Common Vulnerabilities and Exposures (CVE)

CVE-2026-14791

Jul 6, 2026 13:28:29 UTC

A weakness has been identified in crater-invoice-inc crater up to 6.0.6. This affects the function getFormattedString of the file app/Http/Requests/InvoicesRequest.php of the component Invoice Note Handler. Executing a manipulation of the a...

CVE-2026-59509

Jul 6, 2026 13:28:15 UTC

An unauthenticated improper input validation vulnerability in the POST /fetch_cve_data endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected fields, and regular-expression ...

CVE-2026-14731

Jul 6, 2026 13:27:55 UTC

A weakness has been identified in itsourcecode Hospital Management System 1.0. This affects an unknown part of the file /patientreport.php. Executing a manipulation of the argument editid can lead to sql injection. The attack can be launche...

CVE-2026-14746

Jul 6, 2026 13:26:48 UTC

A security vulnerability has been detected in code-projects Real State Services 1.0. Affected is an unknown function of the file /addprojectrent.php. The manipulation of the argument amen leads to sql injection. The attack can be initiated ...

CVE-2026-14753

Jul 6, 2026 13:26:44 UTC

A vulnerability was detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This impacts an unknown function of the file /PHP/objects/notes of the component Note Handler/Assignment Handler. Performing a manipulation ...

CVE-2026-12250

Jul 6, 2026 13:25:48 UTC

Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation. This issue affects Pardus Domain Joiner: from 0.5.2 before 0.5.4.

CVE-2026-12386

Jul 6, 2026 13:25:28 UTC

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from <=4.1.5 before 4.2.1.

CVE-2026-9085

Jul 6, 2026 13:24:46 UTC

Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing. This issue affects Pardus-Parental-Control...

CVE-2026-59510

Jul 6, 2026 13:22:56 UTC

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.get_filepath() function constructed a file path by joining the configured PDF storage direct...

CVE-2026-6509

Jul 6, 2026 13:21:56 UTC

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Privilege Escalation. This issue affects Pardus Update: from <=0.6.3 before 0.6.6.

CVE-2026-14759

Jul 6, 2026 13:20:53 UTC

A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function r_bin_java_inner_classes_attr_calc_size of the file shlr/java/class.c of the component RBinJava Line Number Table Parser. Performing a man...

CVE-2025-71353

Jul 6, 2026 13:17:52 UTC

picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch._dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes...

CVE-2026-14766

Jul 6, 2026 13:16:35 UTC

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the component POST Parameter Handler. The manipula...

CVE-2026-14772

Jul 6, 2026 13:16:00 UTC

A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The impacted element is an unknown function of the file /edit_course1.php. The manipulation of the argument ID leads to sql injection. The attack ...

CVE-2025-71366

Jul 6, 2026 13:16:00 UTC

picklescan before 0.0.28 fails to detect malicious torch.utils.bottleneck.__main__.run_cprofile function calls in pickle files, allowing attackers to bypass safety checks. Remote attackers can embed undetected code in pickle files to achiev...