Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

88718 matches found

Tenable Nessus
Tenable Nessusadded 2026/05/26 12:0 a.m.9 views

TencentOS Server 3: gdk-pixbuf2 (TSSA-2026:0366)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0366 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

7.5CVSS7.2AI score0.01069EPSS
Exploits1References2
EUVD
EUVDadded 2026/05/25 10:15 p.m.9 views

EUVD-2026-31762

A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can b...

6.5CVSS6.4AI score0.01057EPSS
Exploits0References5
NVD
NVDadded 2026/05/25 8:16 p.m.7 views

CVE-2026-9497

A flaw has been found in changmingxie tcc-transaction up to 2.1.0. This issue affects the function Fastjson.parseObject of the component Fastjson AutoType REST API. This manipulation causes deserialization. It is possible to initiate the attack remotely. The vendor was contacted early about this...

6.5CVSS0.00338EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/25 8:0 p.m.8 views

CVE-2026-9498

A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument DefMsgTemplate.content leads to improper neutralization of special elements used in a template engin...

6.5CVSS6.2AI score0.00295EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/05/25 7:45 p.m.10 views

EUVD-2026-31730

A flaw has been found in changmingxie tcc-transaction up to 2.1.0. This issue affects the function Fastjson.parseObject of the component Fastjson AutoType REST API. This manipulation causes deserialization. It is possible to initiate the attack remotely. The vendor was contacted early about this...

6.5CVSS6.3AI score0.00338EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/25 7:45 p.m.22 views

CVE-2026-9497 changmingxie tcc-transaction Fastjson AutoType REST API Fastjson.parseObject deserialization

A flaw has been found in changmingxie tcc-transaction up to 2.1.0. This issue affects the function Fastjson.parseObject of the component Fastjson AutoType REST API. This manipulation causes deserialization. It is possible to initiate the attack remotely. The vendor was contacted early about this...

6.5CVSS0.00338EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/25 7:45 p.m.7 views

CVE-2026-9497 changmingxie tcc-transaction Fastjson AutoType REST API Fastjson.parseObject deserialization

A flaw has been found in changmingxie tcc-transaction up to 2.1.0. This issue affects the function Fastjson.parseObject of the component Fastjson AutoType REST API. This manipulation causes deserialization. It is possible to initiate the attack remotely. The vendor was contacted early about this...

6.5CVSS6.3AI score0.00338EPSS
Exploits0References4
CVE
CVEadded 2026/05/25 5:45 p.m.18 views

CVE-2026-9479

Edimax EW-7438RPn (firmware 1.31) contains a stack-based overflow in the formLogout function of /goform/formLogout triggered by manipulating the submit-url parameter. The vulnerability can be exploited remotely and has been publicly disclosed; vendor response is not available in the provided docu...

9CVSS7.8AI score0.00589EPSS
Exploits0References4
NVD
NVDadded 2026/05/25 5:16 p.m.15 views

CVE-2026-9471

A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation of the argument FIRSTNAME results in cross site scripting. The attack can be initiated remotely...

5.1CVSS0.00248EPSS
Exploits0References5
NVD
NVDadded 2026/05/25 4:16 p.m.13 views

CVE-2026-9468

A security flaw has been discovered in dazeb cline-mcp-memory-bank up to 55c81b9cf6c16700983c84dc4cdea3cafa19a75f. The affected element is the function handleInitializeMemoryBank of the file src/index.ts. The manipulation of the argument projectPath results in path traversal. The attack may be...

6.5CVSS0.00337EPSS
Exploits0References5
CVE
CVEadded 2026/05/25 3:15 p.m.19 views

CVE-2026-9469

CVE-2026-9469 describes a SQL injection in yashpokharna2555 StudentManagementSystem, affecting an unknown function in /success.php where manipulating the User argument enables remote exploitation. The exploit is publicly available. The advisory notes a rolling-release workflow with no version det...

7.5CVSS6.9AI score0.00319EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/25 3:0 p.m.6 views

CVE-2026-9468

A security flaw has been discovered in dazeb cline-mcp-memory-bank up to 55c81b9cf6c16700983c84dc4cdea3cafa19a75f. The affected element is the function handleInitializeMemoryBank of the file src/index.ts. The manipulation of the argument projectPath results in path traversal. The attack may be...

6.5CVSS5.4AI score0.00337EPSS
Exploits0References5
NVD
NVDadded 2026/05/25 2:16 p.m.8 views

CVE-2026-9459

A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument maxConn/timeOut results in stack-based buffer overflow. It is possible to initiate the attack remotel...

9CVSS0.00751EPSS
Exploits0References4
CVE
CVEadded 2026/05/25 1:0 p.m.14 views

CVE-2026-9460

The CVE-2026-9460 entry concerns Edimax EW-7438RPn firmware 1.31. A vulnerability in the /goform/formAccept handling allows manipulation of the submit-url argument to trigger a stack-based buffer overflow. The issue is exploitable remotely, with public exploit availability noted. No remediation d...

9CVSS7.9AI score0.00751EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/25 1:0 p.m.34 views

CVE-2026-9460 Edimax EW-7438RPn formAccept stack-based overflow

A weakness has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of the file /goform/formAccept. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made...

9CVSS0.00751EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/25 1:0 p.m.7 views

CVE-2026-9460

A weakness has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of the file /goform/formAccept. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made...

9CVSS7.9AI score0.00751EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/05/25 12:45 p.m.9 views

EUVD-2026-31675

A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument maxConn/timeOut results in stack-based buffer overflow. It is possible to initiate the attack remotel...

9CVSS7.8AI score0.00751EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/25 12:45 p.m.6 views

CVE-2026-9459 Edimax EW-7438RPn formConnectionSetting stack-based overflow

A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument maxConn/timeOut results in stack-based buffer overflow. It is possible to initiate the attack remotel...

9CVSS7.8AI score0.00751EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/25 12:30 p.m.8 views

CVE-2026-9458

A vulnerability was identified in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument enabled leads to os command injection. The attack may be performed fr...

10CVSS7.1AI score0.02094EPSS
Exploits0References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/25 11:30 a.m.8 views

CVE-2026-9454 Totolink A8000RU Web Management cstecgi.cgi setOpenVpnCertGenerationCfg os command injection

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setOpenVpnCertGenerationCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument servername can lead to os command injection. The...

10CVSS7AI score0.01909EPSS
Exploits0References5
Rows per page
Query Builder