Lucene search
+L

3983 matches found

Positive Technologies
Positive Technologies
added 2026/05/14 12:0 a.m.14 views

PT-2026-40962

Name of the Vulnerable Software and Affected Versions Cisco Catalyst SD-WAN Manager affected versions not specified Description A flaw in the web UI of Cisco Catalyst SD-WAN Manager, previously known as SD-WAN vManage, allows an unauthenticated remote attacker to read arbitrary files from the...

8.6CVSS5.9AI score0.00696EPSS
Exploits0References12
EUVD
EUVD
added 2026/05/13 9:32 p.m.9 views

EUVD-2026-30095

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...

7.7CVSS5.8AI score0.00217EPSS
Exploits0References2
NVD
NVD
added 2026/05/13 8:16 p.m.26 views

CVE-2026-0243

A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...

7.1CVSS0.00173EPSS
Exploits0References1
NVD
NVD
added 2026/05/13 7:16 p.m.8 views

CVE-2026-0244

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...

8.1CVSS0.00217EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 7:10 p.m.34 views

CVE-2026-0243

The CVE-2026-0243 entry concerns Palo Alto Networks Prisma SD-WAN ION devices. A denial-of-service condition arises when an unauthenticated attacker on an adjacent network sends a specially crafted IPv6 packet, causing a system disruption. The description identifies this as a high-severity issue ...

7.1CVSS5.8AI score0.00173EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/13 7:10 p.m.10 views

CVE-2026-0243 Prisma SD-WAN: Denial of Service (DoS) Vulnerability Through IPv6 Crafted Packet

A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...

7.1CVSS5.8AI score0.00173EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/13 7:3 p.m.8 views

CVE-2026-0244 Prisma SD-WAN: Improper Certificate Validation Vulnerability

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...

7.7CVSS5.8AI score0.00217EPSS
Exploits0References1
CVE
CVE
added 2026/05/13 7:3 p.m.27 views

CVE-2026-0244

The CVE-2026-0244 issue affects Palo Alto Networks’ Prisma SD-WAN ION and is due to improper certificate validation. This vulnerability enables a man-in-the-middle attacker to impersonate the controller, with high potential impact to confidentiality, integrity, and availability. Root cause is cer...

8.1CVSS5.8AI score0.00217EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.18 views

PT-2026-40768

An improper certificate validation vulnerability in the Palo Alto Networks Prisma SD-WAN ION enables man-in-the-middle MitM attacker to impersonate the controller...

7.7CVSS5.8AI score0.00217EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/13 12:0 a.m.10 views

Palo Alto Networks Prisma SD-WAN ION 安全漏洞

Palo Alto Networks Prisma SD-WAN ION is a series of next-generation software-defined enterprise branch devices from the American company Palo Alto Networks. These devices integrate 4G or 5G cellular network access capabilities. There is a security vulnerability in Palo Alto Networks Prisma SD-WAN...

7.1CVSS5.8AI score0.00173EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/13 12:0 a.m.11 views

PT-2026-40779

A denial of service DoS vulnerability in Palo Alto Networks Prisma SD-WAN ION devices enables an unauthenticated attacker in a network adjacent to a Prisma SD-WAN ION device to cause a system disruption by sending a specially crafted IPv6 packet...

7.1CVSS5.8AI score0.00173EPSS
Exploits0References2
CVE
CVE
added 2026/05/12 4:58 p.m.33 views

CVE-2026-40408

CVE-2026-40408 is described as a use-after-free in Windows kernel-mode drivers that enables local privilege escalation for an authenticated attacker. The provided documents consistently state local elevation of privileges but do not specify the affected products, driver components, or vulnerable ...

7.8CVSS5.8AI score0.00298EPSS
Exploits0References1Affected Software14
RedhatCVE
RedhatCVE
added 2026/05/11 8:27 p.m.12 views

CVE-2026-8190

A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...

8.8CVSS6.4AI score0.05344EPSS
Exploits1References1
NVD
NVD
added 2026/05/11 5:16 p.m.36 views

CVE-2026-33357

In Meari client applications embedding "com.meari.sdk" including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label = 1.8.x, the integrated call path to openapi-euce.mearicloud.com can be abused to retrieve WAN IP data for arbitrary devices. The root cause is a server-side...

7.5CVSS0.00241EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/05/11 4:2 p.m.9 views

CVE-2026-33357

In Meari client applications embedding "com.meari.sdk" including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label = 1.8.x, the integrated call path to openapi-euce.mearicloud.com can be abused to retrieve WAN IP data for arbitrary devices. The root cause is a server-side...

7.5CVSS5.9AI score0.00241EPSS
Exploits0References3
CVE
CVE
added 2026/05/11 4:2 p.m.24 views

CVE-2026-33357

CVE-2026-33357 affects Meari client applications that embed com.meari.sdk, including CloudEdge 5.5.0 build 220, Arenti 1.8.1 build 220, and related white-label

7.5CVSS5.9AI score0.00241EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.14 views

Tenda AC6 命令注入漏洞

Tenda AC6 is a wireless router produced by the Chinese company Tenda. The version 15.03.06.23 of Tenda AC6 has a command injection vulnerability. This vulnerability stems from the function getlogfile in the httpd component’s file/goform, which processes the parameter wan.flag, potentially allowin...

7.2CVSS5.8AI score0.04412EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/05/11 12:0 a.m.10 views

Meari com.meari.sdk 安全漏洞

Meari com.meari.sdk is a development toolkit for IoT communication and device management software, developed by Meari Corporation in China. There is a security vulnerability in Meari com.meari.sdk, which stems from failed server-side authorization. This vulnerability could allow unauthorized...

7.5CVSS5.9AI score0.00241EPSS
Exploits0References1
NVD
NVD
added 2026/05/09 6:16 p.m.26 views

CVE-2026-8190

A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...

8.8CVSS0.05344EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/05/09 5:15 p.m.8 views

CVE-2026-8190 Wavlink NU516U1 adm.cgi wan os command injection

A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...

6.5CVSS6.4AI score0.05344EPSS
Exploits1References4
Rows per page
Query Builder