CVE-2026-26367

creationtimestamp| type| source ---|---|--- 2026-02-16 04:30:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116078426772142689 2026-02-16 04:30:31+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mex7p5jmpb2e...

CVE-2026-26367 JUNG eNet SMART HOME server 2.2.1/2.3.1 Arbitrary User Deletion via deleteUserAccount

eNet SMART HOME server 2.2.1 and 2.3.1 contains a missing authorization vulnerability in the deleteUserAccount JSON-RPC method that permits any authenticated low-privileged user UGUSER to delete arbitrary user accounts, except for the built-in admin account. The application does not enforce...

CVE-2022-26367

Improper buffer restrictions in some IntelR XMMTM 7560 Modem software before version M27560R01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2025-26367

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to create arbitrary user groups via crafted HTTP requests...

CVE-2025-26367

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to create arbitrary user groups via crafted HTTP requests...

CVE-2025-26367

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to create arbitrary user groups via crafted HTTP requests...

CVE-2025-26367

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to create arbitrary user groups via crafted HTTP requests...

CVE-2025-26367

A CWE-862 "Missing Authorization" in maxprofile/user-groups/routes.lua in Q-Free MaxTime less than or equal to version 2.11.0 allows an authenticated low-privileged attacker to create arbitrary user groups via crafted HTTP requests...

AMD Embedded Processors Vulnerabilities – Aug 2024

Bulletin ID: AMD-SB-5002 Potential Impact: Varies by CVE, see descriptions below Severity: Varies by CVE, see descriptions below Summary Potential vulnerabilities in AMD Embedded processors were reported, and mitigations are being provided through Platform Initialization PI firmware packages. CVE...

CVE-2024-26367

Cross Site Scripting vulnerability in Evertz microsystems MViP-II Firmware 8.6.5, XPS-EDGE- Build 1467, evEDGE-EO- Build 0029, MMA10G- Build 0498, 570IPG-X19-10G Build 0691 allows a remote attacker to execute arbitrary code via a crafted payload to the login parameters...

CVE-2024-26367

Cross Site Scripting vulnerability in Evertz microsystems MViP-II Firmware 8.6.5, XPS-EDGE- Build 1467, evEDGE-EO- Build 0029, MMA10G- Build 0498, 570IPG-X19-10G Build 0691 allows a remote attacker to execute arbitrary code via a crafted payload to the login parameters...

CVE-2023-26367

creationtimestamp| type| source ---|---|--- 2023-10-13 12:28:51+00:00| seen| https://t.me/cibsecurity/72220...

CVE-2023-26367 Error based file extraction via PHP filter chains during product bulk import logic

Adobe Commerce versions 2.4.7-beta1 and earlier, 2.4.6-p2 and earlier, 2.4.5-p4 and earlier and 2.4.4-p5 and earlier are affected by an Improper Input Validation vulnerability that could lead to arbitrary file system read by an admin-privilege authenticated attacker. Exploitation of this issue do...

CVE-2023-26367

CVE-2023-26367 affects Adobe Commerce/Magento (Magento Open Source) and Magento Commerce. The issue is an Improper Input Validation in the product bulk import logic that can allow an authenticated admin user to read arbitrary files from the file system. The vulnerability arises from error-based f...

Intel® XMM™ 7560 Modem Software Advisory

Summary: Potential security vulnerabilities in some Intel® XMM™ 7560 Modem software may allow escalation of privilege. Intel is releasing software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2022-26513 Description: Out-of-bounds write in some IntelR XMMT...

CVE-2022-26367

Improper buffer restrictions in some IntelR XMMTM 7560 Modem software before version M27560R01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-26367

Improper buffer restrictions in some IntelR XMMTM 7560 Modem software before version M27560R01.2146.00 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2022-26367

CVE-2022-26367 affects Intel XMM 7560 Modem software for Windows/Linux prior to M2_7560_R_01.2146.00 (also listed with V2 variant in some advisories). Root cause: improper buffer restrictions in the modem software that may allow a privileged user to escalate privileges via local access. Impact as...

CVE-2020-26367

CVE-2020-26367 entry is rejected/not used and does not represent an active vulnerability entry.