CVE-2025-14977
(8.1 HIGH)

EPSS: 0.00%

updated 2026-01-20T05:16:08.293000

1 posts

The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Insecure Direct Object Reference in versions up to, and including, 4.2.4 via the `/wp-json/dokan/v1/settings` REST API endpoint due to missing validation on a user-controlled key. This makes it possible for authenticated attackers, with customer-level permiss

CVE-2026-23950
(8.8 HIGH)

EPSS: 0.00%

updated 2026-01-20T01:15:57.870000

1 posts

node-tar,a Tar for Node.js, has a race condition vulnerability in versions up to and including 7.5.3. This is due to an incomplete handling of Unicode path collisions in the `path-reservations` system. On case-insensitive or normalization-insensitive filesystems (such as macOS APFS, In which it has been tested), the library fails to lock colliding paths (e.g., `ß` and `ss`), allowing them to be pr

CVE-2026-23949
(8.6 HIGH)

EPSS: 0.00%

updated 2026-01-20T01:15:57.723000

1 posts

jaraco.context, an open-source software package that provides some useful decorators and context managers, has a Zip Slip path traversal vulnerability in the `jaraco.context.tarball()` function starting in version 5.2.0 and prior to version 6.1.0. The vulnerability may allow attackers to extract files outside the intended extraction directory when malicious tar archives are processed. The strip_fi

CVE-2026-23876
(8.1 HIGH)

EPSS: 0.00%

updated 2026-01-20T01:15:57.440000

1 posts

ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 7.1.2-13 and 6.9.13-38, a heap buffer overflow vulnerability in the XBM image decoder (ReadXBMImage) allows an attacker to write controlled data past the allocated heap buffer when processing a maliciously crafted image file. Any operation that reads or identifies an image can trigger t

CVE-2026-22797
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-01-19T21:34:13

1 posts

An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The external_oauth2_token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens. By sending forged identity headers such as X-Is-Admin-Project, X-Roles, or X-User-Id, an authenticated attacker may esc

CVE-2026-23837
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-01-19T21:15:50.903000

1 posts

MyTube is a self-hosted downloader and player for several video websites. A vulnerability present in version 1.7.65 and poetntially earlier versions allows unauthenticated users to bypass the mandatory authentication check in the roleBasedAuthMiddleware. By simply not providing an authentication cookie (making req.user undefined), a request is incorrectly passed through to downstream handlers. All

CVE-2026-23846
(8.1 HIGH)

EPSS: 0.00%

updated 2026-01-19T20:15:49.243000

1 posts

Tugtainer is a self-hosted app for automating updates of Docker containers. In versions prior to 1.16.1, the password authentication mechanism transmits passwords via URL query parameters instead of the HTTP request body. This causes passwords to be logged in server access logs and potentially exposed through browser history, Referer headers, and proxy logs. Version 1.16.1 patches the issue.

CVE-2026-23842
(7.5 HIGH)

EPSS: 0.00%

updated 2026-01-19T19:16:04.510000

1 posts

ChatterBot is a machine learning, conversational dialog engine for creating chat bots. ChatterBot versions up to 1.2.10 are vulnerable to a denial-of-service condition caused by improper database session and connection pool management. Concurrent invocations of the get_response() method can exhaust the underlying SQLAlchemy connection pool, resulting in persistent service unavailability and requir

CVE-2026-1162
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-01-19T18:30:39

1 posts

A flaw has been found in UTT HiPER 810 1.7.4-141218. The impacted element is the function strcpy of the file /goform/setSysAdm. This manipulation of the argument passwd1 causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.

CVE-2025-68616
(7.5 HIGH)

EPSS: 0.00%

updated 2026-01-19T16:15:53.573000

1 posts

WeasyPrint helps web developers to create PDF documents. Prior to version 68.0, a server-side request forgery (SSRF) protection bypass exists in WeasyPrint's `default_url_fetcher`. The vulnerability allows attackers to access internal network resources (such as `localhost` services or cloud metadata endpoints) even when a developer has implemented a custom `url_fetcher` to block such access. This

CVE-2026-1157
(8.8 HIGH)

EPSS: 0.00%

updated 2026-01-19T15:30:42

2 posts

A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This affects the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

CVE-2026-1158
(8.8 HIGH)

EPSS: 0.00%

updated 2026-01-19T15:30:42

1 posts

A security flaw has been discovered in Totolink LR350 9.3.5u.6369_B20220309. This vulnerability affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks.

