Skip to main content
CVE-2026-11788 HIGH This Week

Remote denial of service in 389 Directory Server (Red Hat Directory Server 11/12/13 and Red Hat Enterprise Linux 6 through 10) allows unauthenticated network attackers to crash the LDAP daemon by exploiting an unchecked BER structure allocation in the dereference control plugin when the host is under memory pressure. No public exploit identified at time of analysis, and EPSS exploitation probability is very low (0.09%, 25th percentile), but the unauthenticated network-reachable nature warrants prompt patching of internet-facing or business-critical directory services.

Denial Of Service Null Pointer Dereference Red Hat Directory Server 11 Red Hat Directory Server 12 Red Hat Directory Server 13 +5
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-45639 HIGH PATCH Exploit Unlikely This Week

Information disclosure in Microsoft Windows Remote Desktop Protocol (RDP) allows remote unauthenticated attackers to read out-of-bounds memory over the network, potentially exposing sensitive data from the RDP service process. The flaw is reachable without authentication or user interaction across any exposed RDP endpoint, and no public exploit identified at time of analysis. Microsoft has assigned the issue a CVSS 3.1 score of 7.5 reflecting high confidentiality impact with no integrity or availability effect.

Information Disclosure Microsoft Buffer Overflow Remote Desktop Client Windows App +13
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-42908 HIGH PATCH Exploit Unlikely This Week

Information disclosure in Microsoft Windows Remote Desktop Protocol (RDP) allows unauthenticated remote attackers to read out-of-bounds memory contents over the network, potentially leaking sensitive data from the RDP service process. The vulnerability requires no authentication or user interaction and is rated CVSS 7.5 with high confidentiality impact only. At time of analysis there is no public exploit identified and the issue is not listed in CISA KEV.

Information Disclosure Microsoft Buffer Overflow
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-11694 HIGH PATCH This Week

Sandboxed remote code execution in Google Chrome versions prior to 149.0.7827.103 allows attackers who have already compromised the renderer process to execute arbitrary code via a crafted HTML page that triggers a use-after-free in the ServiceWorker component. Rated High severity by Chromium with a CVSS 7.5, the flaw requires user interaction (visiting a malicious page) and a pre-existing renderer compromise, and no public exploit has been identified at time of analysis. The vendor has released a patched Stable channel update.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-11690 HIGH PATCH This Week

Sandbox-confined arbitrary code execution in Google Chrome on macOS versions prior to 149.0.7827.103 stems from an out-of-bounds read and write in the Media component, exploitable by a remote attacker who has already compromised the renderer process and lures a user to a crafted HTML page. Google rates the Chromium severity as High and has released a patched stable channel update; no public exploit identified at time of analysis, and SSVC reports no observed exploitation.

Information Disclosure Google Buffer Overflow RCE Red Hat +1
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-11641 HIGH PATCH This Week

Remote code execution in Google Chrome on Windows prior to 149.0.7827.103 can be triggered via a use-after-free flaw in the Bluetooth component, allowing a remote attacker to execute arbitrary code when a victim visits a crafted HTML page and performs specific UI gestures. Chromium rates the severity as Critical, though the CVSS 3.1 score of 7.5 reflects high attack complexity and required user interaction. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.

Google Memory Corruption RCE Use After Free Microsoft +3
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-11639 HIGH PATCH This Week

Remote code execution in Google Chrome on macOS prior to version 149.0.7827.103 allows a remote attacker to exploit a use-after-free flaw in the Compositing component via a crafted HTML page. Google has rated the underlying Chromium security severity as Critical, and no public exploit identified at time of analysis, though the bug is patched in the latest stable channel. Successful exploitation requires user interaction (visiting a malicious page) and high attack complexity, which moderates real-world risk despite the high impact.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-11632 HIGH PATCH This Week

Remote code execution in Google Chrome versions prior to 149.0.7827.103 stems from a use-after-free flaw in the TabStrip UI component, allowing remote attackers to execute arbitrary code when victims interact with a malicious HTML page via specific UI gestures. Google rates the Chromium severity as Critical, and a vendor-released patch is available; no public exploit has been identified at time of analysis. The high attack complexity (AC:H) and required user interaction (UI:R) constrain mass exploitation despite the severe technical impact.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-50508 HIGH PATCH Exploit Likely This Week

Information disclosure in Microsoft Windows NTLM authentication allows remote unauthenticated attackers to obtain sensitive data and conduct network spoofing attacks against affected Windows 10, Windows 11, and Windows Server installations. The flaw carries a CVSS 7.5 (high) rating due to high confidentiality impact with no privileges or user interaction required, though EPSS exploitation probability is low at 0.08% and no public exploit identified at time of analysis. Microsoft has released patches through MSRC for all affected SKUs.

Information Disclosure Microsoft Windows 10 1607 Windows 11 22h2 Windows Server 2004 +3
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-48563 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in Microsoft Remote Desktop Client is possible via a heap-based buffer overflow that an unauthenticated remote attacker can trigger when a user is convinced to connect to a malicious RDP server. The flaw is rated CVSS 7.5 (High) with attack complexity High and required user interaction, and no public exploit identified at time of analysis. The CWE-416 classification combined with the vendor's tags points to a use-after-free condition reachable through crafted RDP server responses.

Buffer Overflow Memory Corruption Use After Free Windows 10 1809 Windows 10 21h2 +8
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-47654 HIGH PATCH NEWS This Week

Remote code execution in Microsoft Remote Desktop Client is possible when a victim connects to an attacker-controlled or compromised RDP server, triggering a heap-based buffer overflow that leads to arbitrary code execution on the client machine. The flaw is unauthenticated from the server side but requires user interaction and high attack complexity, and no public exploit identified at time of analysis. CVSS is rated 7.5 (High) with confidentiality, integrity, and availability impact.

Use After Free Memory Corruption Buffer Overflow Windows Server 2016 Windows Server 2019 +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-44801 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in Microsoft Remote Desktop Client is possible when a victim connects to an attacker-controlled RDP server, where a heap-based buffer overflow (linked to use-after-free memory corruption per vendor tags) enables arbitrary code execution on the client machine. The CVSS 7.5 score reflects high attack complexity and required user interaction, and no public exploit identified at time of analysis. SSVC assessment from CISA rates exploitation as 'none' and automatable as 'no', though technical impact is total.

Use After Free Memory Corruption Buffer Overflow Remote Desktop Client Windows App +13
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-44799 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in Microsoft Remote Desktop Client arises from a heap-based buffer overflow (CWE-122) that an unauthenticated network attacker can trigger when a victim connects to or interacts with a malicious server. Microsoft (secure@microsoft.com) is the originating reporter and has published an advisory in the MSRC update guide, with no public exploit identified at time of analysis. The CVSS 7.5 (High) rating reflects high attack complexity and required user interaction, but successful exploitation yields full confidentiality, integrity, and availability impact on the client host.

Heap Overflow Buffer Overflow Remote Desktop Client Windows App Windows 10 1607 +12
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-42993 HIGH PATCH Exploit Unlikely This Week

Remote code execution in Microsoft Remote Desktop Client is possible when a user is lured into connecting to an attacker-controlled RDP server, where a heap-based buffer overflow (CWE-122) can be triggered to run arbitrary code on the client machine. The flaw was reported by Microsoft (secure@microsoft.com) and carries a CVSS 3.1 score of 7.5, reflecting high attack complexity and the requirement for user interaction. No public exploit identified at time of analysis, and the issue is not currently listed in CISA KEV.

