4310 matches found
CVE-2026-4195
A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file...
Models Are Applying to Be the Face of AI Scams
Dozens of Telegram channels reviewed by WIRED include job listings for “AI face models.” The mostly women who land these gigs are likely being used to dupe victims out of their money...
CVE-2026-4210
CVE-2026-4210 affects D-Link DNS-120, DNR-202L, DNS-315L, DNS-320/320L/320LW/321, DNR-322L, DNS-323/325/326/327L, DNR-326, DNS-340L/343/345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04. The vulnerability targets the function cgi_tm_set_share in /cgi-bin/time_machine.cgi, where manipulating...
CVE-2026-4206
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function...
CVE-2026-4204
Affected products: D-Link DNS-120, DNR-202L, DNS-315L, DNS-320/320L/320LW, DNS-321, DNR-322L, DNS-323, DNS-325/326/327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05, DNS-1550-04. Root cause: The CGI endpoints in /cgi-bin/gui_mgr.cgi (cgi_myfavorite_add/…/cgi_mycloud_au...
CVE-2026-4203
Summary (CVE-2026-4203): A command-injection vulnerability affects multiple D-Link DNS-series devices (e.g., DNS-120, DNS-320, DNS-1550-04, etc.) via /cgi-bin/network_mgr.cgi in functions including cgi_portforwarding_add/del/modify/add_scan, cgi_dhcpd_lease, cgi_ddns, cgi_ip, and cgi_dhcpd. The i...
PT-2026-25587
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects the function FMT rebuild...
TP-LINK多款产品 安全漏洞
TP-LINK TL-WR802N, etc., are products of the TP-LINK company from China. The TP-LINK TL-WR802N is a wireless router. The TP-LINK TL-WR840N is also a wireless router. The TP-LINK TL-WR841N is another product of TP-LINK. Several TP-LINK products have security vulnerabilities; these vulnerabilities...
Express - Node.js API with PostgreSQL SQL注入漏洞
Express - Node.js API with PostgreSQL is a RESTful API service developed by Jawher Kl, based on Node.js and PostgreSQL. Versions of Express - Node.js API with PostgreSQL prior to version 2.5 have a SQL injection vulnerability. This vulnerability stems from incorrect handling of the sort parameter...
D-Link多款产品 命令注入漏洞
D-Link DNS-320, etc., are products of D-Link Corporation from China. The D-Link DNS-320 is a NAS Network Attached Storage device. The D-Link DNS-120 is a network storage adapter. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection...
D-Link多款产品 命令注入漏洞
D-Link DNS-120, etc., are products of D-Link Corporation from China. The D-Link DNS-120 is a network storage adapter. The D-Link DNR-202L is a network video camera. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection vulnerabilities, which stem...
D-Link多款产品 命令注入漏洞
D-Link DNS-320, etc., are products of D-Link Corporation from China. The D-Link DNS-320 is a NAS Network Attached Storage device. The D-Link DNS-120 is a network storage adapter. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection...
D-Link多款产品 命令注入漏洞
D-Link DNS-120, etc., are products of D-Link Corporation from China. The D-Link DNS-120 is a network storage adapter. The D-Link DNR-202L is a network video camera. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection vulnerabilities, which stem...
D-Link多款产品 命令注入漏洞
D-Link DNS-320, etc., are products of D-Link Corporation, a Chinese company. The D-Link DNS-320 is a NAS Network Attached Storage device. The D-Link DNS-120 is a network storage adapter. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection...
D-Link多款产品 命令注入漏洞
D-Link DNS-120, etc., are products of D-Link Corporation from China. The D-Link DNS-120 is a network storage adapter. The D-Link DNR-202L is a network video camera. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection vulnerabilities, which stem...
Cross-Scale Persistence Analysis of EM Side-Channels for Reference-Free Detection of Always-On Hardware Trojans
Always-on hardware Trojans pose a serious challenge to integrated circuit trust, as they remain active during normal operation and are difficult to detect in post-deployment settings without trusted golden references. This paper presents a reference-free detection framework based on cross-scale...
PISmith: Reinforcement Learning-Based Red Teaming for Prompt Injection Defenses
Prompt injection poses serious security risks to real-world LLM applications, particularly autonomous agents. Although many defenses have been proposed, their robustness against adaptive attacks remains insufficiently evaluated, potentially creating a false sense of security. In this work, we...
How Vulnerable Are AI Agents to Indirect Prompt Injections? Insights from a Large-Scale Public Competition
LLM based agents are increasingly deployed in high stakes settings where they process external data sources such as emails, documents, and code repositories. This creates exposure to indirect prompt injection attacks, where adversarial instructions embedded in external content manipulate agent...
CPython 安全漏洞
CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has security vulnerabilities; these vulnerabilities arise when parsing inline document type definitions that contain deeply nested content models, potentially leading to C stack overflows...
CVE-2026-4197 D-Link DNS-1550-04 download_mgr.cgi RSS_Item_List command injection
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...