CVE-2026-28515 | openDCIM up to 23.04 LDAP Configuration REMOTE_USER authorization
A vulnerability classified as critical has been found in openDCIM up to 23.04. This affects an unknown function of the
Read More
Month: February 2026
CVE-2026-28414 | gradio-app gradio up to 6.6 on Windows /windows/win.ini absolute path traversal (GHSA-39mp-8hj3-5c49)
A vulnerability classified as problematic was found in gradio-app gradio up to 6.6 on Windows. This impacts an unknown function
Read More
CVE-2026-28516 | openDCIM up to 23.04 Config::UpdateParameter sql injection
A vulnerability, which was classified as critical, has been found in openDCIM up to 23.04. Affected is the function Config::UpdateParameter.
Read More
CVE-2026-28517 | openDCIM up to 23.04 Configuration Parameter report_network_map.php exec dot os command injection
A vulnerability, which was classified as critical, was found in openDCIM up to 23.04. Affected by this vulnerability is the
Read More
CVE-2026-27167 | gradio-app gradio up to 6.5.x OAuth /login/huggingface get_token hard-coded credentials (GHSA-h3h8-3v2v-rg7m)
A vulnerability has been found in gradio-app gradio up to 6.5.x and classified as critical. Affected by this issue is
Read More
CVE-2026-28408 | LabRedesCefetRJ WeGIA up to 3.6.4 adicionar_tipo_docs_atendido.php authorization (GHSA-xq3w-xwxj-fg2q)
A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.6.4 and classified as critical. This affects an unknown part of
Read More
CVE-2026-27759 | Dhrumil Kumbhani Featured Image from Content Plugin up to 1.6 on WordPress server-side request forgery
A vulnerability was found in Dhrumil Kumbhani Featured Image from Content Plugin up to 1.6 on WordPress. It has been
Read More
CVE-2026-28415 | gradio-app gradio up to 6.5.x Query Parameter /logout _redirect_to_target _target_url information disclosure (GHSA-pfjf-5gxr-995x)
A vulnerability was found in gradio-app gradio up to 6.5.x. It has been declared as problematic. This issue affects the
Read More
CVE-2026-28411 | LabRedesCefetRJ WeGIA up to 3.6.4 extract _REQUEST authentication bypass (GHSA-g7r9-hxc8-8vh7)
A vulnerability was found in LabRedesCefetRJ WeGIA up to 3.6.4. It has been rated as critical. Impacted is the function
Read More
CVE-2026-28416 | gradio-app gradio up to 6.5.x gr.load server-side request forgery (GHSA-jmh7-g254-2cq9)
A vulnerability categorized as critical has been discovered in gradio-app gradio up to 6.5.x. The affected element is the function
Read More