CVE-2026-1181
(9.1 CRITICAL)

EPSS: 0.00%

updated 2026-01-19T15:30:38

1 posts

A stored cross-site scripting (XSS) vulnerability exists in the Altium Forum due to missing server-side input sanitization in forum post content. An authenticated attacker can inject arbitrary JavaScript into forum posts, which is stored and executed when other users view the affected post. Successful exploitation allows the attacker’s payload to execute in the context of the victim’s authenticate

CVE-2026-1156
(8.8 HIGH)

EPSS: 0.00%

updated 2026-01-19T15:30:37

1 posts

A vulnerability was determined in Totolink LR350 9.3.5u.6369_B20220309. Affected by this issue is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

CVE-2026-1155
(8.8 HIGH)

EPSS: 0.00%

updated 2026-01-19T13:16:20.360000

2 posts

A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. Affected by this vulnerability is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.

CVE-2026-1143
(8.8 HIGH)

EPSS: 0.08%

updated 2026-01-19T07:16:22.667000

2 posts

A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822_B20200513. This affects the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument ssid can lead to buffer overflow. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.

CVE-2026-1139
(8.8 HIGH)

EPSS: 0.04%

updated 2026-01-19T06:30:34

2 posts

A vulnerability has been found in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/ConfigExceptMSN. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-1140
(8.8 HIGH)

EPSS: 0.04%

updated 2026-01-19T06:30:34

1 posts

A vulnerability was found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/ConfigExceptAli. The manipulation results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-1137
(8.8 HIGH)

EPSS: 0.04%

updated 2026-01-19T06:30:34

1 posts

A vulnerability was detected in UTT 进取 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formWebAuthGlobalConfig. Performing a manipulation results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-1138
(8.8 HIGH)

EPSS: 0.04%

updated 2026-01-19T06:30:34

1 posts

A flaw has been found in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/ConfigExceptQQ. Executing a manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2026-21223
(5.1 MEDIUM)

EPSS: 0.05%

updated 2026-01-17T00:30:30

1 posts

Microsoft Edge Elevation Service exposes a privileged COM interface that inadequately validates the privileges of the calling process. A standard (non‑administrator) local user can invoke the IElevatorEdge interface method LaunchUpdateCmdElevatedAndWait, causing the service to execute privileged update commands as LocalSystem. This allows a non‑administrator to enable or disable Windows Virtualiza

CVE-2026-20960
(8.0 HIGH)

EPSS: 0.07%

updated 2026-01-16T22:16:25.553000

1 posts

Improper authorization in Microsoft Power Apps allows an authorized attacker to execute code over a network.

CVE-2025-67091
(6.5 MEDIUM)

EPSS: 0.02%

updated 2026-01-16T21:28:39.047000

1 posts

An issue in GL Inet GL.Inet AX1800 Version 4.6.4 & 4.6.8 are vulnerable. GL.Inet AX1800 Version 4.6.4 & 4.6.8 in the GL.iNet custom opkg wrapper script located at /usr/libexec/opkg-call. The script is executed with root privileges when triggered via the LuCI web interface or authenticated API calls to manage packages. The vulnerable code uses shell redirection to create a lock file in the world-wr

CVE-2025-40300
(5.5 MEDIUM)

EPSS: 0.04%

updated 2026-01-16T20:25:45.940000

1 posts

In the Linux kernel, the following vulnerability has been resolved: x86/vmscape: Add conditional IBPB mitigation VMSCAPE is a vulnerability that exploits insufficient branch predictor isolation between a guest and a userspace hypervisor (like QEMU). Existing mitigations already protect kernel/KVM from a malicious guest. Userspace can additionally be protected by flushing the branch predictors af

CVE-2026-21858
(10.0 CRITICAL)

EPSS: 3.72%

updated 2026-01-16T19:31:34.467000

5 posts

n8n is an open source workflow automation platform. Versions starting with 1.65.0 and below 1.121.0 enable an attacker to access files on the underlying server through execution of certain form-based workflows. A vulnerable workflow could grant access to an unauthenticated remote attacker, resulting in exposure of sensitive information stored on the system and may enable further compromise dependi

