NVD CVEs — 本日公開 (5 件)
CVE-2026-15134 7.3 HIGH
A vulnerability was determined in CodeAstro Simple Online Leave Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /SimpleOnlineLeave/index.php. Executing a manipulation of the argument email can lead to sql injection. The attack may be performed from remot
CVE-2026-15135 7.3 HIGH
A security flaw has been discovered in code-projects Online Food Order System 1.0. This affects an unknown part of the file /edit_food_items.php. The manipulation of the argument update results in sql injection. It is possible to launch the attack remotely. The exploit has been released to the publi
CVE-2026-15137 7.3 HIGH
A weakness has been identified in code-projects Interview Management System 1.0. This vulnerability affects unknown code of the file \inc\classes\View.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been made available to the publ
CVE-2026-47646 9.3 CRITICAL
Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Customer Voice allows an unauthorized attacker to perform spoofing over a network.
CVE-2026-15138 6.3 MEDIUM
A security vulnerability has been detected in tumf mcp-text-editor up to 1.0.2. This issue affects the function _validate_file_path of the file mcp_text_editor/text_editor.py. Such manipulation of the argument file_path leads to path traversal. The attack can be launched remotely. The exploit has be
GitHub Security Advisories — 本日公開 (20 件)
GHSA-mh32-g5q6-4x93
LOW
A security vulnerability has been detected in tumf mcp-text-editor up to 1.0.2. This issue...
GHSA-2gh3-7wvm-vg2q
MEDIUM
A vulnerability was determined in CodeAstro Simple Online Leave Management System 1.0. Affected...
GHSA-wvr7-3cpq-c6mg
UNKNOWN
Insufficient policy enforcement in Navigation in Google Chrome prior to 150.0.7871.115 allowed a...
GHSA-9mqj-g68q-h5rw
UNKNOWN
Uninitialized Use in V8 in Google Chrome prior to 150.0.7871.115 allowed a remote attacker to...
GHSA-cj35-237p-x6j7
MEDIUM
A weakness has been identified in code-projects Interview Management System 1.0. This...
GHSA-vp2c-mc92-v364
CRITICAL
Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics...
GHSA-c8mv-ch2p-4gwv
UNKNOWN
Inappropriate implementation in Forms in Google Chrome prior to 150.0.7871.115 allowed a remote...
GHSA-mm39-x96q-96j9
UNKNOWN
Use after free in InterestGroups in Google Chrome prior to 150.0.7871.115 allowed a remote...
GHSA-mmx7-9gvj-j7gm
UNKNOWN
Inappropriate implementation in Navigation in Google Chrome prior to 150.0.7871.115 allowed a...
GHSA-cg5c-fr89-44h3
MEDIUM
A security flaw has been discovered in code-projects Online Food Order System 1.0. This affects...