CVE-2026-36174

GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface...

EUVD-2026-34277

GNCC GP5 v7.1.76 was discovered to store sensitive wireless network information in plaintext during routine operations to the serial console. This issue allows physically-proximate attackers to obtain sensitive information, including network credentials, via monitoring the serial UART interface...

Indian Motorcycle Scout Bobber + Tech 安全漏洞

The Indian Motorcycle Scout Bobber + Tech is a mid-level cruiser motorcycle produced by the Japanese company Indian Motorcycle. The Scout Bobber + Tech has a security vulnerability, which stems from an error in the behavior displayed on the Infotainment/Digital Round display. This error may allow...

Indian Motorcycle Scout Bobber + Tech 安全漏洞

The Indian Motorcycle Scout Bobber + Tech is a mid-level cruiser motorcycle produced by the Japanese company Indian Motorcycle. The Scout Bobber + Tech 2025 has a security vulnerability, where the resource consumption of the Wireless Control Module is uncontrolled, which may allow neighboring...

Indian Motorcycle Scout Bobber + Tech 安全漏洞

The Indian Motorcycle Scout Bobber + Tech is a mid-level cruiser motorcycle produced by the Japanese company Indian Motorcycle. The Scout Bobber + Tech 2025 has a security vulnerability caused by weak authentication in the Wireless Control Module. This vulnerability could allow neighboring networ...

TP-Link Archer C64 安全漏洞

The TP-Link Archer C64 is a wireless router produced by TP-Link Corporation. The TP-Link Archer C64 V1 version has a security vulnerability. This vulnerability stems from improper execution of the authentication rate limit during the debugging of the SSH service. As a result, attackers in adjacen...

Zyxel WRE6505 安全漏洞

Zyxel WRE6505 is a wireless signal expansion device produced by Zyxel Corporation in China. The Zyxel WRE6505 v2 V1.00ABDV.3C0 version contains a security vulnerability. This vulnerability stems from the improper limit on the number of authentication attempts made by the web management interface...

SAMSUNG Mobile devices 安全漏洞

Samsung Mobile devices are a series of mobile devices produced by South Korea’s Samsung Corporation, including smartphones and tablets. There are security vulnerabilities in Samsung Mobile Devices, which stem from the leakage of sensitive information. This vulnerability may allow neighboring...

TP-Link Archer AX53 安全漏洞

The TP-Link Archer AX53 is a dual-core router produced by TP-Link Corporation. Prior to the version v1.0 1.7.1 Build 20260213, the TP-Link Archer AX53 had a security vulnerability. This vulnerability stemmed from insufficient input validation in the dnsmasq module, which could allow authenticated...

SAMSUNG Smart Switch 安全漏洞

Samsung Smart Switch is a data migration tool developed by South Korea’s Samsung Corporation. Versions of Samsung Smart Switch prior to 3.7.69.15 contained a security vulnerability caused by a path traversal issue, which could allow adjacent attackers to overwrite any file with Smart Switch...

CVE-2025-69969

A lack of authentication and authorization mechanisms in the Bluetooth Low Energy BLE communication protocol of SRK Powertech Pvt Ltd Pebble Prism Ultra v2.9.2 allows attackers to reverse engineer the protocol and execute arbitrary commands on the device without establishing a connection. This is...

CVE-2025-13399

A weakness in the web interface’s application layer encryption in VX800v v1.0 allows an adjacent attacker to brute force the weak AES key and decrypt intercepted traffic. Successful exploitation requires network proximity but no authentication, and may result in high impact to confidentiality,...

CVE-2025-13399

The CVE-2025-13399 entry covers a weakness in the VX800v v1.0 web interface where the application-layer encryption uses a weak AES key. An adjacent attacker can brute-force this key to decrypt intercepted traffic without authentication. Impact is described as high for confidentiality, integrity, ...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002590)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002590 advisory. Wi-Fi Protected Access WPA and WPA2 allows reinstallation of the Group Temporal Key GTK during the group key handshake, allowing an attacker within radio range to...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002445)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002445 advisory. drivers/hid/hid-zpff.c in the Human Interface Device HID subsystem in the Linux kernel through 3.11, when CONFIGHIDZEROPLUS is enabled, allows physically proximate...

PT-2026-2630

An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel...

EUVD-2026-0842

WHILL Model C2 Electric Wheelchairs and Model F Power Chairs do not enforce authentication for Bluetooth connections. An attacker within range can pair with the device and issue movement commands, override speed restrictions, and manipulate configuration profiles without any credentials or user...

Entrust nShield Connect XC 安全漏洞

Entrust nShield Connect XC is a network-connected hardware security module from Entrust USA. A security vulnerability exists in Entrust nShield Connect XC that originates from physical proximity where an attacker can boot from a USB device to elevate privileges...

CVE-2025-56008

Cross site scripting XSS vulnerability in KeeneticOS before 4.3 at "Wireless ISP" page allows attackers located near to the router to takeover the device via adding additional users with full permissions...

CVE-2025-56008

Cross site scripting XSS vulnerability in KeeneticOS before 4.3 at "Wireless ISP" page allows attackers located near to the router to takeover the device via adding additional users with full permissions...