Skip to main content
CVE-2025-70328 HIGH POC This Week

X6000R Firmware versions up to 9.4.0cu.1498_b20250826 is affected by os command injection (CVSS 8.8).

Command Injection X6000r Firmware TOTOLINK
NVD GitHub
CVSS 3.1
8.8
EPSS
2.9%
CVE-2026-25747 HIGH POC PATCH This Week

Deserialization of Untrusted Data vulnerability in Apache Camel LevelDB component. The Camel-LevelDB DefaultLevelDBSerializer class deserializes data read from the LevelDB aggregation repository using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. [CVSS 8.8 HIGH]

Apache Java Deserialization Camel RCE
NVD GitHub
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3016 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated attackers to achieve full system compromise through a buffer overflow in the P2P limit configuration function. The vulnerability exists due to unsafe use of strcpy() in the /goform/formP2PLimitConfig endpoint and is exploitable over the network with public exploit code currently available. No patch has been released, making this a critical risk for deployed devices.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3015 HIGH POC This Week

Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-171114 allows authenticated remote attackers to achieve code execution by supplying an oversized GroupName parameter to the /goform/formPolicyRouteConf endpoint. Public exploit code exists for this vulnerability and no patch is currently available.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2981 HIGH POC This Week

Remote code execution in UTT HiPER 810G firmware through version 1.7.7-1711 allows authenticated remote attackers to execute arbitrary code by exploiting a buffer overflow in the /goform/formTaskEdit_ap endpoint. An attacker can trigger the vulnerability by crafting a malicious txtMin2 parameter that overflows the strcpy function, and public exploit code exists for this flaw. No patch is currently available for affected devices.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-2962 HIGH POC This Week

Stack-based buffer overflow in D-Link DWR-M960 1.01.07 firmware's scheduled reboot configuration endpoint allows authenticated remote attackers to achieve full system compromise through the submit-url parameter. Public exploit code exists for this vulnerability, and no patch is currently available. The flaw requires valid credentials but has a high attack surface due to network accessibility and the severity of potential impacts including code execution and data exfiltration.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2961 HIGH POC This Week

Remote code execution in D-Link DWR-M960 firmware through a stack buffer overflow in the VPN configuration endpoint allows authenticated attackers to execute arbitrary code by manipulating the submit-url parameter. The vulnerability affects firmware version 1.01.07 and public exploit code exists, though no patch is currently available.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2960 HIGH POC This Week

Stack-based buffer overflow in D-Link DWR-M960 firmware version 1.01.07 allows authenticated remote attackers to execute arbitrary code by manipulating the submit-url parameter in the /boafrm/formDhcpv6s function. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2959 HIGH POC This Week

Stack-based buffer overflow in D-Link DWR-M960 firmware (version 1.01.07) allows authenticated attackers to achieve remote code execution via a malicious URL parameter in the /boafrm/formNewSchedule function. Public exploit code exists for this vulnerability, and no patch is currently available. The attack requires valid credentials but no user interaction, posing a significant risk to affected devices.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-2958 HIGH POC This Week

Remote code execution in D-Link DWR-M960 firmware 1.01.07 via stack-based buffer overflow in the /boafrm/formWsc endpoint allows authenticated attackers to achieve full system compromise through manipulation of the save_apply parameter. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

D-Link Buffer Overflow Stack Overflow Dwr M960 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.0%
CVE-2026-25648 HIGH POC This Week

Traccar versions 6.11.1 and later allow authenticated users to inject malicious JavaScript into other users' browsers by uploading unsanitized SVG files as device images, exploiting improper Content-Type handling. Public exploit code exists for this reflected cross-site scripting vulnerability, which could enable session hijacking or credential theft with no patch currently available.

File Upload RCE XSS Traccar
NVD GitHub
CVSS 3.1
8.7
EPSS
0.0%
CVE-2025-70329 HIGH POC This Week

X5000R Firmware versions up to 9.1.0cu.2415_b20250515 is affected by os command injection (CVSS 8.0).

