5.3
CVE-2026-3408 - Open Babel CDXML File atom.cpp GetExplicitValence null pointer dereference
A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit is publicly available aโฆ
4.8
CVE-2026-3407 - YosysHQ yosys BLIF File rtlil.h set heap-based overflow
A vulnerability was determined in YosysHQ yosys up to 0.62. This affects the function Yosys::RTLIL::Const::set of the file kernel/rtlil.h of the component BLIF File Parser. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on the local host. The exploit has beโฆ
6.9
CVE-2026-3406 - projectworlds Online Art Gallery Shop Registration registration.php sql injection
A vulnerability was found in projectworlds Online Art Gallery Shop 1.0. The impacted element is an unknown function of the file /admin/registration.php of the component Registration Handler. The manipulation of the argument fname results in sql injection. It is possible to launch the attack remotelโฆ
2.3
CVE-2026-3405 - thinkgem JeeSite Connection path traversal
A vulnerability has been found in thinkgem JeeSite up to 5.15.1. The affected element is an unknown function of the component Connection Handler. The manipulation leads to path traversal. It is possible to initiate the attack remotely. The attack is considered to have high complexity. The exploitabโฆ
2.3
CVE-2026-3404 - thinkgem JeeSite Endpoint CasOutHandler.java xml external entity reference
A flaw has been found in thinkgem JeeSite up to 5.15.1. Impacted is an unknown function of the file /com/jeesite/common/shiro/cas/CasOutHandler.java of the component Endpoint. Executing a manipulation can lead to xml external entity reference. The attack may be performed from remote. Attacks of thiโฆ
4.8
CVE-2026-3403 - PHPGurukul Student Record Management System edit-subject.php cross site scripting
A vulnerability was detected in PHPGurukul Student Record Management System 1.0. This issue affects some unknown processing of the file /edit-subject.php. Performing a manipulation of the argument Subject 1 results in cross site scripting. The attack is possible to be carried out remotely. The explโฆ
4.8
CVE-2026-3402 - PHPGurukul Student Record Management System edit-course.php cross site scripting
A security vulnerability has been detected in PHPGurukul Student Record Management System up to 1.0. This vulnerability affects unknown code of the file /edit-course.php. Such manipulation of the argument Course Short Name leads to cross site scripting. The attack can be executed remotely. The explโฆ
2.3
CVE-2026-3401 - SourceCodester Web-based Pharmacy Product Management System session expiration
A weakness has been identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown part. This manipulation causes session expiration. Remote exploitation of the attack is possible. The complexity of an attack is rather high. It is indicated that the exploitabโฆ
8.7
CVE-2026-3400 - Tenda AC15 TextEditingConversion stack-based overflow
A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exโฆ
8.7
CVE-2026-3399 - Tenda F453 httpd GstDhcpSetSer fromGstDhcpSetSer buffer overflow
A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. The manipulation of the argument dips leads to buffer overflow. The attack may be initiated remotely. The exploit is publiโฆ