CVE ID :CVE-2026-8851 Published : May 18, 2026, 9:16 p.m. | 3 hours, 5 minutes ago Description :SOGo 5.12.7 contains a SQL injection vulnerability in the Access Control List management functionality that allows authenticated…
CVE-2026-8838 – Remote Code Execution via eval() Injection in amazon-redshift-python-driver
CVE ID :CVE-2026-8838 Published : May 18, 2026, 9:16 p.m. | 3 hours, 5 minutes ago Description :Unsafe use of Python’s eval() on server-received data in the vector_in() function in amazon-redshift-python-driver before 2.1.14 allows…
CVE-2026-27130 – Dokploy has Command Injection in its Service Operations
CVE ID :CVE-2026-27130 Published : May 18, 2026, 9:16 p.m. | 3 hours, 5 minutes ago Description :Dokploy is a free, self-hostable Platform as a Service (PaaS). Versions 0.26.6 and below have OS command…
CVE-2026-26978 – Free PBX backup: Deserialization of Untrusted Data in admin/modules/backup/Models/BackupSplFileInfo.php
CVE ID :CVE-2026-26978 Published : May 18, 2026, 9:16 p.m. | 3 hours, 5 minutes ago Description :FreePBX is an open source IP PBX. In versions below 16.0.71 and 17.0.6, the backup module does…
CVE-2026-25244 – WebdriverIO has Command Injection in the BrowserStack Service
CVE ID :CVE-2026-25244 Published : May 18, 2026, 9:16 p.m. | 3 hours, 5 minutes ago Description :WebdriverIO is a test automation framework for unit, e2e and component testing using WebDriver, WebDriver BiDi and…
CVE-2026-8764 – H3C Magic B3 aspForm UpdateWanParams buffer overflow
CVE ID :CVE-2026-8764 Published : May 17, 2026, 10:16 p.m. | 2 hours, 5 minutes ago Description :A security vulnerability has been detected in H3C Magic B3 up to 100R002. This affects the function…
CVE-2018-25339 – Zechat 1.5 SQL Injection via v parameter (time-based blind)
CVE ID :CVE-2018-25339 Published : May 17, 2026, 1:16 p.m. | 11 hours, 4 minutes ago Description :Zechat 1.5 contains a SQL injection vulnerability in the v parameter that allows unauthenticated attackers to extract…
CVE-2018-25338 – Zechat 1.5 SQL Injection via hashtag parameter
CVE ID :CVE-2018-25338 Published : May 17, 2026, 1:16 p.m. | 11 hours, 5 minutes ago Description :Zechat 1.5 contains a SQL injection vulnerability in the hashtag parameter that allows unauthenticated attackers to extract…
CVE-2018-25335 – WordPress Plugin Peugeot Music 1.0 Arbitrary File Upload
CVE ID :CVE-2018-25335 Published : May 17, 2026, 1:16 p.m. | 11 hours, 5 minutes ago Description :WordPress Plugin Peugeot Music 1.0 contains an arbitrary file upload vulnerability that allows unauthenticated attackers to upload…
CVE-2018-25333 – Nordex N149/4.0-4.5 Wind Turbine Web Server SQL Injection
CVE ID :CVE-2018-25333 Published : May 17, 2026, 1:16 p.m. | 11 hours, 5 minutes ago Description :Nordex N149/4.0-4.5 Wind Turbine Web Server 4.0 contains an SQL injection vulnerability that allows unauthenticated attackers to…