CVE-2026-2853 D-Link DWR-M960 System Log Configuration Endpoint formSysLog sub_462E14 stack-based overflow

A vulnerability was detected in D-Link DWR-M960 1.01.07. This affects the function sub462E14 of the file /boafrm/formSysLog of the component System Log Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack can be initiated...

CVE-2025-14659 D-Link DIR-860LB1/DIR-868LB1 DHCP command injection

A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be...

EUVD-2025-11768

Malicious code in bioql PyPI...

CVE-2025-29043

An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the function 0x417234...

VulnCheck KEV: CVE-2019-20500

D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=configsave configBackup or downloadServerip parameter...