247 LOW POC Monitor

Stored or reflected cross-site scripting in SourceCodester Pharmacy Sales and Inventory System 1.0 allows authenticated remote attackers to inject malicious scripts via the generic_name parameter of the create_generic_name function at /ShowForm/create_generic_name/main. Exploitation requires victim user interaction (UI:R) to trigger script execution, limiting impact to low integrity loss with no confidentiality or availability impact (CVSS 3.5). Publicly available exploit code exists per the GitHub issue tracker reference, though this CVE is not listed in the CISA KEV catalog and EPSS data was not provided in source intelligence.

XSS Pharmacy Sales And Inventory System
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-10246 LOW POC Monitor

Stored or reflected cross-site scripting in SourceCodester Pharmacy Sales and Inventory System 1.0 allows a low-privileged authenticated remote attacker to inject malicious JavaScript via the `medicine_presentation` argument in the `create_medicine_presentation` function at `/ShowForm/create_medicine_presentation/main`. Exploitation requires a victim user to interact with the affected page, limiting blast radius but still enabling session hijacking, credential theft, or UI redirection against authenticated users. Publicly available exploit code exists per a GitHub issue disclosure; no CISA KEV listing is present.

XSS Pharmacy Sales And Inventory System
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-10245 LOW POC Monitor

Stored or reflected cross-site scripting (XSS) in SourceCodester Pharmacy Sales and Inventory System 1.0 allows a remote, low-privileged attacker to inject arbitrary JavaScript via the company_name argument in the create_supplier function at /ShowForm/create_supplier/main. Successful exploitation requires a victim user to interact with the malicious content, limiting blast radius, but the CVSS temporal metric confirms a proof-of-concept exploit is publicly available via GitHub. No active exploitation has been identified in CISA KEV, though the low attack complexity and public POC make this a credible risk for unpatched deployments handling sensitive pharmaceutical inventory data.

XSS Pharmacy Sales And Inventory System
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-10244 LOW POC Monitor

Cross-site scripting in SourceCodester Pharmacy Sales and Inventory System 1.0 allows a low-privileged authenticated attacker to inject malicious JavaScript via the `medicine_name` parameter at the `/ShowForm/create_medicine_name/main` endpoint, executing arbitrary scripts in the browsers of other users who view the affected page. The CVSS 4.0 score of 2.0 reflects a narrow impact profile - no confidentiality loss and only low integrity impact - but a publicly available proof-of-concept exploit exists (E:P), lowering the barrier to abuse in multi-user deployments such as shared pharmacy management environments. No active exploitation has been confirmed via CISA KEV.

XSS Pharmacy Sales And Inventory System
NVD VulDB GitHub
CVSS 4.0
2.0
EPSS
0.0%
CVE-2026-45690 MEDIUM PATCH This Month

Two-factor authentication bypass in Nextcloud Server 32.0.0-32.0.8 and 33.0.0-33.0.2 allows an authenticated attacker who possesses a valid user password to fully circumvent 2FA protections and gain unauthorized account access. During the login sequence, Nextcloud creates a temporary session token after credential validation but before the second factor is enforced; this token was not restricted from use in HTTP Basic Authentication or Bearer-header flows, enabling replay to authenticated API endpoints and effectively nullifying the 2FA control. Vendor-released patches exist as 32.0.9 and 33.0.3; no public exploit identified at time of analysis, though the fix PR makes the exploit mechanism technically transparent.

Authentication Bypass Nextcloud
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-45691 MEDIUM PATCH This Month

Two-factor authentication bypass in Nextcloud Server 32.0.0-32.0.8 and 33.0.0-33.0.2 enables a partially-authenticated attacker to access DAV endpoints (WebDAV, CalDAV, CardDAV) with full read/write privileges by reusing a pre-2FA intermediate session cookie as a Bearer token. The TEMPORARY_TOKEN issued after successful password authentication but before TOTP completion was not restricted to cookie-based requests, allowing it to be replayed in an HTTP Authorization: Bearer header against DAV APIs - entirely circumventing mandatory two-factor authentication enforcement. No public exploit has been identified at time of analysis, though a HackerOne report (3573399) documents the issue; vendor-confirmed patches are available.

