5.7
CVE-2025-7014 - Session Hijacking in QRMenumPro's Menu Panel
Session Fixation vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Session Hijacking.This issue affects Menu Panel: through 29012026.Β NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
5.7
CVE-2025-7013 - IDOR in QRMenumPro's Menu Panel
Authorization Bypass Through User-Controlled Key vulnerability in QR Menu Pro Smart Menu Systems Menu Panel allows Exploitation of Trusted Identifiers.This issue affects Menu Panel: through 29012026.Β NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
7.5
CVE-2026-1616 - osim: Path Traversal via query parameters in Nginx configuration
The $uri$args concatenation in nginx configuration file present in Open Security Issue Management (OSIM) prior v2025.9.0 allows path traversal attacks via query parameters.
5.1
CVE-2026-1588 - jishenghua jshERP installByPath install path traversal
A vulnerability was found in jishenghua jshERP up to 3.6. The impacted element is the function install of the file /jshERP-boot/plugin/installByPath of the component com.gitee.starblues.integration.operator.DefaultPluginOperator. The manipulation of the argument path results in path traversal. It iβ¦
6.9
CVE-2026-1587 - Open5GS SGWC s11-handler.c sgwc_s11_handle_modify_bearer_request denial of service
A vulnerability has been found in Open5GS up to 2.7.6. The affected element is the function sgwc_s11_handle_modify_bearer_request of the file /sgwc/s11-handler.c of the component SGWC. The manipulation leads to denial of service. It is possible to initiate the attack remotely. The exploit has been β¦
6.9
CVE-2026-1586 - Open5GS SGWC s11-handler.c ogs_gtp2_f_teid_to_ip denial of service
A flaw has been found in Open5GS up to 2.7.5. Impacted is the function ogs_gtp2_f_teid_to_ip of the file /sgwc/s11-handler.c of the component SGWC. Executing a manipulation can lead to denial of service. The attack may be performed from remote. The exploit has been published and may be used. It is β¦
8
CVE-2025-7016 - Improper Access Control in Akinsoft's QR Menu
Improper Access Control vulnerability in AkΔ±n Software Computer Import Export Industry and Trade Ltd. QR Menu allows Authentication Abuse.This issue affects QR Menu: before s1.05.12.
5.7
CVE-2025-7015 - Session Hijacking in Akinsoft's QR Menu
Session Fixation vulnerability in AkΔ±n Software Computer Import Export Industry and Trade Ltd. QR Menu allows Session Fixation.This issue affects QR Menu: before s1.05.12.
6.9
CVE-2026-1469 - Stored Cross-Site Scripting (XSS) in RLE NOVA's PlanManager
Stored Cross-Site Scripting (XSS) in RLE NOVA's PlanManager. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by injecting malicious payload through the βcommentβ and βbrandβ parameters in β/index.phpβ. The payload is stored by the application and subsequentlβ¦
4.3
CVE-2026-22764 - Improper Authentication Allows Information Exposure in Dell OpenManage Network Integration
Dell OpenManage Network Integration, versions prior to 3.9, contains an Improper Authentication vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Information exposure.