CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/05/05 8:21 p.m.•6 views

CVE-2026-7676

A vulnerability was found in kerwincui FastBee up to 1.2.1. The affected element is the function ToolController.download of the file springboot/fastbee-open-api/src/main/java/com/fastbee/data/controller/ToolController.java of the component Tool Download Endpoint. The manipulation of the argument...

5.3CVSS5.4AI score0.00365EPSS

RedhatCVE•added 2026/05/05 8:21 p.m.•2 views

CVE-2026-7713

A vulnerability was detected in crocodilestick Calibre-Web-Automated up to 4.0.6. Affected by this vulnerability is the function generateauthtoken of the file cps/koboauth.py of the component Kobo auth-token Route. The manipulation results in improper authorization. The attack may be performed fr...

6.5CVSS6.2AI score0.00272EPSS

RedhatCVE•added 2026/05/05 8:21 p.m.•3 views

CVE-2026-7719

A security flaw has been discovered in Totolink WA300 5.2cu.7112B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument httphost results in buffer overflow. The attack may be launched...

10CVSS7.8AI score0.00619EPSS

RedhatCVE•added 2026/05/05 8:21 p.m.•6 views

CVE-2026-7695

A vulnerability has been found in Acrel Electrical EEMS Enterprise Power Operation and Maintenance Cloud Platform 1.3.0. This affects an unknown function of the file /SubstationWEBV2/main/elecMaxMinAvgValue. The manipulation of the argument fCircuitids leads to sql injection. The attack may be...

7.5CVSS6.8AI score0.00343EPSS

RedhatCVE•added 2026/05/05 8:21 p.m.•3 views

CVE-2026-7732

A vulnerability was detected in code-projects BloodBank Managing System 1.0. The impacted element is an unknown function of the file requestblood.php. The manipulation results in unrestricted upload. The attack can be executed remotely. The exploit is now public and may be used...

6.5CVSS6.4AI score0.00206EPSS

RedhatCVE•added 2026/05/05 8:21 p.m.•2 views

CVE-2026-7682

A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The manipulation of the argument L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit ha...

6.5CVSS6.3AI score0.01158EPSS

RedhatCVE•added 2026/05/05 8:21 p.m.•3 views

CVE-2026-7670

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/UserSel.aspx. This manipulation of the argument DeptIDList causes sql injection. The attack is possible to be carried out remotely. The exploit has been published and may b...

7.5CVSS6.8AI score0.00259EPSS

NVD•added 2026/05/05 8:16 p.m.•3 views

CVE-2026-7857

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /usergroup.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...

8.6CVSS0.04164EPSS

NVD•added 2026/05/05 8:16 p.m.•4 views

CVE-2026-7856

A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /urlmember.asp of the component Web Management Interface. Executing a manipulation of the argument Name can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and...

8.6CVSS0.04589EPSS

CVE•added 2026/05/05 7:15 p.m.•21 views

CVE-2026-7857

CVE-2026-7857 concerns D-Link DI-8100 (firmware 16.07.26A1) where the CGI Handler’s function sprintf in the /user_group.asp file is vulnerable to a buffer overflow. The affected component is the CGI/Scripting interface; the underlying root cause is unsafe handling in sprintf, enabling overflow th...

8.6CVSS7.3AI score0.04164EPSS

Vulnrichment•added 2026/05/05 7:15 p.m.•5 views

CVE-2026-7857 D-Link DI-8100 CGI user_group.asp sprintf buffer overflow

8.6CVSS7.3AI score0.04164EPSS

Cvelist•added 2026/05/05 7:15 p.m.•41 views

CVE-2026-7857 D-Link DI-8100 CGI user_group.asp sprintf buffer overflow

8.6CVSS0.04164EPSS

ATTACKERKB•added 2026/05/05 7:0 p.m.•2 views

CVE-2026-7856

8.6CVSS7.5AI score0.04589EPSS

Cvelist•added 2026/05/05 7:0 p.m.•27 views

CVE-2026-7856 D-Link DI-8100 Web Management url_member.asp buffer overflow

8.6CVSS0.04589EPSS

EUVD•added 2026/05/05 6:33 p.m.•4 views

EUVD-2026-27416

A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used...

8.6CVSS7.7AI score0.0408EPSS

Exploits1References6

Cvelist•added 2026/05/05 6:30 p.m.•24 views

CVE-2026-7855 D-Link DI-8100 HTTP Request tggl.asp tggl_asp buffer overflow

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tgglasp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is no...

9CVSS0.01057EPSS

ATTACKERKB•added 2026/05/05 6:30 p.m.•2 views

CVE-2026-7855

9CVSS7.8AI score0.01057EPSS

Vulnrichment•added 2026/05/05 6:30 p.m.•7 views

CVE-2026-7855 D-Link DI-8100 HTTP Request tggl.asp tggl_asp buffer overflow

9CVSS7.8AI score0.01057EPSS

CVE•added 2026/05/05 6:30 p.m.•7 views

CVE-2026-7855

CVE-2026-7855 affects D-Link DI-8100 firmware 16.07.26A1. The vulnerability is in the HTTP Request Handler, specifically the function tggl_asp in the file tggl.asp ; manipulating the Name argument triggers a buffer overflow. The issue is exploitable remotely and the exploit is public. CVSS-based ...

9CVSS7.8AI score0.01057EPSS