NVD CVEs — 本日公開 (9 件)
CVE-2026-16198 5.6 MEDIUM
A vulnerability was detected in Sipeed PicoClaw up to 0.2.9. The impacted element is an unknown function of the file web/backend/middleware/access_control.go of the component First Run Setup. Performing a manipulation of the argument allowed_cidrs results in authentication bypass using alternate cha
CVE-2026-16199 6.3 MEDIUM
A flaw has been found in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This affects the function ExecTool.Execute of the file goclaw/internal/tools/credentialed_exec.go. Executing a manipulation can lead to improper authorization. The attack may be launched remotely. The exploit has been published an
CVE-2026-16200 7.3 HIGH
A vulnerability has been found in zevorn rt-claw up to 0.2.0. This impacts the function claw_tool_invoke of the file claw/services/swarm/swarm.c of the component RPC Handler. The manipulation leads to incorrect authorization. Remote exploitation of the attack is possible. The exploit has been disclo
CVE-2026-16201 5.3 MEDIUM
A vulnerability was found in zevorn rt-claw up to 0.2.0. Affected is the function claw_net_get/claw_net_post of the file claw/services/tools/net.c of the component http_request. The manipulation results in information disclosure. The attack can be executed remotely. The exploit has been made public
CVE-2026-16202 3.5 LOW
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected by this vulnerability is an unknown functionality of the file /CYS.php. This manipulation of the argument course causes cross site scripting. The attack is possible to be carried out remotely. The exploi
CVE-2026-16203 3.5 LOW
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected by this issue is some unknown functionality of the file /forCYS.php. Such manipulation of the argument course leads to cross site scripting. The attack may be performed from remote. The exploit is public
CVE-2026-16204 6.3 MEDIUM
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function tool_run_script_execute of the file claw/services/tools/script.c of the component Telegram-to-AI Tool Execution Flow. Performing a manipulation results in code injection. It is possible to initiate the attac
CVE-2026-16205 2.4 LOW
A weakness has been identified in Pluck CMS up to 4.7.21. This vulnerability affects the function htmlspecialchars_decode of the file data/modules/albums/albums.admin.php of the component Albums Module. Executing a manipulation of the argument Info can lead to cross site scripting. It is possible to
CVE-2026-16206 6.3 MEDIUM
A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue affects the function _load_id_token of the file oauth2_provider/oauth2_validators.py. The manipulation leads to session expiration. The attack can be initiated remotely. The project was informed of the
GitHub Security Advisories — 本日公開 (15 件)
GHSA-xr38-w5rc-h3q4
LOW
A security flaw has been discovered in zevorn rt-claw up to 0.2.0. This affects the function...
GHSA-9q2q-q44g-f28v
LOW
A weakness has been identified in Pluck CMS up to 4.7.21. This vulnerability affects the function...
GHSA-j4j7-8j5c-5hxw
MEDIUM
A security vulnerability has been detected in django-oauth django-oauth-toolkit 3.3.0. This issue...
GHSA-qc6r-fr26-j2gm
MEDIUM
A vulnerability was found in zevorn rt-claw up to 0.2.0. Affected is the function claw_net_get...
GHSA-5frv-67vm-973m
LOW
A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0. Affected...
GHSA-9869-2292-xxj6
MEDIUM
A vulnerability has been found in zevorn rt-claw up to 0.2.0. This impacts the function...
GHSA-grp8-2555-3cmp
LOW
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0. Affected...
GHSA-gch8-7366-6m32
LOW
A flaw has been found in nextlevelbuilder GoClaw up to 3.13.3-beta.3. This affects the function...
GHSA-367p-r6p3-qqmv
LOW
A vulnerability was detected in Sipeed PicoClaw up to 0.2.9. The impacted element is an unknown...
GHSA-3c84-2qg9-24p8
LOW
A security vulnerability has been detected in Sipeed PicoClaw up to 0.2.9. The affected element...