CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added 5 days ago•9 views

CVE-2026-10166

Edimax BR-6478AC (firmware 1.23) is affected by a vulnerability in the POST Request Handler, specifically the function formWlbasic in /goform/formWlbasic. The issue arises from manipulating the argument rootAPmac, enabling command injection. The vulnerability is exploitable remotely and has been ...

6.5CVSS6.4AI score0.01058EPSS

EUVD•added 5 days ago•9 views

EUVD-2026-33486

6.5CVSS6.4AI score0.01058EPSS

OSSF Malicious Packages•added 5 days ago•11 views

Malicious code in hell-cipher (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e852860302b982f58123434d6c8671299f6b8e45e8f57c8149ab3380eb91fa63 During installation, the code tamper with security settings and downloads and executes malicious executable. --- Category: MALICIOUS - The campaign has clearly...

6AI score

Exploits0References2

OSV•added 5 days ago•4 views

MAL-2026-5093 Malicious code in h4xupdate (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 0de4da975d7b071824607be751a9ea0fb13e409eaef58d1cc0628263d5dea700 Package contains a remote control tool taking orders from a hardcoded Telegram bot. The authorship impersonate legitimate company. --- Category: MALICIOUS - Th...

6AI score

Exploits0References1

CNNVD•added 5 days ago•5 views

Edimax BR-6478AC 命令注入漏洞

The Edimax BR-6478AC is a dual-band Gigabit router produced by Edimax Corporation. The Edimax BR-6478AC version 1.23 has a command injection vulnerability. This vulnerability stems from an operation called “rootAPmac” in the function “formWlbasic” of the component “POST Request Handler”. This...

CNNVD•added 5 days ago•6 views

TRENDnet TEW-432BRP 命令注入漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. The TRENDnet TEW-432BRP 3.10B20 version has a command injection vulnerability. This vulnerability stems from the parameter enrollee in the function formWlanSetup located in the file /goform/formWlanSetup. This...

6.5CVSS6.6AI score0.01077EPSS

Positive Technologies•added 5 days ago•8 views

PT-2026-45168

6.5CVSS6.4AI score0.01058EPSS

Positive Technologies•added 5 days ago•7 views

PT-2026-45190

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and ma...

6.5CVSS6.3AI score0.01077EPSS

Exploits0References6

CNNVD•added 5 days ago•5 views

TRENDnet TEW-432BRP 命令注入漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by the TRENDnet company. The TRENDnet TEW-432BRP 3.10B20 version has a command injection vulnerability. This vulnerability stems from the parameter sysCmd in the formSysCmd function within the goform/formSysCmd file, which allows for...

6.5CVSS6.6AI score0.01077EPSS

OSV•added 6 days ago•12 views

RLSA-2026:21468 Important: cockpit security update

Cockpit enables users to administer GNU/Linux servers using a web browser. It offers network configuration, log inspection, diagnostic reports, SELinux troubleshooting, interactive command-line sessions, and more. Security Fixes: cockpit: Cockpit: Arbitrary command execution via crafted links in...

8CVSS7.2AI score0.00275EPSS

Exploits0References2

Rockylinux•added 6 days ago•10 views

cockpit security update

An update is available for cockpit. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Cockpit enables users to administer GNU/Linux servers using a web browser. It...

8CVSS6AI score0.00275EPSS

Exploits0

GithubExploit•added 6 days ago•192 views

Exploit for CVE-2026-48778

CVE-2026-48...

5.8AI score

Exploits4

NVD•added 6 days ago•13 views

CVE-2026-10127

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the argument rootAPmac causes command injection. The attack may be initiated remotely. The exploit has...

6.5CVSS0.01058EPSS

ATTACKERKB•added 6 days ago•7 views

CVE-2026-10127

Exploits0References4Affected Software1

Vulnrichment•added 6 days ago•5 views

CVE-2026-10127 Edimax BR-6478AC POST Request formStaDrvSetup command injection

EUVD•added 6 days ago•9 views

EUVD-2026-33470

6.5CVSS5.7AI score0.01058EPSS

Cvelist•added 6 days ago•29 views

CVE-2026-10127 Edimax BR-6478AC POST Request formStaDrvSetup command injection

6.5CVSS0.01058EPSS

CVE•added 6 days ago•10 views

CVE-2026-10127

CVE-2026-10127 affects Edimax BR-6478AC firmware version 1.23. The vulnerability resides in the POST Request Handler function formStaDrvSetup, specifically the /goform/formStaDrvSetup endpoint, where manipulating the argument rootAPmac enables command injection. Exploitation can be remote; public...