Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

58819 matches found

EUVD
EUVDadded 2026/05/23 6:30 p.m.8 views

EUVD-2018-21880

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

8.7CVSS5.8AI score0.00123EPSS
Exploits0References5
Cvelist
Cvelistadded 2026/05/23 6:30 p.m.10 views

CVE-2018-25358 D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

8.7CVSS0.00123EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/05/23 6:30 p.m.9 views

CVE-2018-25358

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

8.7CVSS5.8AI score0.00123EPSS
Exploits0References5
Vulnrichment
Vulnrichmentadded 2026/05/23 6:30 p.m.5 views

CVE-2018-25358 D-Link DIR601 2.02NA Credential Disclosure via my_cgi.cgi

D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the tablename parameter in POST requests. Attackers can send requests to /mycgi.cgi with tablename values like adminuser,...

8.7CVSS5.8AI score0.00123EPSS
Exploits0References5
CVE
CVEadded 2026/05/23 6:30 p.m.27 views

CVE-2018-25358

The CVE-2018-25358 entry concerns the D-Link DIR-601 (firmware 2.02NA) where an unauthenticated attacker can disclose credentials via /my_cgi.cgi by manipulating the table_name parameter in POST requests. Affected data includes administrative credentials and wireless keys, exposed in cleartext. T...

8.7CVSS5.8AI score0.00123EPSS
Exploits0References5
Circl
Circladded 2026/05/23 3:59 a.m.11 views

CVE-2026-40411

creationtimestamp| type| source ---|---|--- 2026-05-23 03:59:23+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmikpvbh6e2p 2026-05-27 19:37:05+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mmuaycjlbz2y...

9.9CVSS5.7AI score0.00104EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/05/23 2:12 a.m.13 views

CVE-2026-42834

Improper access control in Windows Admin Center allows an authorized attacker to elevate privileges over a network...

7.8CVSS5.8AI score0.00026EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/05/23 2:12 a.m.8 views

CVE-2026-41091

Improper link resolution before file access 'link following' in Microsoft Defender allows an authorized attacker to elevate privileges locally...

7.8CVSS5.8AI score0.08013EPSS
Exploits2References1
Fedora
Fedoraadded 2026/05/23 12:58 a.m.10 views

[SECURITY] Fedora 44 Update: composer-2.9.8-1.fc44

Composer helps you declare, manage and install dependencies of PHP projects, ensuring you have the right stack everywhere. Documentation: https://getcomposer.org/doc/...

5.8AI score
Exploits0
Circl
Circladded 2026/05/22 10:42 p.m.4 views

CVE-2026-40166

creationtimestamp| type| source ---|---|--- 2026-05-22 22:42:29+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhyz7op7v2e...

7.1CVSS5.8AI score0.00011EPSS
Exploits0References1
Circl
Circladded 2026/05/22 10:32 p.m.5 views

CVE-2026-39970

creationtimestamp| type| source ---|---|--- 2026-05-22 22:32:06+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhygjnno62o 2026-05-23 20:27:45+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116625766625880175 2026-06-06 11:02:43+00:00| seen|...

8.5CVSS5.3AI score0.00052EPSS
Exploits0References3
Circl
Circladded 2026/05/22 10:12 p.m.3 views

CVE-2026-39966

creationtimestamp| type| source ---|---|--- 2026-05-22 22:12:46+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmhxe3r7ma2c...

6.5CVSS5.8AI score0.0003EPSS
Exploits0References1
NVD
NVDadded 2026/05/22 9:16 p.m.11 views

CVE-2026-3294

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.8CVSS0.00049EPSS
Exploits0References11
CVE
CVEadded 2026/05/22 8:48 p.m.40 views

CVE-2026-3294

CVE-2026-3294 concerns an authentication logic vulnerability in multiple TP-Link range extenders. The issue allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation, enabling full administrative c...

8.8CVSS5.8AI score0.00049EPSS
Exploits0References11Affected Software1
Cvelist
Cvelistadded 2026/05/22 8:48 p.m.11 views

CVE-2026-3294 Authentication Logic Vulnerability on Multiple TP-Link Range Extenders

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.7CVSS0.00049EPSS
Exploits0References11
Vulnrichment
Vulnrichmentadded 2026/05/22 8:48 p.m.7 views

CVE-2026-3294 Authentication Logic Vulnerability on Multiple TP-Link Range Extenders

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.7CVSS5.8AI score0.00049EPSS
Exploits0References11
ATTACKERKB
ATTACKERKBadded 2026/05/22 8:48 p.m.5 views

CVE-2026-3294

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.7CVSS5.8AI score0.00049EPSS
Exploits0References12
EUVD
EUVDadded 2026/05/22 8:48 p.m.5 views

EUVD-2026-31502

An authentication logic vulnerability in multiple TP-Link range extenders allows an unauthenticated attacker on an adjacent network to manipulate a login parameter and reset the administrator password due to insufficient validation. Successful exploitation allows an attacker to obtain full...

8.7CVSS5.8AI score0.00049EPSS
Exploits0References11
NVD
NVDadded 2026/05/22 7:17 p.m.9 views

CVE-2026-39966

TypeBot is a chatbot builder tool. In versions 3.15.2, the getLinkedTypebots API endpoint returns full bot definitions to any authenticated user who references a target bot ID in a Typebot Link block, regardless of workspace ownership, leading to IDOR. The authorization check uses Array.filter wi...

6.5CVSS0.0003EPSS
Exploits0References3
NVD
NVDadded 2026/05/22 6:16 p.m.5 views

CVE-2026-39964

TypeBot is a chatbot builder tool. In versions prior to 3.16.0, the Typebot viewer packages/embeds/js renders anchor tags from rich text bubble content without filtering the javascript: URI scheme. A bot author can set a link URL to javascript:PAYLOAD, which executes in the visitor's browser...

5.4CVSS0.00049EPSS
Exploits0References3
Rows per page
Query Builder