GHSA-7FH7-8XQM-3G88

creationtimestamp| type| source ---|---|--- 2026-03-31 23:20:06+00:00| published-proof-of-concept| Telegram/nmybyhyW9j--U7tziXdh4Y31RLU4faF2Hhhi6Dlcxk1tj2s...

CVE-2026-34215

creationtimestamp| type| source ---|---|--- 2026-03-31 21:19:25+00:00| published-proof-of-concept| Telegram/KAeZyql0w7ADSWCNfrKYv7UvYEMEw072WjtVkInGvWCcTc...

GHSA-HPM8-9QX6-JVWV

creationtimestamp| type| source ---|---|--- 2026-03-31 21:19:25+00:00| published-proof-of-concept| Telegram/KAeZyql0w7ADSWCNfrKYv7UvYEMEw072WjtVkInGvWCcTc...

CVE-2026-5211

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function...

CVE-2026-5211 D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Del stack-based overflow

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function...

GHSA-MFJ6-6P54-M98C

creationtimestamp| type| source ---|---|--- 2026-03-31 17:26:20+00:00| published-proof-of-concept| Telegram/eKNKUl3o6DiU-2-jA1Bozh3wu6D5ajzBDCTSMbn5G7zvLo...

GHSA-VPJ2-QQ7W-5QQ6

creationtimestamp| type| source ---|---|--- 2026-03-31 17:25:56+00:00| published-proof-of-concept| Telegram/DQc3fgzqy6DN4suTckTk8JzzlHKPkbNE2HsjPTkc7SF-k...

Incorrect Authorization

Overview @openclaw/zalo is an OpenClaw Zalo channel plugin Affected versions of this package are vulnerable to Incorrect Authorization via the media download process. An attacker can trigger unauthorized network fetches and disk writes by sending crafted messages to Zalo channels, causing the...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the gdkpixbufjpegimageload function of the JPEG image loader. An attacker can cause application crashes and disrupt service availability by submitting a specially crafted JPEG image that triggers improper...

GHSA-MJ4P-RC52-M843

creationtimestamp| type| source ---|---|--- 2026-03-31 13:19:26+00:00| published-proof-of-concept| Telegram/bc0dtnMAVwN1UZgcMoKZPcvjFdUYL45B0PcMRVU30Ps4cSo...

CVE-2026-34730

creationtimestamp| type| source ---|---|--- 2026-03-31 12:06:47+00:00| published-proof-of-concept| https://github.com/copier-org/copier/security/advisories/GHSA-hgjq-p8cr-gg4h...

CVE-2026-5106

A flaw has been found in code-projects Exam Form Submission 1.0. The impacted element is an unknown function of the file /admin/updatefst.php. Executing a manipulation of the argument sname can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

GHSA-8469-2XCX-FRF6

creationtimestamp| type| source ---|---|--- 2026-03-30 23:20:23+00:00| published-proof-of-concept| Telegram/dTdXmSClQuUutduSI7B7lq8U0lWyZCa4SY-4SfXv6kqarNA...

CVE-2026-5153

A flaw has been found in Tenda CH22 1.0.0.1. The affected element is the function FormWriteFacMac of the file /goform/WriteFacMac. Executing a manipulation of the argument mac can lead to command injection. The attack may be launched remotely. The exploit has been published and may be used...

CVE-2026-34715

creationtimestamp| type| source ---|---|--- 2026-03-30 19:31:23+00:00| published-proof-of-concept| https://github.com/vshakitskiy/ewe/security/advisories/GHSA-x2w3-23jr-hrpf 2026-03-30 19:31:23+00:00| published-proof-of-concept|...

EUVD-2026-17166

A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function filegetcontents. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2026-5126

A flaw has been found in SourceCodester RSS Feed Parser 1.0. Affected by this issue is the function filegetcontents. This manipulation causes server-side request forgery. The attack is possible to be carried out remotely. The exploit has been published and may be used...

CVE-2026-5012

A flaw has been found in elecV2 elecV2P up to 3.8.3. This issue affects the function pm2run of the file /rpc. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been published and may be used. The project was informed of the problem ear...

EUVD-2026-17033

A flaw has been found in Tenda FH1201 1.2.0.14408. Affected is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component Parameter Handler. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit...

CVE-2026-5046

A flaw has been found in Tenda FH1201 1.2.0.14408. Affected is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component Parameter Handler. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit...