CVE-2026-40408

creationtimestamp| type| source ---|---|--- 2026-05-12 15:52:42+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0141 2026-05-12 16:38:43+00:00| seen| https://www.thezdi.com/blog/2026/5/12/the-may-2026-security-update-review 2026-05-13 01:08:48+00:00| seen|...

EUVD-2025-40408

Malicious code in bella-nasisayur3-sluey npm...

CVE-2024-40408

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges...

CVE-2021-40408

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-username variable, that has the value of the userName parameter provided through the SetDdns API, is not validated properly. Th...

CVE-2024-40408

Cybele Software Thinfinity Workspace before v7.0.2.113 was discovered to contain an access control issue in the Create Profile section. This vulnerability allows attackers to create arbitrary user profiles with elevated privileges...

CVE-2023-40408

CVE-2023-40408 is an Apple product issue described as an inconsistent user interface problem addressed by improved state management. The NVD entry notes the patch is included in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, and iOS 17.1/iPadOS 17.1, with Hide My Email potentially...

CVE-2022-40408

creationtimestamp| type| source ---|---|--- 2022-09-29 18:35:11+00:00| seen| https://t.me/cibsecurity/50737...

CVE-2021-40408

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-username variable, that has the value of the userName parameter provided through the SetDdns API, is not validated properly. Th...

CVE-2021-40408

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-username variable, that has the value of the userName parameter provided through the SetDdns API, is not validated properly. Th...

CVE-2021-40408

An OS command injection vulnerability exists in the device network settings functionality of reolink RLC-410W v3.0.0.13620121102. At 1 or 2, based on DDNS type, the ddns-username variable, that has the value of the userName parameter provided through the SetDdns API, is not validated properly. Th...

CVE-2021-40408

CVE-2021-40408 covers multiple OS command injection flaws in Reolink RLC-410W (v3.0.0.136_20121102) via device network settings APIs SetDdns, SetLocalLink, and SetDevName. The root cause is insufficient validation of user-supplied fields (ddns->username, ddns->domain, dns1/dns2, devname) th...