CVE-2026-4478
8.2 HIGH 8.2A vulnerability was identified in Yi Technology YI Home Camera 2 2.1.1_20171024151200. This impacts an unknown function of the file home/web/ipc of the component HTTP Firmware Update Handler. The manipulation …
CVE Vulnerability Database
Complete database of CVE vulnerabilities. Track critical security threats, exploits and patches. Updated daily from NVD NIST.
CVE-2026-4477
2.3 LOW 2.3A vulnerability was determined in Yi Technology YI Home Camera 2 2.1.1_20171024151200. This affects an unknown function of the component WPA/WPS. Executing a manipulation can lead to use of hard-coded …
CVE-2026-4476
5.3 MEDIUM 5.3A vulnerability was found in Yi Technology YI Home Camera 2 2.1.1_20171024151200. The impacted element is an unknown function of the file home/web/ipc of the component CGI Endpoint. Performing a …
Yi
Details
CVE-2026-4475
8.7 HIGH 8.7A vulnerability has been found in Yi Technology YI Home Camera 2 2.1.1_20171024151200. The affected element is an unknown function of the file home/web/ipc. Such manipulation leads to hard-coded credentials. …
Yi
Details
CVE-2026-4474
4.8 MEDIUM 4.8A flaw has been found in itsourcecode University Management System 1.0. Impacted is an unknown function of the file /admin_single_student_update.php. This manipulation of the argument st_name causes cross site scripting. …
PHP
Details
CVE-2026-33055
5.1 MEDIUM 5.1tar-rs is a tar archive reading/writing library for Rust. Versions 0.4.44 and below have conditional logic that skips the PAX size header in cases where the base header size is …
Alexcrichton
Details
CVE-2026-33054
9.8 CRITICAL 9.8Mesop is a Python-based UI framework that allows users to build web applications. Versions 1.2.2 and below contain a Path Traversal vulnerability that allows any user supplying an untrusted state_token …
Mesop-Dev
Details
CVE-2026-33053
6.1 MEDIUM 6.1Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the delete_api_key_route() endpoint accepts an api_key_id path parameter and deletes it with only …
Langflow
Details
CVE-2026-4473
5.1 MEDIUM 5.1A vulnerability was detected in itsourcecode Online Doctor Appointment System 1.0. This issue affects some unknown processing of the file /admin/appointment_action.php. The manipulation of the argument appointment_id results in sql …
Unguardable
Details
CVE-2026-33051
5.3 MEDIUM 5.3Craft CMS is a content management system (CMS). In versions 5.9.0-beta.1 through 5.9.10, the revision/draft context menu in the element editor renders the creator’s fullName as raw HTML due to …
Payload
Details
Statistics
Total
38636
Critical
3366
High
12549