CVE-2026-5980

CVE-2026-5980 affects D-Link DIR-605L (firmware 2.13B01). The flaw is in the POST Request Handler’s function formSetMACFilter, specifically the /goform/formSetMACFilter path. Manipulation of the curTime argument leads to a buffer overflow, with remote attack potential. The exploit has reportedly ...

CVE-2026-5975

A vulnerability was identified in Totolink A7100RU 7.4cu.2313b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be performed from remote. Th...

EUVD-2026-20984

A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function checksolution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. Th...

EUVD-2026-20930

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The...

CVE-2026-1584 Gnutls: gnutls: remote denial of service via crafted clienthello with invalid psk binder

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...

CVE-2026-1584

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key PSK binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and...

CVE-2026-5970

A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function checksolution of the component HumanEvalBenchmark/MBPPBenchmark. Performing a manipulation results in code injection. The attack may be initiated remotely. The exploit is now public and may be used. Th...

EUVD-2026-20904

An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials...

CVE-2026-5959

A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...

CVE-2026-5960 code-projects Patient Record Management System SQL Database Backup File hcpms.sql information disclosure

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The...

CVE-2026-5960

A weakness has been identified in code-projects Patient Record Management System 1.0. This affects an unknown part of the file /db/hcpms.sql of the component SQL Database Backup File Handler. Executing a manipulation can lead to information disclosure. The attack can be launched remotely. The...

CVE-2026-5959

The CVE-2026-5959 entry concerns GL.iNet devices GL-RM1/GL-RM10/GL-RM10RC/GL-RM1PE running 1.8.1, where an issue in the Factory Reset Handler allows remote, improperly authenticated actions. The vulnerability’s attack complexity is high with network access and no user interaction required, and it...

CVE-2026-5959

A security flaw has been discovered in GL.iNet GL-RM1, GL-RM10, GL-RM10RC and GL-RM1PE 1.8.1. Affected by this issue is some unknown functionality of the component Factory Reset Handler. Performing a manipulation results in improper authentication. The attack can be initiated remotely. The...

EUVD-2026-20856

A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an unknown function of the file /db/moviedb.sql of the component SQL Database Backup File Handler. Such manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been...

CVE-2026-5849

The CVE-2026-5849 entry describes a path traversal vulnerability in Tenda i12 version 1.0.0.11(3862), caused by an issue in the HTTP Handler component where an unknown function can be manipulated to traverse paths. The flaw enables remote exploitation, and public disclosures indicate exploitation...

CVE-2026-5847 code-projects Movie Ticketing System SQL Database Backup File moviedb.sql information disclosure

A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an unknown function of the file /db/moviedb.sql of the component SQL Database Backup File Handler. Such manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been...

CVE-2026-5847

A vulnerability has been found in code-projects Movie Ticketing System 1.0. Impacted is an unknown function of the file /db/moviedb.sql of the component SQL Database Backup File Handler. Such manipulation leads to information disclosure. The attack can be launched remotely. The exploit has been...

CVE-2026-5836 code-projects Online Shoe Store admin_product.php cross site scripting

A vulnerability has been found in code-projects Online Shoe Store 1.0. Affected by this issue is some unknown functionality of the file /admin/adminproduct.php. The manipulation of the argument productname leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

EUVD-2026-20715

Inappropriate implementation in PDF in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. Chromium security severity: Low...

EUVD-2026-20785

A vulnerability was detected in openstatusHQ openstatus up to 1b678e71a85961ae319cbb214a8eae634059330c. This impacts an unknown function of the file apps/dashboard/src/app/dashboard/onboarding/client.tsx of the component Onboarding Endpoint. The manipulation of the argument callbackURL results in...