CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/08 1:35 p.m.•7 views

CVE-2026-48111

7-Zip is a file archiver with a high compression ratio. Versions 9.21 through 26.00 contain an off-by-one out-of-bounds read vulnerability in the ParseDepedencyExpression function of the UEFI firmware image parserCPP/7zip/Archive/UefiHandler.cpp. The function validates an attacker-controlled opco...

7.1CVSS5.5AI score0.00225EPSS

Exploits1References2

RedhatCVE•added 2026/06/05 7:10 p.m.•7 views

CVE-2026-35075

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...

9.8CVSS5.5AI score0.00466EPSS

Snyk•added 2026/06/05 5:13 p.m.•17 views

Out-of-bounds Read

Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ParseDepedencyExpression function of the UEFI firmware image parser when an attacker provides a specially crafted opcode value. An attacker can cause a denial of service or potentially disclose minor informatio...

7.1CVSS5.5AI score0.00225EPSS

Exploits1References3

CNNVD•added 2026/06/05 12:0 a.m.•4 views

7-Zip 缓冲区错误漏洞

7-Zip is an open-source compression software developed by 7-Zip. Versions 9.21 to 26.00 of 7-Zip contain a buffer error vulnerability. This vulnerability stems from a boundary violation in the ParseDepedencyExpression function of the UEFI firmware image parser, which may lead to denial-of-service...

7.1CVSS5.6AI score0.00225EPSS

Exploits1References1

NVD•added 2026/06/03 1:16 p.m.•10 views

CVE-2026-35075

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...

9.8CVSS0.00466EPSS

EUVD•added 2026/06/03 10:38 a.m.•10 views

EUVD-2026-34071

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...

Cvelist•added 2026/06/03 10:38 a.m.•37 views

CVE-2026-35075 Hardcoded default Password for Service Account

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...

9.8CVSS0.00466EPSS

CVE•added 2026/06/03 10:38 a.m.•15 views

CVE-2026-35075

CVE-2026-35075: An unauthenticated remote attacker can recover a default, hard-coded password from a firmware image, gaining full access to all affected devices. The Connected documents confirm the vulnerability allows extraction of the credential from firmware and implies full device compromise;...

Exploits0References1Affected Software1

ATTACKERKB•added 2026/06/03 10:38 a.m.•5 views

CVE-2026-35075

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...

Vulnrichment•added 2026/06/03 10:38 a.m.•6 views

CVE-2026-35075 Hardcoded default Password for Service Account

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...

NVD•added 2026/05/29 6:17 p.m.•11 views

CVE-2026-7786

Jinan USR IOT Technology Limited PUSR USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials can be extracted through firmware analysis and used to authenticate to device services...

9.8CVSS0.00415EPSS

Positive Technologies•added 2026/05/29 12:0 a.m.•10 views

PT-2026-44970

Name of the Vulnerable Software and Affected Versions USR-W610 affected versions not specified Description The firmware of the Jinan USR IOT Technology Limited PUSR USR-W610 RS232/485 to Wi-Fi/Ethernet Converter contains hard-coded administrative credentials stored in plaintext. These credentials...

9.8CVSS5.8AI score0.00415EPSS

Exploits0References7

RedhatCVE•added 2026/05/08 11:7 a.m.•11 views

CVE-2026-37540

A flaw was found in OpenAMP. An integer overflow vulnerability exists in the ELF loader's firmware image parsing, specifically within elfloader.c. This flaw occurs when multiplying two attacker-controlled 16-bit values from the ELF header without proper overflow checking. On 32-bit embedded...

9.8CVSS6AI score0.00253EPSS

EUVD•added 2026/05/07 6:30 p.m.•8 views

EUVD-2026-28399

Yarbo firmware v2.3.9 contains hardcoded administrative credentials embedded in the firmware image. These credentials are identical across all devices running this firmware and cannot be changed or removed by end users, enabling trivial unauthorized access to device management interfaces by anyon...

9.8CVSS5.8AI score0.00531EPSS

Exploits1References4

ATTACKERKB•added 2026/05/07 4:10 p.m.•6 views

CVE-2026-7414

9.8CVSS5.8AI score0.00531EPSS

Exploits1References3

EUVD•added 2026/05/01 12:0 a.m.•13 views

EUVD-2026-26693

OpenAMP v2025.10.0 ELF loader contains an integer overflow vulnerability in firmware image parsing. In elfloader.c, it performs multiplication of two attacker-controlled 16-bit values from the ELF header without overflow checking. On 32-bit embedded systems STM32MP1, Zynq, i.MX, large values can...

8.4CVSS5.9AI score0.00253EPSS

Exploits0References3

EUVD•added 2026/04/08 6:34 p.m.•2 views

EUVD-2025-209317

Siklu EtherHaul 8010 siklu-uimage-nxp-enc-1062-18707-ea552dc00b devices have a static root password...

6.4CVSS5.9AI score0.00127EPSS

RedhatCVE•added 2026/01/17 9:15 a.m.•4 views

CVE-2025-12007

There is a vulnerability in the Supermicro BMC firmware validation logic at Supermicro MBD-X13SEM-F . An attacker can update the system firmware with a specially crafted image...

8.4CVSS6.9AI score0.0012EPSS