CVE-2026-4486

A vulnerability was found in D-Link DIR-513 1.10. This affects the function formEasySetPassword of the file /goform/formEasySetPassword of the component Web Service. The manipulation of the argument curTime results in stack-based buffer overflow. The attack may be performed from remote. The explo...

CVE-2026-4486

D-Link DIR-513 (firmware 1.10) Web Service: The formEasySetPassword function in /goform/formEasySetPassword is vulnerable. Manipulating the curTime argument leads to a stack-based buffer overflow, with remote access possible. The exploit is publicly available, and this affects products no longer ...

CVE-2026-33130

creationtimestamp| type| source ---|---|--- 2026-03-20 13:38:54+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhinb7ryye2y...

CVE-2025-40249

creationtimestamp| type| source ---|---|--- 2026-03-20 13:05:29+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhilfgr3vr26 2026-04-02 17:00:00+00:00| seen| https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0397/ 2026-04-07 18:00:00+00:00| seen|...

CVE-2025-39818

creationtimestamp| type| source ---|---|--- 2026-03-20 13:05:29+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhilfgr3vr26...

CVE-2026-33081

creationtimestamp| type| source ---|---|--- 2026-03-20 12:50:56+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhiklgfqc22e...

CVE-2026-22324

creationtimestamp| type| source ---|---|--- 2026-03-20 10:55:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhie4lol652n 2026-03-20 22:00:50+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhjjcpva442n...

CVE-2026-27625

creationtimestamp| type| source ---|---|--- 2026-03-20 10:50:15+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhidtnalex2n 2026-03-20 22:01:01+00:00| seen| https://bsky.app/profile/thehackerwire.bsky.social/post/3mhjjd2f64525 2026-03-20 22:16:44+00:00| seen|...

CVE-2026-33070

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-authentication vulnerability in the deleteShareLink endpoint allows any unauthenticated user to delete arbitrary file share links by providing only the share token, causing denial of service to share...

EUVD-2026-13640

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-authentication vulnerability in the deleteShareLink endpoint allows any unauthenticated user to delete arbitrary file share links by providing only the share token, causing denial of service to share...

CVE-2026-33070

FileRise (self-hosted web file manager / WebDAV) contains an unauthenticated vulnerability in the deleteShareLink endpoint present in versions prior to 3.8.0. The POST /api/file/deleteShareLink.php calls FileController::deleteShareLink() without any authentication, authorization, or CSRF validati...

CVE-2026-33070 FileRise has Unauthenticated Share Link Deletion

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-authentication vulnerability in the deleteShareLink endpoint allows any unauthenticated user to delete arbitrary file share links by providing only the share token, causing denial of service to share...

CVE-2026-33070 FileRise has Unauthenticated Share Link Deletion

FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, a missing-authentication vulnerability in the deleteShareLink endpoint allows any unauthenticated user to delete arbitrary file share links by providing only the share token, causing denial of service to share...

CVE-2026-33056

tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpackdir function uses fs::metadata to check whether a path that already exists is a directory. Because fs::metadata follows symbolic links, a crafted tarball...

CVE-2026-33065

creationtimestamp| type| source ---|---|--- 2026-03-20 07:16:12+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33065 2026-03-20 10:44:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhidivaosv2d...

CVE-2026-33056 tar-rs: unpack_in can chmod arbitrary directories by following symlinks

tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpackdir function uses fs::metadata to check whether a path that already exists is a directory. Because fs::metadata follows symbolic links, a crafted tarball...

CVE-2026-4470

creationtimestamp| type| source ---|---|--- 2026-03-20 06:33:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhhvjexwst2v...

CVE-2026-4468

creationtimestamp| type| source ---|---|--- 2026-03-20 06:28:58+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhhvagjsze2u...

CVE-2026-4136

creationtimestamp| type| source ---|---|--- 2026-03-20 06:19:40+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhhupsk52h2k...

CVE-2026-21992

creationtimestamp| type| source ---|---|--- 2026-03-20 06:01:11+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116259977375105317 2026-03-20 13:05:17+00:00| seen| https://bsky.app/profile/o2cloud.bsky.social/post/3mhilf4nf2c2s 2026-03-20 13:09:35+00:00| seen|...