Aggregator

CVE-2026-8786 | Tencent WeKnora up to 0.3.6 Config API Endpoint initialization.go getKnowledgeBaseForInitialization kbId authorization

VulDB Recent Entries
1 month ago
A vulnerability has been found in Tencent WeKnora up to 0.3.6 and classified as critical. Affected by this issue is the function getKnowledgeBaseForInitialization of the file internal/handler/initialization.go of the component Config API Endpoint. The manipulation of the argument kbId leads to authorization bypass. This vulnerability is traded as CVE-2026-8786. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-8785 | projectworlds hospital-management-system-in-php 1.0 GET Parameter update_info.php getAllPatientDetail appointment_no sql injection

VulDB Recent Entries
1 month ago
A vulnerability, which was classified as critical, was found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file update_info.php of the component GET Parameter Handler. Executing a manipulation of the argument appointment_no can lead to sql injection. This vulnerability appears as CVE-2026-8785. The attack may be performed from remote. In addition, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.
vuldb.com

CVE-2026-8784 | npitre cramfs-tools up to 2.2 cramfsck.c change_file_status symlink (Issue 13)

VulDB Recent Entries
1 month ago
A vulnerability, which was classified as critical, has been found in npitre cramfs-tools up to 2.2. Affected is the function change_file_status of the file cramfsck.c. Performing a manipulation results in symlink following. This vulnerability is reported as CVE-2026-8784. The attack requires a local approach. Moreover, an exploit is present. It is recommended to apply a patch to fix this issue.
vuldb.com

CVE-2026-8783 | omec-project amf up to 2.1.3-dev ngap/dispatcher.go UERadioCapabilityCheckResponse null pointer dereference (Issue 675)

VulDB Recent Entries
1 month ago
A vulnerability classified as problematic was found in omec-project amf up to 2.1.3-dev. This impacts the function UERadioCapabilityCheckResponse of the file ngap/dispatcher.go. Such manipulation leads to null pointer dereference. This vulnerability is documented as CVE-2026-8783. The attack can be executed remotely. Additionally, an exploit exists. Upgrading the affected component is advised. The same pull request fixes multiple security issues.
vuldb.com

CVE-2026-8782 | omec-project amf up to 2.1.3-dev NGAP Message ngap/handler.go null pointer dereference (Issue 674)

VulDB Recent Entries
1 month ago
A vulnerability classified as problematic has been found in omec-project amf up to 2.1.3-dev. This affects an unknown function of the file ngap/handler.go of the component NGAP Message Handler. This manipulation causes null pointer dereference. This vulnerability is registered as CVE-2026-8782. Remote exploitation of the attack is possible. Furthermore, an exploit is available. It is recommended to upgrade the affected component. The same pull request fixes multiple security issues.
vuldb.com

CVE-2026-8781 | omec-project amf up to 2.1.3-dev ngap/handler.go RANConfiguration null pointer dereference (Issue 673)

VulDB Recent Entries
1 month ago
A vulnerability described as problematic has been identified in omec-project amf up to 2.1.3-dev. The impacted element is the function RANConfiguration of the file ngap/handler.go. The manipulation results in null pointer dereference. This vulnerability is cataloged as CVE-2026-8781. The attack may be launched remotely. Furthermore, there is an exploit available. Upgrading the affected component is recommended. The same pull request fixes multiple security issues.
vuldb.com

CVE-2026-8780 | omec-project amf up to 2.1.3-dev NGAP Message ngap/dispatcher.go memory corruption (Issue 670)

VulDB Recent Entries
1 month ago
A vulnerability marked as problematic has been reported in omec-project amf up to 2.1.3-dev. The affected element is an unknown function of the file ngap/dispatcher.go of the component NGAP Message Handler. The manipulation leads to memory corruption. This vulnerability is listed as CVE-2026-8780. The attack may be initiated remotely. In addition, an exploit is available. It is suggested to upgrade the affected component. The same pull request fixes multiple security issues.
vuldb.com

CVE-2026-8779 | omec-project amf up to 2.1.3-dev ngap/handler.go NGSetupRequest InformationElement memory corruption (Issue 671)

VulDB Recent Entries
1 month ago
A vulnerability labeled as problematic has been found in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. This vulnerability is tracked as CVE-2026-8779. The attack can be launched remotely. Moreover, an exploit is present. The affected component should be upgraded. The same pull request fixes multiple security issues.
vuldb.com

Managed ad