Lucene search
+L

21537 matches found

ATTACKERKB
ATTACKERKB
added 2026/05/11 3:30 a.m.9 views

CVE-2026-8269

A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function smfnsmfhandlecreatesmcontext of the component SMF. Performing a manipulation results in denial of service. Remote exploitation of the attack is possible. The exploit has been made public and could be used. The project was...

5.3CVSS5.4AI score0.00471EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/11 12:0 a.m.16 views

PT-2026-39560

A vulnerability was determined in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. T...

5.9CVSS6.3AI score0.00154EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/10 6:30 a.m.14 views

EUVD-2026-28984

A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was...

4.6CVSS5.2AI score0.00139EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/10 6:30 a.m.13 views

EUVD-2026-28975

A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. T...

6.5CVSS6.4AI score0.04944EPSS
Exploits1References5
NVD
NVD
added 2026/05/10 6:16 a.m.24 views

CVE-2026-8233

A vulnerability was determined in Dotouch XproUPF 2.0.0-release-088aa7c4. Affected is an unknown function of the component UPF. This manipulation causes improper access controls. A high degree of complexity is needed for the attack. The exploitability is told to be difficult. The vendor was...

4.6CVSS0.00139EPSS
Exploits0References3
CVE
CVE
added 2026/05/10 5:30 a.m.19 views

CVE-2026-8233

CVE-2026-8233 concerns Dotouch XproUPF 2.0.0-release-088aa7c4 where an unknown UPF function manipulation leads to improper access controls. The description indicates a high attack complexity and requires adjacent access with low privileges and no user interaction. Impact is described as low for c...

4.6CVSS5.2AI score0.00139EPSS
Exploits0References3
NVD
NVD
added 2026/05/10 5:16 a.m.19 views

CVE-2026-8227

A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. T...

8.8CVSS0.04944EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/10 3:45 a.m.14 views

CVE-2026-8227 Wavlink NU516U1 adm.cgi wzdapMesh os command injection

A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. T...

6.5CVSS6.4AI score0.04944EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.24 views

PT-2026-39454

A security vulnerability has been detected in Wavlink NU516U1 240425. Impacted is the function advance of the file /cgi-bin/wireless.cgi. Such manipulation of the argument wlan conf/Channel/skiplist/ieee 80211h leads to os command injection. The attack may be launched remotely. The exploit has be...

6.5CVSS6.4AI score0.04807EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/10 12:0 a.m.18 views

PT-2026-39453

A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. T...

6.5CVSS6.4AI score0.04944EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/05/09 6:30 p.m.51 views

CVE-2026-8192 Wavlink NU516U1 adm.cgi wzdap os command injection

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wlPass is directly passed by the attacker/so we can control the EncrypType/wlPass results in os...

6.5CVSS0.04844EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.16 views

PT-2026-39403

A vulnerability was identified in Wavlink NU516U1 M16U1 V240425. This affects the function wifi region of the file /cgi-bin/adm.cgi. Such manipulation of the argument skiplist1/skiplist2 leads to os command injection. The attack can be launched remotely. The exploit is publicly available and migh...

6.5CVSS6.5AI score0.05344EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.15 views

PT-2026-39336

A vulnerability has been found in Wavlink NU516U1 M16U1 V240425. Affected is the function change wifi password of the file /cgi-bin/adm.cgi. The manipulation of the argument wl channel/wl Pass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit ha...

6.5CVSS6.3AI score0.05454EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/05/04 12:30 a.m.4 views

CVE-2026-7715 ravenwits mcp-server-arangodb MCP tools.ts arango_backup path traversal

A vulnerability has been found in ravenwits mcp-server-arangodb up to 0.4.7. This affects the function arangobackup of the file src/tools.ts of the component MCP Interface. Such manipulation of the argument outputDir leads to path traversal. It is possible to launch the attack remotely. The explo...

6.5CVSS6.2AI score0.00288EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/02 1:0 p.m.10 views

CVE-2026-7629

A flaw has been found in kleneway awesome-cursor-mpc-server up to 2.0.1. Impacted is the function runCodeReviewTool of the file src/tools/codeReview.ts of the component Ccode-Review Tool. Executing a manipulation can lead to command injection. The attack may be launched remotely. The exploit has...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/05/02 12:0 p.m.15 views

CVE-2026-7628

The CVE-2026-7628 affects crazyrabbitLTC mcp-code-review-server (up to version 0.1.0). The vulnerability is in RepoMix Command Handler’s function executeRepomix (src/repomix.ts), where a manipulation yields command injection. Exploitation can be remote, and public exploit code is available. The i...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References7
OSV
OSV
added 2026/05/02 3:31 a.m.18 views

GHSA-GC8W-X73W-P4RH yii2-mcp-server has a Command Injection Issue

A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yiicommandhelp/yiiexecutecommand of the file src/index.ts of the component MCP Interface. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been publish...

6.3CVSS6.3AI score0.0111EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.13 views

PT-2026-36615

A vulnerability was detected in crazyrabbitLTC mcp-code-review-server up to 0.1.0. This issue affects the function executeRepomix of the file src/repomix.ts of the component RepoMix Command Handler. Performing a manipulation results in command injection. The attack may be initiated remotely. The...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.7 views

PT-2026-36130

A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The projec...

7.8CVSS5AI score0.00239EPSS
Exploits0References7
NVD
NVD
added 2026/04/29 9:16 p.m.9 views

CVE-2026-7403

A security flaw has been discovered in geldata gel-mcp 0.1.0. This impacts the function listrules/fetchrule of the file src/gelmcp/server.py. The manipulation of the argument rulename results in path traversal. The attack may be performed from remote. The exploit has been released to the public a...

6.9CVSS0.00563EPSS
Exploits0References5
Rows per page
Query Builder