Aggregator

A vulnerability described as critical has been identified in itsourcecode Document Management System 1.0. Impacted is an unknown function of the file /register.php. Such manipulation of the argument Username leads to sql injection. This vulnerability is referenced as CVE-2026-3153. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Currently trending CVE - Hype Score: 4 - Missing Authorization vulnerability in Seraphinite Solutions Seraphinite Accelerator seraphinite-accelerator allows Retrieve Embedded Sensitive Data.This issue affects Seraphinite Accelerator: from n/a through <= 2.22.15.

Currently trending CVE - Hype Score: 1 - A post‑authentication command injection vulnerability in the Dynamic DNS (DDNS) configuration CLI command in Zyxel ATP series firmware versions from V5.35 through V5.41, USG FLEX series firmware versions from V5.35 through V5.41, USG FLEX 50(W) series firmware versions from ...

Currently trending CVE - Hype Score: 8 - Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.

Submit #758831 / VDB-347661

A vulnerability marked as critical has been reported in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/teacher-salary.php. This manipulation of the argument teacher_id causes sql injection. The identification of this vulnerability is CVE-2026-3152. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability labeled as critical has been found in itsourcecode College Management System 1.0. This vulnerability affects unknown code of the file /login/login.php. The manipulation of the argument email results in sql injection. This vulnerability was named CVE-2026-3151. The attack may be performed from remote. In addition, an exploit is available.

A vulnerability identified as critical has been detected in itsourcecode College Management System 1.0. This affects an unknown part of the file /admin/display-teacher.php. The manipulation of the argument teacher_id leads to sql injection. This vulnerability is uniquely identified as CVE-2026-3150. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability categorized as critical has been discovered in itsourcecode College Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/asign-single-student-subjects.php. Executing a manipulation of the argument course_code can lead to sql injection. This vulnerability is handled as CVE-2026-3149. The attack can be executed remotely. Additionally, an exploit exists.

A vulnerability was found in Dell Wyse Management Suite up to 5.4. It has been rated as critical. Affected by this vulnerability is an unknown functionality. Performing a manipulation results in unrestricted upload. This vulnerability is known as CVE-2026-22766. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is advised.

A vulnerability was found in Dell Wyse Management Suite up to 5.4. It has been declared as very critical. Affected is an unknown function. Such manipulation leads to missing authorization. This vulnerability is traded as CVE-2026-22765. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. It has been classified as critical. This impacts an unknown function of the file /signup.php. This manipulation of the argument Username causes sql injection. This vulnerability appears as CVE-2026-3148. The attack may be initiated remotely. In addition, an exploit is available.

Submit #758834 / VDB-347660

Submit #758830 / VDB-347659

Submit #758829 / VDB-347658

Submit #758828 / VDB-347657

SolarWinds addressed four critical Serv-U vulnerabilities that could let attackers gain root access to unpatched servers. SolarWinds released updates fixing four critical Serv-U vulnerabilities that allow remote code execution, potentially giving attackers full root access on unpatched servers. Serv-U is a file transfer server software that allows organizations to securely transfer files over networks using […]

Submit #758822 / VDB-347654

One engineer used AI to rebuild Next.js on Vite in a week. vinext builds up to 4x faster, produces 57% smaller bundles, and deploys to Cloudflare Workers with a single command.