Lucene search
+L
AttackerkbRecent

76001 matches found

ATTACKERKB
ATTACKERKB
added 2026/06/03 10:39 a.m.7 views

CVE-2026-35077

The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:38 a.m.7 views

CVE-2026-35076

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

8.1CVSS6AI score0.0037EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:38 a.m.10 views

CVE-2026-35075

An unauthenticated remote attacker can recover a default, hard coded password from a firmware image and thus gain full access to all affected devices...

9.8CVSS5.9AI score0.00466EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 10:16 a.m.7 views

CVE-2026-41032

It is possible for an unauthenticated adjacent attacker to download log files of the controller, which may disclose some restricted information...

7.5CVSS5.8AI score0.0026EPSS
Exploits0References3Affected Software4
ATTACKERKB
ATTACKERKB
added 2026/06/03 9:48 a.m.7 views

CVE-2025-14774

Incorrect Authorization vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

7.4CVSS5.8AI score0.0018EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 9:40 a.m.8 views

CVE-2025-14773

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8CVSS5.8AI score0.00181EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 9:39 a.m.7 views

CVE-2026-47065

ZDRES-232: resolveProxyClass Not Overridden - acceptMatchers Filter Bypass via java.lang.reflect.Proxy Assessment: Fully addressed. When the serialised stream contains a TCPROXYCLASSDESC the marker for a java.lang.reflect.Proxy , JDK’s ObjectInputStream.readProxyDesc is dispatched. JDK then calls...

9.8CVSS5.8AI score0.00468EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 9:25 a.m.7 views

CVE-2025-14772

Authorization bypass through User-Controlled key vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

8.8CVSS5.8AI score0.00292EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 9:16 a.m.7 views

CVE-2025-14771

Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue affects T-MAC Plus: 4.0-24...

9.9CVSS5.8AI score0.00347EPSS
Exploits0References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 9:4 a.m.10 views

CVE-2025-15656

Incorrect Privilege Assignment vulnerability in Mojoomla School Management allows Privilege Escalation. This issue affects School Management: from n/a through 93.2.0...

8.8CVSS5.8AI score0.00232EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 9:0 a.m.8 views

CVE-2025-15655

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Mojoomla School Management allows SQL Injection. This issue affects School Management: from n/a through 93.2.0...

7.6CVSS5.8AI score0.00231EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 8:55 a.m.8 views

CVE-2025-15654

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Fox-themes Prague allows Reflected XSS. This issue affects Prague: from n/a through 2.2.8...

7.1CVSS5.8AI score0.00146EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 7:18 a.m.8 views

CVE-2026-4035

A vulnerability in mlflow/mlflow versions prior to 3.11.0 allows for the resolution of environment variables in AI Gateway secrets, which can be exploited to exfiltrate sensitive server-side environment credentials to an attacker-controlled endpoint. This issue arises because the apikey field in...

9.1CVSS7.6AI score0.00435EPSS
Exploits1References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 5:56 a.m.6 views

CVE-2026-5078

Impact: The morgan logging middleware's :remote-user token extracts the Basic auth username from the Authorization request header and writes it to the log stream without neutralizing control characters. An unauthenticated attacker can send a crafted Authorization Basic header containing CR or LF...

5.3CVSS5.8AI score0.00246EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:56 a.m.14 views

CVE-2026-50052

In Vinyl Cache before 9.0.1 and Varnish Cache before 9.0.3, a deficiency in HTTP/2 request parsing can be exploited to launch a backend request desync attack request smuggling, which in turn can be used for cache poisoning, authentication bypass, or possibly even information disclosure and...

2.3CVSS5.8AI score0.00349EPSS
Exploits0References2Affected Software3
ATTACKERKB
ATTACKERKB
added 2026/06/03 3:7 a.m.11 views

CVE-2026-50031

ipmi-oem in FreeIPMI before 1.6.18 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface IPMI specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system managemen...

7.5CVSS6AI score0.00405EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 1:15 a.m.7 views

CVE-2026-10705

A flaw has been found in dask up to 3.0. Affected by this issue is the function nuniqueapprox of the file dask/dataframe/hyperloglog.py of the component HLL Handler. This manipulation causes resource consumption. The attack is possible to be carried out remotely. A high degree of complexity is...

