| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-10249🧪 | itsourcecode Online Blood Bank Management System viewrequest.php sql injection | itsourcecode | Online Blood Bank Management System | High | 7.3 | 2026-06-01 10:30:08 | Deep Dive |
| CVE-2026-10248 | SourceCodester Pharmacy Sales and Inventory System Supplier Creation export create_supplier csv injection | SourceCodester | Pharmacy Sales and Inventory System | Medium | 4.7 | 2026-06-01 10:15:09 | Deep Dive |
| CVE-2026-49328 | Apache Fesod (Incubating): Improper validation of user-supplied URLs leading to SSRF | Apache Software Foundation | Apache Fesod (Incubating) | - | - | 2026-06-01 10:10:34 | Deep Dive |
| CVE-2026-10247 | SourceCodester Pharmacy Sales and Inventory System main create_generic_name cross site scripting | SourceCodester | Pharmacy Sales and Inventory System | Low | 3.5 | 2026-06-01 10:00:11 | Deep Dive |
| CVE-2026-10246 | SourceCodester Pharmacy Sales and Inventory System main create_medicine_presentation cross site scripting | SourceCodester | Pharmacy Sales and Inventory System | Low | 3.5 | 2026-06-01 09:45:07 | Deep Dive |
| CVE-2026-25600 | Credential Exposure Vulnerability in Trac PDBM | Trac d.o.o. | PDBM | Medium | 6.4 | 2026-06-01 09:37:49 | Deep Dive |
| CVE-2026-10245 | SourceCodester Pharmacy Sales and Inventory System main create_supplier cross site scripting | SourceCodester | Pharmacy Sales and Inventory System | Low | 3.5 | 2026-06-01 09:30:09 | Deep Dive |
| CVE-2026-25599 | Missing authentication and clear‑text data transmission affecting Orca heat pumps | Orca Energy | Orca heat pump | Medium | 6.3 | 2026-06-01 09:17:51 | Deep Dive |
| CVE-2026-10244 | SourceCodester Pharmacy Sales and Inventory System main create_medicine_name cross site scripting | SourceCodester | Pharmacy Sales and Inventory System | Low | 3.5 | 2026-06-01 09:15:08 | Deep Dive |
| CVE-2026-40549 | Cross-Site Request Forgery in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:04:19 | Deep Dive |
| CVE-2026-40548 | Unrestricted Upload of File with Dangerous Type in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:04:13 | Deep Dive |
| CVE-2026-40547 | Path Traversal in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:04:05 | Deep Dive |
| CVE-2026-40546 | Multiple SQL Injections in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:04:01 | Deep Dive |
| CVE-2026-40545 | Reflected XSS in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:03:53 | Deep Dive |
| CVE-2026-40544 | Stored XSS in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:03:50 | Deep Dive |
| CVE-2026-40543 | Missing Authorization in SOPlanning | SOPlanning | SOPlanning | - | - | 2026-06-01 09:03:45 | Deep Dive |
| CVE-2026-10243🧪 | code-projects Smart Parking System Admin Endpoint missing authentication | code-projects | Smart Parking System | High | 7.3 | 2026-06-01 09:00:13 | Deep Dive |
| CVE-2026-10242 | itsourcecode Content Management System instructions.php sql injection | itsourcecode | Content Management System | Medium | 6.3 | 2026-06-01 08:45:08 | Deep Dive |
| CVE-2026-48827 | Apache MINA SSHD: Path traversal in org.apache.sshd:sshd-git | Apache Software Foundation | Apache MINA SSHD | High | 7.1 | 2026-06-01 08:37:42 | Deep Dive |
| CVE-2026-10241 | jeecgboot The server processes these URLs Cloud Instance Metadata Endpoint debug FileDownloadUtils.download2DiskFromNet server-side request forgery | jeecgboot | The server processes these URLs | Medium | 6.3 | 2026-06-01 08:30:10 | Deep Dive |