Skip to main content
CVE-2025-70327 CRITICAL POC Act Now

Argument injection in TOTOLINK X5000R router v9.1.0cu via setDiagnosisCfg handler allows unauthenticated remote code execution. EPSS 2.0% with PoC available.

Denial Of Service X5000r Firmware TOTOLINK
NVD GitHub
CVSS 3.1
9.8
EPSS
2.0%
CVE-2025-70328 HIGH POC This Week

X6000R Firmware versions up to 9.4.0cu.1498_b20250826 is affected by os command injection (CVSS 8.8).

Command Injection X6000r Firmware TOTOLINK
NVD GitHub
CVSS 3.1
8.8
EPSS
2.9%
CVE-2026-23552 CRITICAL POC PATCH Act Now

Cross-realm token acceptance bypass in Apache Camel Keycloak security policy. The KeycloakSecurityPolicy fails to properly validate token issuers, accepting tokens from different Keycloak realms. PoC available.

Apache Camel
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-25747 HIGH POC PATCH This Week

Deserialization of Untrusted Data vulnerability in Apache Camel LevelDB component. The Camel-LevelDB DefaultLevelDBSerializer class deserializes data read from the LevelDB aggregation repository using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. [CVSS 8.8 HIGH]

Apache Java Deserialization Camel RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3016 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated attackers to achieve full system compromise through a buffer overflow in the P2P limit configuration function. The vulnerability exists due to unsafe use of strcpy() in the /goform/formP2PLimitConfig endpoint and is exploitable over the network with public exploit code currently available. No patch has been released, making this a critical risk for deployed devices.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3015 HIGH POC This Week

Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated remote attackers to achieve code execution by supplying an oversized GroupName parameter to the /goform/formPolicyRouteConf endpoint. Public exploit code exists for this vulnerability and no patch is currently available.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2981 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 allows authenticated remote attackers to execute arbitrary code by exploiting a buffer overflow in the /goform/formTaskEdit_ap endpoint. An attacker can trigger the vulnerability by crafting a malicious txtMin2 parameter that overflows the strcpy function, and public exploit code exists for this flaw. No patch is currently available for affected devices.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2962 HIGH POC This Week

Stack-based buffer overflow in D-Link DWR-M960 1.01.07 firmware's scheduled reboot configuration endpoint allows authenticated remote attackers to achieve full system compromise through the submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw requires valid credentials but has a high attack surface due to network accessibility and the severity of potential impacts including code execution and data exfiltration.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2961 HIGH POC This Week

Remote code execution in D-Link DWR-M960 firmware through a stack buffer overflow in the VPN configuration endpoint allows authenticated attackers to execute arbitrary code by manipulating the submit-url parameter. The vulnerability affects firmware version 1.01.07 and public exploit code exists, though no patch is currently available.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2960 HIGH POC This Week

Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to execute arbitrary code by manipulating the submit-url parameter in the /boafrm/formDhcpv6s function. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2959 HIGH POC This Week

Stack-based buffer overflow in D-Link DWR-M960 firmware (version 1.01.07) allows authenticated attackers to achieve remote code execution via a malicious URL parameter in the /boafrm/formNewSchedule function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction, posing a significant risk to affected devices.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2958 HIGH POC This Week

Remote code execution in D-Link DWR-M960 firmware 1.01.07 via stack-based buffer overflow in the /boafrm/formWsc endpoint allows authenticated attackers to achieve full system compromise through manipulation of the save_apply parameter. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25648 HIGH POC This Week

Traccar versions 6.11.1 and later allow authenticated users to inject malicious JavaScript into other users' browsers by uploading unsanitized SVG files as device images, exploiting improper Content-Type handling. Public exploit code exists for this reflected cross-site scripting vulnerability, which could enable session hijacking or credential theft with no patch currently available.

File Upload RCE XSS Traccar
NVD GitHub
CVSS 3.1
8.7
EPSS
0.0%
CVE-2025-70329 HIGH POC This Week

X5000R Firmware versions up to 9.1.0cu.2415_b20250515 is affected by os command injection (CVSS 8.0).

