8.7
CVE-2026-7096 - Tenda HG3 formgponConf os command injection
A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerability affects the function formgponConf of the file /boaform/admin/formgponConf. The manipulation of the argument fmgpon_loid results in os command injection. It is possible to launch the attack remotely. The exploit has bβ¦
5.6
CVE-2026-22077 - Sensitive Information Disclosure Vulnerability Caused by Trusted Domain Bypass in OPPO Wallet
OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure.
5.3
CVE-2026-7095 - code-projects Employee Management System edit.php cross site scripting
A vulnerability was identified in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and mighβ¦
6.9
CVE-2026-7094 - ShadowCloneLabs GlutamateMCPServers puppeteer_navigate index.ts server-side request forgery
A vulnerability was determined in ShadowCloneLabs GlutamateMCPServers up to e2de73280b01e5d943593dd1aa2c01c5b9112f78. Affected by this issue is some unknown functionality of the file src/puppeteer/index.ts of the component puppeteer_navigate. Executing a manipulation of the argument url can lead toβ¦
10
CVE-2026-3008 - Vulnerability in Notepad++
Successful exploitation of the string injection vulnerability could allow an attacker to obtain memory address information or crash the application.
5.3
CVE-2026-7093 - code-projects Invoice System in Laravel Invoice Endpoint invoice improper authorization
A vulnerability was found in code-projects Invoice System in Laravel 1.0. Affected by this vulnerability is an unknown functionality of the file /invoice/ of the component Invoice Endpoint. Performing a manipulation of the argument ID results in improper authorization. The attack is possible to be β¦
5.1
CVE-2026-42371 -
uriparser before 1.0.1 has numeric truncation in text range comparison, if an application accepts URIs with a length in gigabytes.
5.3
CVE-2026-7092 - code-projects Invoice System in Laravel Profile profile improper authorization
A vulnerability has been found in code-projects Invoice System in Laravel 1.0. Affected is an unknown function of the file /profile/ of the component Profile Handler. Such manipulation of the argument ID leads to improper authorization. The attack can be executed remotely. The exploit has been discβ¦
5.3
CVE-2026-7091 - code-projects Invoice System in Laravel User Management user improper authorization
A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the component User Management Handler. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been published and may bβ¦
4.8
CVE-2026-7090 - code-projects Chat System send_message.php cross site scripting
A vulnerability was detected in code-projects Chat System 1.0. This affects an unknown function of the file /admin/send_message.php of the component Chat Interface. The manipulation of the argument msg results in cross site scripting. The attack may be launched remotely. The exploit is now public aβ¦