Lucene search
K

22106 matches found

CVE
CVE
added 1 hour ago5 views

CVE-2026-13564

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS7.9AI score
Exploits0References5
CVE
CVE
added 1 hour ago3 views

CVE-2026-13563

A vulnerability has been found in Edimax EW-7478APC 1.04. This impacts the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to stack-based buffer overflow. It is possible to launch the attack...

9CVSS7.8AI score
Exploits0References5
CVE
CVE
added 1 hour ago5 views

CVE-2026-13562

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit...

9CVSS7.5AI score
Exploits0References5
Cvelist
Cvelist
added 1 hour ago3 views

CVE-2026-13561 Edimax EW-7478APC POST Request formiNICbasic os command injection

A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote...

6.5CVSS
Exploits0References5
CVE
CVE
added 2 hours ago5 views

CVE-2026-13560

A security vulnerability has been detected in Edimax EW-7478APC 1.04. The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler. The manipulation of the argument submit-url leads to os command injection. The attack is possible to be carri...

6.5CVSS6.3AI score
Exploits0References5
Nuclei
Nuclei
added 6 hours ago83 views

Hongdian H8922 3.0.5 Devices - Local File Inclusion

Hongdian H8922 3.0.5 devices are vulnerable to local file inclusion. The /logdownload.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ e.g., ../../etc/passwd This can be carried out wi...

6.5CVSS6.9AI score0.13751EPSS
Exploits1References5
Nuclei
Nuclei
added 6 hours ago35 views

Labstack Echo 4.8.0 - Open Redirect

Labstack Echo 4.8.0 contains an open redirect vulnerability via the Static Handler component. An attacker can leverage this vulnerability to cause server-side request forgery, making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-400...

9.6CVSS7.3AI score0.02309EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 7 hours ago7 views

CVE-2026-13538

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...

6.5CVSS6.4AI score
Exploits0References10
EUVD
EUVD
added 7 hours ago5 views

EUVD-2026-40036

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...

6.5CVSS6.4AI score
Exploits0References10
CVE
CVE
added 8 hours ago5 views

CVE-2026-13533

CVE-2026-13533 affects agentejo Cockpit CMS up to v0.12.2 in the htaccess Handler’s /config/config.yaml, via Spyc::YAMLLoad. The vulnerability arises from YAMLLoad manipulation that can make files or directories accessible and can be exploited remotely. Exploit code has been publicly disclosed an...

6.9CVSS5.6AI score
Exploits0References5
ATTACKERKB
ATTACKERKB
added 8 hours ago3 views

CVE-2026-13533

A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...

6.9CVSS5.6AI score
Exploits0References5Affected Software1
EUVD
EUVD
added 8 hours ago5 views

EUVD-2026-40030

A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...

6.9CVSS5.6AI score
Exploits0References5
EUVD
EUVD
added 9 hours ago4 views

EUVD-2026-40027

A vulnerability was identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /appointmentdetail.php of the component Appointment Handler. The manipulation of the argument editid leads to sql injection. The attack is possible to be carried out remotel...

6.5CVSS6.5AI score
Exploits0References6
CVE
CVE
added 11 hours ago9 views

CVE-2026-13522

Investintech SlimPDFReader up to version 2.0.14 is affected by an out-of-bounds read in SlimPDFReader.exe (PDF File Handler). The vulnerable component is the function Investintech::PCV::TeighaDo+0x25cde0 inside SlimPDFReader.exe. A manipulation can trigger the out-of-bounds read, and the issue ca...

5.3CVSS5.5AI score
Exploits0References4
EUVD
EUVD
added 12 hours ago5 views

EUVD-2026-40006

A vulnerability has been found in RAGapp up to 0.1.5. Affected is the function FileHandler.uploadfile/FileHandler.removefile of the file src/ragapp/backend/controllers/files.py of the component Knowledge File Handler. Such manipulation leads to path traversal. The attack can be executed remotely...

6.5CVSS6.1AI score
Exploits0References8
EUVD
EUVD
added 12 hours ago5 views

EUVD-2026-40007

A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security/deployment.ts of the component Password Protection Handler. Performing a manipulation results in use of weak hash. The attack is possible...

6.3CVSS5AI score
Exploits0References8
EUVD
EUVD
added 12 hours ago6 views

EUVD-2026-40004

A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function strtouint64 of the file openviking/storage/vectordb/utils/strtouint64.py of the component Local VectorDB Primary-key Label Handler. The manipulation of the argument ID results in insufficient verificatio...

5CVSS5.5AI score
Exploits0References8
CVE
CVE
added yesterday9 views

CVE-2026-13512

Databend up to version 1.2.881 on HTTP is affected. The issue resides in Tenant Handler’s ClientSessionManager::state_key (src/query/service/src/servers/http/v1/session/client_session_manager.rs) and enables authorization bypass. Exploitation may be initiated remotely; a publicly available exploi...

6.5CVSS6.2AI score
Exploits0References6
CVE
CVE
added yesterday9 views

CVE-2026-13509

RAGapp up to 0.1.5 is affected. The vulnerability lies in FileHandler.upload_file and FileHandler.remove_file (src/ragapp/backend/controllers/files.py), enabling path traversal. Exploitation can be performed remotely, and public proof-of-concept/exploitation has been disclosed. A fix via a pull r...

6.5CVSS6.1AI score
Exploits0References7
CVE
CVE
added yesterday11 views

CVE-2026-13508

Affects khoj-ai khoj versions up to 2.0.0-beta.28; vulnerable component is the Conversation Sharing Handler in src/khoj/routers/api_chat.py, where manipulation of conversation.agent leads to incorrect authorization. The issue enables remote exploitation (exploit published) with attack vector over...

6.5CVSS5.6AI score
Exploits0References7
Rows per page
Query Builder