Skip to main content
CVE-2026-3399 HIGH POC This Week

Remote code execution in Tenda F453 firmware versions 1.0.0.3 and earlier results from a buffer overflow in the httpd component's DHCP configuration handler. An authenticated attacker can exploit this vulnerability over the network to achieve complete system compromise, and public exploit code is currently available.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3398 HIGH POC This Week

Buffer overflow in Tenda F453 firmware versions 1.0.0.3 allows authenticated remote attackers to achieve full system compromise through malicious wanmode or PPPOEPassword parameters sent to the httpd service. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker can exploit this to execute arbitrary code with complete control over confidentiality, integrity, and availability of affected devices.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3380 HIGH POC This Week

Remote code execution in Tenda F453 Firmware 1.0.0.3 allows authenticated attackers to execute arbitrary code via a buffer overflow in the L7Im web interface parameter handler. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with network access and valid credentials can achieve complete system compromise including data theft, modification, and service disruption.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3379 HIGH POC This Week

Remote code execution in Tenda F453 1.0.0.3 DNS firmware via a buffer overflow in the /goform/SetIpBind endpoint allows authenticated attackers to achieve full system compromise. The vulnerability stems from improper input validation of the page parameter and has public exploit code available. An attacker with network access and valid credentials can execute arbitrary code with complete system privileges.

DNS Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3378 HIGH POC This Week

Remote code execution in Tenda F453 Firmware 1.0.0.3 allows authenticated attackers to achieve complete system compromise through a buffer overflow in the QoS settings parameter. Public exploit code exists for this vulnerability, and no patch is currently available, leaving affected devices at immediate risk.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3377 HIGH POC This Week

Buffer overflow in Tenda F453 1.0.0.3 firmware allows authenticated remote attackers to achieve complete system compromise through manipulation of the SafeUrlFilter page parameter. Public exploit code exists for this vulnerability, and no patch is currently available. An attacker with valid credentials can execute arbitrary code with full system privileges.

Buffer Overflow F453 Firmware
NVD GitHub VulDB
CVSS 3.1
8.8
EPSS
0.1%
CVE-2026-3394 LOW POC Monitor

A vulnerability was detected in jarikomppa soloud up to 20200207. This affects the function SoLoud::Wav::loadwav of the file src/audiosource/wav/soloud_wav.cpp of the component WAV File Parser. [CVSS 3.3 LOW]

Buffer Overflow Soloud
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3389 LOW POC Monitor

A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstd_rex_newnode in the library sqstdlib/sqstdrex.cpp. [CVSS 3.3 LOW]

Denial Of Service Squirrel
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3388 LOW POC Monitor

A vulnerability was found in Squirrel up to 3.2. This affects the function SQCompiler::Factor/SQCompiler::UnaryOP of the file squirrel/sqcompiler.cpp. [CVSS 3.3 LOW]

Information Disclosure Squirrel
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3386 LOW POC Monitor

A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wren_compiler.c. [CVSS 3.3 LOW]

Buffer Overflow Wren
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3391 LOW POC Monitor

A security flaw has been discovered in FascinatedBox lily up to 2.3. Impacted is the function clear_storages of the file src/lily_emitter.c. [CVSS 3.3 LOW]

Buffer Overflow Lily
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3390 LOW POC Monitor

A vulnerability was identified in FascinatedBox lily up to 2.3. This issue affects the function patch_line_end of the file src/lily_build_error.c of the component Error Reporting. [CVSS 3.3 LOW]

Buffer Overflow Lily
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3387 LOW POC Monitor

A vulnerability has been found in wren-lang wren up to 0.4.0. Affected by this issue is the function getByteCountForArguments of the file src/vm/wren_compiler.c. [CVSS 3.3 LOW]

Denial Of Service Wren
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3385 LOW POC Monitor

A vulnerability was detected in wren-lang wren up to 0.4.0. Affected is the function resolveLocal of the file src/vm/wren_compiler.c. [CVSS 3.3 LOW]

Information Disclosure Wren
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3392 LOW POC Monitor

A weakness has been identified in FascinatedBox lily up to 2.3. The affected element is the function eval_tree of the file src/lily_emitter.c. [CVSS 3.3 LOW]

Denial Of Service Lily
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3395 MEDIUM PATCH This Month

Maxsite Cms versions up to 109.1. contains a vulnerability that allows attackers to code injection (CVSS 7.3).

PHP Code Injection
NVD GitHub VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2026-3393 LOW Monitor

A security vulnerability has been detected in jarikomppa soloud versions up to 20200207. is affected by buffer overflow (CVSS 3.3).

Buffer Overflow Soloud
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3382 LOW Monitor

A security flaw has been discovered in ChaiScript up to 6.1.0. The impacted element is the function chaiscript::Boxed_Number::get_as of the file include/chaiscript/dispatchkit/boxed_number.hpp. [CVSS 3.3 LOW]

Buffer Overflow Chaiscript
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3384 LOW Monitor

A security vulnerability has been detected in ChaiScript up to 6.1.0. This impacts the function chaiscript::eval::AST_Node_Impl::eval/chaiscript::eval::Function_Push_Pop of the file include/chaiscript/language/chaiscript_eval.hpp. [CVSS 3.3 LOW]

Information Disclosure Chaiscript
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%
CVE-2026-3383 LOW Monitor

A weakness has been identified in ChaiScript up to 6.1.0. This affects the function chaiscript::Boxed_Number::go of the file include/chaiscript/dispatchkit/boxed_number.hpp. [CVSS 3.3 LOW]

Information Disclosure Chaiscript
NVD GitHub VulDB
CVSS 4.0
1.9
EPSS
0.0%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy