5.3
CVE-2026-1112 - Sanluan PublicCMS Trade Address Deletion Endpoint TradeAddressController.java delete improper authoβ¦
A vulnerability was found in Sanluan PublicCMS up to 5.202506.d. Affected is the function delete of the file publiccms-trade/src/main/java/com/publiccms/controller/web/trade/TradeAddressController.java of the component Trade Address Deletion Endpoint. Performing a manipulation of the argument ids rβ¦
5.1
CVE-2026-1111 - Sanluan PublicCMS Task Template Management TaskTemplateAdminController.java save path traversal
A vulnerability has been found in Sanluan PublicCMS up to 5.202506.d. This impacts the function Save of the file com/publiccms/controller/admin/sys/TaskTemplateAdminController.java of the component Task Template Management Handler. Such manipulation of the argument path leads to path traversal. Theβ¦
4.8
CVE-2025-15533 - raysan5 raylib rtext.c GenImageFontAtlas heap-based overflow
A vulnerability was determined in raysan5 raylib up to 909f040. Affected by this vulnerability is the function GenImageFontAtlas of the file src/rtext.c. Executing a manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosedβ¦
4.8
CVE-2026-1110 - cijliu librtsp rtsp_parse_method buffer overflow
A flaw has been found in cijliu librtsp up to 2ec1a81ad65280568a0c7c16420d7c10fde13b04. This affects the function rtsp_parse_method. This manipulation causes buffer overflow. It is possible to launch the attack on the local host. Continious delivery with rolling releases is used by this product. Thβ¦
4.8
CVE-2026-1109 - cijliu librtsp rtsp_parse_request buffer overflow
A vulnerability was detected in cijliu librtsp up to 2ec1a81ad65280568a0c7c16420d7c10fde13b04. The impacted element is the function rtsp_parse_request. The manipulation results in buffer overflow. Attacking locally is a requirement. This product takes the approach of rolling releases to provide conβ¦
4.8
CVE-2026-1108 - cijliu librtsp rtsp_rely_dumps buffer overflow
A security vulnerability has been detected in cijliu librtsp up to 2ec1a81ad65280568a0c7c16420d7c10fde13b04. The affected element is the function rtsp_rely_dumps. The manipulation leads to buffer overflow. An attack has to be approached locally. This product is using a rolling release to provide coβ¦
5.3
CVE-2026-1107 - EyouCMS Member Avatar Diyajax.php check_userinfo unrestricted upload
A weakness has been identified in EyouCMS up to 1.7.1/5.0. Impacted is the function check_userinfo of the file Diyajax.php of the component Member Avatar Handler. Executing a manipulation of the argument viewfile can lead to unrestricted upload. The attack may be performed from remote. The exploit β¦
5.3
CVE-2026-1106 - Chamilo LMS Legal Consent SocialController.php deleteLegal improper authorization
A security flaw has been discovered in Chamilo LMS up to 2.0.0 Beta 1. This issue affects the function deleteLegal of the file src/CoreBundle/Controller/SocialController.php of the component Legal Consent Handler. Performing a manipulation of the argument userId results in improper authorization. Tβ¦
6.9
CVE-2026-1105 - EasyCMS UserAction.class.php sql injection
A vulnerability was identified in EasyCMS up to 1.6. This vulnerability affects unknown code of the file /UserAction.class.php. Such manipulation of the argument _order leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. The vendor was cβ¦
5.3
CVE-2026-1066 - kalcaddle kodbox Compression zip command injection
A vulnerability was detected in kalcaddle kodbox up to 1.61.10. This issue affects some unknown processing of the file /?explorer/index/zip of the component Compression Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is now public and may be β¦