NVD CVEs — 本日公開 (6 件)
CVE-2026-7671 3.7 LOW
A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The impacted element is an unknown function of the file /TwoFactor. Such manipulation leads to improper restriction of excessive authentication attempts. The attack may be performed from remote. Attacks of this
CVE-2026-7672 6.3 MEDIUM
A security vulnerability has been detected in youlaitech youlai-boot up to 2.21.1. This affects the function getUserList of the file src/main/java/com/youlai/boot/system/controller/UserController.java of the component Users Endpoint. Such manipulation of the argument order leads to sql injection. Th
CVE-2026-40561
Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header Precedence.
Starlet incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence.
An a
CVE-2026-7673 4.7 MEDIUM
A vulnerability was detected in crmeb_java up to 1.3.4. This vulnerability affects unknown code of the file crmeb/crmeb-service/src/main/java/com/zbkj/service/service/impl/UploadServiceImpl.java of the component Admin Upload. Performing a manipulation of the argument model results in unrestricted up
CVE-2026-7674 8.8 HIGH
A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function start_single_service of the component Web Management Interface. Executing a manipulation of the argument vpn_pptp_server/vpn_l2tp_server can lead to buffer overflow. The attack can be execu
CVE-2026-7675 8.8 HIGH
A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function start_lan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disc
GitHub Security Advisories — 本日公開 (9 件)
GHSA-pwrq-xrfc-p2rq
HIGH
A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted...
GHSA-jw73-3w4r-mp3q
HIGH
A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects...
GHSA-2xqx-75wg-w86v
UNKNOWN
Starlet versions through 0.31 for Perl allows HTTP Request Smuggling via Improper Header...
GHSA-gxwg-rq6m-77m2
LOW
A vulnerability was detected in crmeb_java up to 1.3.4. This vulnerability affects unknown code...
GHSA-c5j9-wg96-mpvw
LOW
A security vulnerability has been detected in youlaitech youlai-boot up to 2.21.1. This affects...
GHSA-4r63-h5ww-9vx8
LOW
A vulnerability has been found in CodeWise Tornet Scooter Mobile App 4.75 on iOS/Android. The...
GHSA-vg39-86qf-m976
MEDIUM
A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file ...
GHSA-6m5f-673f-5vh7
MEDIUM
A vulnerability was detected in sgl-project SGLang up to 0.5.9. Impacted is the function...
GHSA-27v4-4v2q-w2wg
UNKNOWN
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.