CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 12 hours ago•5 views

CVE-2026-49203

Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted...

7.2CVSS

EUVD•added 12 hours ago•2 views

EUVD-2026-34219

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

ATTACKERKB•added 12 hours ago•2 views

CVE-2026-50207

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

CVE•added 12 hours ago•5 views

CVE-2026-50207

The CVE-2026-50207 issue involves the system Binder boundary that accepts unverified pass-through AT commands, enabling local applications to read baseband files or disable cellular connectivity. The vulnerability is described as local, with impact to confidentiality, integrity, and availability ...

Cvelist•added 12 hours ago•6 views

CVE-2026-50207 Local Modem Manipulation via Binder Interfaces

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

8.5CVSS

Cvelist•added 13 hours ago•8 views

CVE-2026-49203 Unauthenticated eSIM Configuration Manipulation

Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted...

7.2CVSS

Positive Technologies•added 19 hours ago•6 views

PT-2026-46159

The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity...

Positive Technologies•added 19 hours ago•7 views

PT-2026-46154

Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted...

7.2CVSS5.8AI score

Nuclei•added yesterday•51 views

Milesight Routers - Information Disclosure

A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router...

7.5CVSS7.3AI score0.93139EPSS

Exploits5References5

Vulnrichment•added 2026/04/03 10:54 p.m.•0 views

CVE-2017-20236 ProSoft Technology ICX35-HWC Command Injection via Web Interface

ProSoft Technology ICX35-HWC versions 1.3 and prior cellular gateways contain an input validation vulnerability in the web user interface that allows remote attackers to inject and execute system commands by submitting malicious input through unvalidated fields. Attackers can exploit this...

9.8CVSS6.2AI score0.00085EPSS

Vulnrichment•added 2026/04/03 10:51 p.m.•1 views

CVE-2017-20235 ProSoft Technology ICX35-HWC Authentication Bypass

ProSoft Technology ICX35-HWC version 1.3 and prior cellular gateways contain an authentication bypass vulnerability in the web user interface that allows unauthenticated attackers to gain access to administrative functions without valid credentials. Attackers can bypass the authentication mechani...

9.3CVSS5.9AI score0.00089EPSS