Command Injection X5000r Firmware TOTOLINK
NVD GitHub
CVSS 3.1
8.0
EPSS
0.5%
CVE-2025-69248 HIGH POC PATCH This Week

free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service Amf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-69232 HIGH POC This Week

free5GC is an open-source project for 5th generation (5G) mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Improper Input Validation and Protocol Compliance vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

Denial Of Service Smf Go Upf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-69247 HIGH POC PATCH This Week

free5GC go-upf is the User Plane Function (UPF) implementation for 5G networks that is part of the free5GC project. Versions prior to 1.2.8 have a Heap-based Buffer Overflow (CWE-122) vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

Buffer Overflow Heap Overflow Denial Of Service Go Upf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-69700 HIGH POC This Week

Tenda FH1203 V2.0.1.6 contains a stack-based buffer overflow vulnerability in the modify_add_client_prio function, which is reachable via the formSetClientPrio CGI handler. [CVSS 7.5 HIGH]

Buffer Overflow Stack Overflow Fh1203 Firmware Tenda
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-63946 HIGH POC This Week

A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. [CVSS 7.4 HIGH]

Windows Privilege Escalation Race Condition Pcmanager
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-63945 HIGH POC This Week

A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. [CVSS 7.4 HIGH]

Windows Privilege Escalation Race Condition Ioa
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-61144 HIGH POC PATCH This Week

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. [CVSS 7.3 HIGH]

Stack Overflow Libtiff Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-25649 HIGH POC This Week

Traccar GPS tracking system through version 6.11.1 allows authenticated users to hijack OAuth 2.0 authorization codes through unvalidated redirect URIs in OIDC endpoints, enabling account takeover on integrated applications. The vulnerability stems from missing whitelist validation on the redirect_uri parameter, permitting attackers to exfiltrate authorization codes to attacker-controlled servers. Public exploit code exists for this HIGH severity flaw, and no patch is currently available.

Open Redirect Traccar
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-2980 HIGH POC This Week

Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-1711 allows remote attackers with high privileges to execute arbitrary code through the passwd1 parameter in the /goform/setSysAdm function. Public exploit code exists for this vulnerability and no patch is currently available. An authenticated attacker can leverage this flaw to achieve complete system compromise with high impact on confidentiality, integrity, and availability.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-68930 HIGH POC This Week

Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain a Cross-Site WebSocket Hijacking (CSWSH) vulnerability in the `/api/socket` endpoint. The application fails to validate the `Origin` header during the WebSocket handshake. [CVSS 7.1 HIGH]

Authentication Bypass Traccar
NVD GitHub Exploit-DB VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-23521 MEDIUM POC This Month

Traccar GPS tracking system through version 6.11.1 allows authenticated users to conduct arbitrary file writes by setting device identifiers to absolute paths, which bypass path validation during image uploads. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with device management privileges could write files outside the intended media directory, potentially compromising system integrity.

Path Traversal Traccar
NVD GitHub
CVSS 3.1
6.5
EPSS
0.0%
CVE-2026-26464 MEDIUM POC This Month

Society Management System Portal versions up to 1.0 is affected by cross-site scripting (xss) (CVSS 6.1).

PHP XSS Society Management System Portal
NVD GitHub
CVSS 3.1
6.1
EPSS
0.1%
CVE-2026-23693 CRITICAL Act Now

Critical vulnerability in ElementsKit Elementor Addons WordPress plugin allows unauthenticated access to critical functions. CVSS 10.0 affecting a widely-used WordPress plugin with 1M+ installations.

WordPress
NVD
CVSS 3.1
10.0
EPSS
0.2%
CVE-2026-24494 CRITICAL Act Now

SQL injection in Order Up Online Ordering System 1.0 via /api/integrations/getintegrations endpoint allows unauthenticated database compromise.

SQLi
NVD
CVSS 3.1
9.8
EPSS
0.1%
CVE-2026-3062 CRITICAL PATCH Act Now

Out-of-bounds read and write in Chrome Tint shader compiler on Mac before 145.0.7632.116. More severe than CVE-2026-3061 due to additional write capability enabling potential code execution.

Chrome Google Red Hat Suse
NVD
CVSS 3.1
9.8
EPSS
0.0%
CVE-2026-2984 MEDIUM POC This Month

Student Result Management System versions up to 1.0 is affected by improper resource shutdown or release (CVSS 6.5).

PHP Denial Of Service
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.1%
CVE-2026-3026 MEDIUM POC This Month

Jeewms 3.7 contains a server-side request forgery vulnerability in the UEditor plugin's getRemoteImage.jsp file, where the upfile parameter can be manipulated to make the server perform unintended network requests. Public exploit code exists for this vulnerability, and the vendor has not provided a patch despite early notification. Remote attackers can exploit this without authentication to conduct SSRF attacks with low complexity.

SSRF Jeewms
NVD VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-2983 MEDIUM POC This Month

SourceCodester Student Result Management System 1.0 contains improper access controls in the bulk user import functionality that allows unauthenticated remote attackers to manipulate file parameters and gain unauthorized access. Public exploit code exists for this vulnerability, though no patch is currently available. The attack requires no user interaction and can be exploited over the network with basic complexity.

PHP Information Disclosure
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-69208 MEDIUM POC PATCH This Month

free5GC UDR is the user data repository (UDR) for free5GC, an an open-source project for 5th generation (5G) mobile core networks. Versions prior to 1.4.1 contain an Improper Error Handling vulnerability with Information Exposure. [CVSS 5.3 MEDIUM]

Information Disclosure Udr
NVD GitHub
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-2975 MEDIUM POC This Month

FastApiAdmin versions up to 2.2.0 expose sensitive information through the reset_api_docs function in the Custom Documentation Endpoint, allowing unauthenticated remote attackers to access confidential data. Public exploit code is available for this vulnerability, increasing the risk of active exploitation. No patch is currently available to remediate this issue.

Information Disclosure Fastapiadmin
NVD GitHub VulDB
CVSS 3.1
5.3
EPSS
0.0%
CVE-2026-2588 CRITICAL PATCH Act Now

Integer overflow in Crypt::NaCl::Sodium Perl module through version 2.001 on 32-bit systems. The Sodium.xs binding casts a size_t to int, causing overflow that could compromise cryptographic operations.

Integer Overflow Crypt
NVD GitHub
CVSS 3.1
9.1
EPSS
0.1%
CVE-2026-3061 CRITICAL PATCH Act Now

Out-of-bounds read in Google Chrome Media component before 145.0.7632.116 allows remote attackers to perform memory reads via crafted media content.

Google Chrome Red Hat Suse
NVD
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-27742 MEDIUM POC This Month

Stored XSS in Bludit 3.16.2 allows authenticated users to inject malicious JavaScript into post content that executes when viewed by other users, enabling session hijacking and credential theft. The vulnerability exists because the application relies solely on client-side input validation while failing to sanitize or encode content server-side. Public exploit code is available, though no patch has been released yet.

XSS Bludit
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-70043 CRITICAL Act Now

Improper certificate validation in Ayms node-To master Node.js module. The application does not properly validate TLS certificates, enabling man-in-the-middle attacks.

TLS
NVD GitHub
CVSS 3.1
9.1
EPSS
0.0%
CVE-2026-27741 MEDIUM POC This Month

Bludit 3.16.1 lacks CSRF protections on administrative endpoints, allowing attackers to trick authenticated admins into uninstalling plugins or installing malicious themes via crafted web requests. Public exploit code exists for this vulnerability, enabling unauthorized modification of site functionality and potential code execution through untrusted theme installation.