Nuclei template

4 repos

https://github.com/Ashwesker/Ashwesker-CVE-2026-21858

https://github.com/Chocapikk/CVE-2026-21858

https://github.com/sastraadiwiguna-purpleeliteteaming/SASTRA-ADI-WIGUNA-CVE-2026-21858-Holistic-Audit

https://github.com/cropnet/ni8mare-scanner

CVE-2025-68493
(8.1 HIGH)

EPSS: 0.13%

updated 2026-01-16T19:10:47

1 posts

Missing XML Validation vulnerability in Apache Struts, Apache Struts. This issue affects Apache Struts: from 2.0.0 before 2.2.1; Apache Struts: from 2.2.1 through 6.1.0. Users are recommended to upgrade to version 6.1.1, which fixes the issue.

CVE-2025-68428
(7.5 HIGH)

EPSS: 0.02%

updated 2026-01-16T18:34:24.440000

2 posts

jsPDF is a library to generate PDFs in JavaScript. Prior to version 4.0.0, user control of the first argument of the loadFile method in the node.js build allows local file inclusion/path traversal. If given the possibility to pass unsanitized paths to the loadFile method, a user can retrieve file contents of arbitrary files in the local file system the node process is running in. The file contents

2 repos

https://github.com/Nurjaman2004/jsPDF-Bulk-Detector-CVE-2025-68428-

https://github.com/12nio/CVE-2025-68428_PoC

CVE-2025-70753
(7.5 HIGH)

EPSS: 0.05%

updated 2026-01-16T18:32:29

1 posts

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security_5g parameter of the sub_4CA50 function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-71024
(7.5 HIGH)

EPSS: 0.05%

updated 2026-01-16T18:32:29

1 posts

Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the serviceName2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-71025
(7.5 HIGH)

EPSS: 0.05%

updated 2026-01-16T18:32:29

1 posts

Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the cloneType2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-71027
(7.5 HIGH)

EPSS: 0.05%

updated 2026-01-16T18:24:14.237000

1 posts

Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanMTU2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2025-71026
(7.5 HIGH)

EPSS: 0.05%

updated 2026-01-16T18:23:52.100000

1 posts

Tenda AX-3 v16.03.12.10_CN was discovered to contain a stack overflow in the wanSpeed2 parameter of the fromAdvSetMacMtuWan function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

CVE-2026-0915
(0 None)

EPSS: 0.02%

updated 2026-01-16T18:16:09.487000

2 posts

Calling getnetbyaddr or getnetbyaddr_r with a configured nsswitch.conf that specifies the library's DNS backend for networks and queries for a zero-valued network in the GNU C Library version 2.0 to version 2.42 can leak stack contents to the configured DNS resolver.

CVE-2026-0629
(0 None)

EPSS: 0.04%

updated 2026-01-16T18:16:09.190000

1 posts

Authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state. Attackers can gain full administrative access to the device, compromising configuration and network security.

CVE-2025-60021
(9.8 CRITICAL)

EPSS: 0.39%

updated 2026-01-16T18:16:08.780000

2 posts

Remote command injection vulnerability in heap profiler builtin service in Apache bRPC ((all versions < 1.15.0)) on all platforms allows attacker to inject remote command. Root Cause: The bRPC heap profiler built-in service (/pprof/heap) does not validate the user-provided extra_options parameter and executes it as a command-line argument. Attackers can execute remote commands using the extra_o

1 repos

https://github.com/ninjazan420/CVE-2025-60021-PoC-Apache-bRPC-Heap-Profiler-Command-Injection

CVE-2026-22023
(7.5 HIGH)

EPSS: 0.05%

updated 2026-01-16T16:45:11.670000

1 posts

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, there is an out-of-bounds heap read vulnerability in cryptography_aead_encrypt(). This issue has been patched in version 1.4.3.

