7.5
CVE-2026-3323 - VEGA: Privilege escalation through unsecured configuration interface in VEGAPULS devices
An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes.
8.4
CVE-2026-7280 - eMPIA Technologyο½AVACAST - Unquoted Service Path
AVACAST developed by eMPIA Technology has a Unquoted Service Path vulnerability, allowing privileged local attackers to place a malicious executable file in a specific directory, resulting in arbitrary code execution with system privileges when the AVACAST service starts.
8.5
CVE-2026-7279 - eMPIA Technologyο½AVACAST - DLL Hijacking
AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL.
5.3
CVE-2026-7264 - SourceCodester Pizzafy Ecommerce System ajax.php get_cart_items sql injection
A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. Impacted is the function get_cart_items of the file /admin/ajax.php?action=get_cart_items. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been β¦
8.7
CVE-2026-41636 - Apache Thrift: Node.js skip() recursion
Uncontrolled Recursion vulnerability in Apache Thrift Node.js bindings This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
6.5
CVE-2026-41607 - Apache Thrift: C++ JSON OOB read
Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
5.3
CVE-2026-41606 - Apache Thrift: c_glib dispatch stack overflow
Uncontrolled Recursion vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
7.3
CVE-2026-41605 - Apache Thrift: Swift Compact Protocol integer overflow
Integer Overflow or Wraparound vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
8.2
CVE-2026-41604 - Apache Thrift: Swift Range crash in skip()
Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
7.4
CVE-2026-41603 - Apache Thrift: Java TSSLTransportFactory hostname verification
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.