Authentication Bypass Nextcloud
NVD GitHub
CVSS 3.1
5.9
EPSS
0.1%
CVE-2026-49270 MEDIUM PATCH This Month

Unauthenticated information disclosure in Apache ActiveMQ Broker allows remote attackers to enumerate all durable topic subscriptions - including client identifiers, subscription names, topic destinations, and JMS selector expressions - by sending a BrokerInfo command to a broker with syncDurableSubs enabled on a network connector. The broker incorrectly skips authentication before servicing the BrokerInfo request, exposing sensitive messaging infrastructure metadata. No public exploit identified at time of analysis, and EPSS stands at 0.02% (6th percentile), indicating very low current exploitation probability despite network-reachable attack vector.

Information Disclosure Apache
NVD VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-10232 LOW POC Monitor

Use-after-free in Assimp's ASE File Parser - specifically the `aiNode::~aiNode` destructor in `scene.cpp` - allows a local, low-privileged attacker to corrupt heap memory, potentially causing denial of service or achieving arbitrary code execution in applications that load 3D model files. All Assimp versions through 6.0.4 are affected. A public proof-of-concept exploit (poc.zip) has been disclosed via GitHub, reducing the skill barrier for exploitation in environments where untrusted ASE-format files can be submitted for processing. No public exploit identified as confirmed actively exploited (CISA KEV) at time of analysis.

Use After Free Denial Of Service Memory Corruption Assimp
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-10231 LOW POC Monitor

Heap-based buffer overflow in Assimp's Half-Life 1 MDL Loader allows a local authenticated attacker to corrupt memory via a crafted MDL file, potentially achieving limited confidentiality, integrity, and availability impact. Affected versions span all releases up to and including 6.0.4 of the open-source asset import library. No public exploit identified at time of analysis as active exploitation, but a proof-of-concept has been publicly released, and the CVSS temporal vector confirms exploit code existence (E:P).

Heap Overflow Buffer Overflow Assimp
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-10230 LOW POC Monitor

Heap-based buffer overflow in Assimp's Half-Life 1 MDL Loader (versions up to 6.0.4) allows a locally authenticated attacker with low privileges to corrupt heap memory via a crafted MDL animation file, producing low-severity but confirmed confidentiality, integrity, and availability impact. The vulnerability resides in the read_animations function of HL1MDLLoader.cpp and is reproducible with publicly available exploit code (POC). This is not confirmed in CISA KEV, and the Assimp project has tagged the report as a bug rather than a security defect, which may slow patch prioritization.

Heap Overflow Buffer Overflow Assimp
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-10229 LOW POC Monitor

Heap-based buffer overflow in Assimp's Half-Life 1 MDL Loader (HL1MDLLoader::read_meshes, versions through 6.0.4) allows local attackers with low privileges to trigger memory corruption when a crafted MDL file is processed, yielding partial confidentiality, integrity, and availability impact on the host process. A publicly available proof-of-concept exploit (poc.zip) has been disclosed, raising the urgency for affected deployments that ingest untrusted HL1 model files. No actively exploited status from CISA KEV has been confirmed; the Assimp project has tagged the report as a bug rather than a formal security advisory, and no patched release version has been identified at time of analysis.

Heap Overflow Buffer Overflow Assimp
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-10201 LOW POC Monitor

Divide-by-zero in Assimp's FBXExporter (UV Channel Handler) up to version 6.0.4 crashes the application when processing maliciously crafted UV channel data during FBX export, resulting in a local denial-of-service condition. An authenticated local user with low privileges can trigger the crash by supplying crafted input to the FBXExporter::WriteObjects function in FBXExporter.cpp. Publicly available exploit code exists via a POC ZIP hosted on GitHub; no active exploitation is confirmed (not in CISA KEV), and the CVSS 4.0 score of 1.9 reflects the severely constrained real-world impact.

Information Disclosure
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-10233 LOW POC Monitor

Out-of-bounds read in Assimp's Half-Life 1 MDL Loader affects all versions up to 6.0.4, enabling a local low-privileged attacker to leak memory contents by supplying a crafted MDL file that triggers faulty bounds handling in the `read_sequence_infos` function of `HL1MDLLoader.cpp`. Impact is confined to partial confidentiality loss (C:L) with no integrity or availability consequences per the CVSS vector. A publicly available proof-of-concept exploit exists (POC disclosed via GitHub), though no active exploitation has been confirmed and this vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Buffer Overflow Assimp
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-0061 MEDIUM This Month

Tapjacking and UI overlay exploitation in Android's WindowState.java enables local privilege escalation on Android 14, 15, 16, and 16-qpr2 without requiring any elevated permissions from the attacker. A malicious app on the device can deploy a deceptive overlay over system permission dialogs, causing the victim to unknowingly grant elevated permissions. No public exploit has been identified at time of analysis, and EPSS at 0.01% (1st percentile) indicates very low current exploitation probability, though the broad Android version coverage across actively maintained releases elevates the aggregate exposure.

