Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

7795 matches found

RedhatCVE
RedhatCVEadded 2026/03/31 4:59 a.m.5 views

CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

6.1CVSS6AI score0.00174EPSS
Exploits1References1
Cvelist
Cvelistadded 2026/03/31 12:0 a.m.19 views

CVE-2026-30520

A Blind SQL Injection vulnerability exists in SourceCodester Loan Management System v1.0. The vulnerability is located in the ajax.php file specifically the saveloan action. The application fails to properly sanitize user input supplied to the "borrowerid" parameter in a POST request, allowing an...

0.0022EPSS
Exploits1References1
Snyk
Snykadded 2026/03/30 7:5 p.m.2 views

Incorrect Authorization

Overview openclaw is a 🦞 OpenClaw — Personal AI Assistant Affected versions of this package are vulnerable to Incorrect Authorization via the browser.request function on the operator.write surface. An attacker can disrupt browser operations, terminate active browser sessions, and move the local...

8.1CVSS5.9AI score0.006EPSS
Exploits1References2
Cvelist
Cvelistadded 2026/03/30 12:0 a.m.21 views

CVE-2026-30563

A Stored Cross-Site Scripting XSS vulnerability exists in SourceCodester Sales and Inventory System 1.0. The vulnerability is located in the updatedetails.php file. The application fails to sanitize the "website" parameter provided in a POST request. This allows authenticated attackers to inject...

0.00174EPSS
Exploits1References1
CVE
CVEadded 2026/03/30 12:0 a.m.5 views

CVE-2026-30563

CVE-2026-30563 describes a Stored XSS in SourceCodester Sales and Inventory System 1.0, triggered by unsanitized input in the update_details.php file. The vulnerability arises from accepting the POST parameter “website” without proper sanitization, allowing an authenticated attacker to store arbi...

6.1CVSS6AI score0.00174EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVEadded 2026/03/28 4:59 p.m.4 views

CVE-2026-4960

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS8AI score0.00773EPSS
Exploits1References1
SUSE CVE
SUSE CVEadded 2026/03/28 12:26 a.m.4 views

SUSE CVE-2026-33064

Free5GC is an open-source Linux Foundation project for 5th generation 5G mobile core networks. Versions prior to 1.4.2 are vulnerable to procedure panic caused by Nil Pointer Dereference in the /sdm-subscriptions endpoint. A remote attacker can cause the UDM service to panic and crash by sending ...

8.7CVSS5.9AI score0.00486EPSS
Exploits1References3
Positive Technologies
Positive Technologiesadded 2026/03/28 12:0 a.m.10 views

PT-2026-28719

Name of the Vulnerable Software and Affected Versions PromtEngineer localGPT versions prior to 4d41c7d1713b16b216d8e062e51a5dd88b20b054 Description A flaw exists in PromtEngineer localGPT that allows for unrestricted file upload. The issue is located in the do POST function within the...

7.5CVSS5.6AI score0.00294EPSS
Exploits0References8
RedhatCVE
RedhatCVEadded 2026/03/27 10:51 p.m.7 views

CVE-2026-4902

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is n...

9CVSS8AI score0.00632EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/03/27 10:51 p.m.4 views

CVE-2026-4903

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. Th...

9CVSS7.9AI score0.05461EPSS
Exploits1References1
EUVD
EUVDadded 2026/03/27 9:31 p.m.2 views

EUVD-2026-16811

A vulnerability has been found in Tenda AC15 15.03.05.19. This affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. The manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has...

9CVSS7.9AI score0.00632EPSS
Exploits1References6
ATTACKERKB
ATTACKERKBadded 2026/03/27 7:52 p.m.2 views

CVE-2026-4974

A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS6.5AI score0.00632EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/03/27 7:52 p.m.1 views

CVE-2026-4974 Tenda AC7 POST Request SetSysTimeCfg fromSetSysTime memory corruption

A flaw has been found in Tenda AC7 15.03.06.44. Affected by this issue is the function fromSetSysTime of the file /goform/SetSysTimeCfg of the component POST Request Handler. Executing a manipulation of the argument Time can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS7.8AI score0.00632EPSS
Exploits1References5
CVE
CVEadded 2026/03/27 7:52 p.m.9 views

CVE-2026-4974

CVE-2026-4974 affects Tenda AC7 firmware version 15.03.06.44. The vulnerability is in the function fromSetSysTime of /goform/SetSysTimeCfg in the POST Request Handler, where manipulating the Time argument can cause a stack-based buffer overflow. This enables remote code execution over the network...

9CVSS7.8AI score0.00632EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2026/03/27 6:31 p.m.4 views

EUVD-2026-16723

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS7.9AI score0.00773EPSS
Exploits1References6
NVD
NVDadded 2026/03/27 5:16 p.m.5 views

CVE-2026-4960

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS0.00773EPSS
Exploits1References5
Cvelist
Cvelistadded 2026/03/27 4:9 p.m.21 views

CVE-2026-4961 Tenda AC6 POST Request QuickIndex formQuickIndex stack-based overflow

A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack is possible ...

9CVSS0.00773EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/03/27 4:9 p.m.2 views

CVE-2026-4961 Tenda AC6 POST Request QuickIndex formQuickIndex stack-based overflow

A vulnerability was identified in Tenda AC6 15.03.05.16. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. The manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. The attack is possible ...

9CVSS7.9AI score0.00773EPSS
Exploits1References5
Vulnrichment
Vulnrichmentadded 2026/03/27 4:9 p.m.7 views

CVE-2026-4960 Tenda AC6 POST Request WizardHandle fromWizardHandle stack-based overflow

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS8AI score0.00773EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/03/27 4:9 p.m.3 views

CVE-2026-4960

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS8AI score0.00773EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder