4.8
CVE-2026-4016 - GPAC SVG Parser load_svg.c svgin_process out-of-bounds write
A security vulnerability has been detected in GPAC 26.03-DEV. Affected by this vulnerability is the function svgin_process of the file src/filters/load_svg.c of the component SVG Parser. The manipulation leads to out-of-bounds write. Local access is required to approach this attack. The exploit hasβ¦
4.8
CVE-2026-4015 - GPAC TeXML File load_text.c txtin_process_texml stack-based overflow
A weakness has been identified in GPAC 26.03-DEV. Affected is the function txtin_process_texml of the file src/filters/load_text.c of the component TeXML File Parser. Executing a manipulation can lead to stack-based buffer overflow. It is possible to launch the attack on the local host. The exploitβ¦
6.9
CVE-2026-4014 - itsourcecode Cafe Reservation System Registration signup.php sql injection
A security flaw has been discovered in itsourcecode Cafe Reservation System 1.0. This impacts an unknown function of the file /curvus2/signup.php of the component Registration. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possibleβ¦
5.3
CVE-2026-4013 - SourceCodester Web-based Pharmacy Product Management System add_admin.php improper authorization
A vulnerability was identified in SourceCodester Web-based Pharmacy Product Management System 1.0. This affects an unknown function of the file add_admin.php. Such manipulation leads to improper authorization. The attack may be launched remotely.
4.8
CVE-2026-4012 - rxi fe fe.c read_ out-of-bounds
A vulnerability was determined in rxi fe up to ed4cda96bd582cbb08520964ba627efb40f3dd91. The impacted element is the function read_ of the file src/fe.c. This manipulation with the input 1 causes out-of-bounds read. The attack requires local access. The exploit has been publicly disclosed and may bβ¦
4.8
CVE-2026-4010 - ThakeeNathees pocketlang pkByteBufferAddString memory corruption
A vulnerability was found in ThakeeNathees pocketlang up to cc73ca61b113d48ee130d837a7a8b145e41de5ce. The affected element is the function pkByteBufferAddString. The manipulation of the argument length with the input 4294967290 results in memory corruption. The attack requires a local approach. Theβ¦
4.8
CVE-2026-4009 - jarikomppa soloud WAV File dr_wav.h drwav_read_pcm_frames_s16__msadpcm out-of-bounds
A vulnerability has been found in jarikomppa soloud up to 20200207. Impacted is the function drwav_read_pcm_frames_s16__msadpcm in the library src/audiosource/wav/dr_wav.h of the component WAV File Parser. The manipulation leads to out-of-bounds read. The attack needs to be performed locally. The eβ¦
8.7
CVE-2026-4008 - Tenda W3 POST Parameter wifiSSIDset stack-based overflow
A flaw has been found in Tenda W3 1.0.0.3(2204). This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotelβ¦
8.7
CVE-2026-4007 - Tenda W3 POST Parameter wifiSSIDget stack-based overflow
A vulnerability was detected in Tenda W3 1.0.0.3(2204). This vulnerability affects unknown code of the file /goform/wifiSSIDget of the component POST Parameter Handler. Performing a manipulation of the argument index results in stack-based buffer overflow. It is possible to initiate the attack remoβ¦
4.8
CVE-2026-3994 - rui314 mold Object File input-files.cc initialize_sections heap-based overflow
A vulnerability was detected in rui314 mold up to 2.40.4. This issue affects the function mold::ObjectFilemold::X86_64::initialize_sections of the file src/input-files.cc of the component Object File Handler. Performing a manipulation results in heap-based buffer overflow. Attacking locally is a reβ¦