CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/04/03 11:1 p.m.•5 views

CVE-2026-34121

An authentication bypass vulnerability within the HTTP handling of the DS configuration service in TP-Link Tapo C520WS v2.6 was identified, due to inconsistent parsing and authorization logic in JSON requests during authentication check. An unauthenticated attacker can append an...

8.8CVSS6AI score0.00447EPSS

RedhatCVE•added 2026/04/03 11:1 p.m.•3 views

CVE-2026-34119

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the HTTP parsing loop when appending segmented request bodies without continuous write‑boundary verification, due to insufficient boundary validation when handling externally supplied HTTP input. An...

7.1CVSS6.2AI score0.00228EPSS

EUVD•added 2026/04/02 6:31 p.m.•4 views

EUVD-2026-18426

7.1CVSS6.1AI score0.00259EPSS

NVD•added 2026/04/02 6:16 p.m.•4 views

CVE-2026-34119

7.1CVSS0.00228EPSS

Cvelist•added 2026/04/02 5:20 p.m.•13 views

CVE-2026-34121 Authentication Bypass in DS Configuration Service via HTTP Request Parsing Differential of TP-Link Tapo C520WS

8.7CVSS0.00447EPSS

Vulnrichment•added 2026/04/02 5:19 p.m.•0 views

CVE-2026-34120 Heap-based Buffer Overflow Vulnerability Leading to Denial-of-Service in TP-Link Tapo C520WS

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 within the asynchronous parsing of local video stream content due to insufficient alignment and validation of buffer boundaries when processing streaming inputs.An attacker on the same network segment could...

7.1CVSS6.1AI score0.00228EPSS

ATTACKERKB•added 2026/04/02 5:19 p.m.•1 views

CVE-2026-34120

7.1CVSS6.1AI score0.00228EPSS

CVE•added 2026/04/02 5:19 p.m.•14 views

CVE-2026-34119

CVE-2026-34119 — TP-Link Tapo C520WS (v2.6) shows a heap-based buffer overflow in the HTTP parsing loop when appending segmented request bodies, due to insufficient boundary validation for externally supplied HTTP input. The issue can allow heap memory corruption on the device when an attacker on...

7.1CVSS6.1AI score0.00228EPSS

Exploits0References3Affected Software1

ATTACKERKB•added 2026/04/02 5:19 p.m.•3 views

CVE-2026-34118

7.1CVSS6.1AI score0.00259EPSS

CNNVD•added 2026/02/13 12:0 a.m.•7 views

TP-LINK Tapo 安全漏洞

TP-LINK Tapo is a series of secure Wi-Fi cameras produced by TP-LINK Corporation. TP-LINK Tapo has a security vulnerability, which stems from issues with the certificate verification logic. This vulnerability may allow applications to accept identities of servers that are untrusted or not properl...

8.1CVSS5.8AI score0.00224EPSS

CVE•added 2026/02/10 5:27 p.m.•23 views

CVE-2026-0651

CVE-2026-0651 is a path traversal vulnerability in TP-Link Tapo C260 v1, D235 v1, and C520WS v2.6 where the HTTP server mishandles GET paths: it normalizes paths, but if decoding of URL-encoded input fails it falls back to the raw path, enabling crafted URL-encoded traversal sequences to escape t...

7.8CVSS5.9AI score0.00303EPSS

Exploits2References6Affected Software1

Cvelist•added 2026/02/10 5:27 p.m.•27 views

CVE-2026-0651 Path Traversal on TP-Link Tapo D235 and C260 via Local https

A path traversal vulnerability was identified TP-Link Tapo C260 v1, D235 v1 and C520WS v2.6 within the HTTP server’s handling of GET requests. The server performs path normalization before fully decoding URL encoded input and falls back to using the raw path when normalization fails. An attacker...

6.9CVSS0.00303EPSS

Exploits2References6

Vulnrichment•added 2026/02/10 5:27 p.m.•4 views

CVE-2026-0652 Remote Code Execution on TP-Link Tapo C260 by Guest User

On TP-Link Tapo C260 v1, command injection vulnerability exists due to improper sanitization in certain POST parameters during configuration synchronization. An authenticated attacker can execute arbitrary system commands with high impact on confidentiality, integrity and availability. It may cau...

8.7CVSS6.1AI score0.22757EPSS

Exploits2References3

Cvelist•added 2026/02/10 5:27 p.m.•26 views

CVE-2026-0652 Remote Code Execution on TP-Link Tapo C260 by Guest User

8.7CVSS0.22757EPSS

Exploits2References3

CVE•added 2026/02/10 5:27 p.m.•18 views

CVE-2026-0653

CVE-2026-0653 affects TP-Link Tapo C260 v1 and D235 v1. A guest-level authenticated user can bypass access controls by sending crafted requests to a synchronization endpoint, enabling modification of protected device settings with limited privileges. Root cause: insufficient access control leadin...

7.2CVSS5.8AI score0.00386EPSS

Exploits2References4Affected Software1

Vulnrichment•added 2026/02/05 5:45 p.m.•7 views

CVE-2025-15557 Improper Certificate Validation in TP-Link Tapo H100 and P100 Allows Man-in-the-Middle Attack

An Improper Certificate Validation vulnerability in TP-Link Tapo H100 v1 and Tapo P100 v1 allows an on-path attacker on the same network segment to intercept and modify encrypted device-cloud communications. This may compromise the confidentiality and integrity of device-to-cloud communication,...

7.5CVSS5.4AI score0.00183EPSS

Exploits0References5

RedhatCVE•added 2025/12/17 7:0 p.m.•8 views

CVE-2025-14553

Exposure of password hashes through an unauthenticated API response in TP-Link Tapo app on iOS and Android for Tapo cameras, allowing attackers to brute force the password in the local network. Issue can be mitigated through mobile application updates. Device firmware remains unchanged...

7CVSS6.6AI score0.00174EPSS

EUVD•added 2025/12/16 9:30 p.m.•5 views

EUVD-2025-203829

Exposure of password hashes through an unauthenticated API response in TP-Link Tapo C210 V.1.8 app on iOS and Android, allowing attackers to brute force the password in the local network. Issue can be mitigated through mobile application updates. Device firmware remains unchanged...

7CVSS6.2AI score0.00174EPSS

NVD•added 2025/12/16 7:15 p.m.•5 views

CVE-2025-14553

7CVSS0.00174EPSS