5.3
CVE-2026-7743 - CodeAstro Online Classroom studentdetails sql injection
A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an unknown function of the file /OnlineClassroom/studentdetails. The manipulation of the argument deleteid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been discloβ¦
5.3
CVE-2026-7742 - CodeAstro Online Classroom facultylogin sql injection
A flaw has been found in CodeAstro Online Classroom 1.0. The affected element is an unknown function of the file /OnlineClassroom/facultylogin. Executing a manipulation of the argument fid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.
5.3
CVE-2026-7741 - CodeAstro Online Classroom studentlogin sql injection
A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.
4.8
CVE-2026-7740 - justdan96 tsMuxer vvc.cpp setFPS denial of service
A security vulnerability has been detected in justdan96 tsMuxer up to 2.7.0. This issue affects the function VvcVpsUnit::setFPS of the file tsMuxer/vvc.cpp. Such manipulation of the argument track_id leads to denial of service. An attack has to be approached locally. The exploit has been disclosed β¦
4.8
CVE-2026-7739 - justdan96 tsMuxer hevc.cpp setFPS denial of service
A weakness has been identified in justdan96 tsMuxer up to 2.7.0. This vulnerability affects the function HevcVpsUnit::setFPS of the file /AFLplusplus/tsMuxer_prev/tsMuxer/hevc.cpp. This manipulation of the argument track_id causes denial of service. The attack requires local access. The exploit hasβ¦
2.5
CVE-2026-43864 -
mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.
3.7
CVE-2026-43863 -
mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c.
3.7
CVE-2026-43862 -
In mutt before 2.3.2, the imap_auth_gss security level is mishandled.
5.3
CVE-2026-7738 - puchunjie doc-tools-mcp MCP mcp-server.ts open_document path traversal
A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function create_document/open_document of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The β¦
0.0
CVE-2026-5335 - Magic Export & Import < 1.2.0 - Unauthenticated PII Disclosure
The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.