CVE-2026-7518

A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amfnamfcallbackhandlesdmdatachangenotify of the file /namf-callback/v1/id/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service. The...

CVE-2026-7518 Open5GS AMF SBI Endpoint sdmsubscription-notify amf_namf_callback_handle_sdm_data_change_notify denial of service

A flaw has been found in Open5GS up to 2.7.7. This issue affects the function amfnamfcallbackhandlesdmdatachangenotify of the file /namf-callback/v1/id/sdmsubscription-notify of the component AMF SBI Endpoint. This manipulation of the argument changeItem.newValue causes denial of service. The...

CVE-2026-7513

A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

PT-2026-36294

A vulnerability was detected in Totolink NR1800X 9.1.0u.6279 B20210910. This affects the function sub 41A68C of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument setUssd results in command injection. The attack is possible to be carried out remotely. The exploit is now publ...

PT-2026-36298

A vulnerability was found in code-projects Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/edit exercises.php. The manipulation of the argument edit exercise results in sql injection. It is possible to launch the attack remotely. The exploi...

PT-2026-36549

Name of the Vulnerable Software and Affected Versions mem0ai mem0 versions prior to 1.0.12 Description An unsafe deserialization issue exists in the pickle.load and pickle.dump functions within the mem0/vector stores/faiss.py file. This allows a remote attacker to perform a manipulation that...

PT-2026-36548

Name of the Vulnerable Software and Affected Versions nextlevelbuilder ui-ux-pro-max-skill versions prior to 2.5.1 Description A remote cross-site scripting issue exists in the Slide Generator component. The problem occurs within the data.get function of the...

EUVD-2025-209606

An issue in Eprosima Micro-XREC-DDS Agent v.3.0.1 allows a remote attacker to cause a denial of service via a packet specially crafted to bear a non-valid value in any Boolean field...

PT-2026-36293

Name of the Vulnerable Software and Affected Versions Totolink NR1800X version 9.1.0u.6279 B20210910 Description A stack-based buffer overflow exists in the lighttpd component. This issue occurs when the find host ip function improperly handles the Host argument, allowing a remote attacker to...

PT-2026-36322

A security vulnerability has been detected in alexta69 MeTube up to 2026.04.09. This affects the function on prepare of the file app/main.py of the component CORS Policy. The manipulation leads to permissive cross-domain policy with untrusted domains. The attack is possible to be carried out...

PT-2026-36483

A flaw has been found in Open5GS up to 2.7.7. This issue affects the function bsf sess find by ipv6prefix of the file /src/bsf/context.c of the component BSF. This manipulation of the argument ipv6Prefix causes denial of service. It is possible to initiate the attack remotely. The exploit has bee...

PT-2026-36502

Name of the Vulnerable Software and Affected Versions Open5GS versions prior to 2.7.8 Description A weakness in the AMF component allows remote exploitation leading to a denial of service. The issue resides in the ogs id get value function within the /src/amf/nudm-handler.c file. Recommendations ...

PT-2026-36546

Name of the Vulnerable Software and Affected Versions Flux159 mcp-game-asset-gen version 0.1.0 Description A path traversal issue exists in the MCP Interface component within the image to 3d async function of the src/index.ts file. This flaw allows remote attackers to perform path traversal by...

PT-2026-36533

A vulnerability was determined in ghantakiran splunk-mcp-integration up to 0b86b09d5e5adf0433acd43c975951224613a1a6. Impacted is the function create csv export of the file services/csv-export-service/app/api/v1/endpoints/csv export.py of the component CSV Export. This manipulation of the argument...

PT-2026-36297

Name of the Vulnerable Software and Affected Versions SourceCodester Pharmacy Sales and Inventory System version 1.0 Description An issue exists in the '/ajax.php?action=save customer' endpoint where manipulation of the ID argument allows for SQL injection, a technique used to interfere with the...

PT-2026-36517

Name of the Vulnerable Software and Affected Versions Open Vehicle Monitoring System 3 OVMS3 version 3.3.005 Description A buffer overflow occurs in canformat pcap.cpp because the parser's phdr.len field is not properly validated. This allows remote attackers to cause a denial of service or...

PT-2026-36302

A vulnerability was identified in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/login.php. Such manipulation of the argument Username leads to sql injection. The attack can be launched remotely. The exploit is publicly available and might be used...

Cisco Firepower Threat Defense (FTD) Software Snort Deep Inspection Bypass (cisco-sa-ftd-snort-bypass-rLggKzVF)

According to its self-reported version, Cisco Secure Firewall Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the Snort detection engine of Cisco Secure Firewall Threat Defense FTD Software could allow an unauthenticated, remote attacker to bypass the configured...

CVE-2026-7513

UTT HiPER 1200GW (up to version 2.5.3-170306) contains a vulnerability in the strcpy usage of /goform/formRemoteControl, causing a buffer overflow. The issue is exploitable remotely with Proof-of-Concept code. Affected component and root cause are explicitly stated, with network-based attack vect...

CVE-2026-7513 UTT HiPER 1200GW formRemoteControl strcpy buffer overflow

A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...