PT-2026-36547

Name of the Vulnerable Software and Affected Versions nextlevelbuilder ui-ux-pro-max-skill versions prior to 2.5.1 Description A flaw in the Tailwind Config Generator component allows remote code injection. The issue exists within the format plugins function located in the...

EUVD-2026-26464

A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2026-7512 UTT HiPER 1200GW formUser strcpy buffer overflow

A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2026-7505

A flaw has been found in nextlevelbuilder GoClaw and GoClaw Lite up to 3.8.5. This affects an unknown function of the component RPC Handler. This manipulation causes improper authorization. The attack may be initiated remotely. The exploit has been published and may be used. Upgrading to version...

CVE-2026-42590

creationtimestamp| type| source ---|---|--- 2026-04-30 18:31:11+00:00| published-proof-of-concept| https://github.com/gotenberg/gotenberg/security/advisories/GHSA-7v3r-m9c8-r855...

CVE-2026-42589

creationtimestamp| type| source ---|---|--- 2026-04-30 18:30:59+00:00| published-proof-of-concept| https://github.com/gotenberg/gotenberg/security/advisories/GHSA-rqgh-gxv4-6657 2026-05-30 07:00:03+00:00| seen| https://t.me/GithubRedTeam/86500 2026-05-30 07:38:57+00:00| confirmed|...

CVE-2026-7319

A flaw has been found in elinsky execution-system-mcp 0.1.0. The impacted element is the function getcontextfilepath of the file src/executionsystemmcp/server.py of the component addaction Tool. This manipulation of the argument context causes path traversal. The attack can be initiated remotely...

CVE-2026-7470

A flaw has been found in Tenda 4G300 US4G300V1.0MtV1.01.42CNTDC01. Affected is the function sub427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may...

CVE-2026-46689

creationtimestamp| type| source ---|---|--- 2026-04-30 02:48:09+00:00| published-proof-of-concept| https://github.com/kanidm/kanidm/security/advisories/GHSA-r5fr-9gmv-jggh...

CVE-2026-7470 Tenda 4G300 SafeMacFilter sub_427C3C stack-based overflow

A flaw has been found in Tenda 4G300 US4G300V1.0MtV1.01.42CNTDC01. Affected is the function sub427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may...

EUVD-2026-26307

A flaw has been found in Tenda 4G300 US4G300V1.0MtV1.01.42CNTDC01. Affected is the function sub427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may...

CVE-2026-7470 Tenda 4G300 SafeMacFilter sub_427C3C stack-based overflow

A flaw has been found in Tenda 4G300 US4G300V1.0MtV1.01.42CNTDC01. Affected is the function sub427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may...

PT-2026-36037

A flaw has been found in Tenda 4G300 US 4G300V1.0Mt V1.01.42 CN TDC01. Affected is the function sub 427C3C of the file /goform/SafeMacFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published an...

PT-2026-36258

A flaw has been found in UTT HiPER 1200GW up to 2.5.3-1703. The affected element is the function strcpy of the file /goform/formUser. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2026-44425

creationtimestamp| type| source ---|---|--- 2026-04-29 23:48:30+00:00| published-proof-of-concept| https://github.com/shellhub-io/shellhub/security/advisories/GHSA-47r2-v3x6-wff9...

EUVD-2026-26250

A flaw has been found in fatbobman mail-mcp-bridge up to 1.3.3. Affected is an unknown function of the file src/mailmcpserver.py. Executing a manipulation of the argument messageids can lead to path traversal. The attack can be executed remotely. The exploit has been published and may be used...

PT-2026-35955

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function save supplier of the file /ajax.php?action=save supplier. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been...

EUVD-2026-26152

A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function getpdfpath of the file src/spirepdfmcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The exploi...

CVE-2026-42545

creationtimestamp| type| source ---|---|--- 2026-04-28 18:30:30+00:00| published-proof-of-concept| https://github.com/emmett-framework/granian/security/advisories/GHSA-f5p7-9fr5-8jmj...

CVE-2026-42544

creationtimestamp| type| source ---|---|--- 2026-04-28 18:30:03+00:00| published-proof-of-concept| https://github.com/emmett-framework/granian/security/advisories/GHSA-vrg7-482j-p6f6...