CVE-2026-10295

3.3 LOW

A vulnerability was found in SourceCodester Customer Review App 1.0

Published: 2026-06-01 · Last updated: 2026-06-02

Severity and scoring

CVSS: 3.3 LOW
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L
CWE: CWE-404

Description

A vulnerability was found in SourceCodester Customer Review App 1.0. Affected by this vulnerability is the function add_review/save_review/get_all_reviews of the file review_app.py. Performing a manipulation of the argument name/comment results in denial of service. The attack requires a local approach. The exploit has been made public and could be used.

Source: NVD

References

[NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-10295
[Other]https://pastebin.com/Ud5vaGp6
[Other]https://vuldb.com/cve/CVE-2026-10295
[Other]https://vuldb.com/submit/826530
[Other]https://vuldb.com/vuln/367588
[Other]https://vuldb.com/vuln/367588/cti
[Other]https://www.sourcecodester.com/

Related CVEs

Same CWE

CVE-2026-47213 — Boxlite is a sandbox service that allows users to create lightweight virtual machines (Boxes) and launch OCI containers within them to ru... (6.5 MEDIUM)
CVE-2026-11312 — A vulnerability was found in bytedance InfiniStore up to 0.2.33 (3.3 LOW)
CVE-2026-10802 — A vulnerability was detected in keystonejs keystone up to 20260319 (4.3 MEDIUM)
CVE-2026-10775 — A vulnerability was determined in sgl-project SGLang up to 0.5.11 (3.6 LOW)
CVE-2026-10705 — A flaw has been found in dask up to 3.0 (3.1 LOW)