Submit #838198: 78 xiaozhi-esp32 36200942cca3f7cbac6c927ce7458bad874297ab Information Exposure / Improper Routing [Accepted] Vuldb Submit 1 week 1 day ago Submit #838198 / VDB-374486 dem0000
Submit #838190: sourcecodester Class and Exam Timetabling System V1.0 SQL injection [Accepted] Vuldb Submit 1 week 1 day ago Submit #838190 / VDB-374485 wuyan-set
Submit #838189: sourcecodester Class and Exam Timetabling System V1.0 SQL injection [Accepted] Vuldb Submit 1 week 1 day ago Submit #838189 / VDB-374484 llfak
Submit #838188: sourcecodester Class and Exam Timetabling System V1.0 SQL injection [Accepted] Vuldb Submit 1 week 1 day ago Submit #838188 / VDB-374483 llfak
Submit #838185: sourcecodester Class and Exam Timetabling System V1.0 SQL injection [Accepted] Vuldb Submit 1 week 1 day ago Submit #838185 / VDB-374482 llfak
Submit #837658: MLflow Unreleased development code in pull request #23607, commit 4666cffc7912ea606d592fc38d6a75e2935f65e7. No released MLflow version CWE-862 Missing Authorization [Accepted] Vuldb Submit 1 week 1 day ago Submit #837658 / VDB-374481 Dem00
Submit #837646: arc53 DocsGPT Development branch before PR #2331; verified against local main commit 06e827573cac6ad3b445ffea0fb08169071c1b50. Fixed for newly CWE-345: Insufficient Verification of Data Authenticity [Accepted] Vuldb Submit 1 week 1 day ago Submit #837646 / VDB-374480 Dem00
Submit #789927: skypilot-org skypilot 0.12.0 Algorithm Downgrade [Accepted] Vuldb Submit 1 week 1 day ago Submit #789927 / VDB-374479 Dem0
Submit #843741: Apache OFBiz before 24.09.06 Improper Neutralization of Special Elements used in an LDAP Quer [Duplicate] Vuldb Submit 1 week 4 days ago Submit #843741 / VDB-364607 zhaokf
Submit #837600: Browserbase Browserbase Skills latest main branch prior to fix (tested May 2026) Information Disclosure / Insecure File Permissions [Accepted] Vuldb Submit 2 weeks ago Submit #837600 / VDB-372613 vaibhavnarkhede
Submit #837582: langflow-ai/langflow - `Langflow bundle URL loading` - `custom component discovery/import path` <=1.9.3 Remote Code Execution / Untrusted Code Loading [Accepted] Vuldb Submit 2 weeks ago Submit #837582 / VDB-372612 ST4R
Submit #837578: FlowiseAI/Flowise - `packages/components/nodes/documentloaders/S3/S3.ts` - `S3Directory / S3File document loader temporary-file handling` 3.1.2 Path Traversal / Arbitrary Local File Write / Unsafe Cleanup [Accepted] Vuldb Submit 2 weeks ago Submit #837578 / VDB-372611 ST4R
Submit #837577: coollabsio/coolify - `Coolify deployment image parsing / Docker pull command construction` - `Docker image reference fields` v4.x OS Command Injection [Accepted] Vuldb Submit 2 weeks 1 day ago Submit #837577 / VDB-372609 ST4R
Submit #837561: COMFAST CF-WR631AX V3-V2.7.0.8 OS Command Injection [Accepted] Vuldb Submit 2 weeks 1 day ago Submit #837561 / VDB-372608 0xcc12138
Submit #837554: appwrite - `src/Appwrite/Platform/Modules/Avatars/Http/Favicon/Get.php` - `utopia-php/fetch redirect handling` <=1.9.0 Server-Side Request Forgery via Redirect [Duplicate] Vuldb Submit 2 weeks 1 day ago Submit #837554 / VDB-224696 ST4R
Submit #837553: activepieces Component: see affected components below 0.83.1 Server-Side Request Forgery (SSRF) [Accepted] Vuldb Submit 2 weeks 1 day ago Submit #837553 / VDB-372607 ST4R
Submit #837203: Radware Cyber Controller <=~10.11.0 Cross Site Scripting [Accepted] Vuldb Submit 2 weeks 1 day ago Submit #837203 / VDB-372606
Submit #837175: Kortix AI Suna < 0.8.39 DOM-XSS, Open Redirect [Accepted] Vuldb Submit 2 weeks 1 day ago Submit #837175 / VDB-372605 trebledj
Submit #836674: EDIMAX BR6478ACV2 BR6478ACV2_v1.23 Command Injection [Accepted] Vuldb Submit 2 weeks 1 day ago Submit #836674 / VDB-372604 wxhwxhwxh_mie
Submit #836673: EDIMAX BR6478ACV2 BR6478ACV2_v1.23 Command Injection [Accepted] Vuldb Submit 2 weeks 1 day ago Submit #836673 / VDB-372603 wxhwxhwxh_mie