Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

145152 matches found

CVE
CVEadded 2026/05/25 7:45 a.m.12 views

CVE-2026-9439

Edimax BR-6675nD (version 1.12) is affected through the stainfo function in /goform/stainfo, enabling remote command injection due to interface argument handling. Public exploit exists; vendor did not respond to disclosure. No remediation details are provided in the available documents.

6.5CVSS6.4AI score0.01409EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/25 7:45 a.m.11 views

EUVD-2026-31649

A vulnerability was determined in Edimax BR-6675nD 1.12. Affected is the function stainfo of the file /goform/stainfo. This manipulation of the argument interface causes command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized...

6.5CVSS6.4AI score0.01409EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/25 7:45 a.m.6 views

CVE-2026-9439 Edimax BR-6675nD stainfo command injection

A vulnerability was determined in Edimax BR-6675nD 1.12. Affected is the function stainfo of the file /goform/stainfo. This manipulation of the argument interface causes command injection. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized...

6.5CVSS6.4AI score0.01409EPSS
Exploits0References4
OSV
OSVadded 2026/05/25 7:25 a.m.3 views

CLSA-2026-1779583625 vim: Fix of CVE-2026-46483

CVE-2026-46483: fix command injection in tar plugin Vimuntar when decompressing .tgz archives by passing the special flag to shellescape upstream vim 9.2.0479...

7CVSS5.8AI score0.00017EPSS
Exploits0References1
OSV
OSVadded 2026/05/25 7:23 a.m.5 views

CLSA-2026-1779583115 vim: Fix of CVE-2026-46483

CVE-2026-46483: fix command injection in tar plugin Vimuntar when decompressing .tgz archives by passing the special flag to shellescape upstream vim 9.2.0479...

7CVSS5.8AI score0.00017EPSS
Exploits0References1
NVD
NVDadded 2026/05/25 7:16 a.m.9 views

CVE-2026-9434

A security vulnerability has been detected in Totolink A8000RU 7.1cu.643b20200521. Impacted is the function setWiFiWpsCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument wscDisabled leads to os command injection. The attack may be...

10CVSS0.01254EPSS
Exploits0References5
NVD
NVDadded 2026/05/25 7:16 a.m.7 views

CVE-2026-9433

A weakness has been identified in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. This manipulation of the argument enable causes os command injection. The attack may be initiated...

10CVSS0.01254EPSS
Exploits0References5
NVD
NVDadded 2026/05/25 7:16 a.m.8 views

CVE-2026-9432

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This vulnerability affects the function setWiFiAdvancedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. The manipulation of the argument bgProtection results in os command injection. The...

10CVSS0.01254EPSS
Exploits0References5
NVD
NVDadded 2026/05/25 7:16 a.m.9 views

CVE-2026-25193

Insertion of Sensitive Information into Log File CWE-532 in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Command Centre Services with a custom Service Account not the default Network Service account are...

8.1CVSS0.00013EPSS
Exploits0References1
Cvelist
Cvelistadded 2026/05/25 7:15 a.m.31 views

CVE-2026-9437 DTStack Taier REST API Runtime.exec os command injection

A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may ...

6.5CVSS0.01409EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/25 7:15 a.m.8 views

EUVD-2026-31645

A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may ...

6.5CVSS6.2AI score0.01409EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/25 7:15 a.m.6 views

CVE-2026-9437

A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may ...

6.5CVSS6.2AI score0.01409EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/05/25 7:15 a.m.14 views

CVE-2026-9437

DTStack Taier 1.4.0 REST API Runtime.exec is affected. The vulnerability arises from manipulation of the sqlText argument, enabling OS command injection that could be exploited remotely. Exploit information is publicly disclosed; no remediation details are provided in the documents. The connected...

6.5CVSS6.2AI score0.01409EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/25 7:15 a.m.7 views

CVE-2026-9437 DTStack Taier REST API Runtime.exec os command injection

A vulnerability has been found in DTStack Taier 1.4.0. This affects the function Runtime.exec of the component REST API. The manipulation of the argument sqlText leads to os command injection. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may ...

6.5CVSS6.2AI score0.01409EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/25 7:0 a.m.31 views

CVE-2026-9436 Totolink A8000RU Web Management cstecgi.cgi setL2tpServerCfg os command injection

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...

10CVSS0.01317EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/05/25 7:0 a.m.6 views

CVE-2026-9436

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...

10CVSS7AI score0.01317EPSS
Exploits0References6Affected Software1
EUVD
EUVDadded 2026/05/25 7:0 a.m.7 views

EUVD-2026-31644

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...

10CVSS7AI score0.01317EPSS
Exploits0References6
Vulnrichment
Vulnrichmentadded 2026/05/25 7:0 a.m.7 views

CVE-2026-9436 Totolink A8000RU Web Management cstecgi.cgi setL2tpServerCfg os command injection

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. The impacted element is the function setL2tpServerCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack can be...

10CVSS7AI score0.01317EPSS
Exploits0References6
CVE
CVEadded 2026/05/25 7:0 a.m.15 views

CVE-2026-9436

Totolink A8000RU Web Management (cgi-bin/cstecgi.cgi, function setL2tpServerCfg) is affected by an os command injection when manipulating the enable argument. The flaw is exploitable remotely and has an exploit published. Impact concerns high confidentiality, integrity, and availability per CVSS,...

10CVSS7AI score0.01317EPSS
Exploits0References6
Cvelist
Cvelistadded 2026/05/25 6:45 a.m.30 views

CVE-2026-9435 Totolink A8000RU Web Management cstecgi.cgi setQosCfg os command injection

A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. The affected element is the function setQosCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation of...

10CVSS0.01254EPSS
Exploits0References5
Rows per page
Query Builder