CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

986 matches found

EUVD•added 2026/04/27 3:15 a.m.•4 views

EUVD-2026-25765

A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the argument Go can lead to buffer overflow. The attack can be executed remotely. The exploit has been...

9CVSS6AI score0.00619EPSS

Exploits1References5

Positive Technologies•added 2026/04/27 12:0 a.m.•4 views

PT-2026-35284

A flaw has been found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /execute.php. This manipulation of the argument code causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may be used...

7.5CVSS7.2AI score0.00254EPSS

Exploits0References6

Positive Technologies•added 2026/04/27 12:0 a.m.•3 views

PT-2026-35348

9CVSS8.6AI score0.00619EPSS

Exploits1References6

Positive Technologies•added 2026/04/27 12:0 a.m.•6 views

PT-2026-35359

A flaw has been found in code-projects Invoice System in Laravel 1.0. This impacts an unknown function of the file /user of the component User Management Handler. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been published and may...

6.5CVSS6.1AI score0.00201EPSS

Exploits0References6

Positive Technologies•added 2026/04/27 12:0 a.m.•2 views

PT-2026-35432

A flaw has been found in SourceCodester Pharmacy Sales and Inventory System 1.0. The affected element is an unknown function of the file /ajax.php?action=delete category. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit ha...

7.5CVSS7.2AI score0.00254EPSS

Exploits0References6

Positive Technologies•added 2026/04/27 12:0 a.m.•1 views

PT-2026-35530

A flaw has been found in disler aider-mcp-server up to b2516fa466d0d851932da92ee6d0e66946db9efc. Affected by this vulnerability is an unknown functionality of the file src/aider mcp server/server.py of the component aider ai code. This manipulation of the argument relative editable files causes...

7.5CVSS7AI score0.01338EPSS

Exploits0References6

CVE•added 2026/04/26 11:45 p.m.•12 views

CVE-2026-7068

CVE-2026-7068 affects D-Link DIR-825 (firmware 3.00b32) in the nmbd component, specifically NMBD_process in sserver.c, causing a buffer overflow. Impacted action is local-network based, with confidentiality/integrity/availability rated high by CVSS data; exploit maturity noted as PROOF-OF-CONCEPT...

8.8CVSS8.5AI score0.01871EPSS

Exploits1References5Affected Software1

EUVD•added 2026/04/26 10:45 p.m.•3 views

EUVD-2026-25734

A flaw has been found in AgentDeskAI browser-tools-mcp up to 1.2.0. This issue affects some unknown processing of the file browser-tools-server/browser-connector.ts. Executing a manipulation can lead to os command injection. The attack may be performed from remote. The exploit has been published...

7.5CVSS5.1AI score0.01633EPSS

Exploits0References5

NVD•added 2026/04/26 10:17 p.m.•4 views

CVE-2026-7042

A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function createapp of the file backend/app/init.py of the component REST API Endpoint. Executing a manipulation can lead to missing authentication. It is possible to launch the attack remotely. The exploit has been published a...

7.5CVSS0.00383EPSS

Exploits0References5

EUVD•added 2026/04/26 6:45 p.m.•1 views

EUVD-2026-25727

A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component httpd. This manipulation of the argument funcname/funcpara1 causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been published a...

9CVSS8.5AI score0.00632EPSS

Exploits1References5

ATTACKERKB•added 2026/04/26 6:45 p.m.•2 views

CVE-2026-7057

9CVSS5.8AI score0.00632EPSS

Exploits1References5Affected Software1

EUVD•added 2026/04/26 1:0 p.m.•4 views

EUVD-2026-25719

7.5CVSS5.1AI score0.00383EPSS

Exploits0References5

Vulnrichment•added 2026/04/26 10:0 a.m.•3 views

CVE-2026-7032 Tenda F456 SafeEmailFilter buffer overflow

A flaw has been found in Tenda F456 1.0.0.5. Affected is the function SafeEmailFilter of the file /goform/SafeEmailFilter. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been published and may be used...

9CVSS8.6AI score0.00632EPSS

Exploits1References5

EUVD•added 2026/04/26 6:45 a.m.•2 views

EUVD-2026-25699

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServlet.java of the component deleteFileServlet Endpoint. Executing a manipulation of the argument...

5.5CVSS5.4AI score0.00372EPSS

Exploits0References4

Positive Technologies•added 2026/04/26 12:0 a.m.•3 views

PT-2026-35205

5.5CVSS5.5AI score0.00372EPSS

Exploits0References5

Positive Technologies•added 2026/04/26 12:0 a.m.•3 views

PT-2026-35215

9CVSS5.9AI score0.00632EPSS

Exploits1References6

Positive Technologies•added 2026/04/26 12:0 a.m.•4 views

PT-2026-35271

7.5CVSS7AI score0.01633EPSS

Exploits0References6

NVD•added 2026/04/25 9:16 p.m.•3 views

CVE-2026-6999

A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been...

4.8CVSS0.00265EPSS

Exploits0References3

ATTACKERKB•added 2026/04/25 8:45 p.m.•1 views

CVE-2026-6999

4.8CVSS4.2AI score0.00265EPSS

Exploits0References4Affected Software1

EUVD•added 2026/04/25 8:45 p.m.•3 views

EUVD-2026-25673

4.8CVSS3.3AI score0.00265EPSS

Exploits0References3

Rows per page