Command Injection X5000r Firmware TOTOLINK
NVD GitHub
CVSS 3.1
8.0
EPSS
0.5%
CVE-2025-69248 HIGH POC PATCH This Week

free5GC is an open-source project for 5th generation (5G) mobile core networks. Versions up to and including 1.4.1 of free5GC's AMF service have a Buffer Overflow vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

Buffer Overflow Denial Of Service Amf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.3%
CVE-2025-69232 HIGH POC This Week

free5GC is an open-source project for 5th generation (5G) mobile core networks. free5GC go-upf versions up to and including 1.2.6, corresponding to free5gc smf up to and including 1.4.0, have an Improper Input Validation and Protocol Compliance vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

Denial Of Service Smf Go Upf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-69247 HIGH POC PATCH This Week

free5GC go-upf is the User Plane Function (UPF) implementation for 5G networks that is part of the free5GC project. Versions prior to 1.2.8 have a Heap-based Buffer Overflow (CWE-122) vulnerability leading to Denial of Service. [CVSS 7.5 HIGH]

Buffer Overflow Heap Overflow Denial Of Service Go Upf
NVD GitHub
CVSS 3.1
7.5
EPSS
0.2%
CVE-2025-69700 HIGH POC This Week

Tenda FH1203 V2.0.1.6 contains a stack-based buffer overflow vulnerability in the modify_add_client_prio function, which is reachable via the formSetClientPrio CGI handler. [CVSS 7.5 HIGH]

Buffer Overflow Stack Overflow Fh1203 Firmware Tenda
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-63946 HIGH POC This Week

A privilege escalation (PE) vulnerability in the Tencent PC Manager app thru 17.10.28554.205 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. [CVSS 7.4 HIGH]

Windows Privilege Escalation Race Condition Pcmanager
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-63945 HIGH POC This Week

A privilege escalation (PE) vulnerability in the Tencent iOA app thru 210.9.28693.621001 on Windows devices enables a local user to execute programs with elevated privileges. However, execution requires that the local user is able to successfully exploit a race condition. [CVSS 7.4 HIGH]

Windows Privilege Escalation Race Condition Ioa
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-61144 HIGH POC PATCH This Week

libtiff up to v4.7.1 was discovered to contain a stack overflow via the readSeparateStripsIntoBuffer function. [CVSS 7.3 HIGH]

Stack Overflow Libtiff Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-25649 HIGH POC This Week

Traccar GPS tracking system through version 6.11.1 allows authenticated users to hijack OAuth 2.0 authorization codes through unvalidated redirect URIs in OIDC endpoints, enabling account takeover on integrated applications. The vulnerability stems from missing whitelist validation on the redirect_uri parameter, permitting attackers to exfiltrate authorization codes to attacker-controlled servers. Public exploit code exists for this HIGH severity flaw, and no patch is currently available.

Open Redirect Traccar
NVD GitHub
CVSS 3.1
7.3
EPSS
0.0%
CVE-2026-2980 HIGH POC This Week

Buffer overflow in UTT HiPER 810G firmware versions up to 1.7.7-1711 allows remote attackers with high privileges to execute arbitrary code through the passwd1 parameter in the /goform/setSysAdm function. Public exploit code exists for this vulnerability and no patch is currently available. An authenticated attacker can leverage this flaw to achieve complete system compromise with high impact on confidentiality, integrity, and availability.

Buffer Overflow 810g Firmware
NVD GitHub VulDB
CVSS 3.1
7.2
EPSS
0.1%
CVE-2025-68930 HIGH POC This Week

Versions of the Traccar open-source GPS tracking system up to and including 6.11.1 contain a Cross-Site WebSocket Hijacking (CSWSH) vulnerability in the `/api/socket` endpoint. The application fails to validate the `Origin` header during the WebSocket handshake. [CVSS 7.1 HIGH]

Authentication Bypass Traccar
NVD GitHub Exploit-DB VulDB
CVSS 3.1
7.1
EPSS
0.0%
CVE-2026-1367 HIGH This Week

Authenticated SQL injection in Zohocorp ManageEngine ADSelfService Plus version 6522 and earlier allows logged-in attackers to execute arbitrary SQL queries through the search report functionality, potentially leading to unauthorized data access and modification. With no patch currently available, organizations running affected versions face significant risk of data exfiltration and system compromise by authenticated users.

