6.9
CVE-2026-6606 - modelscope agentscope _agent_base.py _process_audio_block server-side request forgery
A weakness has been identified in modelscope agentscope up to 1.0.18. This vulnerability affects the function _process_audio_block of the file src/agentscope/agent/_agent_base.py. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the attaโฆ
6.9
CVE-2026-6605 - modelscope agentscope Internal Service _common.py _get_bytes_from_web_url server-side request forgeโฆ
A security flaw has been discovered in modelscope agentscope up to 1.0.18. This affects the function _get_bytes_from_web_url of the file src/agentscope/_utils/_common.py of the component Internal Service. Performing a manipulation results in server-side request forgery. It is possible to initiate tโฆ
6.9
CVE-2026-6604 - modelscope agentscope Cloud Metadata Endpoint _openai_tools.py openai_audio_to_text server-side reqโฆ
A vulnerability was identified in modelscope agentscope up to 1.0.18. Affected by this issue is the function _parse_url/prepare_image/openai_audio_to_text of the file src/agentscope/tool/_multi_modality/_openai_tools.py of the component Cloud Metadata Endpoint. Such manipulation of the argument imaโฆ
6.9
CVE-2026-6603 - modelscope agentscope _python.py execute_shell_command code injection
A vulnerability was determined in modelscope agentscope up to 1.0.18. Affected by this vulnerability is the function execute_python_code/execute_shell_command of the file src/AgentScope/tool/_coding/_python.py. This manipulation causes code injection. The attack is possible to be carried out remoteโฆ
6.9
CVE-2026-6602 - rickxy Hospital Management System his_admin_account.php unrestricted upload
A vulnerability was found in rickxy Hospital Management System up to 88a4290d957dc5bdde8a56e5ad451ad14f7f90f4. Affected is an unknown function of the file /backend/admin/his_admin_account.php. The manipulation of the argument ad_dpic results in unrestricted upload. The attack can be executed remoteโฆ
5.3
CVE-2026-6601 - Lagom WHMCS Template Datatables resource consumption
A vulnerability has been found in Lagom WHMCS Template up to 2.4.2. This impacts an unknown function of the component Datatables. The manipulation leads to resource consumption. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. The vendor wโฆ
9.3
CVE-2026-32956 - HeapโBased Buffer Overflow in Redirect URL Processing Allows Arbitrary Code Execution
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.
8.7
CVE-2026-32955 - Stack-based Buffer Overflow in Redirect URL Processing Allowing Arbitrary Code Execution
SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.
6.9
CVE-2026-32957 - Unauthenticated File Upload in Silex AMC Manager and SD-330AC Firmware
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue on firmware maintenance. Arbitrary file may be uploaded on the device without authentication.
6.9
CVE-2026-32958 - HardโCoded Cryptographic Key Enables Fake Firmware Updates
SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update.