PT-2026-25571

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function cgi...

PT-2026-25566

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function UPnP AV Server...

PT-2026-25572

A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function RSS Get Update...

PT-2026-25570

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file...

CVE-2026-32611

creationtimestamp| type| source ---|---|--- 2026-03-14 14:52:58+00:00| published-proof-of-concept| https://github.com/nicolargo/glances/security/advisories/GHSA-49g7-2ww7-3vf5 2026-03-20 06:00:14+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mhhtmzyj2g22...

GHSA-7H7G-X2PX-94HJ

creationtimestamp| type| source ---|---|--- 2026-03-14 13:40:06+00:00| seen| https://gist.github.com/alon710/7bac0b52e4dbe7a8f8d19c17daee0b1e 2026-03-29 15:20:39+00:00| seen| Telegram/nb8fCm1TKw7DFYOlnuooYH-uWzxRBf3GinTZz9uDDCr2nY...

BIT-PYTHON-MIN-2025-13462 tarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handling

The "tarfile" module would still apply normalization of AREGTYPE \x00 blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPELONGNAME or GNUTYPELONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations...

BIT-LIBPYTHON-2025-13462 tarfile: Skip DIRTYPE normalization during GNU LONGNAME/LONGLINK handling

The "tarfile" module would still apply normalization of AREGTYPE \x00 blocks to DIRTYPE, even while processing a multi-block member such as GNUTYPELONGNAME or GNUTYPELONGLINK. This could result in a crafted tar archive being misinterpreted by the tarfile module compared to other implementations...

CVE-2026-32760

creationtimestamp| type| source ---|---|--- 2026-03-14 08:16:24+00:00| published-proof-of-concept| https://github.com/filebrowser/filebrowser/security/advisories/GHSA-5gg9-5g7w-hm73 2026-03-18 12:55:58+00:00| seen|...

GHSA-R7VR-GR74-94P8

creationtimestamp| type| source ---|---|--- 2026-03-14 07:40:05+00:00| seen| https://gist.github.com/alon710/6da743df5745ff6d76be090631282892 2026-03-29 15:19:56+00:00| published-proof-of-concept| Telegram/cXzVIGK7PQfwtmMwRkRYvJTJsFs-s6Ys2jSidGnYSoPd-U...

GHSA-WCXR-59V9-RXR8

creationtimestamp| type| source ---|---|--- 2026-03-14 06:40:06+00:00| seen| https://gist.github.com/alon710/04f59b4b34fdad62bcd6aca02cca19bb 2026-03-29 15:19:56+00:00| published-proof-of-concept| Telegram/cXzVIGK7PQfwtmMwRkRYvJTJsFs-s6Ys2jSidGnYSoPd-U...

GHSA-RQPP-RJJ8-7WV8

creationtimestamp| type| source ---|---|--- 2026-03-14 05:40:05+00:00| seen| https://gist.github.com/alon710/a3a38049a539db62f7e09fe32adc9717...

Unauthorized Data Access

Shopware is vulnerable to unauthorized data access. The vulnerability is due to an insufficient check on filter types for unauthenticated customers, where the deepLinkCode support on the store-api.order endpoint fails to enforce proper authorization and attackers can retrieve other customers' ord...

GHSA-2RQG-GJGV-84JM

creationtimestamp| type| source ---|---|--- 2026-03-14 05:10:05+00:00| seen| https://gist.github.com/alon710/53513cb5aafafcdaa9513749a5663d41 2026-03-29 15:20:39+00:00| seen| Telegram/nb8fCm1TKw7DFYOlnuooYH-uWzxRBf3GinTZz9uDDCr2nY...

GHSA-G353-MGV3-8PCJ

creationtimestamp| type| source ---|---|--- 2026-03-14 04:40:05+00:00| seen| https://gist.github.com/alon710/6d8cc1349cbd20b4b2228bf8920e9f07 2026-03-29 15:20:09+00:00| seen| Telegram/bOji7uFGKpjQ-Vv3CFZvWqxNHLg4F03MY6E5pxai3iB8W0...

GHSA-G93W-MFHG-P222

creationtimestamp| type| source ---|---|--- 2026-03-14 03:10:06+00:00| seen| https://gist.github.com/alon710/d9b4a060fe174b9be8c2cbbf551e46b6...

PT-2026-25535

D-Link DIR-619L boa formSchedule stack-based overflow CVE: CVE-2026-4188 PT-Identifier: PT-2026-25535 Vendor: D-link Product: DIR-619L CVSS: 8.7 Credits: pjqwudi VulDB User Description: A security flaw has been discovered in D-Link DIR-619L 2.06B01. The affected element is the function formSchedu...

PT-2026-25534

D-Link DIR-816 goahead form2Wl5BasicSetup.cgi stack-based overflow CVE: CVE-2026-4184 PT-Identifier: PT-2026-25534 Vendor: D-link Product: DIR-816 CVSS: 9.3 Credits: pjqwudi VulDB User Description: A vulnerability was detected in D-Link DIR-816 1.10CNB05. Affected by this vulnerability is an...

GHSA-R48F-3986-4F9C

creationtimestamp| type| source ---|---|--- 2026-03-13 22:10:05+00:00| seen| https://gist.github.com/alon710/bb04f714299eb60050b5b59f56f5af44...

CVE-2026-3227 Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N

A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to improper neutralization of special elements used in an OS command. In the router configuration import function allows an authenticated attacker to upload a crafted configuration file...