Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

969 matches found

ATTACKERKB
ATTACKERKBadded 2026/02/17 1:2 p.m.2 views

CVE-2026-2615

A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The affected element is the function singlePortForwardDelete of the file /cgi-bin/firewall.cgi. Executing a manipulation of the argument delflag can lead to command injection. The attack may be launched remotely. The exploit has been...

8.6CVSS5.3AI score0.00464EPSS
Exploits1References5Affected Software1
NVD
NVDadded 2026/02/16 2:16 p.m.4 views

CVE-2026-2558

A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/nethandler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used...

6.5CVSS0.00054EPSS
Exploits0References5
OSV
OSVadded 2026/02/16 2:16 p.m.2 views

CVE-2026-2558

A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/nethandler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used...

6.3CVSS5.4AI score
Exploits0References5
Cvelist
Cvelistadded 2026/02/16 1:32 p.m.27 views

CVE-2026-2558 GeekAI net_handler.go Download server-side request forgery

A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/nethandler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used...

6.5CVSS0.00054EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/02/16 1:32 p.m.2 views

CVE-2026-2558

A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/nethandler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used...

6.5CVSS5.2AI score0.00054EPSS
Exploits0References5
EUVD
EUVDadded 2026/02/16 6:31 a.m.5 views

EUVD-2026-6128

A flaw has been found in Tosei Self-service Washing Machine 4.02. Impacted is an unknown function of the file /cgi-bin/toseidatasend.php. Executing a manipulation of the argument adrtxt1 can lead to command injection. It is possible to launch the attack remotely. The exploit has been published an...

7.5CVSS5.4AI score0.02176EPSS
Exploits0References5
EUVD
EUVDadded 2026/02/16 3:30 a.m.4 views

EUVD-2026-6137

A flaw has been found in Open5GS 2.7.6. The impacted element is the function mmes11handlecreatesessionresponse of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been published and may be used. The project was informed of the...

7.5CVSS5.2AI score0.00045EPSS
Exploits1References7
OSV
OSVadded 2026/02/16 1:15 a.m.2 views

CVE-2026-2524

A flaw has been found in Open5GS 2.7.6. The impacted element is the function mmes11handlecreatesessionresponse of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been published and may be used. The project was informed of the...

7.5CVSS5.3AI score
Exploits0References6
Positive Technologies
Positive Technologiesadded 2026/02/16 12:0 a.m.5 views

PT-2026-8309

Name of the Vulnerable Software and Affected Versions Tosei Self-service Washing Machine version 4.02 Description A flaw exists in Tosei Self-service Washing Machine version 4.02. The issue impacts an unknown function within the /cgi-bin/tosei datasend.php file. Manipulation of the adr txt 1...

7.5CVSS7.1AI score0.02176EPSS
Exploits0References14
Positive Technologies
Positive Technologiesadded 2026/02/16 12:0 a.m.7 views

PT-2026-8348

A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/net handler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be use...

6.5CVSS5.2AI score0.00054EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2026/02/10 1:23 a.m.4 views

CVE-2026-2194

A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function startproxyclientemail. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

8.8CVSS5.4AI score0.00033EPSS
Exploits1References1
OSV
OSVadded 2026/02/09 9:16 a.m.3 views

CVE-2026-2225

A flaw has been found in itsourcecode News Portal Project 1.0. This vulnerability affects unknown code of the file /admin/index.php of the component Administrator Login. This manipulation of the argument email causes sql injection. The attack can be initiated remotely. The exploit has been...

9.8CVSS5.7AI score0.00022EPSS
Exploits1References6
OSV
OSVadded 2026/02/09 12:15 a.m.0 views

CVE-2026-2194

A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function startproxyclientemail. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

8.8CVSS5.6AI score
Exploits0References5
NVD
NVDadded 2026/02/09 12:15 a.m.4 views

CVE-2026-2194

A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function startproxyclientemail. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

8.8CVSS0.00033EPSS
Exploits1References5
ATTACKERKB
ATTACKERKBadded 2026/02/08 11:32 p.m.1 views

CVE-2026-2194

A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function startproxyclientemail. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

6.5CVSS5.4AI score0.00033EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichmentadded 2026/02/08 11:32 p.m.1 views

CVE-2026-2194 D-Link DI-7100G C1 start_proxy_client_email command injection

A flaw has been found in D-Link DI-7100G C1 24.04.18D1. This affects the function startproxyclientemail. Executing a manipulation can lead to command injection. The attack can be executed remotely. The exploit has been published and may be used...

6.5CVSS5.4AI score0.00033EPSS
Exploits1References5
OSV
OSVadded 2026/02/08 9:15 p.m.0 views

CVE-2026-2185

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be...

8.7CVSS6.3AI score
Exploits0References5
Cvelist
Cvelistadded 2026/02/08 5:2 a.m.26 views

CVE-2026-2136 projectworlds Online Food Ordering System view-ticket.php sql injection

A flaw has been found in projectworlds Online Food Ordering System 1.0. This affects an unknown function of the file /view-ticket.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be use...

7.5CVSS0.00045EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/02/08 12:0 a.m.4 views

PT-2026-6986

Name of the Vulnerable Software and Affected Versions Tenda AC8 version 16.03.33.05 Description A buffer overflow issue exists in the Embedded Httpd Service component of Tenda AC8. The flaw is located in the file '/goform/fast setting wifi set' and is triggered by manipulating the timeZone...

9CVSS5.5AI score0.00112EPSS
Exploits1References8
Positive Technologies
Positive Technologiesadded 2026/02/08 12:0 a.m.4 views

PT-2026-7019

Name of the Vulnerable Software and Affected Versions Tenda RX3 version 16.03.13.11 Description A flaw exists in Tenda RX3 version 16.03.13.11 related to buffer overflow. The issue is located in the set device name function within the /goform/setBlackRule file, part of the MAC Filtering...

9CVSS6.3AI score0.00035EPSS
Exploits1References7
Rows per page
Query Builder