2017 matches found
CVE-2026-13230
The CVE-2026-13230 entry concerns TP-Link Kasa EC70 v4 and EC71 v4. The issue lies in the local discovery mechanism, where geolocation-related data can be retrieved without authentication. Affects confidentiality only; no evidence of integrity or availability impact is reported. Exploitation cont...
Langflow < 1.3.0 - Remote Code Execution via validate_code() exec()
Langflow contains a remote code execution caused by inclusion of functionality from untrusted control sphere in the execglobals parameter at the validate endpoint, letting remote attackers execute arbitrary code as root, exploit requires no authentication. id: CVE-2026-0770 info: name: Langflow...
Vtiger CRM v7.2.0 - Directory Listing
Vtiger CRM v7.2.0 contains a directory traversal vulnerability caused by improper access controls in /libraries and /layout directories, letting attackers display hidden files and list directories, exploit requires no authentication. id: CVE-2020-19363 info: name: Vtiger CRM v7.2.0 - Directory...
EUVD-2026-43603
EIPStackGroup OpENer 2.3.0 commit 76b95cf has an out-of-bounds read issue in Connection Manager handling of ForwardOpen requests when processing short malformed packets. An attacker can send a valid ENIP outer frame carrying a malformed CIP ForwardOpen/LargeForwardOpen request, causing the parser...
CVE-2025-56361
The vulnerability is in the Matter SDK (connectedhomeip) 1.3–1.4. The Level Control cluster server tick callback (emberAfLevelControlClusterServerTickCallback) can abort the device when a MoveToLevel command is followed by a conflicting write to OperationMode in the Pump Configuration and Control...
SIP Sustainable Irrigation Platform 5.x (nr-url) Blind SSRF
Summary SIP is a free Raspberry Pi based Python program for controlling irrigation systems sprinkler, drip, hydroponic, etc. It uses web technology to provide an intuitive user interface UI in several languages. The UI can be accessed in your favorite browser on desktop, laptop, and mobile device...
CVE-2026-15680
Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit th...
CVE-2026-15680
CVE-2026-15680 affects Lorex 2K Indoor Wi‑Fi Security Camera. The vulnerability is in the sonia binary’s JSON request parsing, where lack of validation of a user‑supplied string used as a format specifier can allow a network‑adjacent attacker to execute arbitrary code with root privileges. Authen...
CVE-2026-15680 Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability
Lorex 2K Indoor Wi-Fi Security Camera CDeviceOperator Format String Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentication is not required to exploit th...
CVE-2026-15685 Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability
Ollama downloadBlob Improper Validation of Array Index Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Ollama. Authentication is not required to exploit this vulnerability. The specific flaw exists...
CVE-2026-15685
CVE-2026-15685 affects Ollama, with the vulnerability located in the downloadBlob function where user-supplied data is not properly validated, allowing an out-of-bounds memory access and resulting in a denial-of-service condition. The issue, linked to ZDI-CAN-27277, can be triggered remotely with...
CVE-2026-22096
The webserver running on port 8090 does not require authentication. This allows for sensitive information leakage such as configured passwords, or uploading files through different endpoints...
CVE-2026-51537
OpENer 2.3.0 (commit 76b95cf) contains an out-of-bounds read in the Connection Manager when processing malformed ForwardOpen/LargeForwardOpen requests, allowing a remote attacker to trigger the issue over the network without authentication. Red Hat notes potential denial of service or information...
PT-2026-57672
Name of the Vulnerable Software and Affected Versions EVbee DC-80 affected versions not specified Description The built-in web server running on port 8090 lacks authentication. This flaw allows unauthorized access to sensitive information, including configured passwords and stored credentials, an...
CVE-2026-61426
PraisonAI before 1.7.3 contains an insecure default configuration that binds to all interfaces with no API key requirement and wildcard CORS. Unauthenticated attackers can call GET /api/agents to read agent instructions and system prompts, or POST /api/chat to invoke agents without authentication...
CVE-2026-55884
Tilt HUD server in github.com/tilt-dev/tilt is affected in versions 0.20.8–0.37.3 where the HUD HTTP server registers handlers on a gorilla/mux router without authentication. When bound to a non-loopback address, an unauthenticated network caller can trigger developer-defined Tiltfile resources, ...
CVE-2026-55500
CVE-2026-55500 (9router) exposes a critical flaw in the /api/settings/database endpoint. The GET export returns the entire database, including plaintext API keys, OAuth tokens, and provider credentials, while POST can wipe-and-replace the database with attacker-controlled data. This bypasses auth...
CVE-2026-61344
The Superior Court of California Hearing Reminder Service at https://www.hrs.courts.ca.gov exposes an API endpoint that returns court reminder records containing potentially sensitive information without authentication...
EUVD-2026-42663
The Superior Court of California Hearing Reminder Service at https://www.hrs.courts.ca.gov exposes an API endpoint that returns court reminder records containing potentially sensitive information without authentication...
PT-2026-57034
Name of the Vulnerable Software and Affected Versions YesWiki version 4.6.5 Description An issue exists in the Bazar widget handler where the id GET parameter is reflected into HTML attributes using only the strip tags function. Since strip tags does not escape double quotes, an unauthenticated...