782 matches found
EUVD-2026-42702
An Improper Check for Unusual or Exceptional Conditions vulnerability in the routing protocol daemon RPD of Juniper Networks Junos OS and Junos OS Evolved allows an adjacent, unauthenticated attacker sending a specific BGP update over an established BGP session to cause a Denial-of-Service DoS...
EUVD-2026-40379
IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 could allow an adjacent attacker to cause a denial of service due to improper validation in the XDF decoder. The application processes deeply nested Protocol Buffers messages and attacker-controlled length prefixes without sufficient bounds...
Astra Linux – Vulnerability in Linux
In the Bluetooth BR/EDR Core Specification v5.2 and earlier, legacy pairing and secure-connection pairing authentication mechanisms may allow an unauthenticated user to complete the authentication process without using pairing credentials through adjacent access. An unauthenticated, adjacent...
CVE-2026-35068
Dell PowerFlex Manager, versions prior to 5.1.0.1, contains an Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability. A low privileged attacker with adjacent network access could potentially exploit this vulnerability, leading to information disclosure...
PT-2026-48516
Name of the Vulnerable Software and Affected Versions TP-Link Archer AX12 v1 TP-Link Archer AX17 v1 TP-Link Archer AX18 v1 TP-Link Archer AX1300 v1.6 Description An OS command injection issue exists in the VPN module. This occurs due to improper filtering of special characters, allowing an...
CVE-2026-21008
Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information...
CVE-2026-3871
A buffer overflow vulnerability in the UPnP DeletePortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...
CVE-2026-49322
Weak authentication in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to recover the user-set unlock PIN by passively observing a single PIN authentication exchange. The...
CVE-2026-44440
ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.101.1 and 16.10.0, an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability on an endpoint allows an authenticated adjacent attacker to read arbitrary files. This vulnerability is...
CVE-2026-41032
It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information...
EUVD-2026-34070
It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information...
PT-2026-45912
It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information...
CVE-2026-3870
A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...
CVE-2026-3871
CVE-2026-3871 describes a buffer overflow in the UPnP DeletePortMapping() command in Zyxel VMG4005-B50B firmware up to 5.13(ABRL.5.4)C0. An adjacent attacker could trigger a temporary DoS affecting UPnP functionality. The exposed impact is the availability of the UPnP service (CVSSv3.1: AV = Adja...
CVE-2026-3870
A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...
CVE-2026-3870
A buffer overflow vulnerability in the UPnP AddPortMapping command in Zyxel VMG4005-B50B firmware versions through 5.13ABRL.5.4C0 could allow an adjacent attacker to trigger a temporary denial-of-service DoS condition affecting the UPnP function of the affected device...
CVE-2026-49316
Expected behavior violation in the in-vehicle network of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker to bypass the motorcycle's anti-theft shutdown by forcing the Wireless Control Module WCM into the CAN bus-off state. Using a well-known CAN...
CVE-2026-49324 Indian Scout Bobber 2025 WCM brute-force
Uncontrolled resource consumption in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with write access to the in-vehicle network to permanently immobilize the motorcycle. The WCM enforces a brute-force lockout on the...
CVE-2026-49323
The CVE concerns the Indian Motorcycle Scout Bobber + Tech 2025 model year WCM–ECM link. Weak authentication allows an adjacent-network attacker with read access to passively capture one seed/key exchange and recover the per-vehicle immobilizer secret because the WCM’s response uses a reversible,...
EUVD-2026-33257
Weak authentication in the Wireless Control Module WCM of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attacker with read access to the in-vehicle network to recover the user-set unlock PIN by passively observing a single PIN authentication exchange. The...