VYPR

CVEs

30,473 total · page 31 of 610

  • CVE-2026-40315CriApr 14, 2026
    risk 0.57cvss 9.8epss 0.00

    PraisonAI is a multi-agent teams system. Prior to 4.5.133, there is an SQL identifier injection vulnerability in SQLiteConversationStore where the table_prefix configuration value is directly concatenated into SQL queries via f-strings without any validation or sanitization.…

  • CVE-2026-40313CriApr 14, 2026
    risk 0.52cvss 9.1epss 0.00

    PraisonAI is a multi-agent teams system. In versions 4.5.139 and below, the GitHub Actions workflows are vulnerable to ArtiPACKED attack, a known credential leakage vector caused by using actions/checkout without setting persist-credentials: false. By default, actions/checkout…

  • CVE-2026-40289CriApr 14, 2026
    risk 0.52cvss 9.1epss 0.00

    PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the browser bridge (praisonai browser start) is vulnerable to unauthenticated remote session hijacking due to missing authentication and a bypassable origin check on…

  • CVE-2026-40288CriApr 14, 2026
    risk 0.57cvss 9.8epss 0.01

    PraisonAI is a multi-agent teams system. In versions below 4.5.139 of PraisonAI and 1.5.140 of praisonaiagents, the workflow engine is vulnerable to arbitrary command and code execution through untrusted YAML files. When praisonai workflow run <file.yaml> loads a YAML file with…

  • CVE-2026-6264CriApr 14, 2026
    risk 0.64cvss 9.8epss 0.01

    A critical vulnerability in the Talend JobServer and Talend Runtime allows unauthenticated remote code execution via the JMX monitoring port. The attack vector is the JMX monitoring port of the Talend JobServer. The vulnerability can be mitigated for the Talend JobServer by…

  • CVE-2026-4365CriApr 14, 2026
    risk 0.59cvss 9.1epss 0.01

    The LearnPress plugin for WordPress is vulnerable to unauthorized data deletion due to a missing capability check on the `delete_question_answer()` function in all versions up to, and including, 4.3.2.8. The plugin exposes a `wp_rest` nonce in public frontend HTML (`lpData`) to…

  • CVE-2026-27681CriApr 14, 2026
    risk 0.64cvss 9.9epss 0.01

    Due to insufficient authorization checks in SAP Business Planning and Consolidation and SAP Business Warehouse, an authenticated user can execute crafted SQL statements to read, modify, and delete database data. This leads to a high impact on the confidentiality, integrity, and…

  • CVE-2026-22564CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.00

    An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system.
 Affected Products: UniFi Play PowerAmp (Version 1.0.35 and earlier)
 UniFi Play Audio Port  (Version…

  • CVE-2026-22563CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.01

    A series of Improper Input Validation vulnerabilities could allow a Command Injection by a malicious actor with access to the UniFi Play network. Affected Products: UniFi Play PowerAmp (Version 1.0.35 and earlier)
 UniFi Play Audio Port  (Version 1.0.24 and earlier)
 …

  • CVE-2026-22562CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.01

    A malicious actor with access to the UniFi Play network could exploit a Path Traversal vulnerability found in the device firmware to write files on the system that could be used for a remote code execution (RCE). Affected Products: UniFi Play PowerAmp (Version 1.0.35 and…

  • CVE-2026-31048CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.01

    An issue in the pickle protocol of Pyro v3.x allows attackers to execute arbitrary code via supplying a crafted pickled string message.

  • CVE-2026-40044CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.00

    Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the…

  • CVE-2026-40042CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.00

    Pachno 1.0.6 contains an XML external entity injection vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting unsafe XML parsing in the TextParser helper. Attackers can inject malicious XML entities through wiki table syntax and inline tags in…

  • CVE-2026-6195CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.14

    A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument admpass leads to os command injection. The…

  • CVE-2026-6100CriApr 13, 2026
    risk 0.52cvss epss 0.01

    Use-after-free (UAF) was possible in the `lzma.LZMADecompressor`, `bz2.BZ2Decompressor`, and `gzip.GzipFile` when a memory allocation fails with a `MemoryError` and the decompression instance is re-used. This scenario can be triggered if the process is under memory pressure. The…

  • CVE-2026-31283CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.00

    In Totara LMS v19.1.5 and before, the forgot password API does not implement rate limiting for the target email address. which can be used for an Email Bombing attack. NOTE: the Supplier's position is that the pwresettime configuration defaults to 30 minutes, the pwresettime…

  • CVE-2026-31282CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.00

    Totara LMS v19.1.5 and before is vulnerable to Incorrect Access Control. The login page code can be manipulated to reveal the login form. An attacker can chain that with missing rate-limit on the login form to launch a brute force attack. NOTE: this is disputed by the Supplier…

  • CVE-2026-31414CriApr 13, 2026
    risk 0.57cvss 9.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: use expect->helper Use expect->helper in ctnetlink and /proc to dump the helper name. Using nfct_help() without holding a reference to the master conntrack is unsafe. Use…

  • CVE-2026-4810CriApr 13, 2026
    risk 0.61cvss epss 0.02

    A Code Injection and Missing Authentication vulnerability in Google Agent Development Kit (ADK) versions 1.7.0 (and 2.0.0a1) through 1.28.1 (and 2.0.0a2) on Python (OSS), Cloud Run, and GKE allows an unauthenticated remote attacker to execute arbitrary code on the server hosting…

  • CVE-2026-5085CriApr 13, 2026
    risk 0.59cvss 9.1epss 0.00

    Solstice::Session versions through 1440 for Perl generates session ids insecurely. The _generateSessionID method returns an MD5 digest seeded by the epoch time, a random hash reference, a call to the built-in rand() function and the process id. The same method is used in the…

  • CVE-2026-34865CriApr 13, 2026
    risk 0.59cvss 9.1epss 0.00

    Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.

  • CVE-2026-6156CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.02

    A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument Comment leads to os command injection. Remote exploitation…

  • CVE-2026-6155CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.02

    A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may…

  • CVE-2026-6154CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.02

    A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The…

  • CVE-2026-6140CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument FileName results in os command injection. The attack may be…

  • CVE-2026-6139CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be…

  • CVE-2026-6138CriApr 13, 2026
    risk 0.64cvss 9.8epss 0.02

    A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated…

  • CVE-2026-6132CriApr 12, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of…

  • CVE-2026-6131CriApr 12, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument command results in os command injection. The attack…

  • CVE-2019-25709CriApr 12, 2026
    risk 0.64cvss 9.8epss 0.01

    CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by accessing the imgdb.db file in the upload/data directory. Attackers can extract delete IDs stored in plaintext from the deserialized database and use them to delete…

  • CVE-2026-6116CriApr 12, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection. Remote exploitation…

  • CVE-2026-6115CriApr 12, 2026
    risk 0.64cvss 9.8epss 0.02

    A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack may be launched…

  • CVE-2026-6114CriApr 12, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument proto results in os command injection. The attack…

  • CVE-2026-6113CriApr 12, 2026
    risk 0.64cvss 9.8epss 0.02

    A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument ttyEnable leads to os command…

  • CVE-2026-6112CriApr 12, 2026
    risk 0.64cvss 9.8epss 0.02

    A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be…

  • CVE-2026-31845CriApr 11, 2026
    risk 0.60cvss 9.3epss 0.01

    A reflected cross-site scripting (XSS) vulnerability exists in Rukovoditel CRM version 3.6.4 and earlier in the Zadarma telephony API endpoint (/api/tel/zadarma.php). The application directly reflects user-supplied input from the 'zd_echo' GET parameter into the HTTP response…

  • CVE-2026-5059CriApr 11, 2026
    risk 0.64cvss 9.8epss 0.02

    aws-mcp-server AWS CLI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists…

  • CVE-2026-5058CriApr 11, 2026
    risk 0.64cvss 9.8epss 0.02

    aws-mcp-server Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of aws-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within…

  • CVE-2026-4149CriApr 11, 2026
    risk 0.64cvss 9.8epss 0.01

    Sonos Era 300 SMB Response Out-Of-Bounds Access Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Sonos Era 300. Authentication is not required to exploit this vulnerability. The specific flaw…

  • CVE-2026-40189CriApr 10, 2026
    risk 0.57cvss 9.8epss 0.01

    goshs is a SimpleHTTPServer written in Go. Prior to 2.0.0-beta.4, goshs enforces the documented per-folder .goshs ACL/basic-auth mechanism for directory listings and file reads, but it does not enforce the same authorization checks for state-changing routes. An unauthenticated…

  • CVE-2026-30232CriApr 10, 2026
    risk 0.55cvss 9.6epss 0.00

    Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.8.5, Chartbrew allows authenticated users to create API data connections with arbitrary URLs. The server fetches these URLs using…

  • CVE-2026-33707CriApr 10, 2026
    risk 0.54cvss 9.4epss 0.00

    Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, the default password reset mechanism generates tokens using sha1($email) with no random component, no expiration, and no rate limiting. An attacker who knows a user's email can compute the reset token…

  • CVE-2026-33698CriApr 10, 2026
    risk 0.57cvss 9.8epss 0.00

    Chamilo LMS is a learning management system. Prior to 1.11.38, a chained attack can enable otherwise-blocked PHP code from the main/install/ directory and allow an unauthenticated attacker to modify existing files or create new files where allowed by system permissions. This…

  • CVE-2026-32892CriApr 10, 2026
    risk 0.52cvss 9.1epss 0.02

    Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, Chamilo LMS contains an OS Command Injection vulnerability in the file move function. The move() function in fileManage.lib.php passes user-controlled path values directly into exec() shell commands…

  • CVE-2026-23781CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.00

    An issue was discovered in BMC Control-M/MFT 9.0.20 through 9.0.22. A set of default debug user credentials is hardcoded in cleartext within the application package. If left unchanged, these credentials can be easily obtained and may allow unauthorized access to the MFT API…

  • CVE-2026-36236CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.00

    SourceCodester Engineers Online Portal v1.0 is vulnerable to SQL Injection in update_password.php via the new_password parameter.

  • CVE-2026-36235CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.00

    A SQL injection vulnerability was found in the scheduleSubList.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'subjcode' parameter is directly embedded into the SQL query via string interpolation without any sanitization or…

  • CVE-2026-36234CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.00

    itsourcecode Online Student Enrollment System v1.0 is vulnerable to SQL Injection in newCourse.php via the 'coursename' parameter.

  • CVE-2026-36233CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.00

    A SQL injection vulnerability was found in the assignInstructorSubjects.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that attackers can inject malicious code via the parameter "subjcode" and use it directly in SQL queries without…

  • CVE-2026-36232CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.00

    A SQL injection vulnerability was found in the instructorClasses.php file of itsourcecode Online Student Enrollment System v1.0. The reason for this issue is that the 'classId' parameter from $_GET['classId'] is directly concatenated into the SQL query without any sanitization…