176 matches found
CVE-2026-50099 Naxclow IoT Platform Insertion of sensitive information into Externally-Accessible file or directory
During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and drop to an interactive RT-Thread shell that permits...
Joern 4.0.557
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
CVE-2026-49194
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
Exploit for OS Command Injection in Vsftpd_Project Vsftpd
vsftpd 2.3.4 Backdoor Exploit A small, dependency-free Python...
CVE-2026-49194
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
CVE-2026-49194 SCREEN_CLICK Authentication Bypass
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
EUVD-2026-34213
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
CVE-2026-49194
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
CVE-2026-49194 SCREEN_CLICK Authentication Bypass
The debugging routine SCREENCLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
CVE-2026-49194
Technical details about CVE-2026-49194 are not publicly available in the provided documents; monitor for updates.
PT-2026-46152
The debugging routine SCREEN CLICK5053 enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface...
Dozzle 访问控制错误漏洞
Dozzle is a small, lightweight application developed by Amir Raminfar as an individual project. Versions of Dozzle prior to 10.5.2 contained an access control vulnerability. This vulnerability stemmed from the WebSocket upgrade mechanism used by the /exec and /attach endpoints, which accepted...
Exploit for Incorrect Implementation of Authentication Algorithm in Google Android
ADB TLS Auth Bypass Exploit CVE-2026-0073 An automated netw...
Missing Authentication for Critical Function
Overview Affected versions of this package are vulnerable to Missing Authentication for Critical Function in the UI server WebSocket. An attacker can gain unauthorized access to sensitive endpoints, such as streaming real-time pod logs, opening an interactive shell inside a running pod, or...
DevSpace UI Server WebSocket CheckOrigin does not validate source
Description DevSpace's UI server WebSocket accepts connections from all origins by default, and therefore several endpoints are exposed via this WebSocket. When a developer runs the DevSpace UI and at the same time uses a browser to access the internet, a malicious website they visit can use thei...
Joern 4.0.533
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Joern 4.0.532
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Exploit for CVE-2026-31431
Copy Fail PoC English Python PoC for CVE-2026-31431,...
Joern 4.0.528
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...
Joern 4.0.524
Joern is the bug hunter's workbench. With this tool, you can uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries via Ghidra, JVM bytecode via Soot, and Javascript...