D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17537)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DI-8003. The vulnerability stems from the name parameter in the /urlmember.asp endpoint failing to properly validate the length and size of the input data, which can be...

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17622)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. The D-Link DI-8003 suffers from a buffer overflow vulnerability that originates from the qj.asp endpoint failing to properly validate the length and size of input data, which can be exploited by an attacker to cause a denial of...

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-19420)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. The D-Link DI-8003 suffers from a buffer overflow vulnerability caused by incorrect boundary checking in the wanlinedetection.asp script, which can be exploited by an attacker to cause a denial of service...

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17698)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DI-8003. The vulnerability is caused due to incorrect boundary checking in the user.asp script and can be exploited by an attacker to cause a denial of service...

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17696)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DI-8003. The vulnerability stems from improper handling of the name parameter in the /usbpaswd.asp endpoint, which can be exploited by an attacker to cause a denial of service...

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17624)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. The D-Link DI-8003 suffers from a buffer overflow vulnerability caused by incorrect boundary checking in the qos.asp script, which can be exploited by an attacker to cause a denial of service...

CVE-2026-30459

FuelCMS v1.5.2 is affected by CVE-2026-30459. The issue arises from FuelCMS not validating the Host header when constructing the password reset URL, allowing an unauthenticated attacker to trigger a reset for a valid user email and have the application send a legitimate-looking email with a reset...

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17628)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. A buffer overflow vulnerability exists in the D-Link DI-8003. The vulnerability is caused due to incorrect boundary checking in the router.asp script and can be exploited by an attacker to cause a denial of service...

TP-Link Archer C7 安全漏洞

The TP-Link Archer C7 is a router produced by the TP-Link company. The TP-Link Archer C7 Build 20220715 and earlier versions have security vulnerabilities. These vulnerabilities stem from insufficient encryption strength, which may allow password recovery attacks to occur...

CVE-2026-30459

An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message...

CVE-2026-30459

An issue in the Forgot Password feature of Daylight Studio FuelCMS v1.5.2 allows unauthenticated attackers to obtain the password reset token of a victim user via a crafted link placed in a valid e-mail message...

CVE-2026-40947

Yubico libfido2 before 1.17.0, python-fido2 before 2.2.0, and yubikey-manager before 5.9.1 have an unintended DLL search path...

CVE-2026-6384

creationtimestamp| type| source ---|---|--- 2026-04-15 22:32:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjkx7q2ru72k 2026-04-15 23:27:13+00:00| seen| Telegram/BTRiP8nJHP-5om9x2gw2G6e9UIMxwZAfdQggaCph1qz04g...

CVE-2026-6385

creationtimestamp| type| source ---|---|--- 2026-04-15 22:23:26+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjkwp3yky42k...

CVE-2026-6398

creationtimestamp| type| source ---|---|--- 2026-04-15 22:16:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjkwcfxaei2a...

DRUPAL-CORE-2026-003

Drupal 11.3 comes with support for completing entity suggestions whilst adding a link to CKEditor 5. The suggestions aren't sufficiently sanitized and a malicious user could trigger a stored cross site scripting attack against another user...

CVE-2026-32212

Improper link resolution before file access 'link following' in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally...

GHSA-5R37-QPWQ-2JHH

creationtimestamp| type| source ---|---|--- 2026-04-15 18:59:08+00:00| seen| https://bsky.app/profile/Whiskeyomega.cupoftea.social.ap.brid.gy/post/3mjklbnicupa2 2026-04-23 21:26:07+00:00| published-proof-of-concept| Telegram/wY3PGk1V7kusFG8GbDK0g0CtGhXXIm9UsDC-frBku-7BiY...

CVE-2026-6370

creationtimestamp| type| source ---|---|--- 2026-04-15 18:57:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mjkl67t4jd2o...

EUVD-2026-22967

A vulnerability in the Desktop Agent functionality of Cisco Webex Contact Center could have allowed an unauthenticated, remote attacker to conduct cross-site scripting attacks. Cisco has addressed this vulnerability in the Cisco Webex Contact Center service, and no customer action is needed. This...