CVE-2026-7546 Totolink NR1800X lighttpd find_host_ip stack-based overflow

A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279B20210910. The impacted element is the function findhostip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely. The exploit has been...

CVE-2026-7546

Totolink NR1800X firmware 9.1.0u.6279_B20210910 contains a stack-based overflow in lighttpd’s find_host_ip when Host is manipulated. This remote vulnerability has a publicly disclosed exploit. No remediation details are provided in the supplied documents.

PT-2026-36505

Name of the Vulnerable Software and Affected Versions agl-service-can-low-level versions prior to 17.1.12 Description A stack buffer overflow exists in the uds-c library. The send diagnostic request function in uds.c allocates a 6-byte stack buffer but copies up to 7 bytes via memcpy at an offset...

CVE-2026-42485

CVE-2026-42485 affects AGL agl-service-can-low-level, specifically the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE) but copies up to 7 bytes (MAX_UDS_REQUEST_PAYLOAD_LENGTH) via memcpy at an offset of 1+pid_length, caus...

EUVD-2026-26698

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

CVE-2026-30363

Technical details are not publicly available in the provided documents. Monitor for updates.

EUVD-2026-26705

flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function...

Apache Neethi 资源管理错误漏洞

Apache Neethi is a policy processing framework library developed by the Apache Foundation. There is a resource management vulnerability in Apache Neethi; this vulnerability stems from an improper detection of circular references in policy definitions. This can cause the policy normalization proce...

CVE-2026-42485

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

CVE-2026-30363

flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function...

CVE-2026-42482

Hashcat CVE-2026-42482 affects v7.1.2, describing a stack-based buffer overflow in mangle_to_hex_lower() and mangle_to_hex_upper() in src/rp_cpu.c. The bound check does not account for 2x expansion when converting password bytes to hexadecimal, enabling a vulnerability that could allow denial of ...

CVE-2026-37530

CVE-2026-37530 affects AGL’s agl-service-can-low-level up to version 17.1.12. The uds-c library contains a stack buffer overflow in the send_diagnostic_request function: it allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but copies up to 7 bytes (MAX_UDS_REQUEST_PAYLOAD_LENGTH=7) ...

CVE-2026-42485

AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The senddiagnosticrequest function in uds.c allocates a 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 but copies up to 7 bytes MAXUDSREQUESTPAYLOADLENGTH=7 via memcpy at an offset of 1+pidlength 2-3 bytes,...

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

Flipper Zero Firmware 安全漏洞

Flipper Zero Firmware is an open source firmware update and development tool for multifunctional devices from Flipper Devices. A security vulnerability exists in the Flipper Zero Firmware commit ad2a80 version, which originates from a stack overflow in the Main function...

PT-2026-36413

Name of the Vulnerable Software and Affected Versions Linux kernel versions 2.6.31-rc1 and later affected versions not specified Description A stack out-of-bounds read exists in the ALSA caiaq component within the init card function. The issue occurs during the creation of a whitespace-stripped...

CVE-2026-30363

flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function...

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...

Unified Diagnostic Services Support Library in C 安全漏洞

Unified Diagnostic Services Support Library in C is an automotive electronic diagnostic protocol support library by a personal developer, Laughing with the Wind. Unified Diagnostic Services Support Library in C has a security vulnerability that originates from a stack buffer overflow in the...

CVE-2026-37536

miaofng/uds-c commit e506334e270d77b20c0bc259ac6c7d8c9b702b7a 2016-10-05 contains a stack buffer overflow in senddiagnosticrequest. A 6-byte stack buffer MAXDIAGNOSTICPAYLOADSIZE=6 receives memcpy at offset 1+pidlength with payloadlength bytes. MAXUDSREQUESTPAYLOADLENGTH=7, so 1+2+7=10 exceeds...