52137 matches found
CVE-2026-45337
Better Auth is an authentication and authorization library for TypeScript. From 1.6.0 until 1.6.11, the deviceAuthorization plugin treats any authenticated session as the owner of any pending device code because GET /device does not claim the row and POST /device/approve and POST /device/deny...
CVE-2026-45337
Better Auth (TypeScript library) vulnerability CVE-2026-45337 affects versions 1.6.0–1.6.10 in the deviceAuthorization plugin. The root cause is that the verification path does not claim ownership of the pending device code and the approve/deny checks short-circuit when userId is unset, allowing ...
CVE-2026-14961
CVE-2026-14961 affects Pegatron tdeio64.sys exposing the .�5cTdeIo device. The IOCTL dispatch lacks privilege validation and does not validate user-supplied kernel addresses, allowing arbitrary kernel memory read/write and privilege escalation to NT AUTHORITY\SYSTEM. The linked explainer also not...
EUVD-2026-44667
ICU Scandinavia Boomerang is vulnerable to a missing authentication flaw in its device receiver endpoints. This allows an unauthenticated remote attacker to read full facility configurations and write unauthorized data to the sensor database. This issue has been fixed in version 2.4.18.029...
LOYTEC LGATE-902 6.3.2 - Local File Inclusion
LOYTEC LGATE-902 6.3.2 is susceptible to local file inclusion which could allow an attacker to manipulate path references and access files and directories including critical system files that are stored outside the root folder of the web application running on the device. This can be used to read...
Emerson Dixell XWEB-500 - Arbitrary File Write
Emerson Dixell XWEB-500 contains an arbitrary file write caused by unauthenticated access to /cgi-bin/logoextraupload.cgi, /cgi-bin/calsave.cgi, and /cgi-bin/loutils.cgi, letting attackers write any file on the system, exploit requires no authentication. id: CVE-2021-45420 info: name: Emerson...
TOTOLINK EX1200T 4.1.2cu.5215 - Authentication Bypass
TOTOLINK EX1200T 4.1.2cu.5215 is susceptible to authentication bypass. An attacker can bypass login by sending a specific request through formLoginAuth.htm, thus potentially being able to obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-42887 info:...
WAVLINK - Access Control
Wavlink WN530HG4, WN531G3, WN533A8, and WN551K are susceptible to improper access control via /cgi-bin/ExportAllSettings.sh, where a crafted POST request returns the current configuration of the device, including the administrator password. No authentication is required. The attacker must perform...
AnythingLLM - Information Disclosure
AnythingLLM suffers from an information disclosure vulnerability through the /api/setup-complete API endpoint. By accessing this endpoint, a remote and unauthenticated attacker can access sensitive configuration of the target AnythingLLM instance. This detection is included in the AI and LLM...
KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability
KNX Association KNX Protocol Connection Authorization Option 1 contains an overly restrictive account lockout mechanism vulnerability that could allow an attacker to purge all devices without additional security options enabled and set a BCU key to lock the device...
CVE-2026-48125 UAParser.js: Unbounded `Sec-CH-UA-Model` parsing can trigger ReDoS in `withClientHints()`
UAParser.js is a JavaScript library to detect browsers, operating systems, CPUs, and devices from user-agent data. From 2.0.1 until 2.0.10, a regular expression denial-of-service vulnerability exists when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application th...
libinput: local privilege escalation via crafted uinput devices
A flaw was found in libinput. A local attacker with access to /dev/uinput can inject arbitrary udev properties through the libinput-device-group helper. This injection can lead to root code execution, for example, by exploiting REMOVECMD properties that are executed when a device is removed. This...
CVE-2026-5040
TP-Link Deco M5 v1 uses a weak password hashing mechanism to store user credentials. An attacker who obtains the password hash through system compromise or privileged access could perform brute-force or dictionary attacks. Successful exploitation may result in disclosure of authentication...
CVE-2026-62655
A security flaw was found in certain NETGEAR Orbi models that could allow an unauthorized user to cause the device to stop responding or restart unexpectedly, disrupting network connectivity and making the device temporarily unavailable...
CVE-2026-50387
Stack-based buffer overflow in Windows GDI allows an authorized attacker to elevate privileges locally...
CVE-2026-5040
The CVE-2026-5040 entry applies to TP-Link Deco M5 v1. The issue stems from a weak password hashing mechanism used to store user credentials. An attacker who obtains the password hash via system compromise or privileged access could perform brute-force or dictionary attacks. Practical consequence...
CVE-2026-5040 Weak Password Hashing Mechanism in TP-Link Deco M5
TP-Link Deco M5 v1 uses a weak password hashing mechanism to store user credentials. An attacker who obtains the password hash through system compromise or privileged access could perform brute-force or dictionary attacks. Successful exploitation may result in disclosure of authentication...
CVE-2026-62659 Authenticated users can make unauthorized changes on NETGEAR WAX333 Access Points
A security flaw was discovered in the NETGEAR WAX333 Access Point that could allow someone already logged in and connected to the local network to make unauthorized changes to the device's settings...
CVE-2026-58547
The CVE-2026-58547 entry details a heap-based buffer overflow in Windows UPnP Device Host (upnp.dll) that can enable local privilege escalation for an authorized user. Affected component: Universal Plug and Play in Windows. Root cause: heap-based overflow in upnp.dll. Impact: local privilege elev...
CVE-2026-58547 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability
...