Lucene search
K

41209 matches found

EUVD
EUVD
added 2026/03/28 6:30 p.m.5 views

EUVD-2026-16937

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS7.7AI score0.00687EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/28 6:30 p.m.7 views

EUVD-2026-16932

A flaw has been found in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. The affected element is the function doPOST of the file backend/server.py. This manipulation causes unrestricted upload. The attack is possible to be carried out remotely. The exploit has been publishe...

7.5CVSS5.5AI score0.00294EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/03/28 6:30 p.m.30 views

CVE-2026-5011 elecV2 elecV2P JSON webhook runJSFile code injection

A vulnerability was detected in elecV2 elecV2P up to 3.8.3. This vulnerability affects the function runJSFile of the file /webhook of the component JSON Parser. Performing a manipulation of the argument rawcode results in code injection. Remote exploitation of the attack is possible. The exploit ...

6.5CVSS0.00232EPSS
Exploits0References5
NVD
NVD
added 2026/03/28 6:15 p.m.2 views

CVE-2026-5004

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS0.00687EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/28 5:30 p.m.1 views

CVE-2026-5004 Wavlink WL-WN579X3-C UPNP firewall.cgi sub_4019FC stack-based overflow

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS6.4AI score0.00687EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/03/28 5:30 p.m.22 views

CVE-2026-5004 Wavlink WL-WN579X3-C UPNP firewall.cgi sub_4019FC stack-based overflow

A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub4019FC of the file /cgi-bin/firewall.cgi of the component UPNP Handler. Executing a manipulation of the argument UpnpEnabled can lead to stack-based buffer overflow. It is possible to launch the attack...

9CVSS0.00687EPSS
Exploits1References4
CVE
CVE
added 2026/03/28 5:30 p.m.11 views

CVE-2026-5004

CVE-2026-5004 affects Wavlink WL-WN579X3-C (firmware 231124). The issue is a stack-based overflow in the UPNP Handler’s function sub_4019FC (/cgi-bin/firewall.cgi) triggered by manipulating the UpnpEnabled argument. Exploitation can be remote, and public PoC details exist. Vendor has not provided...

9CVSS7.7AI score0.00687EPSS
Exploits1References4Affected Software1
RedhatCVE
RedhatCVE
added 2026/03/28 4:59 p.m.4 views

CVE-2026-4953

A weakness has been identified in mingSoft MCMS up to 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:59 p.m.4 views

CVE-2026-4960

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS8AI score0.00773EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:59 p.m.5 views

CVE-2026-4955

A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the file /OperateStatistic.do. The manipulation of the argument VehicleID results in sql injection. The attack can be launched remotely. The exploit has been made public and could ...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:59 p.m.3 views

CVE-2026-4956

A vulnerability was detected in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. The affected element is an unknown function of the file /DevicePrint.do?Action=ReadTask of the component Parameter Handler. The manipulation of the argument State results in sql injection. The attack can be launch...

7.5CVSS6.9AI score0.00318EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:59 p.m.4 views

CVE-2026-4958

A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the function ReplayServer.onconnect/ReplayServer.senddata of the file XAgentServer/application/websockets/replayer.py of the component WebSocket Endpoint. Such manipulation of the argument interactionid leads to authorization...

3.1CVSS5.4AI score0.00383EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/28 4:59 p.m.4 views

CVE-2026-4954

A security vulnerability has been detected in mingSoft MCMS up to 5.5.0. Impacted is the function list of the file net/mingsoft/cms/action/web/ContentAction.java of the component Web Content List Endpoint. The manipulation leads to sql injection. The attack can be initiated remotely. The exploit...

6.5CVSS6.3AI score0.00192EPSS
Exploits0References1
CVE
CVE
added 2026/03/28 4:45 p.m.12 views

CVE-2026-5002

CVE-2026-5002 affects PromtEngineer localGPT (LLM Prompt Handler) with the vulnerable element in backend/server.py, function _route_using_overviews. The issue is described as an injection vulnerability that can be exploited remotely; the exploit has been disclosed publicly. The product uses a rol...

7.5CVSS6.5AI score0.00304EPSS
Exploits0References4
CVE
CVE
added 2026/03/28 4:0 p.m.11 views

CVE-2026-5001

A vulnerability (CVE-2026-5001) affects PromtEngineer localGPT. The flaw resides in the function do_POST of the file backend/server.py , enabling unrestricted remote file upload . Exploit has been published and may be used (exploit maturity: proof-of-concept). The product uses a rolling release; ...

7.5CVSS6.6AI score0.00294EPSS
Exploits0References4
NVD
NVD
added 2026/03/28 3:16 p.m.4 views

CVE-2026-5000

A vulnerability was detected in PromtEngineer localGPT up to 4d41c7d1713b16b216d8e062e51a5dd88b20b054. Impacted is the function LocalGPTHandler of the file backend/server.py of the component API Endpoint. The manipulation of the argument BaseHTTPRequestHandler results in missing authentication. T...

7.5CVSS0.00391EPSS
Exploits0References4
CVE
CVE
added 2026/03/28 3:0 p.m.7 views

CVE-2026-4999

The CVE-2026-4999 entry concerns z-9527 admin. A vulnerability is located in the uploadFile function in /server/utils/upload.js within the isImg Check component. Manipulating the fileType argument can trigger a path traversal, enabling remote exploitation. Publicly disclosed exploit details exist...

6.5CVSS6.1AI score0.00346EPSS
Exploits0References4
NVD
NVD
added 2026/03/28 1:16 p.m.8 views

CVE-2026-4997

A security flaw has been discovered in Sinaptik AI PandasAI up to 3.0.0. This affects the function issqlquerysafe of the file pandasai/helpers/sqlsanitizer.py. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has been released to the public an...

6.9CVSS0.0055EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/28 1:15 p.m.34 views

CVE-2026-4998 Sinaptik AI PandasAI Chat Message code_executor.py CodeExecutor.execute code injection

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS0.00532EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/28 1:15 p.m.2 views

CVE-2026-4998

A weakness has been identified in Sinaptik AI PandasAI up to 3.0.0. This vulnerability affects the function CodeExecutor.execute of the file pandasai/core/codeexecution/codeexecutor.py of the component Chat Message Handler. Executing a manipulation can lead to code injection. The attack may be...

7.5CVSS5.6AI score0.00532EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder