CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/03/17 6:41 p.m.•1 views

CVE-2026-25790

4.9CVSS6.3AI score0.0018EPSS

Exploits1References2Affected Software1

OSV•added 2026/03/17 6:41 p.m.•1 views

CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser

4.9CVSS6.3AI score0.0018EPSS

Exploits1References3

CVE•added 2026/03/17 6:41 p.m.•7 views

CVE-2026-25790

CVE-2026-25790 affects Wazuh prior to 4.14.3 (from 3.9.0 up to but excluding 4.14.3). The issue is a stack-based buffer overflow in the Security Configuration Assessment (SCA) decoder used by wazuh-analysisd, caused by unbounded use of sprintf with a floating-point value into a 128-byte stack buf...

7.2CVSS6.3AI score0.0018EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2026/03/17 6:41 p.m.•0 views

CVE-2026-25790 Wazuh has Stack-Based Buffer Overflow in Security Configuration Assessment JSON Parser

4.9CVSS6.3AI score0.0018EPSS

RedhatCVE•added 2026/03/03 1:48 a.m.•3 views

CVE-2025-70252

An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23multi. The index and mode are controllable. If the conditions are met to sprintf, they will be spliced into tmp. It is worth noting that there is no size check,which leads to a stack overflow vulnerability...

7.5CVSS6AI score0.00025EPSS

RedhatCVE•added 2026/03/03 1:48 a.m.•3 views

CVE-2026-24113

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of nptr. When this value is passed into the getMibPrefix function and concatenated using sprintf without proper size validation, it could lead to a buffer overflow vulnerabilit...

RedhatCVE•added 2026/03/03 1:48 a.m.•3 views

CVE-2026-24109

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by controlling the value of picName. When this value is used in sprintf without validating variable sizes, it could lead to a buffer overflow vulnerability...

OSV•added 2026/03/02 3:16 p.m.•2 views

CVE-2026-24113

9.8CVSS6.1AI score0.00082EPSS

NVD•added 2026/03/02 3:16 p.m.•2 views

CVE-2026-24109

9.8CVSS0.00082EPSS

OSV•added 2026/03/02 3:16 p.m.•1 views

CVE-2026-24109

9.8CVSS6.1AI score0.00082EPSS

NVD•added 2026/03/02 3:16 p.m.•2 views

CVE-2026-24108

9.8CVSS0.00082EPSS

NVD•added 2026/03/02 3:16 p.m.•3 views

CVE-2026-24113

9.8CVSS0.00082EPSS

ATTACKERKB•added 2026/03/02 12:0 a.m.•1 views

CVE-2026-24109

CVE•added 2026/03/02 12:0 a.m.•7 views

Exploits1References3

CVE-2026-24109

CVE-2026-24109 affects the Tenda W20E router firmware (V4.0br_V15.11.0.6). The issue is a buffer overflow caused by unsafely using the value of the variable picName in sprintf without validating its size, which may allow remote attackers to exploit via network access. Documented impacts are high ...

Exploits1References2Affected Software1

Positive Technologies•added 2026/03/02 12:0 a.m.•3 views

PT-2026-22596

Name of the Vulnerable Software and Affected Versions Tenda W20E version 4.0br V15.11.0.6 Description An issue exists in the Tenda W20E router firmware. Attackers can exploit this issue by controlling the picName variable. The picName value is used in the sprintf function without proper size...

10CVSS6.1AI score0.00082EPSS

Exploits1References11

Vulnrichment•added 2026/03/02 12:0 a.m.•1 views

CVE-2026-24108

6.2AI score0.00082EPSS

Cvelist•added 2026/03/02 12:0 a.m.•16 views

CVE-2025-70252

0.00025EPSS

EUVD•added 2026/03/02 12:0 a.m.•2 views

EUVD-2026-9185

6.2AI score0.00082EPSS