3.1CVSS5.1AI score0.00287EPSS
Exploits0References8
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:45 a.m.9 views

CVE-2026-10704

A vulnerability was detected in SourceCodester Pizzafy E-Commerce System 1.0. Affected by this vulnerability is the function Login of the file /admin/adminclassnovo.php of the component Administrative Control Panel. The manipulation of the argument Username results in sql injection. The attack ca...

7.5CVSS6.9AI score0.00281EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:30 a.m.8 views

CVE-2026-10703

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible...

6.5CVSS6.1AI score0.00243EPSS
Exploits0References7Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:15 a.m.8 views

CVE-2026-9516

Cpanel::JSON::XS versions before 4.41 for Perl allow denial of service via UTF-8 BOM prefixed input when a decode filter callback throws. To skip a leading 3-byte UTF-8 BOM, decodejson advances the input scalar's string pointer past the mark with SvPVset and restores it only on the normal return...

5.9AI score0.00361EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:15 a.m.8 views

CVE-2026-9334

Cpanel::JSON::XS versions before 4.41 for Perl allow type confusion via duplicate object keys when dupkeysasarrayref is enabled. decodehv collapses duplicate object keys into an array reference under dupkeysasarrayref. The branch reached for a duplicate key tests SvTYPE oldvalue != SVtRV && SvTYP...

5.8AI score0.00253EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:15 a.m.8 views

CVE-2026-10694

A vulnerability was detected in SourceCodester Online Food Ordering System 2.0. Affected by this issue is the function include of the file /index.php. The manipulation of the argument page results in file inclusion. The attack can be launched remotely. The exploit is now public and may be used...

7.5CVSS6.9AI score0.00302EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-10693

A security vulnerability has been detected in SourceCodester Online Boat Reservation System 1.0. Affected by this vulnerability is an unknown functionality of the component Administrative Endpoint. The manipulation leads to improper authorization. The attack can be initiated remotely. The exploit...

6.5CVSS5.5AI score0.00214EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.6 views

CVE-2026-36574

A DLL hijacking vulnerability in Wassimulator GitHub CactusViewer v2.3.0 allows attackers to escalate privileges and execute arbitrary code via a crafted DLL...

6.2AI score0.00137EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.9 views

CVE-2026-36605

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 is vulnerable to a HTTP denial of service via a low number of crafted incomplete HTTP requests, causing a persistent crash that requires physical power cycling to recover...

6.5CVSS5.8AI score0.00177EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.9 views

CVE-2026-36460

Dovestones Softwares ADPhonebook before v4.0.1.1 is vulnerable to a Cross Site Scripting vulnerability. The /Admin/Save API allows an authenticated admin user to store malicious JavaScript payloads in multiple configuration sections without proper input validation or output encoding...

5.8AI score0.0018EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36616

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 contains hardcoded WiFi driver credentials including a RADIUS shared secret, WPS test key, and default PSK embedded in the production firmware binary...

5.8AI score0.00137EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36610

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 transmits DDNS credentials over plaintext HTTP with only Base64 encoding. The firmware contains no TLS implementation, allowing man-in-the-middle interception of DDNS service credentials...

5.9CVSS5.8AI score0.00147EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.10 views

CVE-2026-36602

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...

5.8AI score0.00166EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-37700

Cross Site Scripting vulnerability in MaxSite CMS v.109.2 allows a remote attacker to obtain sensitive information via the Backend page file upload endpoint used by adminpage...

4.1CVSS5.8AI score0.00186EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.6 views

CVE-2026-36615

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 exposes an undocumented /agileconfigreset endpoint that returns internal buffer contents to unauthenticated attackers on the adjacent network...

4.3CVSS5.9AI score0.00166EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36612

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 enables WPS 2.0 by default with a weak lockout policy 60-second lockout after 10 attempts...

5.8AI score0.00139EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.8 views

CVE-2026-36604

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 does not validate the HTTP Host header, enabling DNS rebinding attacks. An external attacker can rebind a domain to the router's internal IP address, extending the CORS wildcard vulnerability Access-Control-Allow-Origin: to...

6.5CVSS5.8AI score0.00254EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.5 views

CVE-2026-26824

libxls through version 1.6.3 contains a use of uninitialized memory vulnerability in the OLE container parser. Memory allocated for the Master Sector Allocation Table MSAT in readMSAT is not fully initialized before being consumed by ole2validatesectorchain, which may result in application crashe...

