PT-2026-7081

Name of the Vulnerable Software and Affected Versions lighttpd affected versions not specified Description An unauthenticated remote attacker can send a crafted HTTP request containing an overly long SESSIONID cookie. This can trigger a stack buffer overflow in the lighttpd server, potentially...

ALSA-2026:2216 Important: libsoup security update

The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leading to Stack-Based Buffer Overflow in libsoup NTLM Authentication CVE-2026-0719 libsoup: Stack-Based Buffer Overflow in libsoup Multipart Response...

Linux Distros Unpatched Vulnerability : CVE-2026-2069

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llamagrammaradvancestack of the file llama.cpp/src/llama-grammar.cpp of the...

WAGO Industrial-Managed-Switch 0852-1322和WAGO Industrial-Managed-Switch 0852-1328 安全漏洞

WAGO Industrial-Managed-Switch 0852-1322 and WAGO Industrial-Managed-Switch 0852-1328 are industrial-grade managed Ethernet switches from the German company WAGO. Both devices have security vulnerabilities. These vulnerabilities stem from improper handling of cookie field lengths when parsing...

RHEL 9 : libsoup (RHSA-2026:2216)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:2216 advisory. The libsoup packages provide an HTTP client and server library for GNOME. Security Fixes: libsoup: Signed to Unsigned Conversion Error Leadi...

CVE-2026-2191

A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...

CVE-2026-2192

The CVE-2026-2192 affects the Tenda AC9 router (multi-variant) with a flaw in the formGetRebootTimer function. In this issue, manipulating sys.schedulereboot.start_time and sys.schedulereboot.end_time leads to a stack-based buffer overflow. Impact is described as remote exploitation possible, wit...

CVE-2026-2192 Tenda AC9 formGetRebootTimer stack-based overflow

A security vulnerability has been detected in Tenda AC9 15.03.06.42multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.starttime/sys.schedulereboot.endtime leads to stack-based buffer overflow. The attack may be launched...

CVE-2026-2192

A security vulnerability has been detected in Tenda AC9 15.03.06.42multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.starttime/sys.schedulereboot.endtime leads to stack-based buffer overflow. The attack may be launched...

CVE-2026-2192 Tenda AC9 formGetRebootTimer stack-based overflow

A security vulnerability has been detected in Tenda AC9 15.03.06.42multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.starttime/sys.schedulereboot.endtime leads to stack-based buffer overflow. The attack may be launched...

CVE-2026-2191 Tenda AC9 formGetDdosDefenceList stack-based overflow

A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...

CVE-2026-2191

CVE-2026-2191 affects Tenda AC9 15.03.06.42_multi. The flaw is in the function formGetDdosDefenceList where manipulating the argument security.ddos.map leads to a stack-based buffer overflow. The issue is exploitable remotely and an exploit has been publicly released. Additional sources corrobora...

CVE-2026-2191 Tenda AC9 formGetDdosDefenceList stack-based overflow

A weakness has been identified in Tenda AC9 15.03.06.42multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could ...

CVE-2026-2185

A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function setdevicename of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be...

CVE-2026-2187

Tenda RX3 16.03.13.11 is affected by a stack-based buffer overflow in the set_qosMib_list function of /goform/formSetQosBand. Manipulating the argument list can trigger the overflow, and the vulnerability can be exploited remotely. Public exploit exists. The PT-2026-6984 entry notes there is no i...

CVE-2026-2187 Tenda RX3 formSetQosBand set_qosMib_list stack-based overflow

A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function setqosMiblist of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been ma...

EUVD-2026-5763

A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function setqosMiblist of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been ma...

CVE-2026-2187

A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function setqosMiblist of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been ma...

CVE-2026-2186

CVE-2026-2186 affects Tenda RX3 (firmware 16.03.13.11). The vulnerability is in the fromSetIpMacBind function of /goform/SetIpMacBind, where argument-list manipulation leads to a stack-based buffer overflow. Exploitation can be performed remotely, and public exploit details exist. According to th...

CVE-2026-2186 Tenda RX3 SetIpMacBind fromSetIpMacBind stack-based overflow

A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public a...