🚨 CVE-2025-54236
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
🎖@cveNotify
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
🎖@cveNotify
Adobe
Adobe Security Bulletin
Security Updates Available for Adobe Commerce | APSB25-88
🚨 CVE-2026-41080
libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.
🎖@cveNotify
libexpat before 2.7.6 uses insufficient entropy, and thus hash flooding can occur via a crafted XML document.
🎖@cveNotify
GitHub
Find strategy on getting 16 bytes of entropy and existing API (XML_SetHashSalt) together · Issue #47 · libexpat/libexpat
Since version 2.1.0 Expat has a function int XML_SetHashSalt(XML_Parser parser, unsigned long hash_salt) to provide sizeof(unsigned long) custom entropy bytes to Expat. Now SipHash introduced with ...
🚨 CVE-2018-25263
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log interface to execute arbitrary code with calculator proof-of-concept execution.
🎖@cveNotify
Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craft a malicious payload and paste it into the Device alias field within the Managing Log interface to execute arbitrary code with calculator proof-of-concept execution.
🎖@cveNotify
🚨 CVE-2018-25264
TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a denial of service condition.
🎖@cveNotify
TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a payload file containing 4000 bytes of data, paste it into the License Key field, and trigger a denial of service condition.
🎖@cveNotify
Exploit Database
TransMac 12.2 - Denial of Service (PoC)
TransMac 12.2 - Denial of Service (PoC).. dos exploit for Windows_x86 platform
🚨 CVE-2018-25273
CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an application crash when processing the input.
🎖@cveNotify
CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malicious file containing 4000 bytes of data, paste it into the License Key input field, and trigger an application crash when processing the input.
🎖@cveNotify
Exploit Database
CrossFont 7.5 - Denial of Service (PoC)
CrossFont 7.5 - Denial of Service (PoC).. dos exploit for Windows_x86 platform
🚨 CVE-2018-25274
InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an application crash.
🎖@cveNotify
InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file containing 6000 bytes of data and import it through the Edit menu's Import function to trigger an application crash.
🎖@cveNotify
Exploit Database
InfraRecorder 0.53 - '.txt' Denial of Service (PoC)
InfraRecorder 0.53 - '.txt' Denial of Service (PoC).. dos exploit for Windows_x86 platform
🚨 CVE-2026-7062
A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation leads to os command injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
A security vulnerability has been detected in Intina47 context-sync up to 2.0.0. This affects an unknown part of the file src/git-integration.ts of the component Git Integration. Such manipulation leads to os command injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
GitHub
GitHub - Intina47/context-sync: Local persistent memory store for LLM applications including continue.dev, cursor, claude desktop…
Local persistent memory store for LLM applications including continue.dev, cursor, claude desktop, github copilot, codex, antigravity, etc. - Intina47/context-sync
🚨 CVE-2026-7063
A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performing a manipulation of the argument pwd results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.
🎖@cveNotify
A vulnerability was detected in code-projects Employee Management System 1.0. This vulnerability affects unknown code of the file /370project/process/eprocess.php of the component Endpoint. Performing a manipulation of the argument pwd results in sql injection. The attack is possible to be carried out remotely. The exploit is now public and may be used.
🎖@cveNotify
🚨 CVE-2026-7064
A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection. The attack may be performed from remote. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
🎖@cveNotify
A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection. The attack may be performed from remote. The exploit has been published and may be used. The project was informed of the problem early through an issue report but has not responded yet.
🎖@cveNotify
GitHub
GitHub - AgentDeskAI/browser-tools-mcp: Monitor browser logs directly from Cursor and other MCP compatible IDEs.
Monitor browser logs directly from Cursor and other MCP compatible IDEs. - AgentDeskAI/browser-tools-mcp
🚨 CVE-2026-33277
An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user.
🎖@cveNotify
An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user.
🎖@cveNotify
jvn.jp
JVN#57877356: Multiple vulnerabilities in LogonTracer
Japan Vulnerability Notes
🚨 CVE-2026-33566
There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.
🎖@cveNotify
There is a cypher injection issue in LogonTracer prior to v2.0.0. If specially crafted Windows event log data is loaded, the contents of the database may be altered.
🎖@cveNotify
jvn.jp
JVN#57877356: Multiple vulnerabilities in LogonTracer
Japan Vulnerability Notes
🚨 CVE-2026-42363
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability.
When interacting with various Geovision devices on the network, the utility may send privileged commands; in order to do so, the username and password of the device need to be provided. In some instances the command is broadcasted over UDP and the username/password are encrypted using a cryptographic protocol that appears to be derivated from Blowfish. However the symmetric key used for the encryption is also included in the packet, and thus the security of the username/password only relies on the "obscurity" of the encryption scheme. An attacker on the same LAN can listen to the broadcast traffic once an admin user interacts with the device, and decrypt the credentials using their own implementation of the algorithm. With this password the attacker would have full control over the device configuration, allowing them to change its ip address or even reset it to factory default.
🎖@cveNotify
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigger this vulnerability.
When interacting with various Geovision devices on the network, the utility may send privileged commands; in order to do so, the username and password of the device need to be provided. In some instances the command is broadcasted over UDP and the username/password are encrypted using a cryptographic protocol that appears to be derivated from Blowfish. However the symmetric key used for the encryption is also included in the packet, and thus the security of the username/password only relies on the "obscurity" of the encryption scheme. An attacker on the same LAN can listen to the broadcast traffic once an admin user interacts with the device, and decrypt the credentials using their own implementation of the algorithm. With this password the attacker would have full control over the device configuration, allowing them to change its ip address or even reset it to factory default.
🎖@cveNotify
Talosintelligence
Vulnerability Reports - Latest network security threats and zeroday discoveries || Cisco Talos Intelligence Group - Comprehensive…
Talos investigates software and operating system vulnerabilities in order to discover them before malicious threat actors do. We provide this information to vendors so that they can create patches and protect their customers as soon as possible.
🚨 CVE-2026-7065
A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
🎖@cveNotify
A vulnerability has been found in BidingCC BuildingAI up to 26.0.1. Impacted is the function uploadRemoteFile of the file packages/core/src/modules/upload/services/file-storage.service.ts of the component Remote Upload API. The manipulation of the argument url leads to server-side request forgery. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
🎖@cveNotify
GitHub
GitHub - BidingCC/BuildingAI: AI时代的WordPress,东半球首个积木式AI应用搭建系统,人人都可免费搭建自己的AI应用系统,例如企业智能体系统、AI漫剧系统、AI论文学术系统、AI客服系统...
AI时代的WordPress,东半球首个积木式AI应用搭建系统,人人都可免费搭建自己的AI应用系统,例如企业智能体系统、AI漫剧系统、AI论文学术系统、AI客服系统... - BidingCC/BuildingAI
🚨 CVE-2026-7066
A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function exec_openstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The project was informed of the problem early through an issue report but has not responded yet.
🎖@cveNotify
A vulnerability was found in choieastsea simple-openstack-mcp up to 767b2f4a8154cca344344b9725537a58399e6036. The affected element is the function exec_openstack of the file server.py. The manipulation results in os command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. This product takes the approach of rolling releases to provide continious delivery. Therefore, version details for affected and updated releases are not available. The project was informed of the problem early through an issue report but has not responded yet.
🎖@cveNotify
GitHub
GitHub - choieastsea/simple-openstack-mcp: simple openstack mcp server with openstack command line interface
simple openstack mcp server with openstack command line interface - choieastsea/simple-openstack-mcp
🚨 CVE-2026-7067
A vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.
🎖@cveNotify
A vulnerability was determined in D-Link DIR-822 A_101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. This vulnerability only affects products that are no longer supported by the maintainer.
🎖@cveNotify
tzh00203 on Notion
D-Link DIR-822 A1 Command Injection in `udhcpd` via DHCP Hostname | Notion
*Vulnerability Title*\*: Command Injection Vulnerability in the DHCP Service of D-Link DIR-822 A1
🚨 CVE-2025-54236
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
🎖@cveNotify
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
🎖@cveNotify
Adobe
Adobe Security Bulletin
Security Updates Available for Adobe Commerce | APSB25-88
🚨 CVE-2026-7070
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
🎖@cveNotify
A weakness has been identified in code-projects Inventory Management System 1.0. Affected is an unknown function of the component Login. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
🎖@cveNotify
🚨 CVE-2026-7071
A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /users/user-cvs/. The manipulation leads to file and directory information exposure. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
A security vulnerability has been detected in CodeAstro Online Job Portal 1.0. Affected by this vulnerability is an unknown functionality of the file /users/user-cvs/. The manipulation leads to file and directory information exposure. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
🚨 CVE-2026-7072
A vulnerability was detected in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.
🎖@cveNotify
A vulnerability was detected in CodePanda Source canteen_management_system 1.0. Affected by this issue is some unknown functionality of the file /api/login.php. The manipulation of the argument Username results in sql injection. The attack can be executed remotely. The exploit is now public and may be used.
🎖@cveNotify
GitHub
codepanda-source canteen_management_system V1.0 login.php SQL injection · Issue #2 · redshadowword-cell/CVE
codepanda-source canteen_management_system Project V1.0 /api/login.php SQL injection NAME OF AFFECTED PRODUCT(S) canteen_management_system Vendor Homepage https://www.codepanda-source.online/ AFFEC...
🚨 CVE-2026-7073
A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument code causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
🎖@cveNotify
A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument code causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
🎖@cveNotify
GitHub
itsourcecode Construction Management System V1.0 SQL Injection Vulnerability · Issue #2 · Beatriz-ai-boop/cve
itsourcecode Construction Management System V1.0 SQL Injection Vulnerability NAME OF AFFECTED PRODUCT(S) Construction Management System Vendor Homepage https://itsourcecode.com/free-projects/php-pr...
🚨 CVE-2026-7074
A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability has been found in itsourcecode Construction Management System 1.0. This vulnerability affects unknown code of the file /execute1.php. Such manipulation of the argument code leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
itsourcecode Construction Management System V1.0 SQL Injection Vulnerability · Issue #3 · Beatriz-ai-boop/cve
itsourcecode Construction Management System V1.0 SQL Injection Vulnerability NAME OF AFFECTED PRODUCT(S) Construction Management System Vendor Homepage https://itsourcecode.com/free-projects/php-pr...