CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

14 matches found

CVE•added 2026/05/27 8:19 a.m.•16 views

CVE-2026-49002

CVE-2026-49002 affects ZTE’s ZXUniPOS NDS-LTE product. The issue is a broken access control in the application that allows unauthorized users to access data beyond their permissions (e.g., viewing/modifying configuration information). CVSS metrics indicate a high-severity, network-exploitable fla...

9.1CVSS5.8AI score0.00308EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 8:19 a.m.•6 views

CVE-2026-49002 Broken Access Control Vulnerabily in ZTE ZXUniPOS NDS-LTE product

Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and modifying configuration information...

9.1CVSS5.8AI score0.00308EPSS

Exploits0References1

CVE•added 2026/05/27 7:33 a.m.•10 views

CVE-2026-49001

CVE-2026-49001 describes a CSRF vulnerability in the ZTE ZXUniPOS NDS-LTE product. The vulnerability allows an attacker to abuse a user’s authenticated session to forge unwanted requests, potentially tampering configuration data. According to the metrics, the exploit would have Network attack vec...

5.3CVSS5.8AI score0.00109EPSS

Exploits0References1

Cvelist•added 2026/05/27 7:33 a.m.•27 views

CVE-2026-49001 Cross-Site Request Forgery (CSRF) vulnerability in ZTE ZXUniPOS NDS-LTE product

Cross-site request forgery CSRF vulnerabilities allow attackers to exploit a user's authenticated session to forge cross-site requests, inducing the execution of unintended operations such as tampering with configuration data...

5.3CVSS0.00109EPSS

Exploits0References1

Vulnrichment•added 2026/05/27 7:33 a.m.•6 views

CVE-2026-49001 Cross-Site Request Forgery (CSRF) vulnerability in ZTE ZXUniPOS NDS-LTE product

5.3CVSS5.8AI score0.00109EPSS

Exploits0References1

CVE•added 2026/05/27 3:38 a.m.•19 views

CVE-2026-49000

Technical details (affected products, components, versions, exploit info) are not publicly available in the provided documents. Monitor for updates from NVD, the CVE List, and vendors.

7CVSS5.9AI score0.00121EPSS

Exploits0References1

CVE•added 2026/05/27 2:25 a.m.•11 views

CVE-2026-48999

CVE-2026-48999 affects the ZTE ZXUniPOS NDS-LTE product. It is a Stored Cross-Site Scripting (XSS) vulnerability where attacker-supplied scripts are stored and executed in a user’s browser when loading affected pages. Impacts stated include cookie theft, session hijacking, and page content tamper...

5.7CVSS5.9AI score0.00169EPSS

Exploits0References1

CNNVD•added 2026/05/27 12:0 a.m.•7 views

ZTE ZXUniPOS NDS-LTE 安全漏洞

ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has security vulnerabilities, which stem from unsafe password schemes. These include improper selection of encryption algorithms, inadequate key management, or defects in code...

7CVSS5.9AI score0.00121EPSS

Exploits0References1

CNNVD•added 2026/05/27 12:0 a.m.•5 views

ZTE ZXUniPOS NDS-LTE 安全漏洞

ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has a security vulnerability. This vulnerability stems from cross-site request forgery, which allows attackers to forge cross-site requests using authenticated user sessions, thereb...

5.3CVSS5.7AI score0.00109EPSS

Exploits0References2

CNNVD•added 2026/05/27 12:0 a.m.•7 views

ZTE ZXUniPOS NDS-LTE 安全漏洞

ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has a security vulnerability. This vulnerability arises from attackers carefully constructing malicious scripts and injecting them into target systems. When other users access pages...

5.7CVSS5.8AI score0.00169EPSS

Exploits0References1

Cvelist•added 2026/05/26 9:39 a.m.•38 views

CVE-2026-44410 Function Abusement Vulnerability in ZTE ZXUniPOS NDS-LTE

This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...

3.8CVSS0.00131EPSS

Exploits0References1

Vulnrichment•added 2026/05/26 9:39 a.m.•10 views

CVE-2026-44410 Function Abusement Vulnerability in ZTE ZXUniPOS NDS-LTE

3.8CVSS5.8AI score0.00131EPSS

Exploits0References1

CVE•added 2026/05/26 9:39 a.m.•21 views

CVE-2026-44410

Technical details for CVE-2026-44410 are not publicly available in the provided documents. Monitor for updates from the vendor and CVE records for any concrete impact, affected components, or remediation.

3.8CVSS5.8AI score0.00131EPSS

Exploits0References1

CNNVD•added 2026/05/26 12:0 a.m.•7 views

ZTE ZXUniPOS NDS-LTE 安全漏洞

ZTE ZXUniPOS NDS-LTE is an operator network positioning platform developed by ZTE Corporation. ZTE ZXUniPOS NDS-LTE has a security vulnerability, which stems from business logic defects. Attackers can exploit the features of legitimate applications in an unintended and abnormal manner to carry ou...

3.8CVSS5.8AI score0.00131EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by