CVE-2026-4041

creationtimestamp| type| source ---|---|--- 2026-03-12 16:28:07+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mgusygq3ml2o...

CVE-2026-4041

CVE-2026-4041 affects Tenda i12 (firmware 1.0.0.6(2204)). The vulnerability is in the vos_strcpy function of /goform/exeCommand, where an input cmdinput can cause a stack-based buffer overflow. Impact is high (confidentiality, integrity, availability), with remote exploitation possible and no use...

CVE-2026-4041 Tenda i12 exeCommand vos_strcpy stack-based overflow

A security flaw has been discovered in Tenda i12 1.0.0.62204. Impacted is the function vosstrcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and m...

📄 Yoast SEO 22.5 Cross Site Scripting

These are details relating a cross site scripting vulnerability in Yoast SEO versions 22.5 and below that was originally discovered in 2024. CVE-2024-4041 Yoast SEO /?page=%22%20onmouseover%3D%22alertdocument.domain%22%20x%3D%22 3. In the admin bar, open the Yoast menu and hover/click Get Yoast S...

EUVD-2026-4041

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GLS GLS Shipping for WooCommerce gls-shipping-for-woocommerce allows Reflected XSS.This issue affects GLS Shipping for WooCommerce: from n/a through = 1.4.0...

CVE-2009-4041

UseBB 1.0.9 before 1.0.10 allows remote attackers to cause a denial of service infinite loop via crafted BBCode tags...

GO-2025-4041 Cosmos EVM Vulnerability in github.com/cosmos/evm

Cosmos EVM Vulnerability in github.com/cosmos/evm...

CVE-2025-4041

In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions...

CVE-2025-4041

Optigo Networks ONS NC600, versions 4.2.1-084 through 4.7.2-330, are affected by CVE-2025-4041. An attacker who can access the device’s SSH service could leverage system components to execute OS commands on the device. The impact is consistent with a remote command execution risk affecting availa...

CVE-2025-4041 Use of Hard-coded Credentials Optigo Networks ONS NC600

In Optigo Networks ONS NC600 versions 4.2.1-084 through 4.7.2-330, an attacker could connect with the device's ssh server and utilize the system's components to perform OS command executions...

CVE-2025-4041

creationtimestamp| type| source ---|---|--- 2025-05-06 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-25-126-01 2025-05-06 17:16:45+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114462019079175066 2025-05-06 18:21:37+00:00| seen|...

Linux Distros Unpatched Vulnerability : CVE-2015-4041

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The keycomparemb function in sort.c in sort in GNU Coreutils through 8.23 on 64-bit platforms performs a size calculation without considering the number of byte...

Debian: Security Advisory (DLA-4041-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-4041 affecting package bolt 0.9.2-2

CVE-2020-4041 affecting package bolt 0.9.2-2. This CVE either no longer is or was never applicable...

CVE-2024-4041

creationtimestamp| type| source ---|---|--- 2024-05-07 12:31:14+00:00| published-proof-of-concept| https://t.me/HackingInsights/126...

$563 Bounty Awarded for Reflected Cross-Site Scripting Vulnerability Patched in Yoast SEO WordPress Plugin

🎉 Did you know were running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through May 27th, 2024 when you opt to have Wordfence handle responsible disclosure! On April 22th, 2024, during our second Bug Bounty Extravaganza, w...

WordPress Yoast SEO Plugin <= 22.5 is vulnerable to Cross Site Scripting (XSS)

Software Yoast SEO Type Plugin Vulnerable versions = 22.5 Fixed in 22.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4041 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 1ed891028ded Credits Bassem Essam Required...

RHEL 8 : ansible-runner (RHSA-2022:0108)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:0108 advisory. Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can...

openSUSE: Security Advisory for php (SUSE-SU-2023:4041-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues

Summary IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to multiple Operator package issues. IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data has migrated to a new base image for the Operators used by our Speech Services. The following vulnerabilities...