CVE-2026-5525 Stack-Based Buffer Overflow in Notepad++ File Drop Handler leads to DoS

A stack-based buffer overflow vulnerability exists in Notepad++ version 8.9.3 in the file drop handler component. When a user drags and drops a directory path of exactly 259 characters without a trailing backslash, the application appends a backslash and null terminator without proper bounds...

CVE-2026-5525

CVE-2026-5525 affects Notepad++ up to version 8.9.3. The issue is a stack-based buffer overflow in the file drop handler (WM_DROPFILES) when dropping a directory path of exactly 259 characters without a trailing backslash. The handler appends a backslash and a null terminator without proper bound...

EUVD-2026-21311

A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely...

CVE-2026-6016 Tenda AC9 POST Request WizardHandle decodePwd stack-based overflow

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2026-6016

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2026-6016 Tenda AC9 POST Request WizardHandle decodePwd stack-based overflow

A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be initiated remotely. T...

CVE-2026-6016

CVE-2026-6016 affects Tenda AC9 15.03.02.13. The vulnerability exists in the decodePwd function of /goform/WizardHandle within the POST Request Handler. Adversaries can trigger a stack-based buffer overflow by manipulating the WANS argument, with the attackable surface exposed remotely. Public ex...

EUVD-2026-21244

A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be...

EUVD-2026-21238

A vulnerability was detected in Tenda F451 1.0.0.7. This impacts the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Performing a manipulation of the argument mitssid results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now public and may be...

CVE-2026-5992

A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2pListFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed an...

Stack-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Stack-based Buffer Overflow in the wcPKCS7DecryptOri function when processing a CMS EnvelopedData message containing an OtherRecipientInfo recipient. An attacker can execute arbitrary code or cause a crash by sending a crafted message...

CVE-2026-5992

A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2pListFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed an...

CVE-2026-5992 Tenda F451 P2pListFilter fromP2pListFilter stack-based overflow

A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2pListFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed an...

CVE-2026-5992 Tenda F451 P2pListFilter fromP2pListFilter stack-based overflow

A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2pListFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed an...

CVE-2026-5992

CVE-2026-5992 affects Tenda F451 firmware 1.0.0.7. The issue is in the function fromP2pListFilter inside /goform/P2pListFilter, where manipulating the argument page leads to a stack-based buffer overflow. This enables remote exploitation, with public exploits disclosed. The vulnerability is suppo...

Notepad++ 安全漏洞

Notepad++ is an open-source plain-text editor developed by Don Ho of Taiwan, China. Version 8.9.3 of Notepad++ contains a security vulnerability. This vulnerability arises from the file drag-and-drop processing component, which may add slashes and empty terminators when users drag a directory pat...

Tenda F451 安全漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.7 of the Tenda F451 contains a security vulnerability. This vulnerability stems from the improper validation of the fromSafeEmailFilter function in the file /goform/SafeEmailFilter, which handles the page...

TRENDnet TEW-657BRM add_apcdb Function Stack Overflow Vulnerability

The TRENDnet TEW-657BRM is a WiFi router from TRENDnet. A stack overflow vulnerability exists in the TRENDnet TEW-657BRM addapcdb function, which originates from a misuse of the addapcdb function parameter macpcdba in file /setup.cgi, for which no detailed vulnerability details are available...

PT-2026-31832

Name of the Vulnerable Software and Affected Versions Tenda F451 version 1.0.0.7 Description A stack-based buffer overflow occurs due to the manipulation of the page argument within the fromP2pListFilter function located in the '/goform/P2pListFilter' file. This issue allows for remote...

Tenda F451 安全漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.7 of the Tenda F451 contains a security vulnerability. This vulnerability stems from the lack of proper validation for the fromP2pListFilter function in the file /goform/P2pListFilter, particularly regarding...