5.8AI score0.00228EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-26825

A use-of-uninitialized memory vulnerability exists in libxls 1.6.3 when parsing malformed XLS files. The issue is reachable via xlsparseWorkBook and is triggered by uninitialized heap memory originating from the OLE layer ole2read. The flaw is detectable with MemorySanitizer MSAN and can lead to...

5.8AI score0.00214EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.8 views

CVE-2026-46447

OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driverinfo or node.instanceinfo...

5.8CVSS5.8AI score0.00262EPSS
Exploits0References3Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.10 views

CVE-2026-37462

An integer underflow in the BGPUpdate.DecodeFromBytes function /bgp/bgp.go of gobgp v4.3.0 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

7.3CVSS5.8AI score0.00279EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-37460

Missing input validation in the rfapiRibBi2Ri function rfapirib.c of FRRouting FRR stable/10.0 to stable/10.6 allows attackers to cause a Denial of Service DoS via supplying a crafted BGP UPDATE message...

5.8AI score0.00335EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.6 views

CVE-2025-60477

A NULL pointer dereference in the gffilterpidresolvefiletemplateex function /filtercore/filterpid.c of GPAC Project/MP4Box before 26.02.0 allows attackers to cause a Denial of Service DoS via supplying a crafted file...

5.8AI score0.00107EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.6 views

CVE-2026-36748

RockRMS v16.13 and before v.17.7.0 is vulnerable to Cross Site Scripting XSS via Social Media links in user profile...

9CVSS5.8AI score0.00297EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.10 views

CVE-2026-26379

Koha versions up to 25.11 contain a Server-Side Request Forgery SSRF vulnerability via the Z39.50/SRU server configuration. This allows authenticated attackers to perform internal network scanning and identify running services by analyzing server response times...

6.5CVSS5.8AI score0.00243EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.6 views

CVE-2026-36613

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized internal buffer contents when receiving HTTP POST requests to undefined paths, exposing server state to unauthenticated adjacent network attackers...

4.3CVSS5.9AI score0.00159EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.5 views

CVE-2026-39107

A Cross Site Scripting vulnerability exists in the Kimi AI v1.0 web interface's 'Preview' feature. The application fails to properly sanitize or encode HTML/JavaScript payloads generated by the AI model. When a user switches to the 'Preview' tab to view AI-generated code, the malicious payload is...

6.3CVSS6AI score0.0027EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.6 views

CVE-2026-36607

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows unauthenticated brute-force attacks via the TDDP password change endpoint code=10, which lacks the rate limiting applied to the login endpoint code=7. An attacker on the adjacent network can attempt unlimited passwords without...

8.8CVSS5.8AI score0.00181EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36609

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 uses a static authentication nonce that does not change between requests from the same source IP. Combined with the predictable XOR-based password encoding securityEncode function, this allows an attacker to reverse captured authentication...

7.3CVSS5.8AI score0.00166EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36611

Mercusys AC12G EU V1 with firmware AC12GEUV1200909 returns 128 bytes of uninitialized buffer when receiving POST requests without SOAPAction header on UPnP port 1900, exposing internal memory to unauthenticated adjacent network attackers...

7.3CVSS5.9AI score0.00231EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.9 views

CVE-2025-70100

A divide-by-zero vulnerability in the ext4blocksetlbsize function in src/ext4blockdev.c of the lwext4 1.0.0 library allows attackers to cause a denial of service by providing a malformed ext4 filesystem image that results in a zero logical block size. The vulnerability is triggered during mount o...

5.8AI score0.00155EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36608

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 allows UPnP AddPortMapping to forward external ports to the router's own admin interface by accepting its own IP 192.168.1.1 or localhost 127.0.0.1 as InternalClient. An unauthenticated LAN attacker can expose the admin panel to the intern...

8.8CVSS5.8AI score0.00181EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.10 views

CVE-2026-36603

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 exposes 15 of 18 UPnP IGD actions without authentication on port 1900, including AddPortMapping and GetExternalIPAddress. UPnP is enabled by default through the admin interface, allowing any unauthenticated LAN device to create arbitrary...

5.9AI score0.00211EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/03 12:0 a.m.7 views

CVE-2026-36606

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 encrypts configuration backups with a hardcoded DES key using single DES in ECB mode. An attacker who obtains a backup file can decrypt it to recover all stored credentials including admin password, WiFi PSK, and DDNS credentials...

7.1CVSS5.8AI score0.00104EPSS
Exploits0References2
Total number of security vulnerabilities76001