6.9
CVE-2026-7389 - EyouCMS common.php GetSortData sql injection
A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The manipulation of the argument sort_asc leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed publicly andβ¦
6.8
CVE-2026-2810 - Endpoint DLP Driver Out-of-Bounds Read
Netskope was notified about a potential gap in the Endpoint DLP Module for Netskope Client on Windows systems. The successful exploitation of the gap can potentially allow an unprivileged user to trigger an out-of-bounds read within a driver, leading to a Blue-Screen-of-Death (BSOD). Successful expβ¦
5.1
CVE-2026-7388 - EyouCMS Template File FilemanagerLogic.php editFile code injection
A weakness has been identified in EyouCMS up to 1.7.9. Impacted is the function editFile of the file application/admin/logic/FilemanagerLogic.php of the component Template File Handler. Executing a manipulation can lead to code injection. The attack can be launched remotely. The exploit has been maβ¦
9.3
CVE-2026-41940 - cPanel and WHM Authentication Bypass via Login Flow
cPanel and WHM versions prior to 11.110.0.97, 11.118.0.63, 11.126.0.54, 11.132.0.29, 11.134.0.20, and 11.136.0.5 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.
6.9
CVE-2026-7386 - fatbobman mail-mcp-bridge mail_mcp_server.py path traversal
A flaw has been found in fatbobman mail-mcp-bridge up to 1.3.3. Affected is an unknown function of the file src/mail_mcp_server.py. Executing a manipulation of the argument message_ids can lead to path traversal. The attack can be executed remotely. The exploit has been published and may be used. Uβ¦
8.8
CVE-2026-6849 - OS Command Injection in TUBITAK BILGEM's Pardus OS My Computer
Improper neutralization of special elements used in an OS command ('OS command injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus OS My Computer allows OS Command Injection. This issue affects Pardus OS My Computer: from <=0.7.5 before 0.8.0.
9.6
CVE-2026-5166 - Path Traversal in TUBITAK BILGEM's Pardus Software Center
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal. This issue affects Pardus Software Center: before 1.0.3.
6.9
CVE-2026-7384 - ezequiroga mcp-bases research_server.py search_papers path traversal
A vulnerability was detected in ezequiroga mcp-bases 357ca19c7a49a9b9cb2ef639b366f03aba8bea39/c630b8ab0f970614d42da8e566e9c0d15a16414c. This impacts the function search_papers of the file research_server.py. Performing a manipulation of the argument topic results in path traversal. Remote exploitatβ¦
8.8
CVE-2026-5161 - Improper Authentication in TUBITAK BILGEM's Pardus About
Improper link resolution before file access ('link following') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus About allows Symlink Attack. This issue affects Pardus About: before v1.2.1.
0.0
CVE-2026-7111 - Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend tβ¦
Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or memory corruption. The Parse, print, getline, and getline_all methods invoke registered callbacks (for example after_parse, before_print, orβ¦