CVE-2026-12223

A vulnerability was identified in Yealink SIP-T46U 108.86.0.118. Affected by this vulnerability is the function modwebd.TFTPUploadIperf of the file /api/inner/tftpuploadiperf of the component Web FastCGI Service. The manipulation of the argument ip/port leads to command injection. The attack need...

CVE-2026-12220

A vulnerability exists in Yealink SIP-T46U firmware 108.86.0.118 affecting the mod_upgrade.SparePartsUpload handler in /api/upgrade/accupgradebychunk. Manipulating the uid argument can cause a stack-based buffer overflow. Exploitation is described as local-network only, with public disclosure and...

PT-2026-49551

Summary A regular expression denial-of-service ReDoS vulnerability has been discovered in ua-parser-js when using the Client Hints API. By sending a crafted Sec-CH-UA-Model header to an application that calls UAParserheaders.withClientHints, an attacker can cause the parser to spend excessive CPU...

CVE-2026-38062

Summary: CVE-2026-38062 affects Tenda 5G03 (V05.03.02.04, Version 1.0). The issue is a command injection in the function action_set_rat_mode via the ratMode parameter. Multiple trusted sources (NVD, EUVD, CVE lists, vuln enrichment) describe this vulnerability with the same root cause. The CVSS v...

MINI-398H-MJJF-M96J

Bulletin has no description...

MINI-49RW-PC5X-7FV7

Bulletin has no description...

MINI-733G-VRM8-5CH7

Bulletin has no description...

CVE-2026-12187 GL.iNet GL-MT3000 Online Firmware Upgrade one_click_upgrade command injection

A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/oneclickupgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched...

MINI-WQC5-64QM-RQHM

Bulletin has no description...

MINI-936G-QR3M-RF4C

Bulletin has no description...

MINI-MFP8-P9WH-VP5V

Bulletin has no description...

PT-2026-49137

Name of the Vulnerable Software and Affected Versions Yealink SIP-T46U version 108.86.0.118 Description A stack-based buffer overflow occurs in the Firmware Chunk Upload Handler component within the sprintf function of the file /api/upgrade/upgrade. This issue is triggered by manipulating the...

PT-2026-49110

Name of the Vulnerable Software and Affected Versions GL.iNet GL-MT3000 versions prior to 4.7 Description An issue in the Online Firmware Upgrade Handler component allows for remote command injection via the /usr/bin/one click upgrade file. Command injection is a flaw that allows an attacker to...

CVE-2026-11624

The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebinding attacks. Prior to the v0.25.0 release, users had no way to validate the origin's host. In v0.25.0, a new "--allowed-hosts" flag was introduced...

CVE-2026-11624

The CVE-2026-11624 entry concerns the Model Context Protocol server where origin validation of the Origin header affects DNS rebinding risk. Before v0.25.0 there was no host validation; v0.25.0 introduces --allowed-hosts and --allowed-origins flags to specify permitted hosts at startup. Both flag...

CVE-2026-11624

The Model Context Protocol has a security warning advising servers to validate the "Origin" header on all incoming connections to prevent DNS rebinding attacks. Prior to the v0.25.0 release, users had no way to validate the origin's host. In v0.25.0, a new "--allowed-hosts" flag was introduced...

PT-2026-49089

Name of the Vulnerable Software and Affected Versions Model Context Protocol versions prior to 0.25.0 Description Servers fail to validate the "Origin" header on incoming connections, which may allow DNS rebinding attacks. DNS rebinding is a method of bypassing the Same-Origin Policy to interact...

CVE-2026-53827

OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by...

CVE-2026-53827

OpenClaw is affected by CVE-2026-53827: before version 2026.5.2, a credential exposure vulnerability exists in message.action forwarding. The issue allows model-controlled metadata to forward action payloads containing Gateway credentials to attacker-supplied loopback URLs, enabling remote attack...

CVE-2026-53827 OpenClaw < 2026.5.2 - Credential Exposure via Model-Supplied Loopback URLs in message.action Forwarding

OpenClaw before 2026.5.2 contains a credential exposure vulnerability in message.action forwarding that allows model-controlled metadata to forward action payloads with Gateway credentials to attacker-supplied loopback URLs. Remote attackers can intercept Gateway tokens and action payloads by...