4.7
CVE-2026-33711 - Incus vulnerable to local privilege escalation through VM screenshot path
Incus is a system container and virtual machine manager. Incus provides an API to retrieve VM screenshots. That API relies on the use of a temporary file for QEMU to write the screenshot to which is then picked up and sent to the user prior to deletion. As versions prior to 6.23.0 use predictable pβ¦
5.7
CVE-2026-33542 - Incus does not verify combined fingerprint when downloading images from simplestreams servers
Incus is a system container and virtual machine manager. Prior to version 6.23.0, a lack of validation of the image fingerprint when downloading from simplestreams image servers opens the door to image cache poisoning and under very narrow circumstances exposes other tenants to running attacker conβ¦
8.5
CVE-2026-34352 - TigerVNC: x0vncserver: TigerVNC x0vncserver: Information disclosure, data manipulation, and denial β¦
In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.
8.7
CVE-2026-4903 - Tenda AC5 POST Request QuickIndex formQuickIndex memory corruption
A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. The β¦
8.7
CVE-2026-4902 - Tenda AC5 POST Request addressNat fromAddressNat memory corruption
A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is nowβ¦
6.9
CVE-2026-4900 - code-projects Online Food Ordering System localhost.sql privilege escalation
A weakness has been identified in code-projects Online Food Ordering System 1.0. This affects an unknown part of the file /dbfood/localhost.sql. This manipulation causes files or directories accessible. The attack can be initiated remotely. The exploit has been made available to the public and coulβ¦
4.8
CVE-2026-4899 - code-projects Online Food Ordering System food.php cross site scripting
A security flaw has been discovered in code-projects Online Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file /dbfood/food.php. The manipulation of the argument cuisines results in cross site scripting. It is possible to launch the attack remotely. The exploβ¦
8.8
CVE-2026-33686 - Sharp is Vulnerable to Path Traversal via Unsanitized Extension in FileUtil
Sharp is a content management framework built for Laravel as a package. Versions prior to 9.20.0 have a path traversal vulnerability in the FileUtil class. The application fails to sanitize file extensions properly, allowing path separators to be passed into the storage layer. In `src/Utils/FileUtβ¦
8.8
CVE-2026-33687 - Sharp has Unrestricted File Upload via Client-Controlled Validation Rules
Sharp is a content management framework built for Laravel as a package. Versions prior to 9.20.0 contain a vulnerability in the file upload endpoint that allows authenticated users to bypass all file type restrictions. The upload endpoint within the `ApiFormUploadController` accepts a client-controβ¦
4.7
CVE-2026-33682 - Streamlit on Windows has Unauthenticated SSRF Vulnerability (NTLM Credential Exposure)
Streamlit is a data oriented application development framework for python. Streamlit Open Source versions prior to 1.54.0 running on Windows hosts have an unauthenticated Server-Side Request Forgery (SSRF) vulnerability. The vulnerability arises from improper validation of attacker-supplied filesysβ¦