CSRF Bludit
NVD GitHub
CVSS 4.0
5.1
EPSS
0.0%
CVE-2025-61145 MEDIUM POC PATCH This Month

libtiff up to v4.7.1 was discovered to contain a double free via the component tools/tiffcrop.c. [CVSS 5.0 MEDIUM]

Information Disclosure Libtiff Red Hat Suse
NVD GitHub
CVSS 3.1
5.0
EPSS
0.0%
CVE-2026-1367 HIGH This Week

Authenticated SQL injection in Zohocorp ManageEngine ADSelfService Plus version 6522 and earlier allows logged-in attackers to execute arbitrary SQL queries through the search report functionality, potentially leading to unauthorized data access and modification. With no patch currently available, organizations running affected versions face significant risk of data exfiltration and system compromise by authenticated users.

SQLi
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2026-27511 MEDIUM POC This Month

Tenda F3 Wireless Router firmware V12.01.01.55_multi lacks clickjacking protections in its web administrative interface, enabling attackers to embed configuration pages in iframes and manipulate authenticated administrators into making unauthorized changes. Public exploit code exists for this vulnerability, affecting administrators who access the router's management interface. While the impact is limited to configuration tampering rather than direct compromise, the lack of available patches leaves affected devices vulnerable.

XSS F3 Firmware
NVD
CVSS 3.1
4.3
EPSS
0.0%
CVE-2025-71056 HIGH This Week

Improper session management in GCOM EPON 1GE ONU version C00R371V00B01 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user. [CVSS 8.1 HIGH]

Authentication Bypass
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-2998 HIGH This Week

eAI Technologies' ERP application is vulnerable to DLL hijacking attacks that enable authenticated local users to achieve arbitrary code execution by placing a malicious DLL in the application directory. The vulnerability affects any system where non-administrative users have local access and can write to the ERP installation folder. No patch is currently available to remediate this issue.

Privilege Escalation RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22567 HIGH This Week

Zscaler Internet Access Admin Portal allows authenticated administrators to execute arbitrary backend functions through insufficient input validation in the web UI. This high-severity vulnerability requires administrative privileges and currently lacks a patch, limiting exposure but leaving affected organizations vulnerable until remediation is available. An attacker with admin credentials could bypass intended restrictions to perform unauthorized backend operations with cross-system impact.

Code Injection Zscaler Internet Access Admin Portal
NVD
CVSS 3.1
7.6
EPSS
0.1%
CVE-2026-27623 HIGH PATCH This Week

Denial of service in Valkey 9.0.0 through 9.0.2 allows unauthenticated network attackers to crash the server by exploiting improper networking state handling after empty requests. An attacker can trigger an assertion failure that causes the Valkey process to abort, impacting availability for all users. No patch is currently available; network isolation is recommended as a mitigation.

Valkey Denial Of Service
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-21863 HIGH PATCH This Week

Out-of-bounds read in Valkey clusterbus port processing allows network-adjacent attackers to crash affected systems by sending specially crafted packets that bypass buffer validation checks. This vulnerability affects Valkey versions prior to 9.0.2, 8.1.6, 8.0.7, and 7.2.12, impacting any deployment exposing the clusterbus port to untrusted networks. Patches are available and administrators should restrict clusterbus access with network ACLs as an immediate mitigation.

Valkey Information Disclosure Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-70058 HIGH This Week

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in the HTTPS agent configuration for Axios requests [CVSS 7.4 HIGH]

TLS Yapi
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-70045 HIGH This Week

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jx_obj.IsSecure' is true [CVSS 7.4 HIGH]

TLS Jxm
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-21420 HIGH PATCH This Week

Dell Repository Manager versions before 3.4.8 suffer from an uncontrolled search path vulnerability that allows local attackers with low privileges to execute arbitrary code and escalate their access. An attacker with local system access and user interaction can exploit improper path handling to inject malicious code into the application's execution flow. A patch is available to remediate this HIGH severity issue affecting the repository management functionality.

Privilege Escalation Repository Manager
NVD
CVSS 3.1
7.3
EPSS
0.0%
Page 1 of 2 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy