NARKHEDE-VAIBHAV

7 exploits Active since May 2026
CVE-2026-12823 WRITEUP LOW WORKING POC
Browserbase Autobrowse Trace Artifact default permission
A security flaw has been discovered in Browserbase up to 20260526. This impacts an unknown function of the component Autobrowse Trace Artifact Handler. The manipulation results in incorrect default permissions. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS 3.3
CVE-2026-9582 WRITEUP MEDIUM WRITEUP
SourceCodester CET Automated Grading System with AI Predictive Analytics cross-site request forgery
A security flaw has been discovered in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This affects an unknown function. Performing a manipulation results in cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.
CVSS 4.3
CVE-2026-9583 WRITEUP MEDIUM WRITEUP
SourceCodester CET Automated Grading System with AI Predictive Analytics SQL index.php information exposure
A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.
CVSS 4.3
CVE-2026-9603 WRITEUP MEDIUM WRITEUP
SourceCodester eDoc Doctor Appointment System delete-session.php authorization
A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
CVSS 6.5
CVE-2026-9582 WRITEUP MEDIUM WORKING POC
SourceCodester CET Automated Grading System with AI Predictive Analytics cross-site request forgery
A security flaw has been discovered in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This affects an unknown function. Performing a manipulation results in cross-site request forgery. The attack is possible to be carried out remotely. The exploit has been released to the public and may be used for attacks.
CVSS 4.3
CVE-2026-9583 WRITEUP MEDIUM WORKING POC
SourceCodester CET Automated Grading System with AI Predictive Analytics SQL index.php information exposure
A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.
CVSS 4.3
CVE-2026-9603 WRITEUP MEDIUM WORKING POC
SourceCodester eDoc Doctor Appointment System delete-session.php authorization
A security vulnerability has been detected in SourceCodester eDoc Doctor Appointment System 1.0. This affects an unknown part of the file /admin/delete-session.php. The manipulation of the argument ID leads to missing authorization. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.
CVSS 6.5