Posts of last 24 hours
A vulnerability, which was classified as problematic, has been found in juicedata juicefs up to 1.3.1. Impacted is an unknown function of the file /debug/pprof/cmdline. This manipulation causes active debug code.
This vulnerability is registered as CVE-2026-59092. The attack needs to be launched locally. No exploit is available.
It is advisable to upgrade the affected component.
https://vuldb.com/vuln/375986
A vulnerability classified as critical was found in cockpit-project cockpit up to 363. This issue affects the function include of the component PHP File Handler. The manipulation results in path traversal.
This vulnerability is cataloged as CVE-2026-58467. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
https://vuldb.com/vuln/375985
The plan had been due for publication on Monday, the sources said. It has been postponed amid the uncertainty over the governing Labour Party’s leadership contest, which opens July 9.
https://therecord.media/launch-of-uk-national-cyber-action-plan-delayed
A vulnerability labeled as critical has been found in Google Chrome. This issue affects some unknown processing of the component V8. Executing a manipulation can lead to use after free.
This vulnerability is tracked as CVE-2026-14393. The attack can be launched remotely. No exploit exists.
The affected component should be upgraded.
https://vuldb.com/vuln/375743
A vulnerability identified as problematic has been detected in Elastic Elasticsearch up to 8.19.16/9.3.5/9.4.2. This issue affects some unknown processing of the component Machine Handler. This manipulation causes allocation of resources.
This vulnerability appears as CVE-2026-56149. The attack may be initiated remotely. There is no available exploit.
https://vuldb.com/vuln/375644
A vulnerability classified as problematic has been found in TP-Link Archer C5 up to 6.8. This vulnerability affects unknown code of the component Web-based Management Interface. The manipulation leads to cross site scripting.
This vulnerability is listed as CVE-2026-8699. The attack may be initiated remotely. There is no available exploit.
https://vuldb.com/vuln/375984
A vulnerability described as critical has been identified in CubeSpace CW0057 Reaction Wheel up to 5.0.19. This affects an unknown part. Executing a manipulation can lead to improper verification of cryptographic signature.
This vulnerability is tracked as CVE-2026-13743. The physical device can be targeted for the attack. No exploit exists.
Upgrading the affected component is recommended.
https://vuldb.com/vuln/375983
A vulnerability marked as critical has been reported in Guangzhou Red Sea Cloud Computing Red Sea Cloud eHR up to 2024-11-03. Affected by this issue is some unknown functionality of the file PtFjk.mob. Performing a manipulation results in unrestricted upload.
This vulnerability is identified as CVE-2024-14037. The attack can be initiated remotely. There is not any exploit available.
This product operates as a managed service, which prevents users from maintaining vulnerability countermeasures themselves.
https://vuldb.com/vuln/375982
A vulnerability labeled as critical has been found in Shenzhen Landray Landry Office Automation 2024-03-11. Affected by this vulnerability is the function findList of the file wechatLoginHelper.do. Such manipulation of the argument uid leads to sql injection hibernate.
This vulnerability is referenced as CVE-2024-58352. It is possible to launch the attack remotely. No exploit is available.
https://vuldb.com/vuln/375981
A vulnerability identified as problematic has been detected in eclipse-wakaama wakaama up to 2026-05-26. Affected is an unknown function of the file coap/block.c of the component Registration Endpoint. This manipulation causes allocation of resources.
The identification of this vulnerability is CVE-2026-58465. It is possible to initiate the attack remotely. There is no exploit available.
You should upgrade the affected component.
https://vuldb.com/vuln/375980