CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/26 8:14 p.m.•9 views

CVE-2026-9399

A vulnerability was detected in Edimax BR-6675nD 1.12. This vulnerability affects the function formsetPPPoE of the file /goform/formsetPPPoE of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in buffer overflow. It is possible to initiate the atta...

9CVSS7.8AI score0.00445EPSS

RedhatCVE•added 2026/05/26 8:14 p.m.•12 views

CVE-2026-9459

A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument maxConn/timeOut results in stack-based buffer overflow. It is possible to initiate the attack remotel...

9CVSS7.8AI score0.00751EPSS

RedhatCVE•added 2026/05/26 8:14 p.m.•11 views

CVE-2026-9344

A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of the argument pinCode/wlan-url leads to stack-based buffer overflow. The attack can be executed...

9CVSS7.8AI score0.00445EPSS

RedhatCVE•added 2026/05/26 8:14 p.m.•8 views

CVE-2026-9382

A flaw has been found in Edimax BR-6675nD 1.12. Affected by this issue is the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Executing a manipulation of the argument pptpUserName can lead to buffer overflow. The attack may be launched remotely. The...

9CVSS7.8AI score0.00542EPSS

ATTACKERKB•added 2026/05/26 7:45 p.m.•6 views

CVE-2026-9579

A vulnerability was found in JeecgBoot up to 3.9.1. Impacted is the function user.getUsername of the file /sys/user/login/setting/userEdit of the component SysUser. The manipulation of the argument userIdentity results in improper access controls. The attack may be launched remotely. The exploit...

6.5CVSS6.2AI score0.00209EPSS

Cvelist•added 2026/05/26 7:45 p.m.•35 views

CVE-2026-9579 JeecgBoot SysUser userEdit user.getUsername access control

6.5CVSS0.00209EPSS

CVE•added 2026/05/26 7:45 p.m.•14 views

CVE-2026-9579

Summary: CVE-2026-9579 affects JeecgBoot

6.5CVSS6.2AI score0.00209EPSS

ATTACKERKB•added 2026/05/26 7:30 p.m.•9 views

CVE-2026-9575

A vulnerability has been found in itsourcecode Student Transcript Processing System 1.0. This issue affects some unknown processing of the file /admin/modules/class/index.php?view=view. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit h...

7.5CVSS6.8AI score0.00259EPSS

Exploits0References5Affected Software1

Cvelist•added 2026/05/26 7:30 p.m.•31 views

CVE-2026-9575 itsourcecode Student Transcript Processing System index.php sql injection

7.5CVSS0.00259EPSS

CVE•added 2026/05/26 7:30 p.m.•12 views

CVE-2026-9575

CVE-2026-9575 affects the itsourcecode Student Transcript Processing System 1.0. The flaw arises from improper handling of the ID argument in the PHP file at /admin/modules/class/index.php?view=view, enabling SQL injection. It is a remote, unauthenticated risk with PoC-level exploit maturity and ...

7.5CVSS6.8AI score0.00259EPSS

EUVD•added 2026/05/26 7:30 p.m.•17 views

EUVD-2026-31963

7.5CVSS6.8AI score0.00259EPSS

Cvelist•added 2026/05/26 7:15 p.m.•29 views

CVE-2026-9574 itsourcecode Student Transcript Processing System trans.php sql injection

A flaw has been found in itsourcecode Student Transcript Processing System 1.0. This vulnerability affects unknown code of the file /admin/modules/student/trans.php. Executing a manipulation of the argument studentId/cid can lead to sql injection. The attack can be launched remotely. The exploit...

7.5CVSS0.00259EPSS

EUVD•added 2026/05/26 7:0 p.m.•13 views

EUVD-2026-31958

A vulnerability was detected in itsourcecode Student Transcript Processing System 1.0. This affects an unknown part of the file /admin/modules/student/index.php?view=view. Performing a manipulation of the argument studentId results in sql injection. The attack can be initiated remotely. The explo...

7.5CVSS7AI score0.00259EPSS

ATTACKERKB•added 2026/05/26 7:0 p.m.•8 views

CVE-2026-9573

7.5CVSS7AI score0.00259EPSS

Exploits0References5Affected Software1

CVE•added 2026/05/26 7:0 p.m.•12 views

CVE-2026-9573

The CVE-2026-9573 entry concerns itsourcecode Student Transcript Processing System 1.0. The vulnerability resides in /admin/modules/student/index.php?view=view, where manipulating the studentId parameter triggers a SQL injection. The issue is exploitable remotely, with exploit code public. Affect...

7.5CVSS7AI score0.00259EPSS

NVD•added 2026/05/26 6:16 p.m.•14 views

CVE-2026-9566

A vulnerability was identified in teableio teable up to 1.9.x. This impacts an unknown function of the file apps/nextjs-app/src/features/auth/pages/LoginPage.tsx of the component Sign-up. The manipulation of the argument redirect leads to cross site scripting. The attack is possible to be carried...

5.3CVSS0.00282EPSS

Cvelist•added 2026/05/26 6:0 p.m.•30 views

CVE-2026-9568 ThingsBoard YAML provision getGatewayDockerComposeFile code injection

A weakness has been identified in ThingsBoard up to 4.3.1.1. Affected by this vulnerability is the function getGatewayDockerComposeFile of the file /api/v1/provision of the component YAML Handler. This manipulation causes code injection. It is possible to initiate the attack remotely. The attack'...

5.1CVSS0.00219EPSS

Cvelist•added 2026/05/26 5:0 p.m.•31 views

CVE-2026-9566 teableio teable Sign-up LoginPage.tsx cross site scripting

5.3CVSS0.00282EPSS