Vulnerability Database
A comprehensive hub for tracking high-impact vulnerabilities across application code and third-party libraries, for security teams and developers.
Trusted by Startups to Fortune 500
CVE-2026-25879
(9.8)
LLM SQL Injection in Langroid SQLChatAgent
Remote Code Execution on Database Host
CVE-2026-24782
(7.6)
SQL Injection in Kiteworks Secure Data Forms
Unauthorized Data Access and Modification
CVE-2026-24752
(8.2)
Cross-Site Scripting (XSS) in Kiteworks Secure Data Forms
Client-Side Code Execution and Session Compromise
CVE-2026-10290
(7.3)
SQL Injection in Hotel and Tourism Reservation System
Database Compromise and Data Exposure
CVE-2018-25431
(7.1)
SQL Injection in No-Cms manage_privilege Export Endpoint
Information Disclosure via SQL Injection
CVE-2026-49136
(7.5)
Path Traversal in Banana Slides AI Image Backend
Arbitrary File Read
CVE-2026-24751
(8.2)
Cross-Site Scripting (XSS) in Kiteworks Secure Data Forms
Arbitrary JavaScript execution in the victim's browser within the Kiteworks application context
CVE-2026-10288
(7.3)
Improper Authentication in Hotel and Tourism Reservation
Authentication Bypass and Unauthorized Administrative Access
CVE-2026-49121
(8.1)
Unsafe Deserialization in AITER ZMQ MessageQueue.recv
Unauthenticated Remote Code Execution across Distributed Inference Workers
CVE-2026-45722
(7.1)
SQL Injection in Nextcloud Tables App
Limited Data Exfiltration and Database Probing via SQL Injection
