CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3852 matches found

ATTACKERKB•added 2026/05/09 4:15 p.m.•5 views

CVE-2026-8189

A vulnerability was found in Wavlink NU516U1 M16U1V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlanbssid/selAutomode/selEncrypTyp results in os command injection. It is possible to launch the attack remotely. Th...

6.5CVSS6.3AI score0.04807EPSS

Exploits1References4

ATTACKERKB•added 2026/05/09 3:15 p.m.•9 views

CVE-2026-8188

A vulnerability has been found in Wavlink NU516U1 M16U1V240425. Affected is the function changewifipassword of the file /cgi-bin/adm.cgi. The manipulation of the argument wlchannel/wlPass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has bee...

6.5CVSS5.5AI score0.05454EPSS

Exploits1References4

EUVD•added 2026/05/09 3:15 p.m.•10 views

EUVD-2026-28915

6.5CVSS5.5AI score0.05454EPSS

Exploits1References4

CVE•added 2026/05/09 3:15 p.m.•17 views

CVE-2026-8188

The CVE-2026-8188 entries describe a vulnerability in Wavlink NU516U1 M16U1_V240425 where the change_wifi_password function in /cgi-bin/adm.cgi is exploitable via OS command injection. The issue stems from manipulating input parameters wl_channel, wl_Pass, or EncrypType, enabling remote execution...

8.8CVSS6.3AI score0.05454EPSS

Exploits1References4Affected Software1

CNNVD•added 2026/05/09 12:0 a.m.•7 views

Wavlink NU516U1 命令注入漏洞

Wavlink NU516U1 is a wireless print server developed by Wavlink Corporation. The Wavlink NU516U1 M16U1V240425 version has a command injection vulnerability. This vulnerability arises from the handling of parameters wlchannel/wlPass/EncrypType in the changewifipassword function located in the...

8.8CVSS6.7AI score0.05454EPSS

Exploits1References1

Positive Technologies•added 2026/05/09 12:0 a.m.•8 views

PT-2026-39336

A vulnerability has been found in Wavlink NU516U1 M16U1 V240425. Affected is the function change wifi password of the file /cgi-bin/adm.cgi. The manipulation of the argument wl channel/wl Pass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit ha...

6.5CVSS6.3AI score0.05454EPSS

Exploits1References5

Positive Technologies•added 2026/05/09 12:0 a.m.•11 views

PT-2026-39404

A security flaw has been discovered in Wavlink NU516U1 M16U1 V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wl Pass is directly passed by the attacker/so we can control the EncrypType/wl Pass results in os...

6.5CVSS6.4AI score0.04844EPSS

Exploits1References5

NVD•added 2026/05/08 11:16 p.m.•7 views

CVE-2026-42453

Termix is a web-based server management platform with SSH terminal, tunneling, and file editing capabilities. Prior to version 2.1.0, the extractArchive and compressFiles endpoints in file-manager.ts use double-quoted strings for shell command construction, unlike all other file manager operation...

8.7CVSS0.01207EPSS

Exploits0References2

EUVD•added 2026/05/08 12:31 a.m.•9 views

EUVD-2026-28466

A vulnerability was found in 8421bit MiniClaw up to 223c16a1088e138838dcbd18cd65a37c35ac5a84. Affected is the function executeCognitivePulse of the file src/kernel.ts. Performing a manipulation results in os command injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS6.2AI score0.02941EPSS

Exploits1References8

NVD•added 2026/05/07 10:16 p.m.•13 views

CVE-2026-8112

8.8CVSS0.02941EPSS

Exploits1References7

CVE•added 2026/05/07 9:0 p.m.•12 views

CVE-2026-8112

CVE-2026-8112 affects 8421bit MiniClaw up to commit 223c16a1088e138838dcbd18cd65a37c35ac5a84. The vulnerability is an OS command injection in the function executeCognitivePulse() in src/kernel.ts, exploitable remotely. The exploit has been publicized; no version details are provided due to rollin...

8.8CVSS6.2AI score0.02941EPSS

Exploits1References7Affected Software1

RedhatCVE•added 2026/05/06 8:22 p.m.•4 views

CVE-2026-7812

A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function gitoperation of the file src/codemcp/server.py of the component MCP Tool. Performing a manipulation of the argument operation results in command injection. The attack...

7.5CVSS6.8AI score0.01339EPSS

Exploits0References1

RedhatCVE•added 2026/05/06 2:21 p.m.•5 views

CVE-2026-7833

A weakness has been identified in EFM ipTIME C200 up to 1.092. This vulnerability affects the function sub408F90 of the file /cgi/iuxset.cgi of the component ApplyRestore Endpoint. This manipulation of the argument RestoreFile causes command injection. The attack can be initiated remotely. The...

8.6CVSS5.5AI score0.02336EPSS

Exploits0References1

EUVD•added 2026/05/05 3:31 p.m.•4 views

EUVD-2026-27319

8.6CVSS6.7AI score0.02336EPSS

Exploits0References5

NVD•added 2026/05/05 1:16 p.m.•6 views

CVE-2026-7833

8.6CVSS0.02336EPSS

Exploits0References4

Cvelist•added 2026/05/05 12:30 p.m.•34 views

CVE-2026-7833 EFM ipTIME C200 ApplyRestore Endpoint iux_set.cgi sub_408F90 command injection

8.6CVSS0.02336EPSS

Exploits0References4

ATTACKERKB•added 2026/05/05 12:30 p.m.•1 views

CVE-2026-7833

8.6CVSS6.7AI score0.02336EPSS

Exploits0References4Affected Software1

EUVD•added 2026/05/05 6:31 a.m.•10 views

EUVD-2026-27217

7.5CVSS5.5AI score0.01339EPSS

Exploits0References6

NVD•added 2026/05/05 5:16 a.m.•20 views

CVE-2026-7823

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. Affected is the function setAppFilterCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument enable results in os command injection. The attack may be launched remotely. The exploit has been released to the...

10CVSS0.01788EPSS

Exploits0References5

NVD•added 2026/05/05 5:16 a.m.•12 views

CVE-2026-7812

7.5CVSS0.01339EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by