CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/05 5:16 a.m.•12 views

CVE-2026-7812

7.5CVSS0.01339EPSS

Cvelist•added 2026/05/05 4:45 a.m.•43 views

CVE-2026-7823 Totolink A8000RU cstecgi.cgi setAppFilterCfg os command injection

10CVSS0.01788EPSS

ATTACKERKB•added 2026/05/05 4:45 a.m.•9 views

CVE-2026-7823

10CVSS7AI score0.01788EPSS

Exploits0References5Affected Software1

ATTACKERKB•added 2026/05/05 4:15 a.m.•6 views

CVE-2026-7812

7.5CVSS6.8AI score0.01339EPSS

RedhatCVE•added 2026/05/05 2:20 a.m.•4 views

CVE-2026-7687

A vulnerability was determined in langflow-ai langflow up to 1.8.4. Affected by this issue is the function CodeParser.parsecallabledetails of the file src/lfx/src/lfx/custom/codeparser/codeparser.py of the component Full Builtins Module Handler. Executing a manipulation can lead to command...

6.5CVSS6.3AI score0.01666EPSS

RedhatCVE•added 2026/05/05 2:20 a.m.•6 views

CVE-2026-7642

A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function downloadwebsite of the file src/index.ts of the component MCP Interface. Performing a manipulation of the argument outputPath results in os command injection. The attack may be initiated remotely. Th...

6.5CVSS6.4AI score0.0134EPSS

EUVD•added 2026/05/05 12:30 a.m.•5 views

EUVD-2026-27159

A security flaw has been discovered in A-G-U-P-T-A wireshark-mcp edaf604416fbc94a201b4043092d4a1b09a12275/400c3da70074f22f3cce7ccb65304cafc7089c89. This affects the function quickcapture of the file pysharkmcp.py. The manipulation results in os command injection. The attack may be launched...

7.5CVSS6.8AI score0.01312EPSS

Exploits0References6

NVD•added 2026/05/05 12:16 a.m.•7 views

CVE-2026-7785

7.5CVSS0.01312EPSS

Positive Technologies•added 2026/05/05 12:0 a.m.•5 views

PT-2026-36973

A vulnerability was found in 54yyyu code-mcp up to 4cfc4643541a110c906d93635b391bf7e357f4a8. The impacted element is the function git operation of the file src/code mcp/server.py of the component MCP Tool. Performing a manipulation of the argument operation results in command injection. The attac...

7.5CVSS6.8AI score0.01339EPSS

Exploits0References6

Positive Technologies•added 2026/05/05 12:0 a.m.•6 views

PT-2026-36975

Name of the Vulnerable Software and Affected Versions Totolink A8000RU version 7.1cu.643 b20200521 Description A security flaw allows remote OS command injection via the manipulation of the enable argument. This issue occurs within the setAppFilterCfg function located in the "/cgi-bin/cstecgi.cgi...

10CVSS7.2AI score0.01788EPSS

Exploits0References18

RedhatCVE•added 2026/05/04 8:21 p.m.•1 views

CVE-2026-7692

A vulnerability was detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. The affected element is the function pingddns of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument DDNS results in command injection. The attack can be initiated remotely. The exploit is now public and may ...

6.5CVSS6.4AI score0.03191EPSS

RedhatCVE•added 2026/05/04 8:21 p.m.•2 views

CVE-2026-7691

A security vulnerability has been detected in Wavlink WL-WN570HA1 R70HA1 V1410221110. Impacted is the function setsyscmd of the file /cgi-bin/adm.cgi. Such manipulation of the argument command leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed...

6.5CVSS6.4AI score0.03191EPSS

RedhatCVE•added 2026/05/04 8:21 p.m.•5 views

CVE-2026-7690

A weakness has been identified in Wavlink WL-WN570HA1 R70HA1 V1410221110. This issue affects the function setsysadm of the file /cgi-bin/adm.cgi. This manipulation of the argument Username causes command injection. It is possible to initiate the attack remotely. The exploit has been made availabl...

9.8CVSS6.4AI score0.04971EPSS

RedhatCVE•added 2026/05/04 8:21 p.m.•5 views

CVE-2026-7600

A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yiicommandhelp/yiiexecutecommand of the file src/index.ts of the component MCP Interface. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been publish...

6.5CVSS6.3AI score0.0111EPSS

RedhatCVE•added 2026/05/04 8:21 p.m.•2 views

CVE-2026-7653

A security flaw has been discovered in r-huijts mcp-server-rijksmuseum up to 1.0.4. Affected is the function openimageinbrowser of the file src/index.ts of the component MCP Interface. Performing a manipulation of the argument imageUrl results in os command injection. The attack is possible to be...

6.5CVSS6.3AI score0.01294EPSS

RedhatCVE•added 2026/05/04 8:21 p.m.•3 views

CVE-2026-7609

A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function toolsdiagnostic of the file /tmp/diagnostic of the component Firmware Udpate. This manipulation causes os command injection. Remote exploitation of the attack is possible. The exploit has been publish...

8.8CVSS6.2AI score0.04123EPSS

RedhatCVE•added 2026/05/04 8:21 p.m.•4 views

CVE-2026-7698

A vulnerability was identified in Tiandy Easy7 Integrated Management Platform 7.17.0. Affected by this vulnerability is an unknown functionality of the file /Easy7/rest/systemInfo/updateDbBackupInfo. Such manipulation of the argument week leads to os command injection. The attack can be executed...

7.5CVSS6.9AI score0.01655EPSS