XSS Privilege Escalation
NVD VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-0075 MEDIUM This Month

SQL injection across multiple contacts database functions in Google Android enables local privilege escalation on Android 14, 15, 16, and 16-qpr2 without requiring any elevated privileges or user interaction. The flaw allows an unprivileged local process or malicious application to inject arbitrary SQL into contacts database queries, resulting in unauthorized read, write, and partial denial-of-service impact against contact data. No public exploit has been identified at time of analysis, and EPSS probability stands at 0.01%, consistent with a local-only attack surface, though the absence of any privilege prerequisite (PR:N) lowers the bar for any attacker already on the device.

Privilege Escalation SQLi
NVD VulDB
CVSS 3.1
5.9
EPSS
0.0%
CVE-2026-10298 LOW POC Monitor

Null pointer dereference in whisper.cpp up to version 1.8.2 allows a local authenticated attacker to crash the application via a crafted input during model loading. The vulnerable code path is the whisper_model_load function within ggml/src/ggml.c, resulting in a limited availability impact (application denial of service) with no confidentiality or integrity consequences. A proof-of-concept exploit is publicly available via a GitHub issue report; however, no vendor patch has been released and the project has not yet responded to the disclosure.

Null Pointer Dereference Denial Of Service Whisper Cpp
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-10295 LOW POC Monitor

Denial of service conditions in SourceCodester Customer Review App 1.0 can be triggered by a locally authenticated low-privilege user through crafted input to the add_review, save_review, or get_all_reviews functions in review_app.py. Manipulation of the name or comment arguments causes improper resource shutdown or release (CWE-404), resulting in application unavailability. No public exploit identified at time of analysis has crossed into confirmed active exploitation per CISA KEV, but a publicly available proof-of-concept exists on Pastebin (https://pastebin.com/Ud5vaGp6), lowering the bar for reproduction.

Denial Of Service Customer Review App
NVD VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-10267 LOW POC Monitor

Out-of-bounds read in janet-lang/janet up to version 1.41.0 allows a local low-privileged attacker to read memory beyond allocated bounds via the doframe debug introspection function in src/core/debug.c. The root cause is missing bounds validation when using symbolmap entries (specifically jsm.death_pc and jsm.slot_index) as array indices into function environments and stack data. No public exploit identified at time of analysis, but publicly available exploit code exists per the POC reference; real-world impact is limited to low-confidence local reads with no availability or integrity consequence (CVSS:4.0 score 1.9).

Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-10268 LOW POC PATCH Monitor

Integer overflow in the Janet scripting language's fiber unmarshaling routine (versions up to 1.41.0) allows a local authenticated attacker to cause a denial-of-service condition. The vulnerable function `unmarshal_one_fiber` in `src/core/marsh.c` performs an unchecked addition when computing fiber stack capacity - if `fiber_stacktop` is near INT32_MAX, adding 10 wraps the value, resulting in a dangerously small capacity allocation that crashes the interpreter. No public exploitation in production environments has been confirmed (not listed in CISA KEV), but a public proof-of-concept exploit exists, and the upstream patch has been released as commit d9b1d711.

Buffer Overflow Integer Overflow Janet
NVD VulDB GitHub
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-10517 MEDIUM This Month

Server-Side Request Forgery in Clair's fetcher component exposes internal network services and cloud metadata endpoints to unauthenticated remote attackers who can submit container image manifests with crafted layer descriptor URIs. Affected deployments are those where PSK (Pre-Shared Key) authentication is not configured - an opt-in control that is not enforced by default - meaning standalone or custom Clair installations without PSK are directly exploitable over the network with no credentials. Reflective SSRF behavior leaks up to 256 bytes of internal error body content per request via CheckResponse error messages, enabling network reconnaissance; no public exploit has been identified at time of analysis and the vulnerability is not listed in CISA KEV.

Red Hat SSRF Suse
NVD
CVSS 3.1
5.8
EPSS
0.0%
CVE-2026-48187 MEDIUM This Month

Uncontrolled resource allocation in OTRS's e-mail handling subsystem allows a low-privileged authenticated user to trigger unbounded memory or resource consumption, ultimately aborting the webserver and causing a denial of service against the entire OTRS interface. Affected versions span OTRS 8.0.X through 2026.X prior to 2026.4.X, and the ((OTRS)) Community Edition 6.x and OTRS 7.x branches are noted by the vendor as very likely affected as well. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Denial Of Service Otrs Otrs Community Edition
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-48189 MEDIUM This Month

Improper input validation in the OTRS Customer Backend module allows authenticated low-privilege users to bypass group-based access controls and read customer records restricted to other groups. Affected versions span every major OTRS release line (7.0.X through 2026.X before 2026.4.X), though exploitation is gated by a non-default configuration requirement. No public exploit identified at time of analysis and this vulnerability is not listed in the CISA KEV catalog.

Information Disclosure Otrs
NVD
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-40990 MEDIUM PATCH This Month

Denial-of-service in Spring Cloud Function allows a low-privileged actor with physical access and required user interaction to exhaust JVM heap memory by registering an unbounded number of functions into the Function Registry, triggering an Out-of-Memory (OOM) crash. Five actively maintained release lines (3.2.x through 5.0.x) plus all unsupported versions are affected. No public exploit code exists and the vulnerability is not listed in CISA KEV at time of analysis; the CVSS score of 5.7 reflects the physical access vector and user interaction dependency that substantially constrain real-world exploitability compared to the High availability impact alone.

Java Denial Of Service
NVD HeroDevs VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-40989 MEDIUM PATCH This Month

Uncontrolled recursion in Spring Cloud Function's routing layer triggers an Out-of-Memory (OOM) condition, resulting in a denial of service across all active release trains (3.2.x through 5.0.x). The vulnerability is rooted in CWE-674 (Uncontrolled Recursion), where the routing layer lacks depth limits or cycle detection, allowing recursive request-handling to exhaust JVM heap space. No public exploit code or CISA KEV listing has been identified at time of analysis; however, the CVSS physical attack vector (AV:P) appears inconsistent with a routing-layer vulnerability and warrants verification against the Spring/VMware advisory.

Java Information Disclosure
NVD HeroDevs VulDB
CVSS 3.1
5.7
EPSS
0.0%
CVE-2026-10243 MEDIUM This Month

Remote unauthenticated access to multiple Admin Endpoints in code-projects Smart Parking System 1.0 allows attackers to bypass all authentication controls, gaining network-reachable read, write, and availability impact with no credentials or user interaction required. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) confirms zero-friction remote exploitation of a missing authentication gate - not a weak or bypassable one, but an entirely absent one across multiple admin functions. Publicly available exploit code exists per the E:P exploit maturity modifier and a referenced GitHub proof-of-concept repository, though no CISA KEV listing is present at time of analysis.

Authentication Bypass
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-10236 MEDIUM This Month

Unauthenticated remote attackers can create privileged administrator accounts in SourceCodester Water Billing Management System 1.0 by sending crafted requests to the User Management endpoint, bypassing all authorization controls. The researcher-published reference - titled 'Unauthenticated Admin Creation in PHP System' - confirms the practical impact exceeds the moderate CVSS score: full administrative takeover of the application is achievable without credentials. Publicly available exploit code exists (CVSS E:P), and no vendor patch has been identified at time of analysis.

Information Disclosure PHP
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-59609 MEDIUM This Month

Qualcomm Snapdragon chipsets improperly parse 802.11 advertisement frames containing malformed MBSSID (Multiple BSSID) elements of insufficient length, triggering a buffer over-read that discloses memory contents to an attacker. The CVSS vector (AV:N/AC:H/PR:L/UI:R/S:C) indicates network-reachable exploitation with changed scope, meaning the impact crosses beyond the Wi-Fi subsystem into adjacent components. No public exploit identified at time of analysis, and no CISA KEV listing exists; Qualcomm addressed this in their June 2026 Security Bulletin.