CVE-2026-22024
(5.3 MEDIUM)

EPSS: 0.06%

updated 2026-01-16T16:44:36.080000

1 posts

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, the cryptography_encrypt() function allocates multiple buffers for HTTP requests and JSON parsing that are never freed on any code path. Each cal

CVE-2026-22026
(7.5 HIGH)

EPSS: 0.05%

updated 2026-01-16T16:43:52.067000

1 posts

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, the libcurl write_callback function in the KMC crypto service client allows unbounded memory growth by reallocating response buffers without any

CVE-2026-20965
(7.5 HIGH)

EPSS: 0.03%

updated 2026-01-16T16:23:11.237000

4 posts

Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.

CVE-2026-0713
(8.3 HIGH)

EPSS: 0.03%

updated 2026-01-16T15:55:33.063000

1 posts

A security vulnerability in the /apis/dashboard.grafana.app/* endpoints allows authenticated users to bypass dashboard and folder permissions. The vulnerability affects all API versions (v0alpha1, v1alpha1, v2alpha1). Impact: - Viewers can view all dashboards/folders regardless of permissions - Editors can view/edit/delete all dashboards/folders regardless of permissions - Editors can create dashb

CVE-2026-22638
(8.3 HIGH)

EPSS: 0.03%

updated 2026-01-16T15:55:33.063000

1 posts

A cross-site scripting (XSS) vulnerability exists in Grafana caused by combining a client path traversal and open redirect. This allows attackers to redirect users to a website that hosts a frontend plugin that will execute arbitrary JavaScript. This vulnerability does not require editor permissions and if anonymous access is enabled, the XSS will work. If the Grafana Image Renderer plugin is inst

CVE-2026-22920
(3.7 LOW)

EPSS: 0.03%

updated 2026-01-16T15:55:33.063000

1 posts

The device's passwords have not been adequately salted, making them vulnerable to password extraction attacks.

CVE-2026-22637
(6.8 MEDIUM)

EPSS: 0.03%

updated 2026-01-16T15:55:33.063000

1 posts

The built-in XY Chart plugin is vulnerable to a DOM XSS vulnerability. A user with Editor permissions is able to modify such a panel in order to make it execute arbitrary JavaScript.

CVE-2026-22917
(4.3 MEDIUM)

EPSS: 0.06%

updated 2026-01-16T15:55:33.063000

1 posts

Improper input handling in a system endpoint may allow attackers to overload resources, causing a denial of service.

CVE-2026-0712
(7.6 HIGH)

EPSS: 0.04%

updated 2026-01-16T15:55:33.063000

1 posts

An open redirect vulnerability has been identified in Grafana OSS that can be exploited to achieve XSS attacks. The vulnerability was introduced in Grafana v11.5.0. The open redirect can be chained with path traversal vulnerabilities to achieve XSS. Fixed in versions 12.0.2+security-01, 11.6.3+security-01, 11.5.6+security-01, 11.4.6+security-01 and 11.3.8+security-01

CVE-2026-22646
(4.3 MEDIUM)

EPSS: 0.03%

updated 2026-01-16T15:55:33.063000

1 posts

Certain error messages returned by the application expose internal system details that should not be visible to end users, providing attackers with valuable reconnaissance information (like file paths, database errors, or software versions) that can be used to map the application's internal structure and discover other, more critical vulnerabilities.

CVE-2026-22911
(5.3 MEDIUM)

EPSS: 0.05%

updated 2026-01-16T15:55:33.063000

1 posts

Firmware update files may expose password hashes for system accounts, which could allow a remote attacker to recover credentials and gain unauthorized access to the device.

CVE-2026-22645
(5.3 MEDIUM)

EPSS: 0.03%

updated 2026-01-16T15:55:33.063000

1 posts

The application discloses all used components, versions and license information to unauthenticated actors, giving attackers the opportunity to target known security vulnerabilities of used components.

CVE-2026-22857
(0 None)

EPSS: 0.04%

updated 2026-01-16T15:55:33.063000

1 posts

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irp_thread_func because the IRP is freed by irp->Complete() and then accessed again on the error path. This vulnerability is fixed in 3.20.1.

CVE-2026-22859
(0 None)

EPSS: 0.04%

updated 2026-01-16T15:55:33.063000

1 posts

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an out‑of‑bounds read. This vulnerability is fixed in 3.20.1.

