Recent Advisories

Severity ID Title Vendor Product Date Type
CRITICAL 9.6 CVE-2026-14382

CVE-2026-14382_CVE-2026-14382

Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sand...

Google Chrome 150.0.7871.46 CVE
CRITICAL 10 89F45BC2-5B61-

Exploit for Improper Control of Dynamically-Managed Code Resources in Kidocode Crawl4Ai_89F45BC2-5B61-56B8-AD6F-B97F1F503F94

CVE-2026-53753 — Crawl4AI AST Sandbox Escape → Pre-Auth RCE CVSS 10.0 CRITICAL | CWE-94 / CWE-913 | No auth required JWT disabled by default Crawl4...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.2 615063E2-4C59-

Exploit for Integer Overflow to Buffer Overflow in Libssh2_615063E2-4C59-5B03-97A2-8075CD4C7246

Reporte de Seguridad: CVE-2026-55200 📝 Descripción General El CVE-2026-55200 es una vulnerabilidad crítica de desbordamiento de memoria basada en ...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.4 CVE-2026-14439

Path Traversal in Altium Git Service Allows Remote Code Execution_CVE-2026-14439

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequenc...

Altium Altium Enterprise Server CVE
CRITICAL 9.4 8D80E256-E0CF-

Exploit for OS Command Injection in Devcode Openstamanager_8D80E256-E0CF-5629-972A-654657B04B04

CVE-2025-69212 --- Description OpenSTAManager is a management software solution for technical assistance, electronic invoicing, and accounting. The...

N/A N/A GITHUBEXPLOIT
CRITICAL 9.8 CVE-2026-14090

CVE-2026-14090_CVE-2026-14090

Insufficient validation of untrusted input in CameraCapture in Google Chrome on ChromeOS prior to 150.0.7871.47 allowed a remote attacker to perfor...

Google Chrome 150.0.7871.47 CVE
CRITICAL 9.3 CVE-2026-34112

Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speechmac.php_CVE-2026-34112

Guardian language-system passes the id GET parameter directly into a PHP exec() call in speechmac.php (line 18) without sanitization: exec(\"php jo...

guardian language-system CVE
CRITICAL 9.3 CVE-2026-34109

Guardian Language-System Unauthenticated OS Command Injection via id Parameter in speech.php_CVE-2026-34109

Guardian language-system passes the id GET parameter directly into a PHP exec() call in speech.php (line 18) without sanitization: exec(\"php jobs/...

guardian language-system CVE
CRITICAL 9.3 CVE-2026-58457

Shenzhen Aitemi M300 MT02 Unauthenticated OS Command Injection via protocol.csp_CVE-2026-58457

Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) contains an unauthenticated OS command injection vulnerability that allows network-adjace...

Shenzhen Aitemi E Commerce Co. Ltd. M300 Wi-Fi Repeater * CVE
CRITICAL 10 9300A862-8FDF-

Exploit for SQL Injection in Sangoma Freepbx_9300A862-8FDF-5FB3-B6EB-72DB0241BA85

CVE-2025-57819 Exploit Metadata - Severity: Critical 9.8 - Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H - Type: Unauthenticated SQL Injecti...

N/A N/A GITHUBEXPLOIT