Information Disclosure Buffer Overflow Snapdragon
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-20456 MEDIUM This Month

Out-of-bounds write in the MediaTek WLAN STA (Station mode) driver enables local denial of service across six MediaTek Wi-Fi chipset families, confirmed by MediaTek in their June 2026 Product Security Bulletin. A low-privileged local user can crash the system without any user interaction by triggering the missing bounds check in the driver, exploiting CWE-787 memory corruption. No public exploit code has been identified and this vulnerability is not listed in the CISA KEV catalog at time of analysis.

Memory Corruption Denial Of Service Buffer Overflow Mediatek Chipset
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-28578 MEDIUM This Month

Local denial of service in Google Android's DevicePolicyManagerService affects Android 14, 15, 16, and 16-qpr2 via improper input validation across multiple service functions. A local attacker with basic user-level privileges can trigger a desynchronization between in-memory and persisted device policy state without requiring user interaction, resulting in high availability impact to the device policy management subsystem. No public exploit has been identified at time of analysis, and SSVC confirms exploitation status as none with non-automatable impact.

Denial Of Service
NVD
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0085 MEDIUM This Month

Local denial of service in Google Android's contacts subsystem allows a low-privileged local user to crash or destabilize the Contacts provider by inserting an oversized contact name field. Affected platforms include Android 14, 15, 16-qpr2, and 16. No special privileges beyond a standard app context are required, and no user interaction is needed, making this exploitable by any installed app with contacts write access. No public exploit identified at time of analysis.

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0070 MEDIUM This Month

Local denial of service in Google Android's DevicePolicyManagerService allows an authenticated local attacker to hide system-critical packages through improper input validation, rendering affected device functionality unavailable. Impacted versions span Android 14, 15, 16, and 16-qpr2, as confirmed in the June 2026 Android Security Bulletin. No public exploit or CISA KEV listing exists at time of analysis, and exploitation requires only low-level local privileges with no user interaction.

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0079 MEDIUM This Month

Integer overflow in Android's UBSan throwing runtime (ubsan_throwing_runtime.cpp) enables a local attacker with low privileges to cause a persistent denial of service across Android 14 through Android 16 QPR2. The flaw affects multiple functions within the file and requires no user interaction to trigger, making it exploitable by a malicious on-device application without elevated privileges. No public exploit identified at time of analysis, and the local-only attack vector constrains real-world scope, but the persistent nature of the availability impact elevates operational concern over transient crash-based DoS.

Denial Of Service Integer Overflow
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0074 MEDIUM This Month

Resource exhaustion in Android's launcher image processing component allows a local low-privileged application to trigger a denial of service condition across Android 14 through 16. The flaw resides in the getPreferredSize method of LauncherProcessImageListener.kt, where uncontrolled resource consumption (CWE-400) can be induced without requiring elevated privileges or user interaction, resulting in high availability impact to the affected device. No public exploit code and no active exploitation have been identified at time of analysis; the CVSS score of 5.5 reflects the local-only attack surface and absence of confidentiality or integrity impact.

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0069 MEDIUM This Month

Resource exhaustion in Android 14's APK signature verification routine crashes the affected component, resulting in a local denial of service. The flaw resides in the verifySignature method of ApkChecksums.java, where uncontrolled resource consumption (CWE-400) can be triggered by a low-privileged local process with no user interaction required. No public exploit has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0067 MEDIUM This Month

Permanent local denial of service in Google Android (versions 14, 15, 16, and 16-qpr2) is possible through a logic error in multiple functions of ubsan_throwing_runtime.cpp, Android's Undefined Behavior Sanitizer throwing runtime. A low-privileged local user can trigger the flaw without any user interaction, causing an unrecoverable availability failure in the affected component - requiring a reboot or process restart to restore normal function. No public exploit code exists and no CISA KEV listing is present at time of analysis, indicating this is not currently under widespread active exploitation.

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0060 MEDIUM This Month

Persistent local denial of service in Google Android affects the ANGLE graphics driver state management component across Android 14, 15, 16, and 16-qpr2. A low-privileged local process can trigger a persistent DoS condition via the updateState method in GraphicsDriverEnableAngleAsSystemDriverController.java without requiring any user interaction, potentially rendering the device unusable until rebooted. No public exploit code has been identified at time of analysis, and this vulnerability has not been added to the CISA KEV catalog.

