3760 matches found
CVE-2026-8259 Tenda AC6 httpd telnet os command injection
A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...
CVE-2026-8259
CVE-2026-8259 affects Tenda AC6 firmware version 2.0/15.03.06.23, where an unknown function in the HTTPD component’s /goform/telnet endpoint mishandles the lan.ip parameter, leading to an OS command injection. This allows remote exploitation with high impact on confidentiality, integrity, and ava...
PT-2026-39552
A vulnerability has been found in Tenda AC6 2.0/15.03.06.23. The affected element is an unknown function of the file /goform/telnet of the component httpd. The manipulation of the argument lan.ip leads to os command injection. Remote exploitation of the attack is possible. The exploit has been...
Tenda AC6 命令注入漏洞
Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version Tenda AC6 2.0/15.03.06.23 contains a command injection vulnerability. This vulnerability stems from an unknown function in the httpd component’s file/goform/telnet, which manipulates the parameter lan.ip, potentiall...
CVE-2026-42072
Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address CLI flag and NORNICDBADDRESS / server.host config key is plumbed through to the HTTP server correctly but never reaches the Bo...
CVE-2026-42072 Nornicdb: Improper Network Binding in NornicDB Bolt Server allows unauthorized remote access
Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address CLI flag and NORNICDBADDRESS / server.host config key is plumbed through to the HTTP server correctly but never reaches the Bo...
EUVD-2026-28808
Nornicdb is a distributed low-latency, Graph+Vector, Temporal MVCC with all sub-ms HNSW search, graph traversal, and writes. Prior to version 1.0.42-hotfix, the --address CLI flag and NORNICDBADDRESS / server.host config key is plumbed through to the HTTP server correctly but never reaches the Bo...
CVE-2026-42072
NornicDB suffers an improper network binding in the Bolt server: the Bolt listener binds to all interfaces because Bolt’s config lacked a host field, so using --address defaults to an empty host. This causes exposure of the Bolt port (default admin:password) on the LAN, enabling unauthorized remo...
PT-2026-39201
Name of the Vulnerable Software and Affected Versions SolidCAM-GPPL-IDE versions 1.0.0 through 1.0.1 Description The GpplDocumentLinkHandler resolves the filename directive in GPPL postprocessor files into clickable links. The handler accepts arbitrary absolute, relative, UNC, and subfolder paths...
CVE-2026-43100
CVE-2026-43100 covers a Linux kernel bridge issue where, if CONFIG_BRIDGE_VLAN_FILTERING is not set, br_vlan_group() and nbp_vlan_group() may return NULL and the code path in br_fdb_delete_locals_per_vlan_port() / br_fdb_insert_locals_per_vlan_port() dereferences a NULL vlan group pointer. Connec...
PT-2026-37410
In the Linux kernel, the following vulnerability has been resolved: bridge: guard local VLAN-0 FDB helpers against NULL vlan group When CONFIG BRIDGE VLAN FILTERING is not set, br vlan group and nbp vlan group return NULL br private.h stub definitions. The BR BOOLOPT FDB LOCAL VLAN 0 toggle code ...
VulnCheck KEV: CVE-2026-7473
On affected platforms running Arista EOS where a tunnel decapsulation configuration—such as VXLAN Virtual Extensible LAN, decap-groups, or a GRE Generic Routing Encapsulation tunnel interface—is present, the switch will incorrectly decapsulate and forward other unexpected tunneled packet with a...
Security Advisory 0137
Security Advisory 0137 PDF Date: May 5, 2026 Revision | Date | Changes ---|---|--- 1.0 | May 5, 2026 | Initial release 1.1 | May 7, 2026 | Clarified 7280R3, 7500R3 and 7800R3 exposure is limited 1.2 | May 13, 2026 | Updated Mitigation section with a note of caution 1.3 | May 20, 2026 | Updated...
PT-2026-46983
Name of the Vulnerable Software and Affected Versions Arista EOS affected versions not specified Description On platforms running Arista EOS with tunnel decapsulation configurations—such as VXLAN Virtual Extensible LAN, decap-groups, or GRE Generic Routing Encapsulation tunnel interfaces—the swit...
CVE-2025-47403 Buffer Over-read in WLAN Firmware
Transient DOS when processing a malformed Fast Transition response frame with an invalid header structure during wireless roaming...
PT-2026-36676
Name of the Vulnerable Software and Affected Versions Shenzhen Libituo Technology LBT-T300-HW1 versions prior to 1.2.8 Description A remote buffer overflow can occur due to the manipulation of the Channel/ApCliSsid argument in the start lan function within the '/apply.cgi' endpoint. A buffer...
Exploit for Improper Authentication in Microsoft
CVE-2026-24294 - Local NTLM Reflection LPE via SMB Arbitrary P...
CVE-2026-32952
A flaw was found in the go-ntlmssp package. A remote attacker could exploit this vulnerability by sending a specially crafted NTLM NT LAN Manager challenge message. This malicious message can trigger a slice out of bounds panic, leading to a Denial of Service DoS by crashing any Go process that...
Juniper Junos OS Vulnerability (JSA75734)
The version of Junos OS installed on the remote host is affected by a vulnerability as referenced in the JSA75734 advisory. - An Improper Validation of Syntactic Correctness of Input vulnerability in the Packet Forwarding Engine PFE of Juniper Networks Junos OS allows a network-based,...
SUSE CVE-2026-31684
In the Linux kernel, the following vulnerability has been resolved: net: sched: actcsum: validate nested VLAN headers tcfcsumact walks nested VLAN headers directly from skb-data when an skb still carries in-payload VLAN tags. The current code reads vlan-hvlanencapsulatedproto and then pulls...