CVE-2026-49195

Unauthenticated Debug Service. The /sbin/mtkdut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute arbitrary UCC commands...

CVE-2026-36539

Netis AC1200 Router NC21 V4.0.1.4296 exposes a CGI endpoint /cgi-bin/skkget.cgi that returns the entire router configuration as a JSON response with no authentication required. Any attacker on the LAN can send a single HTTP GET request and instantly retrieve administrator credentials, WiFi...

CVE-2026-43666

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An attacker on the local network may be abl...

CVE-2026-7256

CVE-2026-7256 affects Zyxel WRE6505 v2, firmware V1.00(ABDV.3)C0. The CGI program is vulnerable to a command injection that can let an adjacent LAN attacker execute OS commands by sending a crafted HTTP request. The description does not provide root cause specifics beyond the CGI-invocation path,...

CVE-2026-43666

An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An attacker on the local network may be abl...

CVE-2026-41287

CVE-2026-41287 is a stack-based buffer overflow in the WatchGuard Agent Discovery Service on Windows that allows an unauthenticated, adjacent attacker to crash the agent service, producing a Denial of Service. Documented impact is high (CVSS 4.0 base score 7.1) with availability as the primary co...

CVE-2026-7845

The CVE-2026-7845 issue affects chatchat-space Langchain-Chatchat (up to 0.3.1.3). It targets the Vision Chat Paste Image Handler: the function PIL.Image.tobytes in libs/chatchat-server/chatchat/webui_pages/dialogue/dialogue.py, via manipulation of paste_image.image_data, leads to the use of a we...

CVE-2026-7845

A flaw has been found in chatchat-space Langchain-Chatchat up to 0.3.1.3. This issue affects the function PIL.Image.tobytes of the file libs/chatchat-server/chatchat/webuipages/dialogue/dialogue.py of the component Vision Chat Paste Image Handler. This manipulation of the argument...

PT-2026-38198

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in Cast allows an attacker on the local network segment to bypass the same origin policy via malicious network traffic. The same origin policy...

PT-2026-38154

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.96 Description Insufficient validation of untrusted input in Permissions allows an attacker on the local network segment to leak cross-origin data via malicious network traffic. Recommendations Update...

DEBIAN-CVE-2026-7338

Use after free in Cast in Google Chrome prior to 147.0.7727.138 allowed an attacker on the local network segment to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

CVE-2026-28522

arduino-TuyaOpen before version 1.2.1 contains a null pointer dereference vulnerability in the WiFiUDP component. An attacker on the same local area network can send a large volume of malicious UDP packets to cause memory exhaustion on the device, triggering a null pointer dereference and resulti...

UBUNTU-CVE-2026-32634

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, Glances stores both the Zeroconf-advertised server name and the discovered IP address for dynamic servers, but later builds connection URIs from the untrusted advertised name instead ...

CVE-2026-28519

arduino-TuyaOpen before version 1.2.1 contains a heap-based buffer overflow vulnerability in the DnsServer component. An attacker on the same local area network who controls the LAN DNS server can send malicious DNS responses to overflow the heap buffer, potentially allowing execution of arbitrar...

CVE-2025-13776 Hard-coded database credentials in Finka software

Multiple Finka programs use hard-coded Firebird database credentials shared across all instances of this software. A malicious attacker in local network who knows default credentials is able to read and edit database content. This vulnerability has been fixed in version: Finka-FK 18.5, Finka-KPR...

CVE-2025-13776 Hard-coded database credentials in Finka software

Multiple Finka programs use hard-coded Firebird database credentials shared across all instances of this software. A malicious attacker in local network who knows default credentials is able to read and edit database content. This vulnerability has been fixed in version: Finka-FK 18.5, Finka-KPR...

PT-2026-5257

Name of the Vulnerable Software and Affected Versions TeamViewer DEX Client former 1E Client versions prior to 26.1 Description A flaw exists due to insufficient validation of user-supplied data within the Content Distribution Service NomadBranch.exe of the TeamViewer DEX Client. This allows a...

PT-2026-3270

Name of the Vulnerable Software and Affected Versions TP-Link VIGI Cameras affected versions not specified Description An authentication bypass issue exists in the password recovery feature of the local web interface of TP-Link VIGI cameras. This allows an attacker on the Local Area Network LAN t...

CVE-2025-67090

The LuCI web interface on Gl Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. Fix available in version 4.8.2 GL.Inet AX1800 Version 4.6.4 & 4.6.8 lacks rate limiting or account lockout mechanisms on the authentication endpoint /cgi-bin/luci. An unauthenticated attacker on the local netwo...