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0043 MEDIUM This Month

Persistent denial of service and local privilege escalation in Google Android's UBSan runtime component affect Android 14, 15, 16-qpr2, and 16, stemming from an integer overflow in multiple functions of ubsan_throwing_runtime.cpp. An authenticated local attacker with low-level privileges and no required user interaction can exploit this overflow to trigger persistent availability loss and, per the description, possible privilege escalation. No public exploit code has been identified at time of analysis, and this vulnerability is not listed in the CISA KEV catalog.

Privilege Escalation Denial Of Service Integer Overflow
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0042 MEDIUM This Month

Persistent local denial of service in Google Android affects multiple functions within ubsan_throwing_runtime.cpp, where uncontrolled resource exhaustion can render a device or process permanently unavailable without requiring elevated privileges. Confirmed affected versions span Android 14, 15, 16-qpr2, and 16 per the June 2026 Android Security Bulletin. No public exploit code has been identified at time of analysis, and this is not listed in CISA KEV; however, the 'persistent' nature of the denial of service - implying state survives process restart or requires manual intervention - elevates practical impact beyond a typical availability disruption.

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2025-48648 MEDIUM This Month

Persistent denial of service in Google Android's NotificationManagerService allows a local unprivileged application to exhaust system resources via the isSameApp method, rendering the device's notification subsystem - and potentially broader system stability - unavailable. Affected versions include Android 14, 15, and 16 as disclosed in the June 2026 Android Security Bulletin. No public exploit code has been identified at time of analysis, and the vulnerability has not been added to the CISA KEV catalog.

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-0018 MEDIUM This Month

Persistent denial of service in Google Android's AccessibilityManagerService affects Android 15, Android 16, and Android 16-qpr2, allowing a local low-privileged attacker to permanently disrupt the accessibility subsystem without user interaction. The CVSS vector (AV:L/AC:L/PR:L/UI:N/A:H) confirms low-complexity local exploitation requiring only a standard app execution context. No public exploit has been identified and the vulnerability is not listed in CISA KEV at time of analysis.

Denial Of Service
NVD VulDB
CVSS 3.1
5.5
EPSS
0.0%
CVE-2026-10263 MEDIUM This Month

SQL injection in SourceCodester Computer Repair Shop Management System 1.0 exposes the admin product management endpoint to unauthenticated remote attackers who can manipulate the 'ID' parameter in /admin/products/manage_product.php to execute arbitrary SQL statements. The CVSS 4.0 vector confirms no privileges or user interaction are required (PR:N, UI:N, AV:N), and a proof-of-concept exploit has been publicly disclosed (E:P), lowering the bar for exploitation. Impact is assessed as low-to-moderate across confidentiality, integrity, and availability on the vulnerable system, with no lateral scope change to subsequent systems.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-10262 MEDIUM This Month

Unauthenticated SQL injection in code-projects Real State Services 1.0 exposes the login endpoint to remote database manipulation. The Username parameter passed to /loginuser.php is unsanitized and directly interpolated into SQL queries (CWE-74), enabling unauthenticated remote attackers to extract data, bypass authentication, or alter database contents. Exploit code has been publicly disclosed via a GitHub issue report, elevating practical risk despite the moderate CVSS 4.0 score of 5.5.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-10261 MEDIUM This Month

SQL injection in CodeAstro Online Job Portal 1.0 exposes the /users/application_status.php endpoint to unauthenticated remote attackers who can manipulate the ID parameter to inject arbitrary SQL into backend database queries, resulting in partial confidentiality, integrity, and availability impact. A proof-of-concept exploit has been published (CVSS 4.0 E:P confirmed), lowering the barrier to exploitation significantly despite the medium overall score. No public KEV listing exists, meaning active widespread exploitation is not confirmed at time of analysis, but the combination of a public POC and zero authentication requirements makes this a credible near-term risk for any internet-exposed deployment.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-10260 MEDIUM This Month

SQL injection in CodeAstro Online Job Portal 1.0 exposes the `/admin/jobs-admins/delete-jobs.php` endpoint to remote database manipulation via an unsanitized `ID` parameter. The CVSS 4.0 vector (AV:N/AC:L/AT:N/PR:N/UI:N) indicates no authentication, no complexity, and no user interaction are required to exploit this flaw from the network, though the admin panel context of the vulnerable endpoint warrants verification of actual auth enforcement. Publicly available exploit code exists (E:P), elevating practical risk above what the medium CVSS score of 5.5 alone might suggest.

PHP SQLi
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
Prev Page 6 of 8 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy