CodeAnt AI Vulnerability Database
A comprehensive hub for tracking high-impact vulnerabilities across application code and third-party libraries, for security teams and developers.
CVE-2026-4615
(7.3)
SQL Injection (CWE-89) in SourceCodester Online Catering Reservation /search.php
Data Exposure and Database Compromise
CVE-2026-4613
(7.3)
SQL Injection (CWE-89) in Search Parameter of SourceCodester E-Commerce Site /products.php
Data Exposure and Integrity Compromise via SQL Injection
CVE-2026-33252
(7.1)
Cross-Site Request Forgery (CWE-352) in Go MCP SDK Streamable HTTP Transport
Cross-Site Request Forgery leading to unauthorized tool invocation
CVE-2026-33250
(7.5)
Stack-Based Buffer Overflow (CWE-121) in Freeciv21 Network Packet Handling
Denial of Service via Remote Crash
CVE-2026-33242
(7.5)
Path Traversal & Access Control Bypass (CWE-22) in Salvo Proxy Routing
Access Control Bypass and Unauthorized Backend Access
CVE-2026-33211
(9.6)
Path Traversal (CWE-22) in Tekton Pipelines Git Resolver `pathInRepo` Parameter
Sensitive File Disclosure and Potential Cluster Compromise
CVE-2026-4612
(7.3)
SQL Injection (CWE-89) in Free Hotel Reservation System Parameter Handler
Data Exposure and Database Compromise
CVE-2026-32913
(9.3)
Improper Sensitive Header Handling (CWE-522) in OpenClaw fetchWithSsrFGuard Cross-Origin Redirects
Exposure of Authentication Tokens and API Keys via Cross-Origin Redirects
CVE-2026-32300
(8.1)
Improper Authorization (CWE-285) in Connect-CMS My Page Profile Update
Account Compromise / Unauthorized Data Modification
CVE-2026-32299
(7.5)
Improper Authorization (CWE-284) in Connect-CMS Page Content Retrieval
Information Disclosure
