Lucene search
K

23167 matches found

vulnersOsv
vulnersOsv
added 2026/05/06 7:32 p.m.7 views

@c0va23/react-router-dev (=7.8.3-alpha.2), @holocron.so/cli (>=0.6.0 <=0.16.0) +15 more potentially affected by CVE-2026-23870 via @vitejs/plugin-rsc (>=0.4.11 <=0.5.24)

@vitejs/plugin-rsc NPM version =0.4.11, =0.6.0, =0.5.0, =0.0.1, =0.0.0-1ae0b37, =0.0.0-experimental-2a6c7bc, =0.0.0-pr-32412-sha-4e0feb24, =1.0.2, =0.1.0, =0.0.1, =1.18.0-rsc.19, =0.1.0, =0.0.1-alpha.0, =1.0.0, =1.0.1 and more Source cves: CVE-2026-23870 Source advisory:...

7.5CVSS7AI score0.01533EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/05/06 7:32 p.m.7 views

@amazeelabs/bridge-waku (>=1.1.9 <=2.0.1), @amazeelabs/executors (>=3.1.12 <=3.1.14) +18 more potentially affected by CVE-2026-23870 via react-server-dom-webpack (>=19.0.0 <=19.0.1)

react-server-dom-webpack NPM version =19.0.0, =1.1.9, =3.1.12, =1.4.7, =1.1.3, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859, =1.0.0-canary.12859,...

7.5CVSS7AI score0.01533EPSS
Exploits1
NVD
NVD
added 2026/05/06 7:16 p.m.11 views

CVE-2026-34473

Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181A, and H196Q. A denial-of-service condition can be triggered against the router's web interface by sending an oversized application/x-www-form-urlencoded POST...

7.5CVSS0.02376EPSS
Exploits3References3
EUVD
EUVD
added 2026/05/06 6:30 p.m.11 views

EUVD-2026-27854

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router. This vulnerability is due to insufficient input validation of user-supplied data. An...

6.4CVSS5.9AI score0.0021EPSS
Exploits0References2
CVE
CVE
added 2026/05/06 4:15 p.m.16 views

CVE-2026-20167

Cisco IoT Field Network Director exposes a web-based management interface flaw where an authenticated, low-privilege attacker can trigger a DoS on a remotely managed router. The root cause is improper error handling, with crafted input potentially causing the router to reload by requesting unauth...

7.7CVSS5.8AI score0.00272EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/06 4:15 p.m.6 views

CVE-2026-20169

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router. This vulnerability is due to insufficient input validation of user-supplied data. An...

6.4CVSS5.9AI score0.0021EPSS
Exploits0References2Affected Software1
SUSE CVE
SUSE CVE
added 2026/05/06 1:40 a.m.8 views

SUSE CVE-2026-43040

In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndiscrauseropt to initialize nduseroptpadX fields to zero to prevent an info-leak When processing Router Advertisements with user options the kernel builds an RTMNEWNDUSEROPT netlink message. The nduseroptms...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References14
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-37652

A vulnerability in the web-based management interface of Cisco IoT Field Network Director could allow an authenticated, remote attacker with low privileges to access files and execute commands on a remote router. This vulnerability is due to insufficient input validation of user-supplied data. An...

6.4CVSS5.9AI score0.0021EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/05/06 12:0 a.m.9 views

CVE-2026-34474

Sensitive data exposure leading to admin/WLAN credential leak in ZTE ZXHN H298A 1.1 and H108N 2.6. A crafted request to the router web interface can expose sensitive device and account information. In affected builds, the response may include the administrator password and WLAN PSK, enabling...

5.8AI score0.24681EPSS
Exploits3References2
CVE
CVE
added 2026/05/06 12:0 a.m.22 views

CVE-2026-34474

CVE-2026-34474 affects ZTE ZXHN H298A (1.1) and H108N (2.6) routers. A crafted request to the device’s web interface can cause a sensitive-data exposure, potentially returning the administrator password and WLAN PSK, which could enable authentication bypass and wireless/network compromise. Some f...

7.5CVSS5.8AI score0.24681EPSS
Exploits3References3
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.11 views

PT-2026-38218

Name of the Vulnerable Software and Affected Versions ZTE ZXHN H298A version 1.1 ZTE H108N version 2.6 Description A crafted request to the router web interface can cause sensitive data exposure. This issue may leak device and account information, including the administrator password and WLAN...

7.5CVSS5.8AI score0.24681EPSS
Exploits3References8
CNNVD
CNNVD
added 2026/05/06 12:0 a.m.10 views

Cisco IoT Field Network Director 访问控制错误漏洞

The Cisco IoT Field Network Director is an end-to-end IoT management system developed by Cisco, Inc. This system offers features such as device management, asset tracking, and intelligent metering. There is an access control vulnerability present in the Cisco IoT Field Network Director. This...

7.7CVSS5.8AI score0.00272EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/06 12:0 a.m.31 views

CVE-2026-34473

Unauthenticated DoS in ZTE H8102E, H168N, H167A, H199A, H288A, H198A, H267A, H267N, H268A, H388X, H196A, H369A, H268N, H208N, H367N, H181A, and H196Q. A denial-of-service condition can be triggered against the router's web interface by sending an oversized application/x-www-form-urlencoded POST...

0.02376EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.9 views

RHCOS 4 : OpenShift Container Platform 4.4.8 containernetworking-plugins (RHSA-2020:2403)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2403 advisory. - containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters CVE-2020-10749 Note that Nessus has not...

6CVSS5.8AI score0.02428EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.13 views

RHCOS 4 : OpenShift Container Platform 4.3.25 containernetworking-plugins (RHSA-2020:2443)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2443 advisory. - containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters CVE-2020-10749 Note that Nessus has not...

6CVSS5.8AI score0.02428EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/05/06 12:0 a.m.12 views

RHCOS 4 : OpenShift Container Platform 4.2.36 containernetworking-plugins (RHSA-2020:2592)

The remote Red Hat Enterprise Linux CoreOS 4 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2020:2592 advisory. - containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters CVE-2020-10749 Note that Nessus has not...

6CVSS5.8AI score0.02428EPSS
Exploits1References5
CVE
CVE
added 2026/05/05 6:15 p.m.30 views

CVE-2026-7854

The CVE-2026-7854 entry concerns D-Link DI-8100 firmware 16.07.26A1. The vulnerability lies in the POST Parameter Handler, specifically the url_rule_asp function in /url_rule.asp, which is reported to cause a buffer overflow. This could be exploited remotely, and public exploit information is ind...

10CVSS7.5AI score0.0586EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/05/05 5:16 a.m.22 views

CVE-2026-7823

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be launched remotely. The exploit has been released to the...

10CVSS0.01788EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/05 2:20 a.m.8 views

CVE-2026-7718

A vulnerability was identified in Totolink WA300 5.2cu.7112B20190227. Impacted is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument webWlanIdx leads to command injection. The attack may be initiated remotely. The...

6.5CVSS6.5AI score0.00916EPSS
Exploits0References1
Packet Storm
Packet Storm
added 2026/05/05 12:0 a.m.65 views

📄 SumatraPDF 3.5.2 Remote Code Execution

SumatraPDF versions 3.5.0 to 3.5.2 disable TLS hostname verification during update checks using INTERNETFLAGIGNORECERTCNINVALID and do not perform any signature or integrity validation on the downloaded installer. Exploit Title: SumatraPDF 3.5.2 - Remote Code Execution Date: 2026-02-10 Exploit...

7.5CVSS5.8AI score0.00445EPSS
Exploits4
Rows per page
Query Builder