Vulns

03-03

CVE-2026-10580 | Hippoo Mobile App for WooCommerce Plugin up to 1.9.4 on WordPress REST Endpoint /wc-hippoo/v1/ext get_user_permissions improper authorization

A vulnerability labeled as critical has been found in Hippoo Mobile App for WooCommerce Plugin up to 1.9.4 on WordPress.

A vulnerability marked as critical has been reported in Altium Enterprise Server up to 8.1.0. Affected by this vulnerability is

A vulnerability described as problematic has been identified in AsyncHttpClient async-http-client up to 2.14.x/3.0.9. Affected by this issue is the

A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. This affects the function fromDhcpListClient of the component

A vulnerability classified as critical was found in haxtheweb haxcms-nodejs and haxcms-php up to 25.x. This vulnerability affects unknown code.

A vulnerability, which was classified as problematic, has been found in haxtheweb haxcms-nodejs and video-player up to 25.x. This issue

A vulnerability, which was classified as critical, was found in Arista Edge Threat Management 17.4.0. Impacted is an unknown function.

A vulnerability has been found in Arista Edge Threat Management 17.4.0 and classified as critical. The affected element is an

A vulnerability was found in Arista Edge Threat Management up to 17.4.0 and classified as critical. The impacted element is

A vulnerability was found in Arista Edge Threat Management up to 17.4.0. It has been classified as critical. This affects

Ballot fiasco shakes faith in South Korea’s electoral system
CVE-2026-11455 | FoundationAgents MetaGPT up to 0.8.2 metagpt/utils/common.py check_cmd_exists mermaid.path command injection (Issue 2037)
CVE-2026-11456 | Chanjet CRM 1.0 HTTP GET Request jxf_dump_systable.php gblOrgID sql injection
CVE-2026-11457 | erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69 JimuReport test-connection Endpoint testConnection dbType/dbDriver/dbUrl/dbUsername/dbPassword injection