CVE-2026-22852
(0 None)

EPSS: 0.04%

updated 2026-01-16T15:55:33.063000

1 posts

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input (AUDIN) format lists. audin_process_formats reuses callback->formats_count across multiple MSG_SNDIN_FORMATS PDUs and writes past the newly allocated formats array, causing memory corruption and a crash.

CVE-2025-68707
(8.8 HIGH)

EPSS: 0.04%

updated 2026-01-16T15:15:53.603000

1 posts

An authentication bypass vulnerability in the Tongyu AX1800 Wi-Fi 6 Router with firmware 1.0.0 allows unauthenticated network-adjacent attackers to perform arbitrary configuration changes without providing credentials, as long as a valid admin session is active. This can result in full compromise of the device (i.e., via unauthenticated access to /boaform/formSaveConfig and /boaform/admin endpoint

CVE-2025-66169(CVSS UNKNOWN)

EPSS: 0.11%

updated 2026-01-15T22:33:19

1 posts

Cypher Injection vulnerability in Apache Camel camel-neo4j component. This issue affects Apache Camel: from 4.10.0 before 4.10.8, from 4.14.0 before 4.14.3, from 4.15.0 before 4.17.0 Users are recommended to upgrade to version 4.10.8 for 4.10.x LTS and 4.14.3 for 4.14.x LTS and 4.17.0.

CVE-2026-21898
(8.2 HIGH)

EPSS: 0.06%

updated 2026-01-15T21:48:49.657000

1 posts

CryptoLib provides a software-only solution using the CCSDS Space Data Link Security Protocol - Extended Procedures (SDLS-EP) to secure communications between a spacecraft running the core Flight System (cFS) and a ground station. Prior to version 1.4.3, the Crypto_AOS_ProcessSecurity function reads memory without valid bounds checking when parsing AOS frame hashes. This issue has been patched in

CVE-2025-69260
(7.5 HIGH)

EPSS: 0.26%

updated 2026-01-15T21:32:45

1 posts

A message out-of-bounds read vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability.

CVE-2026-23746(CVSS UNKNOWN)

EPSS: 0.56%

updated 2026-01-15T21:31:54

1 posts

Entrust Instant Financial Issuance (IFI) On Premise software (formerly referred to as CardWizard) versions 5.x, prior to 6.10.5, and prior to 6.11.1 contain an insecure .NET Remoting exposure in the SmartCardController service (DCG.SmartCardControllerService.exe). The service registers a TCP remoting channel with unsafe formatter/settings that permit untrusted remoting object invocation. A remote,

CVE-2026-0227(CVSS UNKNOWN)

EPSS: 0.07%

updated 2026-01-15T21:31:54

7 posts

A vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to cause a denial of service (DoS) to the firewall. Repeated attempts to trigger this issue results in the firewall entering into maintenance mode.

1 repos

https://github.com/CkAbhijit/CVE-2026-0227-Advanced-Scanner

CVE-2025-36911
(7.1 HIGH)

EPSS: 0.00%

updated 2026-01-15T21:31:47

1 posts

In key-based pairing, there is a possible ID due to a logic error in the code. This could lead to remote (proximal/adjacent) information disclosure of user's conversations and location with no additional execution privileges needed. User interaction is not needed for exploitation.

6 repos

https://github.com/PivotChip/FrostedFastPair

https://github.com/Cedric-Martz/CVE-2025-36911_scan

https://github.com/SteamPunk424/CVE-2025-36911-Wisper_Pair_Target_Finder-

https://github.com/zalexdev/wpair-app

https://github.com/SpectrixDev/DIY_WhisperPair

https://github.com/ap425q/whisper-pair

CVE-2026-21441
(7.5 HIGH)

EPSS: 0.02%

updated 2026-01-15T19:21:06.850000

1 posts

urllib3 is an HTTP client library for Python. urllib3's streaming API is designed for the efficient handling of large HTTP responses by reading the content in chunks, rather than loading the entire response body into memory at once. urllib3 can perform decoding or decompression based on the HTTP `Content-Encoding` header (e.g., `gzip`, `deflate`, `br`, or `zstd`). When using the streaming API, the

CVE-2025-69259
(7.5 HIGH)

EPSS: 0.30%

updated 2026-01-15T19:14:24.493000

1 posts

A message unchecked NULL return value vulnerability in Trend Micro Apex Central could allow a remote attacker to create a denial-of-service condition on affected installations. Please note: authentication is not required in order to exploit this vulnerability..

