CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added yesterday•2 views

CVE-2026-35460

Papra is a minimalistic document management and archiving platform. Prior to 26.4.0, transactional email templates in Papra interpolate user.name directly into HTML without escaping or sanitization. An attacker who registers with a display name containing HTML tags will have those tags injected...

5.4CVSS5.5AI score0.00035EPSS

Exploits1References1

NVD•added last week•11 views

CVE-2026-10125

A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to stack-based buffer overflow. The attack can be...

CVE•added last week•10 views

CVE-2026-10125

CVE-2026-10125 affects Edimax BR-6478AC firmware 1.23. The issue is in the POST Request Handler’s file /goform/formPPPoESetup, specifically the formPPPoESetup function. Manipulating the pppUserName argument triggers a stack-based buffer overflow, with remote initiation possible. Public exploit ma...

9CVSS8AI score0.00046EPSS

ATTACKERKB•added last week•5 views

CVE-2026-10125

9CVSS8AI score0.00046EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/05/30 12:0 a.m.•6 views

Edimax BR-6478AC 安全漏洞

The Edimax BR-6478AC is a dual-band Gigabit router produced by Edimax Corporation. Version 1.23 of the Edimax BR-6478AC contains a security vulnerability. This vulnerability stems from a function called formPPPoESetup in the component POST Request Handler. The function’s handling of the parameter...

9CVSS7.4AI score0.00046EPSS

Exploits0References5

Github Security Blog•added 2026/05/29 7:39 p.m.•9 views

russh server userauth state is not reset when authentication principal changes

Summary The russh server authentication path keeps internal userauth state across SSHMSGUSERAUTHREQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user name and service name fields to change between authentication requests. The issue is not that...

5.8AI score

Exploits0References2Affected Software1

Positive Technologies•added 2026/05/29 12:0 a.m.•6 views

PT-2026-45018

Summary The russh server authentication path keeps internal userauth state across SSH MSG USERAUTH REQUEST messages without separating that state when the request principal changes. RFC 4252 allows the user name and service name fields to change between authentication requests. The issue is not...

5.3CVSS5.8AI score

Exploits0References3

NVD•added 2026/05/27 9:16 p.m.•8 views

CVE-2026-44712

pamusb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $id/tmp/rce in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID some controllers allow this can inject the payload a...

8.2CVSS0.00025EPSS

EUVD•added 2026/05/27 8:24 p.m.•6 views

EUVD-2026-32662

8.2CVSS5.8AI score0.00025EPSS

CNNVD•added 2026/05/27 12:0 a.m.•4 views

pam_usb 参数注入漏洞

pamusb is a Linux hardware authentication tool developed by McDope’s individual developer, based on USB devices. Versions of pamusb prior to 0.8.7 contained a parameter injection vulnerability. This vulnerability stems from the use of specially crafted UUIDs in configurations e.g., $id/tmp/rce,...

8.2CVSS6.2AI score0.00025EPSS

RedhatCVE•added 2026/05/26 2:12 p.m.•6 views

CVE-2026-9401

A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of the argument pppUserName leads to buffer overflow. The attack can be initiated remotely. The exploit...

Vulnrichment•added 2026/05/25 8:45 a.m.•6 views

CVE-2026-9443 Edimax BR-6478AC POST Request formL2TPSetup buffer overflow

A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The manipulation of the argument L2TPUserName leads to buffer overflow. The attack may be initiated...

NVD•added 2026/05/24 11:16 p.m.•8 views

CVE-2026-9401

Cvelist•added 2026/05/24 10:15 p.m.•11 views

CVE-2026-9401 Edimax BR-6675nD POST Request formWanTcpipSetup buffer overflow

EUVD•added 2026/05/24 9:0 p.m.•10 views

EUVD-2026-31600

A vulnerability was detected in Edimax BR-6675nD 1.12. This vulnerability affects the function formsetPPPoE of the file /goform/formsetPPPoE of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in buffer overflow. It is possible to initiate the atta...

Cvelist•added 2026/05/24 12:30 p.m.•10 views

CVE-2026-9381 Edimax BR-6675nD POST Request formPPPoESetup buffer overflow

A vulnerability was detected in Edimax BR-6675nD 1.12. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in buffer overflow. The attack may be...

CVE•added 2026/05/24 12:15 p.m.•14 views

CVE-2026-9380

The connected documents provide concrete details for CVE-2026-9380: in Edimax BR-6675nD firmware 1.12, the vulnerability lies in the formL2TPSetup function (file /goform/formL2TPSetup) of the POST Request Handler. Manipulating the L2TPUserName argument can trigger a buffer overflow, allowing a re...

CNNVD•added 2026/05/24 12:0 a.m.•6 views

Edimax BR-6675nD 安全漏洞

The Edimax BR-6675nD is a dual-band broadband wireless router produced by Edimax Corporation. A security vulnerability exists in the Edimax BR-6675nD version 1.12; this vulnerability stems from improper handling of the pptpUserName parameter in the POST Request Handler component...

9CVSS7.5AI score0.00046EPSS

Exploits0References5

Positive Technologies•added 2026/05/24 12:0 a.m.•10 views

PT-2026-42970

9CVSS6.2AI score0.00046EPSS