Lucene search
K

1888 matches found

cvelist
cvelist
added 2026/05/24 11:15 p.m.35 views

CVE-2026-9405 Totolink A8000RU Web Management cstecgi.cgi setGameSpeedCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643b20200521. This impacts the function setGameSpeedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument enable results in os command injection. Remote exploitation o...

10CVSS0.01732EPSS
Exploits0References5
packetstormnews
packetstormnews
added 2026/05/21 12:0 a.m.13 views

Botnet Detection on CTU-13 Using Lightweight Machine Learning Models

Botnets are among the most persistent cyber threats, enabling large-scale attacks such as spam, credential theft, and distributed denial-of-service DDoS. While deep learning approaches have recently been applied to botnet detection, they are computationally intensive and often lack...

5.8AI score
Exploits0
packetstormnews
packetstormnews
added 2026/05/21 12:0 a.m.23 views

Beyond Zero: Enterprise Security for the AI Era

The rise of autonomous AI agents and the accelerating velocity of corporate data access are stretching the application-centric model of zero trust security to its breaking point. This paper introduces Beyond Zero, a new security paradigm designed for the AI era. The Beyond Zero architecture...

5.8AI score
Exploits0
astralinux
astralinux
added 2026/05/20 5:53 a.m.7 views

Astra Linux – Vulnerability in Linux, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: hwmon: mlxreg-fan Returns a non-zero value when the fan’s current state is enforced from sysfs. The minimum fan speed can be enforced from sysfs. For example, setting the current fan speed to 20 is used to ensure that the fan spe...

7.1CVSS6.2AI score0.00244EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.2 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: spi: hisi-kunpeng: Added verification for the maxfrequency value provided by the firmware. If the value of maxspeedhz is 0, it may cause a division by zero error in hisicalceffectivespeed. The value of maxspeedhz is provided by t...

5.5CVSS5.4AI score0.00206EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: PCI: Fixed the link speed calculation in case of retrain failures. When pciefailedlinkretrain fails to retrain, it attempts to revert to the previous link speed. However, it calculates this speed from the Link Control 2 regist...

5.5CVSS6AI score0.00119EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: net-sysfs: added a check to ensure netdevice is present before using speedshow. When disabling the netdevice or during system shutdown, a panic may occur when accessing the sysfs path, because the device has already been removed...

5.5CVSS6.4AI score0.00211EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: core: Check for unset descriptor Ensure that the descriptor has been set before checking maxpacket. This fixes a null pointer panic in this case. This issue may occur if the gadget does not properly set up the endpoi...

5.5CVSS6.3AI score0.00232EPSS
Exploits0References2
astralinux
astralinux
added 2026/05/20 5:53 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10, Linux

In the Linux kernel, the following vulnerability has been resolved: Net: Ethernet: stmmac: fixed the altrtsepcs function when using a fixed-link. When using a fixed-link, the altrtsepcs driver crashes due to a null-pointer dereference, as no phydevice is provided to the tsepcsfixmacspeed function...

5.5CVSS6.3AI score0.00245EPSS
Exploits0References2
packetstormnews
packetstormnews
added 2026/05/20 12:0 a.m.19 views

Profiling User Vulnerability to Phishing through Psychological and Behavioral Factors

Phishing remains one of the most pervasive cybersecurity threats, shifting the focus from technological vulnerabilities to human cognitive and psychological factors. In coherence with the trend of studies on phishing to increasingly focus on human aspects and vulnerable users profiling, this stud...

5.8AI score
Exploits0
nvd
nvd
added 2026/05/18 7:16 a.m.29 views

CVE-2026-3220

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

8.8CVSS0.0032EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/05/18 6:0 a.m.11 views

CVE-2026-3220

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

8.8CVSS5.9AI score0.0032EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/05/18 6:0 a.m.10 views

CVE-2026-3220 Multiple Plugins - Unauthenticated Stored XSS via Minify Library

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

5.9AI score0.0032EPSS
Exploits0References1
euvd
euvd
added 2026/05/18 6:0 a.m.12 views

EUVD-2026-30736

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

8.8CVSS5.9AI score0.0032EPSS
Exploits0References1
cve
cve
added 2026/05/18 6:0 a.m.41 views

CVE-2026-3220

CVE-2026-3220 affects three WordPress plugins: Autoptimize (before 3.1.15), Clearfy Cache (before 2.4.2), and Speed Optimizer (before 7.7.9). The issue is unauthenticated Stored XSS caused by a predictable replacement hash used during HTML minification and an abused regular expression, allowing a...

8.8CVSS5.9AI score0.0032EPSS
Exploits0References1
cnnvd
cnnvd
added 2026/05/18 12:0 a.m.14 views

WordPress多款产品 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

8.8CVSS5.7AI score0.0032EPSS
Exploits0References1
ptsecurity
ptsecurity
added 2026/05/18 12:0 a.m.17 views

PT-2026-41636

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting XSS due to a predictable replacement hash used during the HTML minification process and abusing ...

5.9AI score0.0032EPSS
Exploits0References2
trendmicroblog
trendmicroblog
added 2026/05/18 12:0 a.m.11 views

Agentic Governance: Why It Matters Now

AI agents now act inside the trust boundary with real credentials, and agentic governance is what keeps them from quietly breaking things at machine speed...

5.8AI score
Exploits0
euvd
euvd
added 2026/05/13 6:30 p.m.14 views

EUVD-2026-30044

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Command Injection. The Network Time Protocol NTP configuration interface does not properly sanitize user-supplied input. An authenticated user with permission to configure NTP settings can inject arbitrary system commands...

6AI score0.0209EPSS
Exploits1References3
nvd
nvd
added 2026/05/13 4:16 p.m.13 views

CVE-2026-36738

U-SPEED AC1200 Gigabit Wi-Fi Router Model: T18-21K V1.0 is vulnerable to Incorrect Access Control. The device exposes a UART interface that lacks authentication, authorization, or access control mechanisms. An attacker with physical access to the UART pins can connect to the interface and gain...

6.8CVSS0.00299EPSS
Exploits1References2
Rows per page
Query Builder