5445 matches found
CVE-2026-62948
OpenWrt odhcpd/LuCI vulnerability CVE-2026-62948: Before 25.12.5, the DHCPv6 client FQDN option 39 hostname is written into /tmp/odhcpd.leases without escaping, allowing newline injection of forged lease lines. LuCI displays these lines in the Active DHCPv6 Leases page via rpcd-mod-luci getDHCPLe...
PT-2026-60254
Name of the Vulnerable Software and Affected Versions OpenWrt versions prior to 25.12.5 Description The odhcpd component writes a DHCPv6 client FQDN option 39 hostname into the /tmp/odhcpd.leases file via the statefiles write state6 and statefiles write state4 functions without proper escaping...
CVE-2026-58627
Uncontrolled resource consumption in Windows DHCP Server allows an unauthorized attacker to deny service over a network...
CVE-2026-56159
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over a network...
CVE-2026-54128
Use after free in Windows DHCP Client allows an unauthorized attacker to execute code locally...
CVE-2026-50685
Double free in Windows DHCP Server allows an authorized attacker to execute code over a network...
CVE-2026-50683
Heap-based buffer overflow in Windows DHCP Server allows an authorized attacker to elevate privileges over an adjacent network...
CVE-2026-50370
Heap-based buffer overflow in Windows DHCP Server allows an unauthorized attacker to execute code over an adjacent network...
CVE-2026-58627 Windows DHCP Server Denial of Service Vulnerability
...
CVE-2026-56159 DHCP Server Service Remote Code Execution Vulnerability
...
CVE-2026-54128
CVE-2026-54128 is a Windows DHCP Client use-after-free vulnerability that could allow an unauthenticated local attacker to execute code. The issue, described in the NVD entry and echoed by TALOS, affects the Windows DHCP Client component and is known to have been exploited in the wild (per CIRCL ...
CVE-2026-54128 Windows DHCP Client Remote Code Execution Vulnerability
...
CVE-2026-50683
CVE-2026-50683 is a Windows DHCP Client/Server heap-based buffer overflow that enables an authenticated attacker on an adjacent network to elevate privileges. Public details in the initial entry cite a heap-based overflow and adjacent-access attack path with high impact (C:H, I:H, A:H) and a CVSS...
CVE-2026-50683 Windows DHCP Client Elevation of Privilege Vulnerability
...
CVE-2026-50685
CVE-2026-50685 is a Windows DHCP Server Remote Code Execution vulnerability caused by a double-free in the DHCP Server component. It is network-exploitable (no user interaction) and rated by Microsoft as an in-scope issue with high impact (AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H; CVSS v3.1 base 7.5)....
CVE-2026-50685 Windows DHCP Server Remote Code Execution Vulnerability
...
CVE-2026-50518
CVE-2026-50518 is a heap-based buffer overflow in Windows DHCP Server that allows an unauthenticated attacker to execute code remotely over a network. Public sources (NVD, EUVD, CIRCL, MSRC update guidance) confirm the flaw and its impact as remote code execution; Talos notes exploitation in the ...
CVE-2026-50518 Windows DHCP Server Remote Code Execution Vulnerability
...
CVE-2026-50518 Windows DHCP Server Remote Code Execution Vulnerability
...
CVE-2026-49181
The CVE-2026-49181 entry describes an Integer underflow in the Windows DHCP Client that can allow an unauthorized attacker to elevate privileges over a network. Affected component: Windows DHCP Client (network stack on Windows). Root cause: wrap/underflow in the DHCP client handling. Impact: priv...