Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability

Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...

Linux Distros Unpatched Vulnerability : CVE-2026-33079

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In versions 3.0.0a1 through 3.2.0 of Mistune, there is a ReDoS Regular Expression Denial of Service vulnerability in LINKTITLERE that allows an attacker who can...

i18next-http-backend 路径遍历漏洞

i18next-http-backend is an open-source cross-platform backend resource loading tool developed by i18next. Versions of i18next-http-backend prior to version 3.0.5 contained a path traversal vulnerability. This vulnerability occurred due to the direct insertion of lng and ns values into URL templat...

CVE-2026-6320

creationtimestamp| type| source ---|---|--- 2026-05-06 23:33:06+00:00| seen| https://bsky.app/profile/atomicedge.bsky.social/post/3ml7ueytuar2s 2026-05-16 11:02:07+00:00| seen| https://bsky.app/profile/keiwork35.bsky.social/post/3mlxp2nngcj25...

GHSA-VXVC-CG7J-RWQJ

creationtimestamp| type| source ---|---|--- 2026-05-06 23:05:34+00:00| seen| https://bsky.app/profile/andrewnez.mastodon.social.ap.brid.gy/post/3ml7stocimpn2...

CVE-2026-41900

creationtimestamp| type| source ---|---|--- 2026-05-06 23:00:13+00:00| seen| Telegram/msQTanSLkX-OxkjOrr400lcWfFt4y0eZWCcTmXgDmxd3Ek4 2026-05-07 03:00:06+00:00| seen| Telegram/N1Jo8qZWaWReiLt-N5l6uzcgIVKcO6O8PdoiYgN9aP0HPY 2026-05-08 04:36:45+00:00| seen|...

CVE-2026-43243

A flaw was found in the drm/amd/display component of the Linux kernel. A missing signal type check in the dcn401 getphyd32clksrc function, when attempting to access link encoder link enc on a DisplayPort Interoperability and Compliance Association DPIA link, can lead to a system crash. This...

CVE-2026-8033

creationtimestamp| type| source ---|---|--- 2026-05-06 22:35:34+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml7r64psdp2p...

CVE-2026-8032

creationtimestamp| type| source ---|---|--- 2026-05-06 22:29:31+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml7qtcljw22r...

CVE-2026-44113

creationtimestamp| type| source ---|---|--- 2026-05-06 21:44:32+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml7octvlei2p 2026-05-19 18:30:06+00:00| seen| https://t.me/truesecator/8221...

CVE-2026-43582

creationtimestamp| type| source ---|---|--- 2026-05-06 21:36:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml7ntpxucl2e...

CVE-2026-40281 Gotenberg vulnerable to argument injection via newlines in ExifTool metadata values

Gotenberg is a Docker-powered stateless API for PDF files. In versions 8.30.1 and earlier, the metadata write endpoint validates metadata keys for control characters but leaves metadata values unsanitized. A newline character in a metadata value splits the ExifTool stdin line into two separate...

CVE-2026-40281

Gotenberg 8.x (

CVE-2026-43576

creationtimestamp| type| source ---|---|--- 2026-05-06 20:45:10+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml7kyox52426...

CVE-2026-46366

creationtimestamp| type| source ---|---|--- 2026-05-06 20:45:01+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-99qv-g4x9-mgc3 2026-05-15 21:44:48+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mlwcjmu7ci2n 2026-05-16 15:00:22+00:00| seen|...

CVE-2026-44110

creationtimestamp| type| source ---|---|--- 2026-05-06 20:43:05+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml7kuxuy7f2k 2026-05-06 22:14:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml7pyc3rbz2c 2026-05-08 10:07:08+00:00| seen|...

CVE-2026-44109

creationtimestamp| type| source ---|---|--- 2026-05-06 20:42:57+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3ml7kuqcrbd2r 2026-05-06 22:19:28+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ml7qbd6xes2c 2026-05-07 03:00:12+00:00| seen|...

CVE-2026-7854

A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function urlruleasp of the file /urlrule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploi...