900 matches found
CVE-2026-9366
A vulnerability was found in NousResearch hermes-agent 2026.4.23. The impacted element is the function scancontextcontent of the file agent/promptbuilder.py. The manipulation results in injection. The attack may be performed from remote. The exploit has been made public and could be used. The...
CVE-2026-9357
A vulnerability was found in vBulletin 6.x. This impacts an unknown function of the component Login. Performing a manipulation results in cross site scripting. It is possible to initiate the attack remotely. The exploit has been made public and could be used. VulDB is withholding an extended...
EUVD-2026-31555
A vulnerability was detected in Edimax EW-7438RPn up to 1.31. This affects the function formWizSurvey of the file /goform/formWizSurvey of the component webs. Performing a manipulation of the argument ssid/manualssid/ip/mask/gateway results in buffer overflow. The attack is possible to be carried...
PT-2026-42900
A vulnerability was detected in Edimax EW-7438RPn up to 1.31. This affects the function formWizSurvey of the file /goform/formWizSurvey of the component webs. Performing a manipulation of the argument ssid/manualssid/ip/mask/gateway results in buffer overflow. The attack is possible to be carried...
PT-2026-42941
A vulnerability was detected in Edimax BR-6675nD 1.12. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in buffer overflow. The attack may be...
CVE-2026-9297
A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of the argument repeaterSSID leads to command injection. The attack may be initiated remotely. The...
CVE-2026-9295 Edimax BR-6428NS POST Request formWirelessTbl buffer overflow
A security flaw has been discovered in Edimax BR-6428NS 1.10. This affects the function formWirelessTbl of the file /goform/formWirelessTbl of the component POST Request Handler. Performing a manipulation of the argument vapurl results in buffer overflow. The attack can be initiated remotely. The...
EUVD-2026-31529
A vulnerability was identified in Edimax BR-6428NS 1.10. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName leads to buffer overflow. It is possible to launch the attack...
PT-2026-42876
A vulnerability was detected in omec-project amf up to 2.1.1. Affected by this vulnerability is an unknown functionality of the component PathSwitchRequest Handler. The manipulation results in memory corruption. The attack may be launched remotely. The exploit is now public and may be used. It is...
EUVD-2026-30718
A weakness has been identified in linlinjava litemall up to 1.8.0. Affected is an unknown function of the component Admin Endpoint. Executing a manipulation can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for...
EUVD-2026-29025
A vulnerability has been found in Open5GS up to 2.7.7. This issue affects the function OpenAPIlistcreate of the component SMF. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The project was informed ...
EUVD-2026-29015
A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-8255
CVE-2026-8255 affects Devs Palace ERP Online up to version 4.0.0, impacting an unknown portion of the file /inventory/add_new_customer. The vulnerability enables cross-site scripting (XSS) through a manipulation of that endpoint, with remote attack capability. The exploitation possibility is supp...
PT-2026-39631
Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A weakness in the NRF component allows a remote attacker to cause a denial of service. The issue exists within the ogs nnrf nfm handle nf profile function located in the lib/sbi/nnrf-handler.c file...
PT-2026-39870
A vulnerability was detected in D-Link DIR-816 1.10CNB05 R1B011D88210. This affects the function portForward. Performing a manipulation of the argument ip address results in command injection. The attack can be initiated remotely. The exploit is now public and may be used...
EUVD-2026-28991
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...
CVE-2026-8242
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. The impacted element is the function doAction of the component Login RMI Interface. Performing a manipulation results in observable response discrepancy. The attack is possible to be carried out remotely. A high...
CVE-2026-8241 Industrial Application Software IAS Canias ERP RMI iasGetServerInfoEvent improper authorization
A vulnerability has been found in Industrial Application Software IAS Canias ERP 8.03. The affected element is the function iasGetServerInfoEvent of the component RMI Interface. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed ...
EUVD-2026-28977
A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...
CVE-2026-8229
A vulnerability was detected in Wavlink NU516U1 240425. The affected element is the function WifiBasic of the file /cgi-bin/wireless.cgi. Performing a manipulation of the argument AuthMethod/EncrypType results in os command injection. Remote exploitation of the attack is possible. The exploit is...