Common Vulnerabilities and Exposures (CVE)

CVE-2026-7823

May 5, 2026 04:45:13 UTC

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may ...

CVE-2026-7822

May 5, 2026 04:30:13 UTC

A vulnerability was identified in itsourcecode Courier Management System 1.0. This impacts an unknown function of the file /print_pdets.php. The manipulation of the argument ids leads to sql injection. The attack may be initiated remotely. ...

CVE-2026-4362

May 5, 2026 04:27:56 UTC

The ElementsKit Elementor Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the `Live_Action::reset()` function in all versions up to, and including, 3.8.2 The function is ho...

CVE-2026-7812

May 5, 2026 04:15:12 UTC

A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function git_operation of the file src/code_mcp/server.py of the component MCP Tool. Performing a manipulation of the a...

CVE-2026-7811

May 5, 2026 04:00:21 UTC

A vulnerability has been found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The affected element is the function is_safe_path of the file src/code_mcp/server.py of the component MCP File Handler. Such manipulation lead...

CVE-2026-42090

May 5, 2026 03:56:38 UTC

Notesnook is a note-taking app focused on user privacy & ease of use. Prior to Notesnook Web/Desktop version 3.3.15 and prior to Notesnook iOS/Android version 3.3.20, a stored XSS vulnerability in the note export flow can be escalated to re...

CVE-2026-42234

May 5, 2026 03:56:37 UTC

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows containing a Python Code Node could escape the sandbox and achieve arbit...

CVE-2026-42232

May 5, 2026 03:56:36 UTC

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, an authenticated user with permission to create or modify workflows could achieve global prototype pollution via the XML Node leading to RCE...

CVE-2026-42231

May 5, 2026 03:56:35 UTC

n8n is an open source workflow automation platform. Prior to versions 1.123.32, 2.17.4, and 2.18.1, a flaw in the xml2js library used to parse XML request bodies in n8n's webhook handler allowed prototype pollution via a crafted XML payload...

CVE-2026-0073

May 5, 2026 03:56:34 UTC

In adbd_tls_verify_cert of auth.cpp, there is a possible bypass of wireless ADB mutual authentication due to a logic error in the code. This could lead to remote (proximal/adjacent) code execution as the shell user with no additional execut...

CVE-2026-24082

May 5, 2026 03:56:33 UTC

Memory Corruption when copying data from a freed source while executing performance counter deselect operation.

CVE-2025-47407

May 5, 2026 03:56:31 UTC

Memory corruption while creating a process on the digital signal processor due to allocation failure at the kernel level.

CVE-2025-47405

May 5, 2026 03:56:29 UTC

Memory corruption when processing camera sensor input/output control codes with invalid output buffers.

CVE-2025-47408

May 5, 2026 03:56:27 UTC

Memory corruption when another driver calls an IOCTL with invalid input/output buffer.

CVE-2026-25293

May 5, 2026 03:56:26 UTC

Buffer overflow due to incorrect authorization in PLC FW