6.9
CVE-2026-1120 - Yonyou KSOA HTTP GET Parameter del_work.jsp sql injection
A vulnerability has been found in Yonyou KSOA 9.0. The impacted element is an unknown function of the file /worksheet/del_work.jsp of the component HTTP GET Parameter Handler. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been discβ¦
6.9
CVE-2026-1119 - itsourcecode Society Management System delete_activity.php sql injection
A flaw has been found in itsourcecode Society Management System 1.0. The affected element is an unknown function of the file /admin/delete_activity.php. Executing a manipulation of the argument activity_id can lead to sql injection. It is possible to launch the attack remotely. The exploit has beenβ¦
5.3
CVE-2026-1118 - itsourcecode Society Management System add_activity.php sql injection
A vulnerability was detected in itsourcecode Society Management System 1.0. Impacted is an unknown function of the file /admin/add_activity.php. Performing a manipulation of the argument Title results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and maβ¦
4.8
CVE-2025-15537 - Mapnik dbfile.cpp string_value heap-based overflow
A security vulnerability has been detected in Mapnik up to 4.2.0. This issue affects the function mapnik::dbf_file::string_value of the file plugins/input/shape/dbfile.cpp. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed β¦
4.8
CVE-2025-15536 - BYVoid OpenCC MaxMatchSegmentation.cpp MaxMatchSegmentation heap-based overflow
A weakness has been identified in BYVoid OpenCC up to 1.1.9. This vulnerability affects the function opencc::MaxMatchSegmentation of the file src/MaxMatchSegmentation.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been made avaβ¦
4.8
CVE-2025-15535 - nicbarker clay clay.h Clay__MeasureTextCached null pointer dereference
A security flaw has been discovered in nicbarker clay up to 0.14. This affects the function Clay__MeasureTextCached in the library clay.h. The manipulation results in null pointer dereference. The attack is only possible with local access. The exploit has been released to the public and may be usedβ¦
4.8
CVE-2025-15534 - raysan5 raylib rtext.c LoadFontData integer overflow
A vulnerability was identified in raysan5 raylib up to 909f040. Affected by this issue is the function LoadFontData of the file src/rtext.c. The manipulation leads to integer overflow. The attack can only be performed from a local environment. The exploit is publicly available and might be used. Thβ¦
5.3
CVE-2026-1112 - Sanluan PublicCMS Trade Address Deletion Endpoint TradeAddressController.java delete improper authoβ¦
A vulnerability was found in Sanluan PublicCMS up to 5.202506.d. Affected is the function delete of the file publiccms-trade/src/main/java/com/publiccms/controller/web/trade/TradeAddressController.java of the component Trade Address Deletion Endpoint. Performing a manipulation of the argument ids rβ¦
5.1
CVE-2026-1111 - Sanluan PublicCMS Task Template Management TaskTemplateAdminController.java save path traversal
A vulnerability has been found in Sanluan PublicCMS up to 5.202506.d. This impacts the function Save of the file com/publiccms/controller/admin/sys/TaskTemplateAdminController.java of the component Task Template Management Handler. Such manipulation of the argument path leads to path traversal. Theβ¦
4.8
CVE-2025-15533 - raysan5 raylib rtext.c GenImageFontAtlas heap-based overflow
A vulnerability was determined in raysan5 raylib up to 909f040. Affected by this vulnerability is the function GenImageFontAtlas of the file src/rtext.c. Executing a manipulation can lead to heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosedβ¦