CVE Vulnerabilities - 16 May 2026

An attacker can send malicious data to a Python application using jsonpickle 2.0.0, allowing them to run system commands. This could lead to unauthorized access or data theft. Update to a secure versi...

The libbabl library has a security flaw that can be exploited by attackers to cause harm to a system. This can happen if an attacker is able to call a certain function twice on the same piece of memor...

The iDS6 DSSPro Digital Signage System version 6.2 has a security issue that makes it possible for attackers to bypass its CAPTCHA protection. This means they can try to guess user passwords more easi...

An attacker with a WordPress account can delete files from the website's root directory by sending a special request. This can lead to data loss and potential website downtime. Update the WordPress Pl...

Authenticated attackers can upload and run malicious PHP files on a TextPattern CMS server. This allows them to potentially take control of the server or steal sensitive data. To protect your server, ...

Authenticated users can upload files with malicious code, which can be used to take control of the website. This is a serious security risk because attackers can use it to execute their own code on th...

Das U-Boot's FIT (Flat Image Tree) signature verification can be bypassed, allowing attackers to modify images without being detected. This affects the security of Das U-Boot's boot process. To fix th...

Das U-Boot, a bootloader, has a security weakness that allows attackers to bypass a security check. This could potentially allow malicious code to run on devices that use this bootloader. Update to th...

EgavilanMedia PHPCRUD 1.0 is at risk of unauthorized database access. Attackers can inject malicious code into the database by sending specific requests, potentially exposing sensitive information. Up...

LayerBB, a forum software, has a security weakness that allows hackers to access sensitive information without needing a login. This is a serious issue because it could lead to the exposure of confide...

An attacker can use Supsystic Membership to access sensitive database information without permission. This is a serious issue because it allows unauthorized access to your database, potentially exposi...

An attacker can inject malicious SQL code or execute scripts on your website without needing a password. This could allow them to access or modify sensitive data, or even take control of your site. We...

An attacker can access sensitive database information without a password by sending a specific type of request to Supsystic Ultimate Maps. This means that an unauthorized person can potentially steal ...

Versions of the jsondiffpatch package before 0.7.6 are vulnerable to a security threat that allows an attacker to inject malicious data into your system. This is particularly concerning if your applic...

A security update is available for the Nginx web server on Linux systems. This update fixes a potential security issue that could allow an attacker to execute malicious code. It's recommended to apply...

A security update for nginx 1.24 has been released to fix a potential issue that could allow unauthorized access to user data. This affects all systems running nginx 1.24. To stay secure, it's recomme...

Nginx servers are affected by a security issue that allows unauthorized access to sensitive configuration files. This could allow attackers to gain information about the server's setup and potentially...

A security update is available for nginx 1.26 to fix a vulnerability that could allow an attacker to access the server without a valid login. This affects all systems running nginx 1.26. We recommend ...

An update is available for the nginx web server on Linux systems. This update fixes a security issue that could allow an attacker to gain unauthorized access to the system. You should update your ngin...

A security update is available for nginx to fix a vulnerability that could allow an attacker to execute malicious code on your server. This affects servers running nginx, and you should update to the ...

A security update is available for Nginx 1.24 to fix a potential vulnerability that could allow an attacker to execute malicious code on a server. This update is crucial for servers running Nginx to p...

A security update is available for the nginx web server on Linux systems. This update addresses a potential security risk that could allow an attacker to execute unauthorized code. To ensure the secur...

The VX Search Server and Enterprise services in VX Search 13.5.28 have a security weakness. This means that someone with access to the local machine can potentially gain elevated access to the system....

A vulnerability in Kite's Windows service allows local attackers to run malicious code with high system privileges. This could lead to unauthorized changes to the system or data theft. Update to the l...

A security issue in Advanced System Care Service 13.0.0 allows local attackers to gain elevated system access. This could be exploited by placing malicious programs in a system directory, which would ...