Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

40950 matches found

NVD
NVDadded 2026/05/09 9:16 p.m.49 views

CVE-2026-8196

A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java of the component mLogin Endpoint. This manipulation causes authorization bypass. The attack...

6.3CVSS0.00463EPSS
Exploits0References4
NVD
NVDadded 2026/05/09 8:16 p.m.14 views

CVE-2026-8195

A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java of the component SVG File Handler. The manipulation results in cross site...

5.3CVSS0.00269EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/09 8:15 p.m.57 views

CVE-2026-8196 JeecgBoot mLogin Endpoint LoginController.java authorization

A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java of the component mLogin Endpoint. This manipulation causes authorization bypass. The attack...

6.3CVSS0.00463EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/09 8:15 p.m.6 views

CVE-2026-8196

A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java of the component mLogin Endpoint. This manipulation causes authorization bypass. The attack...

6.3CVSS5.2AI score0.00463EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/09 8:15 p.m.6 views

CVE-2026-8196 JeecgBoot mLogin Endpoint LoginController.java authorization

A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginController.java of the component mLogin Endpoint. This manipulation causes authorization bypass. The attack...

6.3CVSS5.2AI score0.00463EPSS
Exploits0References4
CVE
CVEadded 2026/05/09 8:15 p.m.14 views

CVE-2026-8196

Summary: CVE-2026-8196 affects JeecgBoot 3.9.1, specifically the mLogin Endpoint. The vulnerability arises in the LoginController.java file under jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/, where an unspecified manipulation allows an authorization bypa...

6.3CVSS5.2AI score0.00463EPSS
Exploits0References4
CVE
CVEadded 2026/05/09 8:0 p.m.16 views

CVE-2026-8195

CVE-2026-8195 affects JeecgBoot up to 3.9.1. The vulnerability is a cross-site scripting issue in the SVG File Handler component, specifically in jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/CommonController.java. The manipulation is remote and the exploi...

5.3CVSS4.2AI score0.00269EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/09 6:45 p.m.31 views

CVE-2026-8193 Akaunting Invoice PDF Rendering dompdf.php server-side request forgery

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS0.00206EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2026/05/09 6:45 p.m.5 views

CVE-2026-8193 Akaunting Invoice PDF Rendering dompdf.php server-side request forgery

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/09 6:45 p.m.7 views

CVE-2026-8193

A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead to server-side request forgery. The attack may be launched remotely. The exploit has been made...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References4
CVE
CVEadded 2026/05/09 6:45 p.m.10 views

CVE-2026-8193

CVE-2026-8193 affects Akaunting 3.1.21, specifically the Invoice PDF Rendering component’s dompdf.php file. The vulnerability arises from unknown processing in that file, enabling a remote attacker to manipulate inputs to achieve server-side request forgery (SSRF). Exploitation is indicated as po...

6.5CVSS6.2AI score0.00206EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/09 6:30 p.m.45 views

CVE-2026-8192 Wavlink NU516U1 adm.cgi wzdap os command injection

A security flaw has been discovered in Wavlink NU516U1 M16U1V240425. This vulnerability affects the function wzdap of the file /cgi-bin/adm.cgi. Performing a manipulation of the argument EncrypType/wlPass is directly passed by the attacker/so we can control the EncrypType/wlPass results in os...

6.5CVSS0.04844EPSS
Exploits1References4
Cvelist
Cvelistadded 2026/05/09 6:15 p.m.43 views

CVE-2026-8191 Wavlink NU516U1 adm.cgi wifi_region os command injection

A vulnerability was identified in Wavlink NU516U1 M16U1V240425. This affects the function wifiregion of the file /cgi-bin/adm.cgi. Such manipulation of the argument skiplist1/skiplist2 leads to os command injection. The attack can be launched remotely. The exploit is publicly available and might ...

6.5CVSS0.05344EPSS
Exploits1References4
CVE
CVEadded 2026/05/09 6:15 p.m.20 views

CVE-2026-8191

The CVE-2026-8191 vulnerability affects Wavlink NU516U1 M16U1_V240425, specifically the wifi_region function in /cgi-bin/adm.cgi. Manipulation of the arguments skiplist1/skiplist2 enables remote command injection, with the exploit described as publicly available. Multiple sources (NVD, Red Hat, E...

8.8CVSS6.5AI score0.05344EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/09 5:15 p.m.6 views

CVE-2026-8190 Wavlink NU516U1 adm.cgi wan os command injection

A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...

6.5CVSS6.4AI score0.05344EPSS
Exploits1References4
EUVD
EUVDadded 2026/05/09 5:15 p.m.9 views

EUVD-2026-28918

A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...

6.5CVSS6.4AI score0.05344EPSS
Exploits1References4
EUVD
EUVDadded 2026/05/09 4:15 p.m.10 views

EUVD-2026-28916

A vulnerability was found in Wavlink NU516U1 M16U1V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlanbssid/selAutomode/selEncrypTyp results in os command injection. It is possible to launch the attack remotely. Th...

6.5CVSS5.6AI score0.04807EPSS
Exploits1References4
CVE
CVEadded 2026/05/09 4:15 p.m.15 views

CVE-2026-8189

CVE-2026-8189 affects Wavlink NU516U1 M16U1_V240425. The vulnerability is in the function wzdrepeater of the file /cgi-bin/adm.cgi . Manipulating the arguments wlan_bssid/sel_Automode/sel_EncrypTyp results in OS command injection , allowing remote exploitation. The exploit has been publicly discl...

8.8CVSS6.3AI score0.04807EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2026/05/09 3:15 p.m.33 views

CVE-2026-8188 Wavlink NU516U1 adm.cgi change_wifi_password os command injection

A vulnerability has been found in Wavlink NU516U1 M16U1V240425. Affected is the function changewifipassword of the file /cgi-bin/adm.cgi. The manipulation of the argument wlchannel/wlPass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has bee...

6.5CVSS0.05454EPSS
Exploits1References4
EUVD
EUVDadded 2026/05/09 3:15 p.m.10 views

EUVD-2026-28915

A vulnerability has been found in Wavlink NU516U1 M16U1V240425. Affected is the function changewifipassword of the file /cgi-bin/adm.cgi. The manipulation of the argument wlchannel/wlPass/EncrypType leads to os command injection. It is possible to initiate the attack remotely. The exploit has bee...

6.5CVSS5.5AI score0.05454EPSS
Exploits1References4
Rows per page
Query Builder