Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21975 matches found

NVD
NVDadded 2026/05/04 5:16 a.m.6 views

CVE-2026-7725

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

6.5CVSS0.00247EPSS
Exploits0References8
Cvelist
Cvelistadded 2026/05/04 3:0 a.m.47 views

CVE-2026-7725 PrefectHQ prefect GitRepository Pull storage.py argument injection

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

6.5CVSS0.00247EPSS
Exploits0References8
EUVD
EUVDadded 2026/05/04 3:0 a.m.3 views

EUVD-2026-26880

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

6.5CVSS5.5AI score0.00247EPSS
Exploits0References8
ATTACKERKB
ATTACKERKBadded 2026/05/04 3:0 a.m.1 views

CVE-2026-7725

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

6.5CVSS6.2AI score0.00247EPSS
Exploits0References8Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/04 3:0 a.m.7 views

CVE-2026-7725 PrefectHQ prefect GitRepository Pull storage.py argument injection

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commitsha/directories results in argument injection. It is...

6.5CVSS5.4AI score0.00247EPSS
Exploits0References8
NVD
NVDadded 2026/05/04 2:15 a.m.20 views

CVE-2026-7718

A vulnerability was identified in Totolink WA300 5.2cu.7112B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injection. The attack may be initiated remotely. The...

6.5CVSS0.00916EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/04 1:45 a.m.5 views

EUVD-2026-26873

A weakness has been identified in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote exploitation of the attack ...

6.5CVSS6.4AI score0.00916EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/05/04 1:45 a.m.5 views

CVE-2026-7720

A weakness has been identified in Totolink WA300 5.2cu.7112B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote exploitation of the attack ...

6.5CVSS6.4AI score0.00916EPSS
Exploits1References5Affected Software1
CVE
CVEadded 2026/05/04 1:45 a.m.23 views

CVE-2026-7720

CVE-2026-7720 – Totolink WA300 : The weakness affects the POST Request Handler in /cgi-bin/cstecgi.cgi, specifically the setLanguageCfg function, where manipulating the langType argument leads to a command injection. Remote exploitation is possible and a public exploit exists. Connected sources c...

6.5CVSS6.4AI score0.00916EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/05/04 1:30 a.m.2 views

CVE-2026-7719

A security flaw has been discovered in Totolink WA300 5.2cu.7112B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument httphost results in buffer overflow. The attack may be launched...

10CVSS7.8AI score0.00619EPSS
Exploits0References5Affected Software1
CVE
CVEadded 2026/05/04 1:30 a.m.13 views

CVE-2026-7719

The CVE-2026-7719 entry describes a buffer overflow in Totolink WA300’s /cgi-bin/cstecgi.cgi loginauth handler (affected component: POST Request Handler). Specifically, manipulation of the http_host argument can overflow a buffer, enabling a remote attack. Public exploit details are indicated (ex...

10CVSS7.8AI score0.00619EPSS
Exploits0References5
Snyk
Snykadded 2026/05/04 1:22 a.m.11 views

Deserialization of Untrusted Data

Overview MindsDB is a MindsDB server, provides server capabilities to mindsdb native python library Affected versions of this package are vulnerable to Deserialization of Untrusted Data via the pickle.loads function in the Pickle Handler component. An attacker can execute arbitrary code by...

6.5CVSS6.9AI score0.00297EPSS
Exploits0References2
EUVD
EUVDadded 2026/05/04 1:15 a.m.15 views

EUVD-2026-26869

A vulnerability was identified in Totolink WA300 5.2cu.7112B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injection. The attack may be initiated remotely. The...

6.5CVSS6.5AI score0.00916EPSS
Exploits0References5
EUVD
EUVDadded 2026/05/04 1:0 a.m.3 views

EUVD-2026-26868

A vulnerability was determined in Totolink WA300 5.2cu.7112B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead to buffer overflow. The attack can be launched...

9CVSS7.8AI score0.00472EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/04 1:0 a.m.31 views

CVE-2026-7717 Totolink WA300 POST Request cstecgi.cgi UploadCustomModule buffer overflow

A vulnerability was determined in Totolink WA300 5.2cu.7112B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead to buffer overflow. The attack can be launched...

9CVSS0.00472EPSS
Exploits0References5
OSV
OSVadded 2026/05/04 12:30 a.m.3 views

GHSA-9F6M-65V9-X9G2 MindsDB has an Improper Access Control Issue

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.3CVSS6.7AI score0.00284EPSS
Exploits0References6
Github Security Blog
Github Security Blogadded 2026/05/04 12:30 a.m.14 views

MindsDB has an Improper Access Control Issue

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.5CVSS6.7AI score0.00284EPSS
Exploits0References6Affected Software1
NVD
NVDadded 2026/05/04 12:16 a.m.5 views

CVE-2026-7711

A weakness has been identified in MindsDB up to 26.01. This impacts the function exec of the file mindsdb/integrations/handlers/byomhandler/procwrapper.py of the component Engine Handler. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit ha...

7.5CVSS0.00284EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/04 12:0 a.m.5 views

PT-2026-36755

A vulnerability was found in PrefectHQ prefect up to 3.6.25.dev6. Affected by this issue is some unknown functionality of the file src/prefect/runner/storage.py of the component GitRepository Pull Handler. The manipulation of the argument commit sha/directories results in argument injection. It i...

6.5CVSS6.2AI score0.00247EPSS
Exploits0References9
Positive Technologies
Positive Technologiesadded 2026/05/04 12:0 a.m.2 views

PT-2026-36750

A weakness has been identified in Totolink WA300 5.2cu.7112 B20190227. The impacted element is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. This manipulation of the argument langType causes command injection. Remote exploitation of the attack...

6.5CVSS6.4AI score0.00916EPSS
Exploits1References6
Rows per page
Query Builder