CVE-2026-4499

CVE-2026-4499 affects D-Link DIR-820LW firmware 2.03. The vulnerability targets the SSDP component’s ssdpcgi_main function, where manipulation can lead to an OS command injection. The issue can be exploited remotely over the network, and public disclosures indicate an exploit exists. Connections ...

CVE-2026-4499

A vulnerability was determined in D-Link DIR-820LW 2.03. Affected is the function ssdpcgimain of the component SSDP. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized...

CVE-2026-4489

creationtimestamp| type| source ---|---|--- 2026-03-20 18:35:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhj5tes2kl24...

CVE-2026-33490

creationtimestamp| type| source ---|---|--- 2026-03-20 17:34:15+00:00| published-proof-of-concept| https://github.com/h3js/h3/security/advisories/GHSA-2j6q-whv2-gh6w...

CVE-2025-15608 Buffer Overflow in Network Probe Handling Function of TP-Link Archer AX53

This vulnerability in AX53 v1 results from insufficient input sanitization in the device’s probe handling logic, where unvalidated parameters can trigger a stack-based buffer overflow that causes the affected service to crash and, under specific conditions, may enable remote code execution throug...

CVE-2025-15608

CVE-2025-15608 affects TP-Link AX53 v1. The vulnerability arises from insufficient input sanitization in the device’s probe handling logic, allowing unvalidated parameters to trigger a stack-based buffer overflow in the affected service. Under specific conditions this may enable remote code execu...

CVE-2025-15607 Authenticated Command Injection in mcsd Service of TP-Link Archer AX53

A command injection vulnerability on AX53 v1 occurs in mscd debug functionality due to insufficient input handling, allowing log redirection to arbitrary files and concatenation of unvalidated file content into shell commands, enabling authenticated attackers to inject and execute arbitrary...

CVE-2026-4485

creationtimestamp| type| source ---|---|--- 2026-03-20 16:31:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhiwuzc45e2e...

CVE-2026-33372

creationtimestamp| type| source ---|---|--- 2026-03-20 16:16:01+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhiw25tbfr27...

CVE-2026-33308

creationtimestamp| type| source ---|---|--- 2026-03-20 16:06:24+00:00| seen| https://infosec.exchange/users/AAKL/statuses/116262357117294587 2026-03-24 04:14:50+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhrpmbdpp62g...

EUVD-2026-13702

A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The explo...

CVE-2026-33484

creationtimestamp| type| source ---|---|--- 2026-03-20 15:12:37+00:00| published-proof-of-concept| https://github.com/langflow-ai/langflow/security/advisories/GHSA-7grx-3xcx-2xv5 2026-03-24 23:15:26+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhtpds4m7q2w 2026-03-25...

CVE-2026-33478

creationtimestamp| type| source ---|---|--- 2026-03-20 14:36:43+00:00| published-proof-of-concept| https://github.com/WWBN/AVideo/security/advisories/GHSA-687q-32c6-8x68 2026-03-23 15:26:17+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhqenx6yck2s 2026-03-23 16:27:18+00:0...

CVE-2026-4486

A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The explo...

CVE-2026-4486 D-Link DIR-513 Web Service formEasySetPassword stack-based overflow

A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The explo...

CVE-2026-4486

A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The explo...

CVE-2026-4486

D-Link DIR-513 (firmware 1.10) Web Service: The formEasySetPassword function in /goform/formEasySetPassword is vulnerable. Manipulating the curTime argument leads to a stack-based buffer overflow, with remote access possible. The exploit is publicly available, and this affects products no longer ...

CVE-2026-33130

creationtimestamp| type| source ---|---|--- 2026-03-20 13:38:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhinb7ryye2y...

CVE-2025-40249

creationtimestamp| type| source ---|---|--- 2026-03-20 13:05:29+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhilfgr3vr26 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/ 2026-04-07 18:00:00+00:00| seen|...

CVE-2025-39818

creationtimestamp| type| source ---|---|--- 2026-03-20 13:05:29+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhilfgr3vr26...