CVE-2025-9014(CVSS UNKNOWN)

EPSS: 0.09%

updated 2026-01-15T18:31:42

1 posts

A Null Pointer Dereference vulnerability exists in the referer header check of the web portal of TP-Link TL-WR841N v14, caused by improper input validation.  A remote, unauthenticated attacker can exploit this flaw and cause Denial of Service on the web portal service.This issue affects TL-WR841N v14: before 250908.

CVE-2026-22644
(5.3 MEDIUM)

EPSS: 0.06%

updated 2026-01-15T15:31:35

1 posts

Certain requests pass the authentication token in the URL as string query parameter, making it vulnerable to theft through server logs, proxy logs and Referer headers, which could allow an attacker to hijack the user's session and gain unauthorized access.

CVE-2026-22643
(8.3 HIGH)

EPSS: 0.07%

updated 2026-01-15T15:31:35

1 posts

In Grafana, an excessively long dashboard title or panel name will cause Chromium browsers to become unresponsive due to Improper Input Validation vulnerability in Grafana. This issue affects Grafana: before 11.6.2 and is fixed in 11.6.2 and higher.

CVE-2026-22910
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-15T15:31:30

1 posts

The device is deployed with weak and publicly known default passwords for certain hidden user levels, increasing the risk of unauthorized access. This represents a high risk to the integrity of the system.

CVE-2026-22907
(10.0 CRITICAL)

EPSS: 0.06%

updated 2026-01-15T15:31:30

1 posts

An attacker may gain unauthorized access to the host filesystem, potentially allowing them to read and modify system data.

CVE-2026-22641
(5.0 MEDIUM)

EPSS: 0.02%

updated 2026-01-15T15:31:27

1 posts

This vulnerability in Grafana's datasource proxy API allows authorization checks to be bypassed by adding an extra slash character in the URL path. Users with minimal permissions could gain unauthorized read access to GET endpoints in Alertmanager and Prometheus datasources. The issue primarily affects datasources that implement route-specific permissions, including Alertmanager and certain Promet

CVE-2026-22642
(4.2 MEDIUM)

EPSS: 0.03%

updated 2026-01-15T15:31:27

1 posts

An open redirect vulnerability has been identified in Grafana OSS organization switching functionality. Prerequisites for exploitation: - Multiple organizations must exist in the Grafana instance - Victim must be on a different organization than the one specified in the URL

CVE-2026-22639
(4.3 MEDIUM)

EPSS: 0.03%

updated 2026-01-15T15:31:27

1 posts

Grafana is an open-source platform for monitoring and observability. The Grafana Alerting DingDing integration was not properly protected and could be exposed to users with Viewer permission. Fixed in versions 10.4.19+security-01, 11.2.10+security-01, 11.3.7+security-01, 11.4.5+security-01, 11.5.5+security-01, 11.6.2+security-01 and 12.0.1+security-01

CVE-2026-22908
(9.1 CRITICAL)

EPSS: 0.15%

updated 2026-01-15T15:31:27

1 posts

Uploading unvalidated container images may allow remote attackers to gain full access to the system, potentially compromising its integrity and confidentiality.

CVE-2026-22640
(5.5 MEDIUM)

EPSS: 0.05%

updated 2026-01-15T15:31:27

1 posts

An access control vulnerability was discovered in Grafana OSS where an Organization administrator could permanently delete the Server administrator account. This vulnerability exists in the DELETE /api/org/users/ endpoint. The vulnerability can be exploited when: 1. An Organization administrator exists 2. The Server administrator is either: - Not part of any organization, or - Part of the same org

CVE-2026-22919
(3.8 LOW)

EPSS: 0.03%

updated 2026-01-15T15:31:26

1 posts

An attacker with administrative access may inject malicious content into the login page, potentially enabling cross-site scripting (XSS) attacks, leading to the extraction of sensitive data.

CVE-2026-22916
(4.3 MEDIUM)

EPSS: 0.04%

updated 2026-01-15T15:31:19

1 posts

An attacker with low privileges may be able to trigger critical system functions such as reboot or factory reset without proper restrictions, potentially leading to service disruption or loss of configuration.