EUVD-2026-35066

A vulnerability was found in UTT HiPER 2610G up to 3.0.0-171107. This affects the function strcpy of the file /goform/formNatStaticMap. Performing a manipulation of the argument NatBinds results in buffer overflow. The exploit has been made public and could be used...

CVE-2026-11504

A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...

Exploit for CVE-2026-11499

🚨 CVE-2026-11499 Stack-Based Buffer Overflow in Tenda HG7...

CVE-2026-11503

A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function formfastsettingwifiset of the file /goform/fastsettingwifiset of the component Wi-Fi Configuration Endpoint. Such manipulation of the argument ssid leads to stack-based buffer overflow. The...

EUVD-2026-35039

A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...

CVE-2026-11504

A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...

CVE-2026-11504 Tenda CX12L Wi-Fi Schedule Configuration Endpoint openSchedWifi setSchedWifi stack-based overflow

A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer...

CVE-2026-11498

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11499

CVE-2026-11499 affects Tenda HG7HG9/HG10 with version 300001138_en_xpon. The vulnerability is in the function formDOMAINBLK of the file /boaform/formDOMAINBLK. A crafted manipulation of the blkDomain argument leads to a stack-based buffer overflow. The advisory notes this can be exploited remotel...

EUVD-2026-35028

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

CVE-2026-11498

A vulnerability was found in Tenda HG7HG9 and HG10 300001138enxpon. Affected by this issue is the function aspvoipOtherSet of the file /boaform/voipotherset of the component Web Management Interface. Performing a manipulation of the argument funckeytransfer results in stack-based buffer overflow...

OSV-2026-886 Heap-buffer-overflow in ihevcd_fmt_conv

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=520748344 Crash type: Heap-buffer-overflow WRITE 8 Crash state: ihevcdfmtconv ihevcddecode Codec::decodeFrame...

Tenda多款产品 缓冲区错误漏洞

Tenda HG10, etc., are products of the Chinese company Tenda. The Tenda HG10 is a fiber-optic router. The Tenda HG9 is a WiFi router. The Tenda HG7 is a dual-band Wi-Fi fiber network terminal device. Several Tenda products have a buffer error vulnerability. This vulnerability stems from improper...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from an error in length calculation within the extractkvectosg function, potentially leading to a buff...

Apache HTTP Server 安全漏洞

Apache HTTP Server is an open-source web server developed by the Apache Foundation in the United States. This server is known for its speed, reliability, and ability to be expanded through simple APIs. Vulnerabilities exist in Apache HTTP Server versions 2.4.0 to 2.4.67. These vulnerabilities ste...

Tenda W20E 缓冲区错误漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a buffer overflow vulnerability. This vulnerability stems from improper handling of the parameter “wifiFilterListRemark” in the modifyWifiFilterRules function within the Web Manageme...

Tenda F451 缓冲区错误漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Versions 1.0.0.7 and 1.0.0.9 of the Tenda F451 contain buffer overflow vulnerabilities. These vulnerabilities stem from improper handling of the parameter “page” in the fromNatlimit function within the Web Management...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a buffer overflow issue during the processing of dm-ioctl commands. This vulnerability could lead...

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a buffer overflow in the vreallocnode Align function, potentially leading to memory corruption...

Tenda AC18 缓冲区错误漏洞

The Tenda AC18 is a router produced by the Chinese company Tenda. The version 15.03.05.05 of the Tenda AC18 contains a buffer error vulnerability. This vulnerability stems from improper handling of parameters in the sub45304 function of the goform/getRebootStatus file within the Web Management...