SQLi
NVD
CVSS 3.1
8.3
EPSS
0.2%
CVE-2025-71056 HIGH This Week

Improper session management in GCOM EPON 1GE ONU version C00R371V00B01 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user. [CVSS 8.1 HIGH]

Authentication Bypass
NVD GitHub
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-2998 HIGH This Week

eAI Technologies' ERP application is vulnerable to DLL hijacking attacks that enable authenticated local users to achieve arbitrary code execution by placing a malicious DLL in the application directory. The vulnerability affects any system where non-administrative users have local access and can write to the ERP installation folder. No patch is currently available to remediate this issue.

Privilege Escalation RCE
NVD
CVSS 3.1
7.8
EPSS
0.0%
CVE-2026-22567 HIGH This Week

Zscaler Internet Access Admin Portal allows authenticated administrators to execute arbitrary backend functions through insufficient input validation in the web UI. This high-severity vulnerability requires administrative privileges and currently lacks a patch, limiting exposure but leaving affected organizations vulnerable until remediation is available. An attacker with admin credentials could bypass intended restrictions to perform unauthorized backend operations with cross-system impact.

Code Injection Zscaler Internet Access Admin Portal
NVD
CVSS 3.1
7.6
EPSS
0.1%
CVE-2026-27623 HIGH PATCH This Week

Denial of service in Valkey 9.0.0 through 9.0.2 allows unauthenticated network attackers to crash the server by exploiting improper networking state handling after empty requests. An attacker can trigger an assertion failure that causes the Valkey process to abort, impacting availability for all users. No patch is currently available; network isolation is recommended as a mitigation.

Valkey Denial Of Service
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-21863 HIGH PATCH This Week

Out-of-bounds read in Valkey clusterbus port processing allows network-adjacent attackers to crash affected systems by sending specially crafted packets that bypass buffer validation checks. This vulnerability affects Valkey versions prior to 9.0.2, 8.1.6, 8.0.7, and 7.2.12, impacting any deployment exposing the clusterbus port to untrusted networks. Patches are available and administrators should restrict clusterbus access with network ACLs as an immediate mitigation.

Valkey Information Disclosure Buffer Overflow
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-70058 HIGH This Week

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in YMFE yapi v1.12.0. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in the HTTPS agent configuration for Axios requests [CVSS 7.4 HIGH]

TLS Yapi
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2025-70045 HIGH This Week

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in jxcore jxm master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in HTTPS request options when 'jx_obj.IsSecure' is true [CVSS 7.4 HIGH]

TLS Jxm
NVD GitHub
CVSS 3.1
7.4
EPSS
0.0%
CVE-2026-21420 HIGH PATCH This Week

Dell Repository Manager versions before 3.4.8 suffer from an uncontrolled search path vulnerability that allows local attackers with low privileges to execute arbitrary code and escalate their access. An attacker with local system access and user interaction can exploit improper path handling to inject malicious code into the application's execution flow. A patch is available to remediate this HIGH severity issue affecting the repository management functionality.

Privilege Escalation Repository Manager
NVD
CVSS 3.1
7.3
EPSS
0.0%
CVE-2025-14905 HIGH PATCH This Week

A flaw was found in the 389-ds-base server. A heap buffer overflow vulnerability exists in the `schema_attr_enum_callback` function within the `schema.c` file. [CVSS 7.2 HIGH]

RCE Buffer Overflow Heap Overflow Denial Of Service
NVD VulDB
CVSS 3.1
7.2
EPSS
0.4%
CVE-2025-67733 HIGH PATCH This Week

Response-stream injection in Valkey (the Redis fork) lets an authenticated user abuse Lua scripting commands to smuggle arbitrary bytes into the reply stream, corrupting or tampering with data returned to other users sharing the same connection. The flaw stems from the Lua script error-handling path mishandling null characters. It affects all releases prior to 9.0.2, 8.1.6, 8.0.7, and 7.2.12. No public exploit identified at time of analysis; EPSS exploitation probability is negligible (0.02%, 4th percentile) and the issue is not in CISA KEV.

RCE Valkey
NVD GitHub VulDB
CVSS 3.1
7.1
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy