CVE-2026-2086

creationtimestamp| type| source ---|---|--- 2026-02-07 14:18:02+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mebmdg33w72v 2026-02-08 06:00:31+00:00| seen| https://infosec.exchange/users/offseq/statuses/116033482248476588 2026-02-08 06:00:32+00:00| seen|...

CVE-2026-2086

A vulnerability was detected in UTT HiPER 810G up to 1.7.7-171114. Affected by this vulnerability is the function strcpy of the file /goform/formFireWall of the component Management Interface. The manipulation of the argument GroupName results in buffer overflow. The attack can be launched...

CVE-2026-2086

The CVE covers UTT HiPER 810G up to version 1.7.7-171114 where the Management Interface’s /goform/formFireWall component contains a buffer overflow in strcpy when handling the GroupName argument. This enables remote exploitation; public exploit code exists. Affected products are UTT HiPER 810G, w...

CVE-2019-2086

In libxaac, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-114735603...

Huawei EulerOS: Security Advisory for shim (EulerOS-SA-2025-2086)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Linux Distros Unpatched Vulnerability : CVE-2021-2086

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.18. Easily...

CVE-2023-2086

The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the templatecount function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin template information. While ...

CVE-2025-2086

A vulnerability classified as problematic was found in StarSea99 starsea-mall 1.0. This vulnerability affects unknown code of the file /admin/indexConfigs/update. The manipulation of the argument redirectUrl leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2025-2086

creationtimestamp| type| source ---|---|--- 2025-03-07 14:38:26+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/6836 2025-03-07 16:10:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ljsfhlwxu22f 2025-03-07 16:37:08+00:00| seen|...

CVE-2025-2086

A vulnerability classified as problematic was found in StarSea99 starsea-mall 1.0. This vulnerability affects unknown code of the file /admin/indexConfigs/update. The manipulation of the argument redirectUrl leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2025-2086 StarSea99 starsea-mall update cross site scripting

A vulnerability classified as problematic was found in StarSea99 starsea-mall 1.0. This vulnerability affects unknown code of the file /admin/indexConfigs/update. The manipulation of the argument redirectUrl leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

CVE-2025-2086

CVE-2025-2086 affects StarSea99 Starsea-mall 1.0. The vulnerability resides in unknown code path under /admin/indexConfigs/update, where manipulating the redirectUrl parameter yields cross-site scripting. The issue can be triggered remotely and the exploit has been disclosed publicly. Documents c...

RHEL 8 : shim (RHSA-2024:2086)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2086 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments...

CVE-2024-2086 Integrate Google Drive <= 1.3.8 - Missing Authorization to Unauthenticated Settings Modification and Export

The Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site plugin for WordPress is vulnerable to unauthorized access of data, modification of data, and loss of data due to a missing capability check on multiple...

CVE-2023-2086

creationtimestamp| type| source ---|---|--- 2023-06-09 12:27:41+00:00| seen| https://t.me/cibsecurity/65093...

CVE-2023-2086 Essential Blocks <= 4.0.6 - Missing Authorization via template_count

The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the templatecount function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin template information. While ...

CVE-2023-2086

CVE-2023-2086 : The WordPress plugin “Essential Blocks” (Essential Blocks – Page Builder Gutenberg Blocks, Patterns & Templates) is vulnerable due to a missing capability check on the template_count function in versions up to and including 4.0.6, enabling subscriber-level attackers to view plugin...

Huawei EulerOS: Security Advisory for dbus (EulerOS-SA-2023-2086)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2023:2086-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

K15311661: NodeJS vulnerability CVE-2016-2086

Security Advisory Description Node.js 0.10.x before 0.10.42, 0.12.x before 0.12.10, 4.x before 4.3.0, and 5.x before 5.6.0 allow remote attackers to conduct HTTP request smuggling attacks via a crafted Content-Length HTTP header. CVE-2016-2086 Impact An attacker may be able to perform HTTP reques...