CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Positive Technologies•added 2026/03/20 12:0 a.m.•6 views

PT-2026-26629

A vulnerability was detected in Tenda A18 Pro 02.03.02.28. This vulnerability affects the function form fast setting wifi set of the file /goform/fast setting wifi set. The manipulation results in stack-based buffer overflow. The attack may be launched remotely. The exploit is now public and may ...

9CVSS8AI score0.00507EPSS

Exploits0References10

CNNVD•added 2026/03/20 12:0 a.m.•7 views

AutoMapper 安全漏洞

AutoMapper is an object mapping library open source by Lucky Penny Software LLC. Versions of AutoMapper prior to 15.1.1 and 16.1.1 contained security vulnerabilities. These vulnerabilities stemmed from the lack of enforcing a default maximum depth limit when mapping deeply nested object graphs,...

7.5CVSS5.8AI score0.00542EPSS

Exploits1References4

CNNVD•added 2026/03/20 12:0 a.m.•4 views

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the lack of a recursion limit for the tunnel sending function. This vulnerability could lead to...

5.5CVSS5.9AI score0.00128EPSS

UbuntuCve•added 2026/03/20 12:0 a.m.•3 views

CVE-2026-23276

In the Linux kernel, the following vulnerability has been resolved: net: add xmit recursion limit to tunnel xmit functions Tunnel xmit functions iptunnelxmit, ip6tunnelxmit lack their own recursion limit. When a bond device in broadcast mode has GRE tap interfaces as slaves, and those GRE tunnels...

5.5CVSS5.7AI score0.00128EPSS

Exploits0References4

CNNVD•added 2026/03/20 12:0 a.m.•7 views

Tenda A18 安全漏洞

The Tenda A18 is a AC1200 dual-band Wi-Fi repeater produced by the Chinese company Tenda. The Tenda A18 Pro version, at build number 02.03.02.28, contains a security vulnerability. This vulnerability stems from a stack buffer overflow in the function formfastsettingwifiset found in the...

9CVSS7.4AI score0.00507EPSS

Tenable Nessus•added 2026/03/20 12:0 a.m.•4 views

Linux Distros Unpatched Vulnerability : CVE-2026-4444

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML...

8.8CVSS6.1AI score0.00301EPSS

Exploits0References2

Tenable Nessus•added 2026/03/20 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2026-3849

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Stack Buffer Overflow in wcHpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH Encrypted Client Hello support, where a...

9.8CVSS6.1AI score0.00444EPSS

RedhatCVE•added 2026/03/19 11:25 p.m.•6 views

CVE-2026-30871

A flaw was found in the OpenWrt mdns daemon. A remote attacker can exploit a Stack-based Buffer Overflow vulnerability in the parsequestion function by sending specially crafted DNS Domain Name System packets. These packets, specifically PTR Pointer Record queries for reverse DNS domains, can cau...

9.8CVSS6.7AI score0.01211EPSS

Exploits0References6

RedhatCVE•added 2026/03/19 11:20 p.m.•5 views

CVE-2026-30872

A flaw was found in OpenWrt's mdns daemon. A remote attacker can exploit a stack-based buffer overflow vulnerability by sending a specially crafted DNS query. This occurs when processing IPv6 reverse DNS queries, where the system fails to validate the length of incoming data. Successful...

9.8CVSS6.6AI score0.02221EPSS

Exploits0References6

NVD•added 2026/03/19 10:16 p.m.•10 views

CVE-2026-30872

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the matchipv6addresses function, triggered when processing PTR queries for IPv6 reverse DNS domains .ip6.arpa receiv...

9.8CVSS0.02221EPSS

ATTACKERKB•added 2026/03/19 9:56 p.m.•4 views

CVE-2026-30872

Exploits0References4Affected Software1

CVE•added 2026/03/19 9:56 p.m.•10 views

CVE-2026-30872

OpenWrt OpenWrt mdns vulnerability CVE-2026-30872 affects versions prior to 24.10.6 and 25.12.1. The issue lies in the mdns daemon’s match_ipv6_addresses function, where a domain name copied into a 256-byte stack buffer via strcpy is followed by extracting a reverse IPv6 PTR query into a 46-byte ...

9.8CVSS6.3AI score0.02221EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/03/19 9:56 p.m.•23 views

CVE-2026-30872 OpenWrt Project has a Stack-based Buffer Overflow vulnerability via IPv6 reverse DNS lookup

9.5CVSS0.02221EPSS

EUVD•added 2026/03/19 9:56 p.m.•9 views

EUVD-2026-13249

Vulnrichment•added 2026/03/19 9:56 p.m.•5 views

CVE-2026-30872 OpenWrt Project has a Stack-based Buffer Overflow vulnerability via IPv6 reverse DNS lookup

OSV•added 2026/03/19 9:56 p.m.•5 views

CVE-2026-30872 OpenWrt Project has a Stack-based Buffer Overflow vulnerability via IPv6 reverse DNS lookup

EUVD•added 2026/03/19 9:49 p.m.•6 views

EUVD-2026-13247

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the parsequestion function. The issue is triggered by PTR queries for reverse DNS domains .in-addr.arpa and .ip6.arp...

9.5CVSS5.9AI score0.01211EPSS