CVE ID :CVE-2026-45369 Published : May 14, 2026, 9:16 p.m. | 3 hours, 8 minutes ago Description :python-utcp is the python implementation of UTCP. Prior to 1.1.3, the _substitute_utcp_args method in cli_communication_protocol.py inserts user-controlled…
CVE-2026-44700 – Elixir WebRTC: Missing DTLS peer fingerprint validation in ex_webrtc client-role handshake
CVE ID :CVE-2026-44700 Published : May 14, 2026, 9:16 p.m. | 3 hours, 8 minutes ago Description :Elixir WebRTC is an Elixir implementation of the W3C WebRTC API. Prior to 0.15.1 and 0.16.1, missing…
CVE-2026-44666 – HRConvert2: Missing Sanitization enables Unauthenticated Remote Command Execution
CVE ID :CVE-2026-44666 Published : May 14, 2026, 9:16 p.m. | 3 hours, 8 minutes ago Description :HRConvert2 is a self-hosted, drag-and-drop & nosql file conversion server & share tool. Prior to 3.3.8, the…
CVE-2026-44212 – PrestaShop: Stored XSS executable in customer service view
CVE ID :CVE-2026-44212 Published : May 14, 2026, 9:16 p.m. | 3 hours, 8 minutes ago Description :PrestaShop is an open source e-commerce web application. Prior to 8.2.6 and 9.1.1, there is a stored…
CVE-2026-42327 – rust-openssl: undefined behavior in X509Ref::ocsp_responders for certificates with non-UTF-8 OCSP URLs
CVE ID :CVE-2026-42327 Published : May 14, 2026, 9:16 p.m. | 3 hours, 9 minutes ago Description :rust-openssl provides OpenSSL bindings for the Rust programming language. From 0.9.7 to before 0.10.79, X509Ref::ocsp_responders returns OCSP…
CVE-2026-29206 – Apache sqloptimizer SQL Injection Vulnerability
CVE ID :CVE-2026-29206 Published : May 13, 2026, 11:16 p.m. | 1 hour, 9 minutes ago Description :Insufficient sanitization of SQL queries in the `sqloptimizer` utility script allows SQL Injections on behalf of the…
CVE-2026-45158 – OPNsense: Command Injection via Attacker-Controlled DHCP Config
CVE ID :CVE-2026-45158 Published : May 13, 2026, 10:16 p.m. | 2 hours, 8 minutes ago Description :OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input is passed…
CVE-2026-44447 – ERPNext: Possibility of SQL Injection due to missing validation
CVE ID :CVE-2026-44447 Published : May 13, 2026, 10:16 p.m. | 2 hours, 8 minutes ago Description :ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.0, some endpoints were…
CVE-2026-44446 – ERPNext: Possibility of SQL Injection due to missing validation
CVE ID :CVE-2026-44446 Published : May 13, 2026, 10:16 p.m. | 2 hours, 8 minutes ago Description :ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.104.3 and 16.14.0, some…
CVE-2026-44442 – ERPNext: Unauthorised Document modification due to missing validation
CVE ID :CVE-2026-44442 Published : May 13, 2026, 10:16 p.m. | 2 hours, 8 minutes ago Description :ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 16.9.1, certain endpoints failed…