6.9
CVE-2026-6577 - liangliangyy DjangoBlog logtracks Endpoint views.py missing authentication
A vulnerability was identified in liangliangyy DjangoBlog up to 2.1.0.0. The impacted element is an unknown function of the file owntracks/views.py of the component logtracks Endpoint. The manipulation leads to missing authentication. The attack can be initiated remotely. The exploit is publicly avβ¦
5.3
CVE-2026-6576 - liangliangyy DjangoBlog WeChat Bot commonapi.py CommandHandler command injection
A vulnerability was determined in liangliangyy DjangoBlog up to 2.1.0.0. The affected element is the function CommandHandler of the file servermanager/api/commonapi.py of the component WeChat Bot Interface. Executing a manipulation of the argument Source can lead to command injection. It is possiblβ¦
6.9
CVE-2026-6574 - osuuu LightPicture API Upload Endpoint lp.sql hard-coded credentials
A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue affects some unknown processing of the file /public/install/lp.sql of the component API Upload Endpoint. Such manipulation of the argument key leads to hard-coded credentials. The attack may be performed from remote. The eβ¦
5.3
CVE-2026-6573 - PHPEMS Instant Exam Creation exams.master.php temppage server-side request forgery
A vulnerability was detected in PHPEMS 11.0. This affects the function temppage of the file /app/exam/controller/exams.master.php of the component Instant Exam Creation Handler. The manipulation of the argument uploadfile results in server-side request forgery. The attack can be executed remotely. β¦
6.3
CVE-2026-6572 - Collabora KodExplorer fileUpload Endpoint share.class.php improper authorization
A security vulnerability has been detected in Collabora KodExplorer up to 4.52. Affected by this issue is some unknown functionality of the file /app/controller/share.class.php of the component fileUpload Endpoint. The manipulation of the argument fileUpload leads to improper authorization. Remote β¦
5.3
CVE-2026-6571 - kodcloud KodExplorer systemRole.class.php roleGroupAction authorization
A weakness has been identified in kodcloud KodExplorer up to 4.52. Affected by this vulnerability is the function roleGroupAction of the file /app/controller/systemRole.class.php. Executing a manipulation of the argument group_role can lead to authorization bypass. The attack may be launched remoteβ¦
5.1
CVE-2026-6570 - kodcloud KodExplorer systemMember.class.php initInstall authorization
A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected is the function initInstall of the file /app/controller/systemMember.class.php. Performing a manipulation of the argument path results in authorization bypass. The attack may be initiated remotely. The exploit has beenβ¦
6.9
CVE-2026-6569 - kodcloud KodExplorer fileGet Endpoint share.class.php improper authentication
A vulnerability was identified in kodcloud KodExplorer up to 4.52. This impacts the function fileGet of the file /app/controller/share.class.php of the component fileGet Endpoint. Such manipulation of the argument fileUrl leads to improper authentication. The attack can be launched remotely. The veβ¦
6.9
CVE-2026-6568 - kodcloud KodExplorer Public Share share.class.php initShareOld path traversal
A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulation of the argument path causes path traversal. The attack can be initiated remβ¦
5.3
CVE-2026-6564 - EMQ EMQX Enterprise Session Handling improper authorization
A vulnerability was found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendβ¦