D-Link DSL2600U - 'rom-0' Admin Password Disclosure

Exploit Title: D-Link DSL2600U - 'rom-0' Admin Password Disclosure Date: 2026-05-02 Exploit Author: Amir Hossein Jamshidi Vendor Homepage: https://www.dlink.com Version: DSL-2600U Tested on: ubuntu CVE : N/A Firmware Version: v1.08 from routersploit.libs.lzs.lzs import LZSDecompress import reques...

CVE-2026-34660

creationtimestamp| type| source ---|---|--- 2026-05-25 22:34:04+00:00| seen| https://bsky.app/profile/getpokemon7.bsky.social/post/3mmpjwsdpzk24...

GHSA-F9F8-RM49-7JV2

creationtimestamp| type| source ---|---|--- 2026-05-25 18:03:54+00:00| seen| https://bsky.app/profile/winsontang.com/post/3mmp2tsdeu62f...

CVE-2026-9078

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

CVE-2026-9460

A weakness has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of the file /goform/formAccept. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made...

EUVD-2026-31693

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

CVE-2026-9078

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

CVE-2026-9078

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

CVE-2026-9078 Firefox iOS RTL Domain Rendering Issue in Link Preview

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

CVE-2026-9078 Firefox iOS RTL Domain Rendering Issue in Link Preview

Firefox for iOS displayed specially crafted right-to-left RTL and internationalized domain names IDNs incorrectly in link preview UI surfaces. A crafted RTL hostname could visually reorder portions of the displayed domain, causing attacker-controlled sites to appear as trusted origins. This...

CVE-2026-9078

Firefox for iOS suffers a rendering issue in link-preview UI where specially crafted RTL and internationalized domain names could cause the displayed domain to visually reorder, making attacker-controlled sites appear as trusted origins. The vulnerability affects the RTL/IDN rendering surface wit...

CVE-2026-47102

creationtimestamp| type| source ---|---|--- 2026-05-25 14:00:04+00:00| seen| https://t.me/GithubRedTeam/85833 2026-05-25 15:00:12+00:00| seen| Telegram/X1SzwuqpRNev2GcuASsATzQD-1aeqEPKRVacdyAUElWlBI 2026-05-25 21:00:04+00:00| seen| Telegram/DE8V0W55Lks0xFUNDp9UGyNB0T-CRSwfpeIrdYc5V2Tnj4 2026-06-1...

PYSEC-2026-161

creationtimestamp| type| source ---|---|--- 2026-05-25 10:59:12+00:00| seen| https://gist.github.com/konard/e42a66222e8be69e82eda8e4c8a6c943 2026-05-25 13:07:35+00:00| seen| https://gist.github.com/konard/1df63152a8fa23d9ee65875a3fd172e2 2026-05-28 19:29:34+00:00| seen|...

CVE-2026-33079

A flaw was found in Mistune, a Markdown parser. This vulnerability, known as Regular Expression Denial of Service ReDoS, exists in the LINKTITLERE regular expression. A remote attacker can exploit this by providing specially crafted Markdown input, which causes the regular expression engine to...

tplink-priv-zero

TP-Link TL-WR841N v14 — Authenticated OS Command Injection RC...

CVE-2026-9404

creationtimestamp| type| source ---|---|--- 2026-05-25 06:00:28+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3mmnsg7hw3k2f 2026-05-25 06:00:29+00:00| seen| https://infosec.exchange/users/offseq/statuses/116633686859071234...

CVE-2026-45758

creationtimestamp| type| source ---|---|--- 2026-05-25 03:51:09+00:00| seen| https://bsky.app/profile/skuebeck.graz.social.ap.brid.gy/post/3mmnl6set7sc2 2026-06-05 20:40:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mnkypx7yrf2l 2026-06-05 21:00:21+00:00| seen|...

MAL-2026-4473 Malicious code in @zizie071/libsignal-node (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 3e6d5096096e7e958916c5449a7480949135e6af5cd9acd4e1b1edab8c331163 On require, index.js schedules install.js which locates the installer's @whiskeysockets/baileys package on disk and overwrites lib/Socket/newsletter....

PT-2026-43074

Name of the Vulnerable Software and Affected Versions Firefox for iOS versions prior to 151.1 Description Firefox for iOS incorrectly displayed specially crafted right-to-left RTL and internationalized domain names IDNs within link preview UI surfaces. A crafted RTL hostname could visually reorde...

Mozilla Firefox for iOS 安全漏洞

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. A security vulnerability exists in Mozilla Firefox for iOS prior to version 151.1, which stems from the incorrect display of specially crafted right-to-left domain names and internationalized...