Heap Overflow Buffer Overflow Windows 10 21h2 Windows 10 22h2 Windows 11 23h2 +5
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-42992 HIGH PATCH NEWS Exploit Unlikely This Week

Remote code execution in Microsoft Remote Desktop Client is possible when a user is enticed to connect to an attacker-controlled RDP server, triggering a heap-based buffer overflow (CWE-122). The flaw scores CVSS 7.5 (AV:N/AC:H/PR:N/UI:R) and, while no public exploit is identified at time of analysis, the network-reachable nature and full CIA impact make it a meaningful client-side risk for users connecting to untrusted endpoints.

Buffer Overflow Heap Overflow Windows App Windows 10 1607 Windows 10 1809 +10
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-34711 HIGH This Week

Denial-of-service in Adobe CAI Content Credentials (c2pa-web 0.7.1 and c2pa 0.80.1 and earlier) allows remote unauthenticated attackers to crash the application by triggering an integer overflow during C2PA content processing. With a CVSS of 7.5 (AV:N/AC:L/PR:N/UI:N) and no public exploit identified at time of analysis, the bug carries pure availability impact - no data exposure or code execution - but is trivially reachable by anyone who can feed input to the library.

Denial Of Service Integer Overflow Cai Content Credentials
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-11636 HIGH PATCH This Week

Heap corruption in Google Chrome's Autofill component on Windows versions prior to 149.0.7827.103 allows remote attackers to potentially achieve code execution by luring users to a malicious HTML page and convincing them to perform specific UI interactions. Chromium rates the underlying flaw as Critical severity, though CVSS scores it 7.5 due to required user interaction and high attack complexity. No public exploit identified at time of analysis.

Google Memory Corruption Use After Free Microsoft Denial Of Service +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-42909 HIGH PATCH This Week

Remote code execution in Microsoft Remote Desktop Client is possible when a user connects to an attacker-controlled or compromised RDP endpoint, where a race condition (CWE-362) can be triggered to corrupt heap memory and execute arbitrary code in the client process. The flaw is unauthenticated from the network attacker's perspective but requires user interaction to initiate the connection, and no public exploit has been identified at time of analysis.

Race Condition Buffer Overflow Remote Desktop Client Windows App Windows 10 1607 +12
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-11667 HIGH PATCH This Week

Out-of-bounds read in the WebRTC component of Google Chrome before 149.0.7827.103 enables a remote attacker who has already compromised the GPU process to escalate into heap corruption via a crafted HTML page. Google rates this High severity and a vendor patch is available; no public exploit identified at time of analysis. The flaw is a chained-exploitation primitive rather than a standalone RCE, requiring a prior sandbox-adjacent foothold plus user interaction.

Information Disclosure Google Buffer Overflow Red Hat Suse
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-49475 HIGH PATCH This Week

Out-of-bounds memory access in FreeSWITCH versions prior to 1.11.0 allows remote unauthenticated attackers to crash the telephony stack by sending a malformed STUN packet whose declared attribute length is smaller than the structure the parser casts it to. No public exploit has been identified at time of analysis, but the network-reachable nature of STUN on media-handling deployments makes this a denial-of-service risk for any exposed FreeSWITCH instance handling WebRTC or NAT-traversal traffic.

Buffer Overflow Freeswitch
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-34180 HIGH PATCH This Week

Denial-of-service in OpenSSL's ASN.1 content parser allows remote unauthenticated attackers to trigger a heap buffer over-read that can crash applications relying on the library for cryptographic parsing. Disclosed via the OpenSSL 4.0.1 security release on 2026-06-09 alongside more than a dozen other fixes, this issue affects every supported branch from 1.0.2 through 3.6 and 4.0. No public exploit identified at time of analysis and the flaw is not listed in CISA KEV, but the broad install base of OpenSSL across servers, clients, and embedded devices makes patching a priority.

OpenSSL Information Disclosure Buffer Overflow Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-49842 HIGH PATCH This Week

Unauthenticated outbound bandwidth amplification in FreeSWITCH versions prior to 1.11.1 allows remote attackers to coerce the server into emitting roughly 20 GB of traffic per short request via the mod_verto WebSocket #SPU speed-test command. The pre-auth code path parses the requested payload size with atoi() and only rejects non-positive values, letting a peer ask for up to INT_MAX bytes and triggering a size*10 download. No public exploit is identified at time of analysis, but the high-severity CVSS (7.5, A:H) and trivial trigger make this a credible DDoS-as-a-service primitive.

Denial Of Service Freeswitch
NVD GitHub
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-42913 HIGH PATCH This Week

Remote code execution in Microsoft Remote Desktop Client is possible when a user connects to an attacker-controlled RDP server, where a heap-based buffer overflow triggered by a race condition (CWE-362) allows arbitrary code execution on the client machine. The flaw carries a CVSS 7.5 (High) rating with high attack complexity and required user interaction, and no public exploit identified at time of analysis. Microsoft has released a patch via MSRC advisory CVE-2026-42913.

Race Condition Buffer Overflow Remote Desktop Client Windows 11 23h2 Windows 11 24h2 +4
NVD VulDB
CVSS 3.1
7.5
EPSS
0.1%
CVE-2026-42764 HIGH PATCH This Week

Denial of service in OpenSSL 3.5.x, 3.6.x, and 4.0.0 stems from a NULL pointer dereference triggered during QUIC server initial packet handling, allowing remote unauthenticated attackers to crash affected servers by sending crafted QUIC traffic. The flaw was disclosed via the OpenSSL 4.0.1 security release on 2026-06-09 alongside multiple other CVEs; no public exploit identified at time of analysis and no CISA KEV listing. Patched versions are available from the upstream project and downstream distributions including Ubuntu (USN-8414-1).

Denial Of Service Null Pointer Dereference OpenSSL Red Hat
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41006 HIGH PATCH This Week

Denial-of-service via improper access control in Spring HATEOAS affects versions 1.5.0-1.5.6, 2.3.0-2.3.4, 2.4.0-2.4.1, 2.5.0-2.5.2, and 3.0.0-3.0.3, where the internal PropertyUtils.createObjectFromProperties method performs reflection-based bean property binding while ignoring Jackson access-control annotations (@JsonIgnore, @JsonProperty access modes). Remote unauthenticated attackers sending crafted Collection+JSON or UBER media type payloads can bind to properties the developer explicitly marked as inbound-restricted, causing high-availability impact. There is no public exploit identified at time of analysis and the issue is not listed in CISA KEV.

Authentication Bypass Java Spring Hateoas
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-49847 HIGH PATCH This Week

Denial of service in FreeSWITCH prior to version 1.11.1 allows remote unauthenticated attackers to crash the entire telephony process by sending a single WebSocket frame carrying a deeply nested JSON document. The recursive parsing exhausts the worker thread's stack and triggers SIGSEGV via the kernel stack guard page, terminating all active calls and sessions on the host. No public exploit identified at time of analysis, and the vulnerability is not listed in CISA KEV, but the trivial network-reachable trigger and availability-only impact make it a credible service-disruption risk for exposed VoIP infrastructure.

Denial Of Service Freeswitch
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-45771 HIGH PATCH This Week

Denial of service in FreeSWITCH versions prior to 1.11.0 allows unauthenticated remote attackers to exhaust CPU and memory by sending a single SIP PUBLISH request whose PIDF body contains a malicious DTD with nested entity declarations. The bundled XML parser expands these entities before any digest authentication check, making this a pre-auth resource exhaustion vector (CWE-776, classic 'billion laughs'). No public exploit identified at time of analysis, but the CVSS 7.5 availability-only impact reflects a high-confidence DoS condition against any exposed FreeSWITCH instance.

Information Disclosure Freeswitch
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41007 HIGH PATCH This Week

Memory exhaustion in Spring HATEOAS versions 1.5.0-1.5.6, 2.3.0-2.3.4, 2.4.0-2.4.1, 2.5.0-2.5.2, and 3.0.0-3.0.3 allows remote unauthenticated attackers to cause denial of service by sending requests with attacker-controlled link relation strings that accumulate indefinitely in an unbounded static cache of StringLinkRelation instances. With a CVSS 7.5 (high availability impact) and no public exploit identified at time of analysis, the issue is straightforward to trigger against any internet-facing Spring HATEOAS endpoint that derives link relations from request data. Not listed in CISA KEV.

Denial Of Service Java Spring Hateoas
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41849 HIGH PATCH This Week

Denial of service in Spring Framework 5.3.0 through 5.3.48 allows remote unauthenticated attackers to exhaust server resources by submitting crafted Spring Expression Language (SpEL) expressions that trigger an integer overflow during evaluation. The CVSS 7.5 score reflects high availability impact with no confidentiality or integrity loss, and no public exploit identified at time of analysis. Applications that evaluate untrusted SpEL input are at greatest risk.

Denial Of Service Java Integer Overflow
NVD HeroDevs
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41842 HIGH PATCH This Week

Denial of service in Spring Framework's Spring MVC and WebFlux static resource resolution allows remote unauthenticated attackers to exhaust application resources, affecting versions 5.3.0-5.3.48, 6.1.0-6.1.27, 6.2.0-6.2.18, and 7.0.0-7.0.7. The CVSS 7.5 score reflects high-impact availability damage over the network with no privileges or user interaction, and at time of analysis no public exploit identified at time of analysis. The flaw was reported by VMware (Spring's maintainer) and is tracked under the official Spring Security advisory.

Denial Of Service Java Spring Framework
NVD HeroDevs VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-40983 HIGH PATCH This Week

Denial-of-service in Micrometer (Spring observability library) versions 1.15.0-1.15.11 and 1.16.0-1.16.5 allows remote unauthenticated attackers to exhaust resources via specially crafted gRPC requests. With CVSS 7.5 (AV:N/AC:L/PR:N/UI:N) reflecting availability-only impact, the issue is reachable over the network without credentials, though no public exploit identified at time of analysis. Applications embedding Micrometer's gRPC instrumentation are most exposed.

Denial Of Service Micrometer
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-52293 HIGH This Week

Denial of service in GPAC MP4Box v2.4 allows remote attackers to crash the application by supplying a crafted HEVC Sequence Parameter Set (SPS), triggering a segmentation violation in the gf_hevc_read_sps_bs_internal function within media_tools/av_parsers.c. No public exploit identified at time of analysis, though the bug is reachable without authentication or user interaction per the CVSS vector. Real-world impact is limited to availability of the parsing process, with no integrity or confidentiality consequences.

Denial Of Service N A
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-55657 HIGH This Week

Denial of service in GPAC MP4Box v2.4 allows remote attackers to crash the application by supplying a malicious MP4 file that triggers a NULL pointer dereference in the VVC (Versatile Video Coding) configuration writer. The flaw resides in gf_odf_vvc_cfg_write_bs within odf/descriptors.c and requires no authentication or user privileges beyond convincing the target to process the crafted file. No public exploit identified at time of analysis, and SSVC indicates exploitation has not been observed despite the issue being automatable.

Denial Of Service Null Pointer Dereference N A
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2025-52292 HIGH This Week

Denial of service in GPAC MP4Box v2.4 allows remote attackers to crash the application by supplying a crafted MP4 file that triggers a stack buffer overflow in the filein_process function. The flaw resides in in_file.c and impacts availability only, with no confirmed code-execution path; no public exploit identified at time of analysis, though POC details may surface via the linked infosec.exchange post.

Denial Of Service Stack Overflow Buffer Overflow N A
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-34713 HIGH This Week

Denial-of-service in Adobe CAI Content Credentials (c2pa-web 0.7.1 and c2pa 0.80.1 and earlier) allows remote unauthenticated attackers to exhaust system resources and crash the application by triggering uncontrolled resource consumption during C2PA content processing. No public exploit identified at time of analysis, and the issue is not listed in CISA KEV, but the CVSS 7.5 score reflects easy network-based exploitation with no user interaction required. Affected deployments are those embedding Adobe's Content Authenticity SDK for verifying or generating C2PA provenance manifests on web-facing services.

Denial Of Service Cai Content Credentials
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-42765 HIGH PATCH This Week

Denial of service in OpenSSL 3.6.0-3.6.2 and 4.0.0 allows remote attackers to crash applications by triggering a NULL pointer dereference during certificate verification when OCSP checking is enabled. The flaw is patched in OpenSSL 4.0.1 (and 3.6.3) per the vendor's 2026-06-09 security advisory; no public exploit identified at time of analysis, and the issue is not listed in CISA KEV.

Denial Of Service Null Pointer Dereference OpenSSL
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-41838 HIGH PATCH This Week

Predictable WebSocket session IDs in Spring Framework's spring-websocket module allow remote attackers to guess or forge session identifiers and, when paired with weak authorization rules, hijack or interact with other users' WebSocket sessions. The flaw affects Spring Framework 5.3.x, 6.1.x, 6.2.x, and 7.0.x prior to patched releases; no public exploit identified at time of analysis and EPSS is very low (0.03%).

Information Disclosure Java Spring Framework
NVD VulDB HeroDevs
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36719 HIGH This Week

An information disclosure vulnerability in the /api/v1/user/info endpoint of AgentChat v2.3.0 allows unauthenticated attackers to obtain sensitive information, including SHA256 password hashes, via enumerating user IDs.

Information Disclosure
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2023-43688 HIGH This Week

An issue was discovered in Malwarebytes 4.x and 5.x (and Nebula 2020-10-21 and later). Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Buffer Overflow Heap Overflow
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-45445 HIGH PATCH This Week

Confidentiality break in OpenSSL's AES-OCB implementation stems from the EVP_Cipher() code path ignoring the caller-supplied initialization vector (IV), causing the cipher to operate with a fixed/default IV instead. Affected branches include 3.0.x prior to 3.0.21, 3.4.x prior to 3.4.6, 3.5.x prior to 3.5.7, 3.6.x prior to 3.6.3, and 4.0.0, fixed in OpenSSL 4.0.1 and corresponding maintenance releases. With no public exploit identified at time of analysis and no CISA KEV listing, the issue is rated High (CVSS 7.5) due to high confidentiality impact via network-reachable cryptographic operations.

OpenSSL Information Disclosure
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-11799 HIGH This Week

Universal cross-site scripting (UXSS) in Mozilla Focus and Klar for iOS allows remote attackers to inject script into the context of arbitrary web origins by abusing WebKit navigation handling in the browser. The flaw, reported by Mozilla and tracked as EUVD-2026-35837, was corrected in Focus for iOS 151.3.1 and Klar for iOS 151.3.1. EPSS is very low (0.02%, 5th percentile) and there is no public exploit identified at time of analysis, but the CVSS of 7.5 reflects the high confidentiality impact achievable with no privileges.

XSS Apple
NVD
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-11644 HIGH PATCH This Week

Use-after-free in the Views component of Google Chrome on Linux prior to 149.0.7827.103 allows remote attackers to execute arbitrary code by tricking a user into installing a crafted malicious extension. Chromium rates the underlying flaw Critical, though the NVD CVSS score of 7.5 reflects the high attack complexity and required user interaction. No public exploit identified at time of analysis.

Google Memory Corruption RCE Use After Free Denial Of Service +2
NVD VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36784 HIGH This Week

Denial of service in the Tenda O3 Wireless Router (firmware v1.0.0.5(4180)) allows unauthenticated remote attackers to crash the device by sending a crafted HTTP request that triggers a stack-based buffer overflow in the ip parameter of the fromNetToolGet function. Publicly available exploit code exists in a GitHub research repository, though EPSS rates exploitation probability at only 0.02% and the issue is not on CISA KEV. Impact is limited to availability (the CVSS A:H, C:N, I:N profile), making this primarily a device-crash bug rather than a code-execution vector based on the reported analysis.

Stack Overflow Tenda Denial Of Service Buffer Overflow N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-34183 HIGH PATCH This Week

Denial of service in OpenSSL QUIC implementation allows remote unauthenticated attackers to exhaust server memory by sending crafted PATH_CHALLENGE frames that trigger unbounded memory growth in the QUIC handler. The flaw affects OpenSSL branches 3.4.x, 3.5.x, 3.6.x, and 4.0.0, and is fixed in the 4.0.1 security release alongside numerous other CVEs. No public exploit identified at time of analysis and EPSS is very low (0.02%), but the network-reachable, no-auth nature of QUIC server endpoints makes the issue operationally relevant for TLS/QUIC-facing services.

Information Disclosure OpenSSL Red Hat Suse
NVD GitHub VulDB
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36810 HIGH This Week

Denial of service in Tenda W15E v15.11.0.10 routers can be triggered by remote unauthenticated attackers sending a crafted HTTP request that overflows the gotoUrl parameter in the formPortalAuth function. The CVSS 7.5 score reflects high availability impact with no confidentiality or integrity loss, and at the time of analysis no public exploit identified at time of analysis though a proof-of-concept research repository is referenced. EPSS is very low (0.02%, 4th percentile), suggesting limited real-world exploitation interest despite the network-reachable attack surface.

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36811 HIGH This Week

Denial of service in Tenda W15E router firmware v15.11.0.10 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request with an oversized picName parameter to the formDelwebAuthPic handler. No public exploit identified at time of analysis, and EPSS rates real-world exploitation probability at just 0.02% (4th percentile), but the affected SOHO/SMB router class is a frequent target once weaponized PoCs emerge.

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36803 HIGH This Week

Denial of service in Tenda PW201A v1.0.5 routers allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that overflows a buffer in the page parameter of the qossetting function. EPSS is very low (0.02%, 4th percentile) and no public exploit identified at time of analysis beyond a research repository, but the CVSS 7.5 (AV:N/AC:L/PR:N/UI:N/A:H) reflects easy network reachability against the router's web management interface. The flaw is not in CISA KEV.

Denial Of Service Buffer Overflow Tenda N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36802 HIGH This Week

Denial of service in Tenda PW201A v1.0.5 routers allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a buffer overflow in the page parameter of the SafeMacFilter function. EPSS scores exploitation probability at just 0.02% (4th percentile), and no public exploit identified at time of analysis, though a research repository on GitHub references the vulnerable function.

Denial Of Service Buffer Overflow Tenda N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36818 HIGH This Week

Remote denial of service in Tenda W20E router firmware v15.11.0.6 allows unauthenticated network attackers to crash the device by sending a crafted HTTP request that triggers a buffer overflow in the wewifiWhiteUserInfo parameter handled by the formAddWewifiWhiteUser function. EPSS scores exploitation probability at only 0.02% (4th percentile) and no public exploit code or active exploitation has been reported, though a research repository documenting the finding exists on GitHub. The vulnerability is not listed in CISA KEV.

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
CVE-2026-36817 HIGH This Week

Denial of service in Tenda W15E router firmware v15.11.0.10 allows remote unauthenticated attackers to crash the device by sending a crafted HTTP request that triggers a buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser handler. EPSS is very low (0.02%, 4th percentile) and no public exploit identified at time of analysis, though a GitHub research repository documents the flaw. The CVSS 7.5 reflects high availability impact with no confidentiality or integrity compromise.

Buffer Overflow Tenda Denial Of Service N A
NVD GitHub
CVSS 3.1
7.5
EPSS
0.0%
Prev Page 6 of 8 Next

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy