FediSecfeeds

CVE	CVSS	EPSS	Posts	Repos	Updated	Description
CVE-2026-3678	8.8	0.05%	1	0	2026-03-09T16:16:21.987000	A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function
CVE-2026-3588	7.5	0.00%	2	0	2026-03-09T16:16:21.343000	A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 all
CVE-2026-25866	7.8	0.00%	2	0	2026-03-09T16:16:18.970000	MobaXterm versions prior to 26.1 contain an uncontrolled search path element vul
CVE-2025-69219	8.8	0.01%	2	0	2026-03-09T16:16:15.143000	A user with access to the DB could craft a database entry that would result in e
CVE-2026-30834	7.5	0.03%	1	0	2026-03-09T15:50:20	# SSRF with Full Response Exfiltration via Download Handler ### Summary A Serve
CVE-2026-29186	7.7	0.07%	1	0	2026-03-09T15:46:45	### Impact This is a configuration bypass vulnerability that enables arbitrary c
CVE-2026-29192	7.7	0.03%	1	0	2026-03-09T15:46:35	### Summary A vulnerability in Zitadel's login V2 interface was discovered, all
CVE-2026-29193	8.2	0.03%	1	0	2026-03-09T15:46:20	### Summary A vulnerability in Zitadel's login V2 UI allowed users to bypass lo
CVE-2026-3809	8.8	0.05%	2	0	2026-03-09T15:30:24.130000	A flaw has been found in Tenda FH1202 1.2.0.14(408). The impacted element is the
CVE-2026-28466	9.9	0.09%	1	0	2026-03-09T15:30:16.490000	OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in w
CVE-2026-3727	8.8	0.02%	1	0	2026-03-09T15:24:42.697000	A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the
CVE-2026-3729	8.8	0.05%	1	0	2026-03-09T15:24:21.043000	A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the funct
CVE-2026-3768	8.8	0.05%	4	0	2026-03-09T15:17:08.960000	A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by th
CVE-2026-2219	7.5	0.01%	2	0	2026-03-09T15:15:57.870000	It was discovered that dpkg-deb (a component of dpkg, the Debian package managem
CVE-2025-14769	7.5	0.01%	2	0	2026-03-09T14:16:05.250000	In some cases, the `tcp-setmss` handler may free the packet data and throw an er
CVE-2025-29165	9.8	0.04%	1	0	2026-03-09T13:36:08.413000	An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privil
CVE-2026-28342	7.5	0.06%	1	0	2026-03-09T13:36:08.413000	OliveTin gives access to predefined shell commands from a web interface. Prior t
CVE-2025-70995	8.8	0.36%	1	1	2026-03-09T13:36:08.413000	An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated
CVE-2025-70949	7.5	0.03%	1	0	2026-03-09T13:36:08.413000	An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows attackers
CVE-2025-55208	9.0	0.05%	1	0	2026-03-09T13:36:08.413000	Chamilo is a learning management system. Versions prior to 1.11.34 have a Stored
CVE-2026-28451	8.3	0.04%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnera
CVE-2026-28392	7.5	0.03%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions prior to 2026.2.14 contain a privilege escalation vulnerabilit
CVE-2026-28447	8.1	0.03%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vu
CVE-2026-28453	7.5	0.04%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions prior to 2026.2.14 fail to validate TAR archive entry paths du
CVE-2026-28456	7.2	0.06%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a vulnerability in the Gat
CVE-2026-28469	7.5	0.03%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in
CVE-2026-28472	8.1	0.04%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSo
CVE-2026-28478	7.5	0.08%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions prior to 2026.2.13 contain a denial of service vulnerability i
CVE-2026-29613	5.9	0.02%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions prior to 2026.2.12 contain a vulnerability in the BlueBubbles
CVE-2026-29609	7.5	0.10%	1	0	2026-03-09T13:36:08.413000	OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability i
CVE-2025-59541	8.1	0.01%	2	0	2026-03-09T13:36:08.413000	Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site
CVE-2026-28727	7.8	0.01%	1	0	2026-03-09T13:36:08.413000	Local privilege escalation due to insecure Unix socket permissions. The followin
CVE-2026-28514	0	0.11%	3	0	2026-03-09T13:35:34.633000	Rocket.Chat is an open-source, secure, fully customizable communications platfor
CVE-2026-30227	0	1.01%	2	0	2026-03-09T13:35:34.633000	MimeKit is a C# library which may be used for the creation and parsing of messag
CVE-2026-29067	8.1	0.01%	1	0	2026-03-09T13:35:34.633000	ZITADEL is an open source identity management platform. From version 4.0.0-rc.1
CVE-2026-29191	9.3	0.03%	1	0	2026-03-09T13:35:34.633000	ZITADEL is an open source identity management platform. From version 4.0.0 to 4.
CVE-2026-2446	9.8	0.07%	1	0	2026-03-09T13:35:34.633000	The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authoriz
CVE-2026-3589	7.5	0.03%	2	0	2026-03-09T13:35:34.633000	The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly
CVE-2026-24308	0	0.01%	1	0	2026-03-09T13:35:34.633000	Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5
CVE-2026-26018	7.5	0.04%	1	0	2026-03-09T13:35:34.633000	CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial o
CVE-2026-29075	8.3	0.07%	1	0	2026-03-09T13:35:34.633000	Mesa is an open-source Python library for agent-based modeling, simulating compl
CVE-2025-14353	7.5	0.07%	2	0	2026-03-09T13:35:34.633000	The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL
CVE-2026-29091	8.1	0.25%	1	0	2026-03-09T13:35:34.633000	Locutus brings stdlibs of other programming languages to JavaScript for educatio
CVE-2026-29789	9.9	0.05%	2	0	2026-03-09T13:35:34.633000	Vito is a self-hosted web application that helps manage servers and deploy PHP a
CVE-2026-30242	8.5	0.03%	1	0	2026-03-09T13:35:34.633000	Plane is an an open-source project management tool. Prior to version 1.2.3, the
CVE-2026-30823	8.8	0.02%	1	0	2026-03-09T13:35:34.633000	Flowise is a drag & drop user interface to build a customized large language mod
CVE-2026-3823	8.8	0.14%	6	0	2026-03-09T13:35:07.393000	EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Ov
CVE-2026-29784	7.5	0.02%	2	0	2026-03-09T13:35:07.393000	Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, in
CVE-2025-41758	8.8	0.18%	2	0	2026-03-09T13:35:07.393000	A low-privileged remote attacker can exploit an arbitrary file write vulnerabili
CVE-2025-41764	9.1	0.10%	4	0	2026-03-09T13:35:07.393000	Due to insufficient authorization enforcement, an unauthorized remote attacker c
CVE-2025-41761	7.8	0.02%	4	0	2026-03-09T13:35:07.393000	A low‑privileged local attacker who gains access to the UBR service account (e.g
CVE-2025-41756	8.1	0.10%	2	0	2026-03-09T13:35:07.393000	A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.c
CVE-2025-61612	7.5	0.21%	2	0	2026-03-09T13:35:07.393000	In nr modem, there is a possible system crash due to improper input validation.
CVE-2025-61611	7.5	0.21%	2	0	2026-03-09T13:35:07.393000	In modem, there is a possible improper input validation. This could lead to remo
CVE-2025-69279	7.5	0.21%	2	0	2026-03-09T13:35:07.393000	In nr modem, there is a possible system crash due to improper input validation.
CVE-2025-61615	7.5	0.21%	2	0	2026-03-09T13:35:07.393000	In nr modem, there is a possible system crash due to improper input validation.
CVE-2025-61614	7.5	0.21%	2	0	2026-03-09T13:35:07.393000	In nr modem, there is a possible system crash due to improper input validation.
CVE-2026-30896	7.8	0.01%	2	0	2026-03-09T13:35:07.393000	The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic L
CVE-2026-3630	9.8	0.04%	4	0	2026-03-09T13:35:07.393000	Delta Electronics COMMGR2 has Stack-based Buffer Overflow vulnerability.
CVE-2026-3787	7.0	0.01%	2	0	2026-03-09T13:35:07.393000	A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an u
CVE-2026-30832	9.1	0.04%	2	0	2026-03-09T13:35:07.393000	Soft Serve is a self-hostable Git server for the command line. From version 0.6.
CVE-2026-30851	8.1	0.01%	1	0	2026-03-09T13:35:07.393000	Caddy is an extensible server platform that uses TLS by default. From version 2.
CVE-2026-30860	9.9	0.08%	2	0	2026-03-09T13:35:07.393000	WeKnora is an LLM-powered framework designed for deep document understanding and
CVE-2026-3699	8.8	0.04%	1	0	2026-03-09T13:35:07.393000	A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This i
CVE-2026-30863	0	0.07%	1	1	2026-03-09T13:35:07.393000	Parse Server is an open source backend that can be deployed to any infrastructur
CVE-2026-30855	9.8	0.08%	1	0	2026-03-09T13:21:39	### Summary An authorization bypass in tenant management endpoints of WeKnora ap
CVE-2026-30827	7.5	0.01%	1	0	2026-03-09T13:15:36	## Summary The default `keyGenerator` in express-rate-limit applies IPv6 subnet
CVE-2026-30822	7.7	0.04%	2	0	2026-03-09T13:15:31	## Summary **A Mass Assignment vulnerability in the `/api/v1/leads` endpoint al
CVE-2026-30861	10.0	0.21%	3	0	2026-03-09T13:14:29	### Summary A critical unauthenticated remote code execution (RCE) vulnerabilit
CVE-2026-30244	7.5	0.02%	1	0	2026-03-09T13:12:18	## Executive Summary A security vulnerability exists in the Plane project manag
CVE-2026-3814	8.8	0.04%	4	0	2026-03-09T12:31:50	A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected
CVE-2026-3815	8.8	0.04%	4	0	2026-03-09T12:31:49	A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects
CVE-2025-41765	9.1	0.06%	2	0	2026-03-09T09:30:37	Due to insufficient authorization enforcement, an unauthorized remote attacker c
CVE-2025-41772	7.5	0.03%	2	0	2026-03-09T09:30:37	An unauthenticated remote attacker can obtain valid session tokens because they
CVE-2025-41766	8.8	0.39%	2	0	2026-03-09T09:30:37	A low-privileged remote attacker can trigger a stack-based buffer overflow via a
CVE-2025-69278	7.5	0.21%	2	0	2026-03-09T09:30:37	In nr modem, there is a possible system crash due to improper input validation.
CVE-2026-3811	8.8	0.05%	4	0	2026-03-09T09:30:37	A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the functi
CVE-2025-41757	8.8	0.22%	2	0	2026-03-09T09:30:36	A low-privileged remote attacker can abuse the backup restore functionality of U
CVE-2025-61616	7.5	0.21%	2	0	2026-03-09T09:30:36	In nr modem, there is a possible system crash due to improper input validation.
CVE-2025-61613	7.5	0.21%	2	0	2026-03-09T09:30:36	In nr modem, there is a possible system crash due to improper input validation.
CVE-2026-3810	8.8	0.05%	2	0	2026-03-09T09:30:36	A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the f
CVE-2026-3808	8.8	0.05%	2	0	2026-03-09T09:30:30	A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element
CVE-2026-3807	8.8	0.09%	2	0	2026-03-09T09:30:30	A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impact
CVE-2026-3803	8.8	0.05%	2	0	2026-03-09T06:31:20	A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the funct
CVE-2026-3802	8.8	0.05%	2	0	2026-03-09T06:31:20	A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue
CVE-2026-3804	8.8	0.05%	4	0	2026-03-09T06:31:19	A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerabilit
CVE-2026-3631	7.5	0.04%	2	0	2026-03-09T06:31:19	Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability.
CVE-2026-3799	8.8	0.05%	2	0	2026-03-09T06:31:19	A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formS
CVE-2026-3801	8.8	0.09%	2	0	2026-03-09T06:31:19	A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerabil
CVE-2026-3769	8.8	0.05%	4	0	2026-03-08T21:30:22	A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is th
CVE-2026-3732	8.8	0.05%	2	0	2026-03-08T12:30:35	A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects t
CVE-2026-3728	8.8	0.05%	1	0	2026-03-08T12:30:34	A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects th
CVE-2026-3726	8.8	0.05%	2	0	2026-03-08T09:30:27	A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function
CVE-2026-3715	8.8	0.04%	2	0	2026-03-08T09:30:21	A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the funct
CVE-2026-3701	8.8	0.04%	1	0	2026-03-08T06:31:15	A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affect
CVE-2026-3703	9.8	0.07%	2	0	2026-03-08T06:31:15	A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_4
CVE-2026-3698	8.8	0.04%	1	0	2026-03-08T03:30:34	A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affect
CVE-2026-3700	8.8	0.04%	1	0	2026-03-08T03:30:34	A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is
CVE-2026-3677	8.8	0.05%	1	0	2026-03-08T00:31:58	A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function from
CVE-2026-3679	8.8	0.05%	1	0	2026-03-08T00:31:58	A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerab
CVE-2025-14675	7.2	0.68%	2	0	2026-03-07T09:30:21	The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due t
CVE-2026-1074	7.2	0.06%	1	0	2026-03-07T09:30:20	The WP App Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting
CVE-2025-8899	8.8	0.04%	1	0	2026-03-07T06:31:23	The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is
CVE-2026-25070	None	1.03%	3	0	2026-03-07T03:30:29	XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain
CVE-2026-2020	7.5	0.09%	1	0	2026-03-07T03:30:27	The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection i
CVE-2025-15602	8.8	0.02%	1	0	2026-03-07T02:33:41	Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to ac
CVE-2025-70948	9.3	0.03%	1	0	2026-03-06T23:00:44	A host header injection vulnerability in the mailer component of @perfood/couch-
CVE-2026-30223	8.8	0.02%	1	0	2026-03-06T22:52:11	### Summary When JWT authentication is configured using either: - `authJwtPubK
CVE-2026-29087	7.5	0.03%	1	0	2026-03-06T22:43:59	## Summary When using @hono/node-server's static file serving together with rou
CVE-2026-26017	7.7	0.04%	1	0	2026-03-06T22:43:40	A logical vulnerability in CoreDNS allows DNS access controls to be bypassed due
CVE-2026-29064	8.2	0.01%	1	0	2026-03-06T22:10:52	### Summary A path traversal vulnerability in archive extraction allows a speci
CVE-2026-29058	9.8	0.10%	2	0	2026-03-06T21:56:51	## Impact An unauthenticated attacker can execute arbitrary OS commands on the
CVE-2026-24105	9.8	1.69%	2	0	2026-03-06T21:05:36.243000	An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.1
CVE-2026-20882	7.5	0.06%	1	0	2026-03-06T18:31:19	The WebSocket Application Programming Interface lacks restrictions on the number
CVE-2026-26288	9.4	0.07%	2	0	2026-03-06T18:31:19	WebSocket endpoints lack proper authentication mechanisms, enabling attackers to
CVE-2026-24696	7.5	0.05%	1	0	2026-03-06T18:31:19	The WebSocket Application Programming Interface lacks restrictions on the number
CVE-2025-70230	9.8	0.06%	1	0	2026-03-06T17:37:58.670000	Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2026-29000	10.0	0.24%	1	1	2026-03-06T15:41:57	pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication by
CVE-2018-25181	7.5	0.57%	2	0	2026-03-06T15:31:36	Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticate
CVE-2026-26051	9.4	0.10%	2	0	2026-03-06T15:31:36	WebSocket endpoints lack proper authentication mechanisms, enabling attackers to
CVE-2026-2754	7.5	0.04%	1	0	2026-03-06T15:31:36	Navtor NavBox exposes sensitive configuration and operational data due to missin
CVE-2026-2753	7.5	0.07%	1	0	2026-03-06T15:31:36	An Absolute Path Traversal vulnerability exists in Navtor NavBox. The applicatio
CVE-2018-25166	8.2	0.06%	1	0	2026-03-06T15:31:35	Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows un
CVE-2025-70614	8.1	0.03%	1	0	2026-03-06T12:31:37	OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken
CVE-2025-13476	9.8	0.05%	1	0	2026-03-06T12:31:36	Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 u
CVE-2025-70231	9.8	0.08%	1	0	2026-03-06T12:31:36	D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When proces
CVE-2025-70229	9.8	0.06%	1	0	2026-03-06T12:31:36	Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2025-70616	7.8	0.01%	1	0	2026-03-06T12:31:36	A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys
CVE-2026-26418	7.5	0.06%	1	1	2026-03-06T12:31:36	Missing authentication and authorization in the web API of Tata Consultancy Serv
CVE-2025-70233	9.8	0.06%	1	0	2026-03-06T12:30:31	Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2025-70232	9.8	0.06%	1	0	2026-03-06T12:30:31	Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2026-26417	8.1	0.03%	1	1	2026-03-06T10:16:22.163000	A broken access control vulnerability in the password reset functionality of Tat
CVE-2026-26416	8.8	0.03%	1	1	2026-03-06T10:16:21.983000	An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon
CVE-2025-45691	7.5	0.05%	1	0	2026-03-06T10:16:20.417000	An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in
CVE-2026-2330	9.4	0.21%	1	0	2026-03-06T09:31:41	An attacker may access restricted filesystem areas on the device via the CROWN R
CVE-2026-2331	9.8	0.17%	2	0	2026-03-06T09:31:41	An attacker may perform unauthenticated read and write operations on sensitive f
CVE-2026-28464	5.9	0.09%	1	0	2026-03-06T01:05:25	## Summary OpenClaw hooks previously compared the provided hook token using a r
CVE-2026-28479	5.4	0.02%	1	0	2026-03-06T01:05:00	## Affected Packages / Versions - npm package: `openclaw` - Affected versions: `
CVE-2026-28462	7.5	0.04%	1	0	2026-03-06T01:04:45	## Summary OpenClaw’s browser control API accepted user-supplied output paths
CVE-2026-29610	8.8	0.07%	1	0	2026-03-06T01:04:20	# Command hijacking via PATH handling Discovered: 2026-02-04 Reporter:
CVE-2026-28476	6.5	0.06%	1	0	2026-03-06T01:04:05	## Summary The optional Tlon (Urbit) extension previously accepted a user-provid
CVE-2026-28463	5.7	0.02%	1	0	2026-03-06T01:02:55	## Summary OpenClaw's exec-approvals allowlist supports a small set of "safe bi
CVE-2026-28470	9.8	0.07%	1	0	2026-03-06T01:02:34	### Summary Exec approvals allowlist bypass via command substitution/backticks
CVE-2026-28458	7.5	0.05%	1	0	2026-03-06T01:02:29	### Summary In affected versions, the Browser Relay `/cdp` WebSocket endpoint di
CVE-2026-28473	7.2	0.03%	1	0	2026-03-06T01:02:20	## Summary ### What this means (plain language) If you give a client “chat/wri
CVE-2026-28465	5.9	0.02%	1	0	2026-03-06T01:01:24	## Affected Packages / Versions This issue affects the optional voice-call plug
CVE-2026-28393	6.0	0.01%	1	0	2026-03-06T01:00:09	## Summary OpenClaw hook mapping transforms could be loaded via absolute paths
CVE-2026-28454	9.8	0.02%	2	0	2026-03-06T00:58:49	## Summary When Telegram webhook mode is enabled without a configured webhook s
CVE-2026-21536	9.8	0.40%	1	0	2026-03-06T00:31:41	Microsoft Devices Pricing Program Remote Code Execution Vulnerability
CVE-2026-26125	8.6	0.08%	1	0	2026-03-06T00:31:41	Payment Orchestrator Service Elevation of Privilege Vulnerability
CVE-2026-27778	7.5	0.06%	1	0	2026-03-06T00:31:41	The WebSocket Application Programming Interface lacks restrictions on the number
CVE-2026-22552	9.4	0.10%	1	0	2026-03-06T00:31:41	WebSocket endpoints lack proper authentication mechanisms, enabling attackers to
CVE-2026-29188	9.1	0.06%	1	0	2026-03-05T22:50:22	### Summary A broken access control vulnerability in the TUS protocol DELETE en
CVE-2026-28790	7.5	0.06%	1	0	2026-03-05T22:49:38	### Summary OliveTin allows an unauthenticated guest to terminate running actio
CVE-2026-28789	7.5	0.09%	1	0	2026-03-05T22:49:36	### Summary An unauthenticated denial-of-service vulnerability exists in OliveTi
CVE-2026-25921	9.3	0.02%	1	0	2026-03-05T22:28:33	### Summary Overwritable LFS object across different repos leads to supply-chain
CVE-2026-29611	7.5	0.03%	1	0	2026-03-05T22:00:37	### Summary The BlueBubbles extension accepted attacker-controlled local filesys
CVE-2026-28474	None	0.04%	1	0	2026-03-05T21:52:02	## Summary In affected versions of the optional Nextcloud Talk plugin (installe
CVE-2026-28468	7.1	0.02%	2	0	2026-03-05T21:50:00	## Summary openclaw could start the sandbox browser bridge server without authe
CVE-2026-28446	9.4	0.26%	1	0	2026-03-05T21:43:07	### Summary An authentication bypass in the optional `voice-call` extension/plu
CVE-2026-28391	None	0.05%	1	0	2026-03-05T21:40:43	### Summary On Windows nodes, exec requests were executed via `cmd.exe /d /s /c
CVE-2026-0848	10.0	0.41%	1	0	2026-03-05T21:31:00	NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper
CVE-2026-27944	9.8	0.05%	7	0	2026-03-05T19:38:33.877000	Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.
CVE-2026-24457	9.1	0.19%	1	0	2026-03-05T19:38:33.877000	An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read ar
CVE-2026-26478	9.8	0.86%	2	0	2026-03-05T18:13:33.993000	A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012
CVE-2026-2256	6.5	2.31%	2	1	2026-03-04T21:14:09	A Command Injection vulnerability in ModelScope's MS-Agent versions v1.6.0rc1 an
CVE-2026-1492	9.8	0.10%	1	1	2026-03-03T21:52:29.877000	The User Registration & Membership – Custom Registration Form Builder, Custom Lo
CVE-2026-24107	9.8	1.13%	2	0	2026-03-03T15:55:11.547000	An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the
CVE-2026-24101	9.8	1.13%	2	0	2026-03-02T18:31:44	An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_mul
CVE-2026-20127	10.0	2.60%	2	6	2026-02-25T18:31:45	A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controlle
CVE-2026-0651	7.8	0.08%	1	1	2026-02-13T20:45:32.090000	On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of
CVE-2026-25253	8.8	0.05%	2	7	2026-02-13T17:41:02.987000	OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value f
CVE-2025-38617	4.7	0.00%	1	0	2026-01-07T16:57:56.077000	In the Linux kernel, the following vulnerability has been resolved: net/packet:
CVE-2023-38545	9.8	26.25%	1	9	2025-02-13T18:33:03	This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.
CVE-2021-22901	8.1	0.34%	2	0	2024-03-27T15:30:34	curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting
CVE-2024-47886	0	0.89%	2	0		N/A
CVE-2026-28289	0	0.03%	1	1		N/A
CVE-2026-29779	0	0.03%	1	0		N/A
CVE-2026-28678	0	0.03%	1	0		N/A
CVE-2026-28284	0	0.03%	1	0		N/A
CVE-2026-28210	0	0.05%	1	0		N/A
CVE-2026-28287	0	0.11%	1	0		N/A
CVE-2026-28405	0	0.04%	1	0		N/A
CVE-2026-28442	0	0.04%	1	0		N/A
CVE-2026-29089	0	0.01%	1	0		N/A
CVE-2026-30840	0	0.04%	1	0		N/A
CVE-2025-14297	0	0.00%	1	0		N/A
CVE-2026-28485	0	0.06%	1	0		N/A
CVE-2026-28484	0	0.00%	1	0		N/A
CVE-2025-59543	0	0.04%	2	0		N/A

CVE-2026-3678
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T16:16:21.987000

1 posts

A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

thehackerwire@mastodon.social at 2026-03-08T09:01:20.000Z ##

🟠 CVE-2026-3678 - High (8.8)

A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buffer overflow. It is possible to initiate the att...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3678/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3588
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-09T16:16:21.343000

2 posts

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request.

thehackerwire@mastodon.social at 2026-03-09T16:38:10.000Z ##

🟠 CVE-2026-3588 - High (7.5)

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3588/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T16:38:10.000Z ##

🟠 CVE-2026-3588 - High (7.5)

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3588/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25866
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-09T16:16:18.970000

2 posts

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable earlier in the search order, resulting in arbitrary code execution in the context of the affected user.

thehackerwire@mastodon.social at 2026-03-09T16:38:20.000Z ##

🟠 CVE-2026-25866 - High (7.8)

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25866/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T16:38:20.000Z ##

🟠 CVE-2026-25866 - High (7.8)

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25866/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69219
(8.8 HIGH)

EPSS: 0.01%

updated 2026-03-09T16:16:15.143000

2 posts

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airflow, the likelihood of it making any damage is low. You should upgrade to version 6.0.0 of the provider to avoid even that risk.

thehackerwire@mastodon.social at 2026-03-09T16:38:29.000Z ##

🟠 CVE-2025-69219 - High (8.8)

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airfl...

updated 2026-03-09T15:30:24.130000

2 posts

A flaw has been found in Tenda FH1202 1.2.0.14(408). The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.

thehackerwire@mastodon.social at 2026-03-09T08:20:21.000Z ##

🟠 CVE-2026-3809 - High (8.8)

A flaw has been found in Tenda FH1202 1.2.0.14(408). The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack m...

updated 2026-03-09T15:17:08.960000

4 posts

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

offseq at 2026-03-09T03:00:32.011Z ##

🚩 CVE-2026-3768 (HIGH, CVSS 8.7): Stack buffer overflow in Tenda F453 v1.0.0.3 — remote, unauthenticated exploit possible. Public exploit code released. Patch ASAP or restrict remote access! https://radar.offseq.com/threat/cve-2026-3768-stack-based-buffer-overflow-in-tenda-9b634f69 #OffSeq #CVE20263768 #RouterSecurity #Infosec

##

thehackerwire@mastodon.social at 2026-03-08T21:27:19.000Z ##

🟠 CVE-2026-3768 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote expl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3768/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T03:00:32.000Z ##

🚩 CVE-2026-3768 (HIGH, CVSS 8.7): Stack buffer overflow in Tenda F453 v1.0.0.3 — remote, unauthenticated exploit possible. Public exploit code released. Patch ASAP or restrict remote access! https://radar.offseq.com/threat/cve-2026-3768-stack-based-buffer-overflow-in-tenda-9b634f69 #OffSeq #CVE20263768 #RouterSecurity #Infosec

##

thehackerwire@mastodon.social at 2026-03-08T21:27:19.000Z ##

🟠 CVE-2026-3768 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote expl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3768/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2219
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-09T15:15:57.870000

2 posts

It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).

thehackerwire@mastodon.social at 2026-03-09T16:45:11.000Z ##

🟠 CVE-2026-2219 - High (7.5)

It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite lo...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2219/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T16:45:11.000Z ##

🟠 CVE-2026-2219 - High (7.5)

It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite lo...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2219/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-14769
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-09T14:16:05.250000

2 posts

In some cases, the `tcp-setmss` handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host may result in a Denial of Service (DoS) if the `tcp-setmss` directive is used and a subsequent rule w

thehackerwire@mastodon.social at 2026-03-09T14:25:32.000Z ##

🟠 CVE-2025-14769 - High (7.5)

In some cases, the `tcp-setmss` handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference.

...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14769/

updated 2026-03-09T13:36:08.413000

1 posts

updated 2026-03-09T13:36:08.413000

2 posts

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions such as project deletion do not implement anti-CSRF protections (tokens) and GET based requests. As a result, an authenticated user (Trainer) can be tricked

thehackerwire@mastodon.social at 2026-03-06T08:35:25.000Z ##

🟠 CVE-2025-59541 - High (8.1)

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions s...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-59541/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:23:41.000Z ##

🟠 CVE-2025-59541 - High (8.1)

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions s...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-59541/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28727
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:36:08.413000

1 posts

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124.

thehackerwire@mastodon.social at 2026-03-06T08:23:50.000Z ##

🟠 CVE-2026-28727 - High (7.8)

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28727/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28514
(0 None)

EPSS: 0.11%

updated 2026-03-09T13:35:34.633000

3 posts

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.8.6, 7.9.8, 7.10.7, 7.11.4, 7.12.4, 7.13.3, and 8.0.0, a critical authentication bypass vulnerability exists in Rocket.Chat's account service used in the ddp-streamer micro service that allows an attacker to log in to the service as any user with a password set, using any arbitrary password. The

_r_netsec at 2026-03-09T16:28:05.278Z ##

Sign in with ANY password into Rocket.Chat EE (CVE-2026-28514) and other vulnerabilities we’ve found with our open source AI framework https://github.blog/security/how-to-scan-for-vulnerabilities-with-github-security-labs-open-source-ai-powered-framework/

##

_r_netsec@infosec.exchange at 2026-03-09T16:28:05.000Z ##

Sign in with ANY password into Rocket.Chat EE (CVE-2026-28514) and other vulnerabilities we’ve found with our open source AI framework https://github.blog/security/how-to-scan-for-vulnerabilities-with-github-security-labs-open-source-ai-powered-framework/

##

offseq@infosec.exchange at 2026-03-07T03:00:28.000Z ##

🚩 CRITICAL: CVE-2026-28514 in Rocket.Chat (<8.0.0) allows auth bypass via username-only login. Full account takeover possible! Patch now or restrict access + enable MFA. Details: https://radar.offseq.com/threat/cve-2026-28514-cwe-287-improper-authentication-in--bf7998c6 #OffSeq #RocketChat #Security #CVE202628514

##

CVE-2026-30227
(0 None)

EPSS: 1.01%

updated 2026-03-09T13:35:34.633000

2 posts

MimeKit is a C# library which may be used for the creation and parsing of messages using the Multipurpose Internet Mail Extension (MIME), as defined by numerous IETF specifications. Prior to version 4.15.1, a CRLF injection vulnerability in MimeKit allows an attacker to embed \r\n into the SMTP envelope address local-part (when the local-part is a quoted-string). This is non-compliant with RFC 532

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

updated 2026-03-09T13:35:34.633000

2 posts

The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF attack for example.

thehackerwire@mastodon.social at 2026-03-07T11:17:06.000Z ##

🟠 CVE-2026-3589 - High (7.5)

The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3589/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-06T10:30:29.000Z ##

🚨 CVE-2026-3589: CRITICAL CSRF in WooCommerce (5.4.0 – 10.5.2) lets unauth users create admin accounts via REST API batch requests. Patch ASAP! Restrict API access & monitor for abuse. More: https://radar.offseq.com/threat/cve-2026-3589-cwe-352-cross-site-request-forgery-c-929d5a57 #OffSeq #WooCommerce #WordPress #CSRF

##

CVE-2026-24308
(0 None)

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 via the 'zipcode' parameter. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing

thehackerwire@mastodon.social at 2026-03-07T09:05:38.000Z ##

🟠 CVE-2025-14353 - High (7.5)

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 via the 'zipcode' parameter. This is due to insufficient escaping on the user supplied parameter and lack of suff...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14353/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T08:15:04.000Z ##

🟠 CVE-2025-14353 - High (7.5)

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 via the 'zipcode' parameter. This is due to insufficient escaping on the user supplied parameter and lack of suff...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14353/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29091
(8.1 HIGH)

EPSS: 0.25%

updated 2026-03-09T13:35:34.633000

1 posts

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.0, a remote code execution (RCE) flaw was discovered in the locutus project, specifically within the call_user_func_array function implementation. The vulnerability allows an attacker to inject arbitrary JavaScript code into the application's runtime environment. This issue stems from

thehackerwire@mastodon.social at 2026-03-07T08:15:39.000Z ##

🟠 CVE-2026-29091 - High (8.1)

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.0, a remote code execution (RCE) flaw was discovered in the locutus project, specifically within the call_user_func_array function i...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-29091/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29789
(9.9 CRITICAL)

EPSS: 0.05%

updated 2026-03-09T13:35:34.633000

2 posts

Vito is a self-hosted web application that helps manage servers and deploy PHP applications into production servers. Prior to version 3.20.3, a missing authorization check in workflow site-creation actions allows an authenticated attacker with workflow write access in one project to create/manage sites on servers belonging to other projects by supplying a foreign server_id. This issue has been pat

updated 2026-03-09T13:35:07.393000

6 posts

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

offseq at 2026-03-09T16:30:30.999Z ##

🚨 CRITICAL: CVE-2026-3823 exposes Atop EHG2408 switches to unauthenticated RCE via stack-based buffer overflow. No patch yet — segment, restrict access, and monitor traffic. Full device compromise risk. https://radar.offseq.com/threat/cve-2026-3823-cwe-121-stack-based-buffer-overflow--68d582bc #OffSeq #ICS #Vuln #OTSecurity

##

thehackerwire@mastodon.social at 2026-03-09T08:01:20.000Z ##

🟠 CVE-2026-3823 - High (8.8)

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3823/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-09T07:30:30.001Z ##

CRITICAL: CVE-2026-3823 in Atop EHG2408 switches — stack-based buffer overflow allows unauth'd remote code exec. No patch yet. Segment, monitor & restrict access ASAP! 🛡️ https://radar.offseq.com/threat/cve-2026-3823-cwe-121-stack-based-buffer-overflow--68d582bc #OffSeq #CVE20263823 #ICS #Vulnerability

##

offseq@infosec.exchange at 2026-03-09T16:30:30.000Z ##

🚨 CRITICAL: CVE-2026-3823 exposes Atop EHG2408 switches to unauthenticated RCE via stack-based buffer overflow. No patch yet — segment, restrict access, and monitor traffic. Full device compromise risk. https://radar.offseq.com/threat/cve-2026-3823-cwe-121-stack-based-buffer-overflow--68d582bc #OffSeq #ICS #Vuln #OTSecurity

##

thehackerwire@mastodon.social at 2026-03-09T08:01:20.000Z ##

🟠 CVE-2026-3823 - High (8.8)

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3823/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T07:30:30.000Z ##

CRITICAL: CVE-2026-3823 in Atop EHG2408 switches — stack-based buffer overflow allows unauth'd remote code exec. No patch yet. Segment, monitor & restrict access ASAP! 🛡️ https://radar.offseq.com/threat/cve-2026-3823-cwe-121-stack-based-buffer-overflow--68d582bc #OffSeq #CVE20263823 #ICS #Vulnerability

##

CVE-2026-29784
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-09T13:35:07.393000

2 posts

Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, incomplete CSRF protections around /session/verify made it possible to use OTCs in login sessions different from the requesting session. In some scenarios this might have made it easier for phishers to take over a Ghost site. This issue has been patched in version 6.19.3.

Matchbook3469@mastodon.social at 2026-03-09T14:00:14.000Z ##

🔶 New security advisory:

CVE-2026-29784 affects multiple systems.

• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours

Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-29784

#Cybersecurity #PatchNow #InfoSecCommunity

##

thehackerwire@mastodon.social at 2026-03-08T10:00:21.000Z ##

🟠 CVE-2026-29784 - High (7.5)

Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, incomplete CSRF protections around /session/verify made it possible to use OTCs in login sessions different from the requesting session. In some scenarios this might hav...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-29784/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41758
(8.8 HIGH)

EPSS: 0.18%

updated 2026-03-09T13:35:07.393000

2 posts

A low-privileged remote attacker can exploit an arbitrary file write vulnerability in the wwupload.cgi endpoint. Due to path traversal this can lead to overwriting arbitrary files on the device and achieving a full system compromise.

thehackerwire@mastodon.social at 2026-03-09T12:48:24.000Z ##

🟠 CVE-2025-41758 - High (8.8)

A low-privileged remote attacker can exploit an arbitrary file write vulnerability in the wwupload.cgi endpoint. Due to path traversal this can lead to overwriting arbitrary files on the device and achieving a full system compromise.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41758/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:48:24.000Z ##

🟠 CVE-2025-41758 - High (8.8)

A low-privileged remote attacker can exploit an arbitrary file write vulnerability in the wwupload.cgi endpoint. Due to path traversal this can lead to overwriting arbitrary files on the device and achieving a full system compromise.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41758/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41764
(9.1 CRITICAL)

EPSS: 0.10%

updated 2026-03-09T13:35:07.393000

4 posts

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

thehackerwire@mastodon.social at 2026-03-09T12:48:14.000Z ##

🔴 CVE-2025-41764 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41764/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:54.000Z ##

🔴 CVE-2025-41764 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41764/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:48:14.000Z ##

🔴 CVE-2025-41764 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41764/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:54.000Z ##

🔴 CVE-2025-41764 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41764/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41761
(7.8 HIGH)

EPSS: 0.02%

updated 2026-03-09T13:35:07.393000

4 posts

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and ip) with sudo.

thehackerwire@mastodon.social at 2026-03-09T12:48:05.000Z ##

🟠 CVE-2025-41761 - High (7.8)

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and i...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41761/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:45.000Z ##

🟠 CVE-2025-41761 - High (7.8)

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and i...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41761/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:48:05.000Z ##

🟠 CVE-2025-41761 - High (7.8)

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and i...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41761/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:45.000Z ##

🟠 CVE-2025-41761 - High (7.8)

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and i...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41761/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41756
(8.1 HIGH)

EPSS: 0.10%

updated 2026-03-09T13:35:07.393000

2 posts

A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system.

thehackerwire@mastodon.social at 2026-03-09T12:01:34.000Z ##

🟠 CVE-2025-41756 - High (8.1)

A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41756/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:01:34.000Z ##

🟠 CVE-2025-41756 - High (8.1)

A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41756/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61612
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T11:07:30.000Z ##

🟠 CVE-2025-61612 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61612/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T11:07:30.000Z ##

🟠 CVE-2025-61612 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61612/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61611
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed..

thehackerwire@mastodon.social at 2026-03-09T11:07:22.000Z ##

🟠 CVE-2025-61611 - High (7.5)

In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed..

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61611/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T11:07:22.000Z ##

🟠 CVE-2025-61611 - High (7.5)

In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed..

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61611/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69279
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:07:08.000Z ##

🟠 CVE-2025-69279 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69279/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:07:08.000Z ##

🟠 CVE-2025-69279 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69279/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61615
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:01:19.000Z ##

🟠 CVE-2025-61615 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61615/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:01:19.000Z ##

🟠 CVE-2025-61615 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61615/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61614
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:00:51.000Z ##

🟠 CVE-2025-61614 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61614/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:00:51.000Z ##

🟠 CVE-2025-61614 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61614/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30896
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:35:07.393000

2 posts

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege.

thehackerwire@mastodon.social at 2026-03-09T07:01:10.000Z ##

🟠 CVE-2026-30896 - High (7.8)

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30896/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T07:01:10.000Z ##

🟠 CVE-2026-30896 - High (7.8)

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30896/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3630
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-03-09T13:35:07.393000

4 posts

Delta Electronics COMMGR2 has Stack-based Buffer Overflow vulnerability.

offseq at 2026-03-09T04:30:28.137Z ##

🔴 CVE-2026-3630: CRITICAL stack-based buffer overflow in DeltaWW COMMGR2 (ver 0) enables unauthenticated RCE. No patch available. Segment networks, enable IDS/IPS, & monitor for exploitation. Details: https://radar.offseq.com/threat/cve-2026-3630-cwe-121-stack-based-buffer-overflow--c00e7f15 #OffSeq #ICS #Vuln #CyberSecurity

##

thehackerwire@mastodon.social at 2026-03-09T04:19:28.000Z ##

🔴 CVE-2026-3630 - Critical (9.8)

Delta Electronics COMMGR2 has

Stack-based Buffer Overflow vulnerability.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3630/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T04:30:28.000Z ##

🔴 CVE-2026-3630: CRITICAL stack-based buffer overflow in DeltaWW COMMGR2 (ver 0) enables unauthenticated RCE. No patch available. Segment networks, enable IDS/IPS, & monitor for exploitation. Details: https://radar.offseq.com/threat/cve-2026-3630-cwe-121-stack-based-buffer-overflow--c00e7f15 #OffSeq #ICS #Vuln #CyberSecurity

##

thehackerwire@mastodon.social at 2026-03-09T04:19:28.000Z ##

🔴 CVE-2026-3630 - Critical (9.8)

Delta Electronics COMMGR2 has

Stack-based Buffer Overflow vulnerability.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3630/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3787
(7.0 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:35:07.393000

2 posts

A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but

offseq at 2026-03-09T00:00:39.537Z ##

UltraVNC 1.6.4.0 on Windows hit by HIGH-severity vuln (CVE-2026-3787): uncontrolled DLL search path in cryptbase.dll. Local attackers could escalate privileges. No patch yet — restrict access & monitor for DLL hijacking. https://radar.offseq.com/threat/cve-2026-3787-uncontrolled-search-path-in-ultravnc-8f16fda8 #OffSeq #Vuln #UltraVNC

##

offseq@infosec.exchange at 2026-03-09T00:00:39.000Z ##

UltraVNC 1.6.4.0 on Windows hit by HIGH-severity vuln (CVE-2026-3787): uncontrolled DLL search path in cryptbase.dll. Local attackers could escalate privileges. No patch yet — restrict access & monitor for DLL hijacking. https://radar.offseq.com/threat/cve-2026-3787-uncontrolled-search-path-in-ultravnc-8f16fda8 #OffSeq #Vuln #UltraVNC

##

CVE-2026-30832
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-03-09T13:35:07.393000

2 posts

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), but an attacker hosting a

thehackerwire@mastodon.social at 2026-03-08T10:00:34.000Z ##

🔴 CVE-2026-30832 - Critical (9.1)

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30832/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T07:00:27.000Z ##

🔔 CRITICAL CVE-2026-30832: charmbracelet soft-serve (0.6.0 – 0.11.4) allows authenticated SSH users to exploit SSRF via repo import, exposing internal resources. Update to 0.11.4+ now. More: https://radar.offseq.com/threat/cve-2026-30832-cwe-918-server-side-request-forgery-01aea4d4 #OffSeq #SSRF #Vulnerability

##

CVE-2026-30851
(8.1 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:35:07.393000

1 posts

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2.

thehackerwire@mastodon.social at 2026-03-08T09:38:38.000Z ##

🟠 CVE-2026-30851 - High (8.1)

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has b...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30851/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30860
(9.9 CRITICAL)

EPSS: 0.08%

updated 2026-03-09T13:35:07.393000

2 posts

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation system fails to recursively inspect child nodes within PostgreSQL array expressions and row expressions, allowing attackers to bypass SQL injection protectio

thehackerwire@mastodon.social at 2026-03-08T09:20:03.000Z ##

🔴 CVE-2026-30860 - Critical (9.9)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation syst...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30860/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T02:30:28.000Z ##

⚠️ CRITICAL: Tencent WeKnora (<0.2.12) hit by CVE-2026-30860 — SQLi in PostgreSQL array/row parsing enables unauthenticated RCE. Patch to 0.2.12 ASAP. Restrict DB rights and monitor logs. https://radar.offseq.com/threat/cve-2026-30860-cwe-89-improper-neutralization-of-s-90c4d0a6 #OffSeq #SQLInjection #InfoSec

##

CVE-2026-3699
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-09T13:35:07.393000

EPSS: 0.01%

updated 2026-03-09T13:15:36

1 posts

## Summary The default `keyGenerator` in express-rate-limit applies IPv6 subnet masking (`/56` by default) to all addresses that `net.isIPv6()` returns true for. This includes IPv4-mapped IPv6 addresses (`::ffff:x.x.x.x`), which Node.js returns as `request.ip` on dual-stack servers. Because the first 80 bits of all IPv4-mapped addresses are zero, a `/56` (or any `/32` to `/80`) subnet mask produ

thehackerwire@mastodon.social at 2026-03-07T08:07:34.000Z ##

🟠 CVE-2026-30827 - High (7.5)

express-rate-limit is a basic rate-limiting middleware for Express. In versions starting from 8.0.0 and prior to versions 8.0.2, 8.1.1, 8.2.2, and 8.3.0, the default keyGenerator in express-rate-limit applies IPv6 subnet masking (/56 by default) t...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30827/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30822
(7.7 HIGH)

EPSS: 0.04%

updated 2026-03-09T13:15:31

2 posts

## Summary **A Mass Assignment vulnerability in the `/api/v1/leads` endpoint allows any unauthenticated user to control internal entity fields (`id`, `createdDate`, `chatId`) by including them in the request body.** The endpoint uses `Object.assign()` to copy all properties from the request body to the Lead entity without any input validation or field filtering. This allows attackers to bypass a

thehackerwire@mastodon.social at 2026-03-07T09:05:28.000Z ##

🟠 CVE-2026-30822 - High (7.7)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in v...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30822/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T08:14:54.000Z ##

🟠 CVE-2026-30822 - High (7.7)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in v...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30822/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30861
(10.0 CRITICAL)

EPSS: 0.21%

updated 2026-03-09T13:14:29

3 posts

### Summary A critical unauthenticated remote code execution (RCE) vulnerability exists in the MCP stdio configuration validation introduced in version 2.0.5. The application allows unrestricted user registration, meaning any attacker can create an account and exploit the command injection flaw. Despite implementing a whitelist for allowed commands (`npx`, `uvx`) and blacklists for dangerous ar

thehackerwire@mastodon.social at 2026-03-08T09:38:29.000Z ##

🔴 CVE-2026-30861 - Critical (9.9)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenticated remote code execution (RCE) vulnerability exists in the MCP stdio configuration va...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30861/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T01:00:29.000Z ##

⚠️ CRITICAL: Tencent WeKnora (0.2.5 – 0.2.9) hit by unauthenticated RCE (CVE-2026-30861) — attackers bypass command validation using npx - p node. Patch to 0.2.10 ASAP! https://radar.offseq.com/threat/cve-2026-30861-cwe-78-improper-neutralization-of-s-94bf2228 #OffSeq #Vulnerability #RCE #Tencent

##

offseq@infosec.exchange at 2026-03-08T00:00:39.000Z ##

🚨 CRITICAL CVE-2026-30861: Tencent WeKnora (0.2.5 – 0.2.9) OS command injection enables unauth RCE — full system compromise possible. Patch to 0.2.10 now! More info: https://radar.offseq.com/threat/cve-2026-30861-cwe-78-improper-neutralization-of-s-94bf2228 #OffSeq #RCE #Vulnerability #InfoSec

##

CVE-2026-30244
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-09T13:12:18

1 posts

## Executive Summary A security vulnerability exists in the Plane project management platform that allows unauthenticated attackers to enumerate workspace members and extract sensitive information including email addresses, user roles, and internal identifiers. The vulnerability stems from Django REST Framework permission classes being incorrectly configured to allow anonymous access to protected

thehackerwire@mastodon.social at 2026-03-07T08:15:14.000Z ##

🟠 CVE-2026-30244 - High (7.5)

Plane is an an open-source project management tool. Prior to version 1.2.2, unauthenticated attackers can enumerate workspace members and extract sensitive information including email addresses, user roles, and internal identifiers. The vulnerabil...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30244/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3814
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-09T12:31:50

4 posts

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-03-09T11:02:57.000Z ##

🟠 CVE-2026-3814 - High (8.8)

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3814/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-09T10:32:40.007Z ##

🚨 HIGH severity (CVSS 8.7) buffer overflow in UTT HiPER 810G (≤1.7.7-1711), via strcpy in /goform/getOneApConfTempEntry. Public exploit released — urgent monitoring advised. CVE-2026-3814 https://radar.offseq.com/threat/cve-2026-3814-buffer-overflow-in-utt-hiper-810g-7866271a #OffSeq #Vulnerability #UTT #InfoSec

##

thehackerwire@mastodon.social at 2026-03-09T11:02:57.000Z ##

🟠 CVE-2026-3814 - High (8.8)

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3814/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T10:32:40.000Z ##

🚨 HIGH severity (CVSS 8.7) buffer overflow in UTT HiPER 810G (≤1.7.7-1711), via strcpy in /goform/getOneApConfTempEntry. Public exploit released — urgent monitoring advised. CVE-2026-3814 https://radar.offseq.com/threat/cve-2026-3814-buffer-overflow-in-utt-hiper-810g-7866271a #OffSeq #Vulnerability #UTT #InfoSec

##

CVE-2026-3815
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-09T12:31:49

4 posts

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

thehackerwire@mastodon.social at 2026-03-09T12:03:49.000Z ##

🟠 CVE-2026-3815 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3815/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:35.000Z ##

🟠 CVE-2026-3815 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3815/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:03:49.000Z ##

🟠 CVE-2026-3815 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3815/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:35.000Z ##

🟠 CVE-2026-3815 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3815/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41765
(9.1 CRITICAL)

EPSS: 0.06%

updated 2026-03-09T09:30:37

2 posts

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and BACnet/SC server certificates and keys.

thehackerwire@mastodon.social at 2026-03-09T12:01:23.000Z ##

🔴 CVE-2025-41765 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41765/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:01:23.000Z ##

🔴 CVE-2025-41765 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41765/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41772
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-09T09:30:37

2 posts

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.

thehackerwire@mastodon.social at 2026-03-09T10:07:27.000Z ##

🟠 CVE-2025-41772 - High (7.5)

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41772/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:07:27.000Z ##

🟠 CVE-2025-41772 - High (7.5)

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41772/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41766
(8.8 HIGH)

EPSS: 0.39%

updated 2026-03-09T09:30:37

2 posts

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.

thehackerwire@mastodon.social at 2026-03-09T10:07:17.000Z ##

🟠 CVE-2025-41766 - High (8.8)

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41766/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:07:17.000Z ##

🟠 CVE-2025-41766 - High (8.8)

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41766/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69278
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T09:30:37

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:01:38.000Z ##

🟠 CVE-2025-69278 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69278/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:01:38.000Z ##

🟠 CVE-2025-69278 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69278/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3811
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T09:30:37

4 posts

A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.

thehackerwire@mastodon.social at 2026-03-09T10:00:31.000Z ##

🟠 CVE-2026-3811 - High (8.8)

A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remote...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3811/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-09T09:00:32.164Z ##

⚠️ HIGH severity: Tenda FH1202 (1.2.0.14) vulnerable to stack-based buffer overflow (CVE-2026-3811). Remote exploit is public. No fix yet — monitor, isolate, and watch for updates. https://radar.offseq.com/threat/cve-2026-3811-stack-based-buffer-overflow-in-tenda-076e8a7e #OffSeq #Vulnerability #IoTSecurity #CVE20263811

##

thehackerwire@mastodon.social at 2026-03-09T10:00:31.000Z ##

🟠 CVE-2026-3811 - High (8.8)

A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remote...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3811/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T09:00:32.000Z ##

⚠️ HIGH severity: Tenda FH1202 (1.2.0.14) vulnerable to stack-based buffer overflow (CVE-2026-3811). Remote exploit is public. No fix yet — monitor, isolate, and watch for updates. https://radar.offseq.com/threat/cve-2026-3811-stack-based-buffer-overflow-in-tenda-076e8a7e #OffSeq #Vulnerability #IoTSecurity #CVE20263811

##

CVE-2025-41757
(8.8 HIGH)

EPSS: 0.22%

updated 2026-03-09T09:30:36

2 posts

A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the system.

thehackerwire@mastodon.social at 2026-03-09T12:01:43.000Z ##

🟠 CVE-2025-41757 - High (8.8)

A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the sy...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41757/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:01:43.000Z ##

🟠 CVE-2025-41757 - High (8.8)

A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the sy...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-41757/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61616
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T09:30:36

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:01:29.000Z ##

🟠 CVE-2025-61616 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61616/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:01:29.000Z ##

🟠 CVE-2025-61616 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61616/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61613
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T09:30:36

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:00:40.000Z ##

🟠 CVE-2025-61613 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61613/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:00:40.000Z ##

🟠 CVE-2025-61613 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-61613/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3810
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T09:30:36

2 posts

A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

thehackerwire@mastodon.social at 2026-03-09T08:20:30.000Z ##

🟠 CVE-2026-3810 - High (8.8)

A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3810/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T08:20:30.000Z ##

🟠 CVE-2026-3810 - High (8.8)

A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3810/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3808
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T09:30:30

2 posts

A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.

thehackerwire@mastodon.social at 2026-03-09T08:20:11.000Z ##

🟠 CVE-2026-3808 - High (8.8)

A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3808/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T08:20:11.000Z ##

🟠 CVE-2026-3808 - High (8.8)

A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3808/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3807
(8.8 HIGH)

EPSS: 0.09%

updated 2026-03-09T09:30:30

2 posts

A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mit_ssid/mit_ssid_index leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

thehackerwire@mastodon.social at 2026-03-09T08:01:11.000Z ##

🟠 CVE-2026-3807 - High (8.8)

A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mit_ssid/mit_ssid_index leads to stack-based buffer overflow....

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3807/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T08:01:11.000Z ##

🟠 CVE-2026-3807 - High (8.8)

A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mit_ssid/mit_ssid_index leads to stack-based buffer overflow....

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3807/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3803
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T06:31:20

2 posts

A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

thehackerwire@mastodon.social at 2026-03-09T07:01:20.000Z ##

🟠 CVE-2026-3803 - High (8.8)

A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3803/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T07:01:20.000Z ##

🟠 CVE-2026-3803 - High (8.8)

A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3803/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3802
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T06:31:20

2 posts

A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

thehackerwire@mastodon.social at 2026-03-09T06:00:49.000Z ##

🟠 CVE-2026-3802 - High (8.8)

A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack m...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3802/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T06:00:49.000Z ##

🟠 CVE-2026-3802 - High (8.8)

A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack m...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3802/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3804
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T06:31:19

4 posts

A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-03-09T07:00:58.000Z ##

🟠 CVE-2026-3804 - High (8.8)

A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3804/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-09T06:00:26.812Z ##

⚠️ HIGH severity: CVE-2026-3804 in Tenda i3 v1.0.0.6(2204) enables remote stack-based buffer overflow via /goform/WifiMacFilterSet. Exploit is public — prioritize mitigation or isolation. https://radar.offseq.com/threat/cve-2026-3804-stack-based-buffer-overflow-in-tenda-c824133f #OffSeq #Vulnerability #Tenda #InfoSec

##

thehackerwire@mastodon.social at 2026-03-09T07:00:58.000Z ##

🟠 CVE-2026-3804 - High (8.8)

A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3804/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T06:00:26.000Z ##

⚠️ HIGH severity: CVE-2026-3804 in Tenda i3 v1.0.0.6(2204) enables remote stack-based buffer overflow via /goform/WifiMacFilterSet. Exploit is public — prioritize mitigation or isolation. https://radar.offseq.com/threat/cve-2026-3804-stack-based-buffer-overflow-in-tenda-c824133f #OffSeq #Vulnerability #Tenda #InfoSec

##

CVE-2026-3631
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-09T06:31:19

2 posts

Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability.

thehackerwire@mastodon.social at 2026-03-09T04:23:34.000Z ##

🟠 CVE-2026-3631 - High (7.5)

Delta Electronics COMMGR2 has

Buffer Over-read DoS vulnerability.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3631/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T04:23:34.000Z ##

🟠 CVE-2026-3631 - High (7.5)

Delta Electronics COMMGR2 has

Buffer Over-read DoS vulnerability.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3631/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3799
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T06:31:19

2 posts

A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formSetCfm of the file /goform/setcfm. This manipulation of the argument funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.

thehackerwire@mastodon.social at 2026-03-09T04:19:19.000Z ##

🟠 CVE-2026-3799 - High (8.8)

A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formSetCfm of the file /goform/setcfm. This manipulation of the argument funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The ex...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3799/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T04:19:19.000Z ##

🟠 CVE-2026-3799 - High (8.8)

A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formSetCfm of the file /goform/setcfm. This manipulation of the argument funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The ex...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3799/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3801
(8.8 HIGH)

EPSS: 0.09%

updated 2026-03-09T06:31:19

2 posts

A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

thehackerwire@mastodon.social at 2026-03-09T04:19:09.000Z ##

🟠 CVE-2026-3801 - High (8.8)

A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3801/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T04:19:09.000Z ##

🟠 CVE-2026-3801 - High (8.8)

A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3801/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3769
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T21:30:22

4 posts

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used.

offseq at 2026-03-09T01:30:26.707Z ##

🚩 CVE-2026-3769: HIGH severity vuln in Tenda F453 (v1.0.0.3) — stack-based buffer overflow in /goform/WrlclientSet. Public exploit released! Limit remote access, monitor traffic, apply mitigations. Details: https://radar.offseq.com/threat/cve-2026-3769-stack-based-buffer-overflow-in-tenda-7dc11ff5 #OffSeq #NetworkSecurity #Vuln

##

thehackerwire@mastodon.social at 2026-03-08T21:27:29.000Z ##

🟠 CVE-2026-3769 - High (8.8)

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remote...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3769/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T01:30:26.000Z ##

🚩 CVE-2026-3769: HIGH severity vuln in Tenda F453 (v1.0.0.3) — stack-based buffer overflow in /goform/WrlclientSet. Public exploit released! Limit remote access, monitor traffic, apply mitigations. Details: https://radar.offseq.com/threat/cve-2026-3769-stack-based-buffer-overflow-in-tenda-7dc11ff5 #OffSeq #NetworkSecurity #Vuln

##

thehackerwire@mastodon.social at 2026-03-08T21:27:29.000Z ##

🟠 CVE-2026-3769 - High (8.8)

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remote...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3769/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3732
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T12:30:35

2 posts

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.

offseq@infosec.exchange at 2026-03-08T11:32:31.000Z ##

🛑 CVE-2026-3732: HIGH severity stack buffer overflow in Tenda F453 (v1.0.0.3). Remote, unauthenticated code execution risk — no patch yet. Block remote mgmt & monitor endpoints. Details: https://radar.offseq.com/threat/cve-2026-3732-stack-based-buffer-overflow-in-tenda-41443da2 #OffSeq #Vuln #RouterSecurity #CVE20263732

##

thehackerwire@mastodon.social at 2026-03-08T11:19:15.000Z ##

🟠 CVE-2026-3732 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attac...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3732/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3728
(8.8 HIGH)

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond

thehackerwire@mastodon.social at 2026-03-08T08:15:20.000Z ##

🟠 CVE-2026-3701 - High (8.8)

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack ca...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3701/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3703
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-03-08T06:31:15

2 posts

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to out-of-bounds write. The attack may be performed from remote. The exploit has been published and may be used. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professiona

updated 2026-03-07T09:30:21

2 posts

The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajax_delete_file' function in all versions up to, and including, 5.11.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

CVE-2026-1074
(7.2 HIGH)

EPSS: 0.06%

updated 2026-03-07T09:30:20

1 posts

The WP App Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'app-bar-features' parameter in all versions up to, and including, 1.5. This is due to insufficient input sanitization and output escaping combined with a missing authorization check in the `App_Bar_Settings` class constructor. This makes it possible for unauthenticated attackers to inject arbitrary web script

offseq@infosec.exchange at 2026-03-07T09:00:29.000Z ##

🚨 CVE-2026-1074: High-severity stored XSS in WP App Bar plugin (all versions). No auth needed — attackers inject scripts via 'app-bar-features' & compromise admin sessions. Patch or disable urgently! https://radar.offseq.com/threat/cve-2026-1074-cwe-79-improper-neutralization-of-in-ed135d09 #OffSeq #WordPress #XSS #Vuln

##

CVE-2025-8899
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-07T06:31:23

1 posts

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisper_register_form() function not restricting user roles that can be set during registration. This makes it possible for authenticated attackers, with Author-level access and above, to create posts/pages with the re

thehackerwire@mastodon.social at 2026-03-07T08:14:44.000Z ##

🟠 CVE-2025-8899 - High (8.8)

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisper_register_form() function not restricting user roles tha...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-8899/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25070(CVSS UNKNOWN)

EPSS: 1.03%

updated 2026-03-07T03:30:29

3 posts

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through the destIp parameter to achieve remote code execution with root privileges on the network switch.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

updated 2026-03-06T21:56:51

2 posts

## Impact An unauthenticated attacker can execute arbitrary OS commands on the server by injecting shell command substitution into the `base64Url` GET parameter. This can lead to full server compromise, data exfiltration (e.g., configuration secrets, internal keys, credentials), and service disruption. ## Root Cause The `base64Url` parameter is Base64-decoded and then interpolated directly into

beyondmachines1 at 2026-03-08T20:01:11.636Z ##

Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking

AVideo version 6.0 contains a critical zero-click command injection vulnerability (CVE-2026-29058) that allows unauthenticated attackers to execute arbitrary OS commands and hijack video streams.

**If you are using AVideo platform this is urgent and important. Patch ASAP to version 7.0, because your server will be attacked. Until you update today, use a web application firewall or reverse proxy to block access to the getImage.php component.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-zero-click-command-injection-in-avideo-platform-allows-stream-hijacking-w-3-3-3-s/gD2P6Ple2L

##

beyondmachines1@infosec.exchange at 2026-03-08T20:01:11.000Z ##

Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking

AVideo version 6.0 contains a critical zero-click command injection vulnerability (CVE-2026-29058) that allows unauthenticated attackers to execute arbitrary OS commands and hijack video streams.

**If you are using AVideo platform this is urgent and important. Patch ASAP to version 7.0, because your server will be attacked. Until you update today, use a web application firewall or reverse proxy to block access to the getImage.php component.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-zero-click-command-injection-in-avideo-platform-allows-stream-hijacking-w-3-3-3-s/gD2P6Ple2L

##

CVE-2026-24105
(9.8 CRITICAL)

EPSS: 1.69%

updated 2026-03-06T21:05:36.243000

2 posts

An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.18_multi. The value of `v1` was not checked, potentially leading to a command injection vulnerability if injected into doSystemCmd.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

CVE-2026-20882
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-06T18:31:19

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-03-07T10:24:10.000Z ##

🟠 CVE-2026-20882 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20882/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26288
(9.4 CRITICAL)

EPSS: 0.07%

updated 2026-03-06T18:31:19

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this

EPSS: 0.57%

updated 2026-03-06T15:31:36

2 posts

Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter. Attackers can supply directory traversal sequences in the parent parameter of the getAlbum endpoint to access sensitive system directories and download them as ZIP files.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

CVE-2026-26051
(9.4 CRITICAL)

EPSS: 0.10%

updated 2026-03-06T15:31:36

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this

updated 2026-03-06T12:31:36

1 posts

updated 2026-03-06T10:16:22.163000

updated 2026-03-06T09:31:41

1 posts

An attacker may access restricted filesystem areas on the device via the CROWN REST interface due to incomplete whitelist enforcement. Certain directories intended for internal testing were not covered by the whitelist and are accessible without authentication. An unauthenticated attacker could place a manipulated parameter file that becomes active after a reboot, allowing modification of critical

offseq@infosec.exchange at 2026-03-07T07:30:25.000Z ##

🚨 CRITICAL: CVE-2026-2330 in SICK Lector85x lets remote, unauthenticated attackers modify device configs via the CROWN REST interface. Patch or restrict access now to prevent OT compromise. https://radar.offseq.com/threat/cve-2026-2330-cwe-552-files-or-directories-accessi-493bd9c6 #OffSeq #ICS #Vulnerability #Infosec

##

CVE-2026-2331
(9.8 CRITICAL)

EPSS: 0.17%

updated 2026-03-06T09:31:41

2 posts

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access without authentication. This includes device parameter files, enabling an attacker to read and modify applic

updated 2026-03-06T00:58:49

2 posts

## Summary When Telegram webhook mode is enabled without a configured webhook secret, OpenClaw may accept unauthenticated HTTP POST requests at the Telegram webhook endpoint and trust attacker-controlled update JSON. This can allow forged Telegram updates that spoof `message.from.id` / `chat.id`, potentially bypassing sender allowlists and executing privileged bot commands. ## Affected Packages

thehackerwire@mastodon.social at 2026-03-06T11:47:34.000Z ##

🔴 CVE-2026-28454 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 fail to validate webhook secrets in Telegram webhook mode (must be enabled), allowing unauthenticated HTTP POST requests to the webhook endpoint that trust attacker-controlled JSON payloads. Remote attackers can...

updated 2026-03-05T21:50:00

2 posts

## Summary openclaw could start the sandbox browser bridge server without authentication. When the sandboxed browser is enabled, openclaw runs a local (loopback) HTTP bridge that exposes browser control endpoints (for example `/profiles`, `/tabs`, `/tabs/open`, `/agent/*`). Due to missing auth wiring in the sandbox initialization path, that bridge server accepted requests without requiring gatew

thehackerwire@mastodon.social at 2026-03-06T10:55:11.000Z ##

🟠 CVE-2026-28468 - High (7.8)

OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.14 contain a vulnerability in the sandbox browser bridge server in which it accepts requests without requiring gateway authentication, allowing local attackers to access browser control endpoints....

updated 2026-03-05T19:38:33.877000

7 posts

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to download a full system backup containing sensitive data (user credentials, session tokens, SSL private ke

rhudaur@flipboard.com at 2026-03-09T13:23:09.000Z ##

Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data
https://thecyberexpress.com/cve-2026-27944-nginx-ui-backup-vulnerability/?utm_source=flipboard&utm_medium=activitypub

Posted into Cybersecurity Today @cybersecurity-today-rhudaur

##

oversecurity@mastodon.social at 2026-03-09T11:00:12.000Z ##

Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data

A newly disclosed vulnerability in Nginx UI, tracked as CVE-2026-27944, has raised major security concerns after researchers confirmed that...

🔗️ [Thecyberexpress] https://link.is.it/HfceZC

##

beyondmachines1 at 2026-03-09T09:01:11.908Z ##

Critical Nginx UI Flaw Allows Unauthenticated Backup Theft and Decryption

Nginx UI version 2.3.3 patches a critical vulnerability (CVE-2026-27944) that allows unauthenticated attackers to download and decrypt full server backups. The flaw exposes sensitive data including SSL private keys, admin credentials, and server configurations via an unprotected API endpoint.

**If you are using Nginx UI, first make sure they are isolated from the internet. Then patch to version 2.3.3 immediately because the exploit is trivial - especially if your Nginix UI is exposed to the internet.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-nginx-ui-flaw-allows-unauthenticated-backup-theft-and-decryption-l-t-k-6-p/gD2P6Ple2L

##

undercodenews@mastodon.social at 2026-03-08T19:41:38.000Z ##

Critical Security Alert: CVE-2026-27944 Exposes Nginx UI Backups and Encryption Keys

Introduction: A Severe Flaw in a Widely Used Web Server Management Tool A newly disclosed security vulnerability has raised serious concerns across the cybersecurity community. The flaw, identified as CVE-2026-27944, affects Nginx UI, a popular web-based dashboard used to manage and configure Nginx servers. With a CVSS severity score of 9.8, the issue is classified as critical and…

https://undercodenews.com/critical-security-alert-cve-2026-27944-exposes-nginx-ui-backups-and-encryption-keys/

##

rhudaur@flipboard.com at 2026-03-09T13:23:09.000Z ##

Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data
https://thecyberexpress.com/cve-2026-27944-nginx-ui-backup-vulnerability/?utm_source=flipboard&utm_medium=activitypub

Posted into Cybersecurity Today @cybersecurity-today-rhudaur

##

oversecurity@mastodon.social at 2026-03-09T11:00:12.000Z ##

Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data

A newly disclosed vulnerability in Nginx UI, tracked as CVE-2026-27944, has raised major security concerns after researchers confirmed that...

🔗️ [Thecyberexpress] https://link.is.it/HfceZC

##

beyondmachines1@infosec.exchange at 2026-03-09T09:01:11.000Z ##

Critical Nginx UI Flaw Allows Unauthenticated Backup Theft and Decryption

Nginx UI version 2.3.3 patches a critical vulnerability (CVE-2026-27944) that allows unauthenticated attackers to download and decrypt full server backups. The flaw exposes sensitive data including SSL private keys, admin credentials, and server configurations via an unprotected API endpoint.

**If you are using Nginx UI, first make sure they are isolated from the internet. Then patch to version 2.3.3 immediately because the exploit is trivial - especially if your Nginix UI is exposed to the internet.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-nginx-ui-flaw-allows-unauthenticated-backup-theft-and-decryption-l-t-k-6-p/gD2P6Ple2L

##

CVE-2026-24457
(9.1 CRITICAL)

EPSS: 0.19%

updated 2026-03-05T19:38:33.877000

1 posts

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

thehackerwire@mastodon.social at 2026-03-08T12:00:32.000Z ##

🔴 CVE-2026-24457 - Critical (9.1)

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24457/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26478
(9.8 CRITICAL)

EPSS: 0.86%

updated 2026-03-05T18:13:33.993000

2 posts

A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially crafted UDP datagram and execute arbitrary shell code as the root account.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

CVE-2026-2256
(6.5 MEDIUM)

EPSS: 2.31%

updated 2026-03-04T21:14:09

2 posts

A Command Injection vulnerability in ModelScope's MS-Agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input.

1 repos

https://github.com/Itamar-Yochpaz/CVE-2026-2256-PoC

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

CVE-2026-1492
(9.8 CRITICAL)

EPSS: 0.10%

updated 2026-03-03T21:52:29.877000

1 posts

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to improper privilege management in all versions up to, and including, 5.1.2. This is due to the plugin accepting a user-supplied role during membership registration without properly enforcing a server-side allowlist. Thi

1 repos

https://github.com/dreamboyim66-boop/CVE-2026-1492-POC

benzogaga33@mamot.fr at 2026-03-06T10:40:03.000Z ##

WordPress – CVE-2026-1492 : une faille dans un plugin permet de devenir admin très facilement https://www.it-connect.fr/wordpress-cve-2026-1492-une-faille-dans-un-plugin-permet-de-devenir-admin-tres-facilement/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Wordpress

##

CVE-2026-24107
(9.8 CRITICAL)

EPSS: 1.13%

updated 2026-03-03T15:55:11.547000

2 posts

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the value of `usbPartitionName`, which is directly used in `doSystemCmd`, may lead to critical command injection vulnerabilities.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

CVE-2026-24101
(9.8 CRITICAL)

EPSS: 1.13%

updated 2026-03-02T18:31:44

2 posts

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a command injection vulnerability.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

CVE-2026-20127
(10.0 CRITICAL)

EPSS: 2.60%

updated 2026-02-25T18:31:45

2 posts

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not

6 repos

https://github.com/abrahamsurf/sdwan-scanner-CVE-2026-20127

https://github.com/zerozenxlabs/CVE-2026-20127---Cisco-SD-WAN-Preauth-RCE

https://github.com/bluefalconink/cisa-ed-26-03-tracker

https://github.com/yonathanpy/CVE-2026-20127-Cisco-SD-WAN-Preauth-RCE

https://github.com/leemuun/CVE-2026-20127

https://github.com/BugFor-Pings/CVE-2026-20127_EXP

technadu at 2026-03-09T11:58:00.713Z ##

Critical Cisco Catalyst SD-WAN vulnerability (CVE-2026-20127, CVSS 10.0) is now under widespread exploitation.

Attackers are deploying webshells after the flaw moved from targeted zero-day use to global opportunistic campaigns.

https://www.technadu.com/cisco-catalyst-sd-wan-flaw-is-now-fcing-widespread-exploitation/622887/

Have your systems been patched?

#infosec #cybersecurity #cisco #zeroday #threatintel

##

technadu@infosec.exchange at 2026-03-09T11:58:00.000Z ##

Critical Cisco Catalyst SD-WAN vulnerability (CVE-2026-20127, CVSS 10.0) is now under widespread exploitation.

Attackers are deploying webshells after the flaw moved from targeted zero-day use to global opportunistic campaigns.

https://www.technadu.com/cisco-catalyst-sd-wan-flaw-is-now-fcing-widespread-exploitation/622887/

Have your systems been patched?

#infosec #cybersecurity #cisco #zeroday #threatintel

##

CVE-2026-0651
(7.8 HIGH)

EPSS: 0.08%

updated 2026-02-13T20:45:32.090000

1 posts

On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of specific GET request paths via https, allowing local unauthenticated probing of filesystem paths. An attacker on the local network can determine whether certain files exists on the device, with no read, write or code execution possibilities.

1 repos

https://github.com/l0lsec/tapo-c260-rce

cyberveille@mastobot.ping.moi at 2026-03-09T17:00:11.000Z ##

📢 TP-Link Tapo C260 : divulgation de fichiers, RCE invité et élévation de privilèges (CVE-2026-0651 à -0653)
📝 Sur un billet de blog technique daté du 6 mars 2026, l’auteur décrit le processus ayant mené à l’...
📖 cyberveille : https://cyberveille.ch/posts/2026-03-08-tp-link-tapo-c260-divulgation-de-fichiers-rce-invite-et-elevation-de-privileges-cve-2026-0651-a-0653/
🌐 source : https://spaceraccoon.dev/getting-shell-tapo-c260-webcam/
#CVE_2026_0651_0652_0653 #IOC #Cyberveille

##

CVE-2026-25253
(8.8 HIGH)

EPSS: 0.05%

updated 2026-02-13T17:41:02.987000

2 posts

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

7 repos

https://github.com/ethiack/moltbot-1click-rce

https://github.com/Ckokoski/moatbot-security

https://github.com/EQSTLab/CVE-2026-25253

https://github.com/Joseph19820124/openclaw-vuln-report

https://github.com/FrigateCaptain/openclaw_vulnerabilities_and_solutions

https://github.com/al4n4n/CVE-2026-25253-research

https://github.com/adibirzu/openclaw-security-monitor

TiamatEnity@mastodon.social at 2026-03-08T15:12:12.000Z ##

🚨 SECURITY ALERT: 42,089 OpenClaw AI instances exposed with critical RCE vulnerability (CVE-2026-25253, CVSS 8.8).

93% lack authentication. 1.5M API tokens compromised. One-click shell access via malicious websites.

Full analysis + protection strategies:
https://dev.to/tiamatenity/your-ai-assistant-is-leaking-everything-42k-exposed-instances-critical-cves-and-how-to-protect-yourself

#infosec #privacy #cybersecurity #ai

##

TiamatEnity@mastodon.social at 2026-03-07T15:57:11.000Z ##

The OpenClaw AI security crisis:

42,000+ exposed instances, 93% auth bypass
CVE-2026-25253 (CVSS 8.8): one malicious link = shell RCE via WebSocket hijack
1.5M API tokens leaked (Moltbook breach)
341 malicious skills in official marketplace
36.82% flaw rate across all ClawHub skills

New coined terms:
→ One-Click Compromise
→ The Skill Poisoning Problem
→ The Sovereign AI Paradox

Sovereignty ≠ security.

https://tiamat.live

#privacy #infosec #ai #cybersecurity #openclaw

##

CVE-2025-38617
(4.7 MEDIUM)

EPSS: 0.00%

updated 2026-01-07T16:57:56.077000

1 posts

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix are both similar to that of commit 15fe076edea7 ("net/packet: fix a race in packet_bind() and packet_notifier()"). There

_r_netsec@infosec.exchange at 2026-03-06T22:43:05.000Z ##

A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets https://blog.calif.io/p/a-race-within-a-race-exploiting-cve

##

CVE-2023-38545
(9.8 CRITICAL)

EPSS: 26.25%

updated 2025-02-13T18:33:03

1 posts

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved

9 repos

https://github.com/dbrugman/CVE-2023-38545-POC

https://github.com/nphuang/NS-Project-2024-Spring

https://github.com/vanigori/CVE-2023-38545-sample

https://github.com/d0rb/CVE-2023-38545

https://github.com/bcdannyboy/CVE-2023-38545

https://github.com/UTsweetyfish/CVE-2023-38545

https://github.com/Yang-Shun-Yu/CVE-2023-38545

https://github.com/imfht/CVE-2023-38545

https://github.com/fatmo666/CVE-2023-38545-libcurl-SOCKS5-heap-buffer-overflow

bagder@mastodon.social at 2026-03-07T22:14:19.000Z ##

@spinnyspinlock we've only had two severity HIGH CVEs in #curl within the last five years, both of them were C mistakes: https://curl.se/docs/CVE-2023-38545.html and https://curl.se/docs/CVE-2021-22901.html

##

CVE-2021-22901
(8.1 HIGH)

EPSS: 0.34%

updated 2024-03-27T15:30:34

2 posts

curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it

spinnyspinlock@infosec.exchange at 2026-03-07T22:30:52.000Z ##

@bagder CVE-2021-22901 was exactly the kind of interesting vulnerability I wanted to see, thank you! well done on the good security track record too :)

##

bagder@mastodon.social at 2026-03-07T22:14:19.000Z ##

@spinnyspinlock we've only had two severity HIGH CVEs in #curl within the last five years, both of them were C mistakes: https://curl.se/docs/CVE-2023-38545.html and https://curl.se/docs/CVE-2021-22901.html

##

CVE-2024-47886
(0 None)

EPSS: 0.89%

2 posts

N/A

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

##

thehackerwire@mastodon.social at 2026-03-06T08:35:15.000Z ##

🔴 CVE-2025-59543 - Critical (9)

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an attacker with a low-privileged account (e.g., tr...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-59543/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:23:34.000Z ##

🔴 CVE-2025-59543 - Critical (9)

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an attacker with a low-privileged account (e.g., tr...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-59543/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3678(8.8 HIGH)

EPSS: 0.05%

CVE-2026-3588(7.5 HIGH)

EPSS: 0.00%

CVE-2026-25866(7.8 HIGH)

EPSS: 0.00%

CVE-2025-69219(8.8 HIGH)

EPSS: 0.01%

CVE-2026-30834(7.5 HIGH)

EPSS: 0.03%

CVE-2026-29186(7.7 HIGH)

EPSS: 0.07%

CVE-2026-29192(7.7 HIGH)

EPSS: 0.03%

CVE-2026-29193(8.2 HIGH)

EPSS: 0.03%

CVE-2026-3809(8.8 HIGH)

EPSS: 0.05%

CVE-2026-28466(9.9 CRITICAL)

EPSS: 0.09%

CVE-2026-3727(8.8 HIGH)

EPSS: 0.02%

CVE-2026-3729(8.8 HIGH)

EPSS: 0.05%

CVE-2026-3768(8.8 HIGH)

EPSS: 0.05%

CVE-2026-2219(7.5 HIGH)

EPSS: 0.01%

CVE-2025-14769(7.5 HIGH)

EPSS: 0.01%

CVE-2025-29165(9.8 CRITICAL)

EPSS: 0.04%

CVE-2026-28342(7.5 HIGH)

EPSS: 0.06%

CVE-2025-70995(8.8 HIGH)

EPSS: 0.36%

CVE-2025-70949(7.5 HIGH)

EPSS: 0.03%

CVE-2025-55208(9.0 CRITICAL)

EPSS: 0.05%

CVE-2026-28451(8.3 HIGH)

EPSS: 0.04%

CVE-2026-28392(7.5 HIGH)

EPSS: 0.03%

CVE-2026-28447(8.1 HIGH)

EPSS: 0.03%

CVE-2026-28453(7.5 HIGH)

EPSS: 0.04%

CVE-2026-28456(7.2 HIGH)

EPSS: 0.06%

CVE-2026-28469(7.5 HIGH)

EPSS: 0.03%

CVE-2026-28472(8.1 HIGH)

EPSS: 0.04%

CVE-2026-28478(7.5 HIGH)

EPSS: 0.08%

CVE-2026-29613(5.9 MEDIUM)

EPSS: 0.02%

CVE-2026-29609(7.5 HIGH)

EPSS: 0.10%

CVE-2025-59541(8.1 HIGH)

EPSS: 0.01%

CVE-2026-28727(7.8 HIGH)

EPSS: 0.01%

CVE-2026-28514(0 None)

EPSS: 0.11%

CVE-2026-30227(0 None)

EPSS: 1.01%

CVE-2026-29067(8.1 HIGH)

EPSS: 0.01%

CVE-2026-29191(9.3 CRITICAL)

EPSS: 0.03%

CVE-2026-2446(9.8 CRITICAL)

EPSS: 0.07%

CVE-2026-3589(7.5 HIGH)

EPSS: 0.03%

CVE-2026-24308(0 None)

EPSS: 0.01%

CVE-2026-26018(7.5 HIGH)

EPSS: 0.04%

CVE-2026-3678
(8.8 HIGH)

CVE-2026-3588
(7.5 HIGH)

CVE-2026-25866
(7.8 HIGH)

CVE-2025-69219
(8.8 HIGH)

CVE-2026-30834
(7.5 HIGH)

CVE-2026-29186
(7.7 HIGH)

CVE-2026-29192
(7.7 HIGH)

CVE-2026-29193
(8.2 HIGH)

CVE-2026-3809
(8.8 HIGH)

CVE-2026-28466
(9.9 CRITICAL)

CVE-2026-3727
(8.8 HIGH)

CVE-2026-3729
(8.8 HIGH)

CVE-2026-3768
(8.8 HIGH)

CVE-2026-2219
(7.5 HIGH)

CVE-2025-14769
(7.5 HIGH)

CVE-2025-29165
(9.8 CRITICAL)

CVE-2026-28342
(7.5 HIGH)

CVE-2025-70995
(8.8 HIGH)

CVE-2025-70949
(7.5 HIGH)

CVE-2025-55208
(9.0 CRITICAL)

CVE-2026-28451
(8.3 HIGH)

CVE-2026-28392
(7.5 HIGH)

CVE-2026-28447
(8.1 HIGH)

CVE-2026-28453
(7.5 HIGH)

CVE-2026-28456
(7.2 HIGH)

CVE-2026-28469
(7.5 HIGH)

CVE-2026-28472
(8.1 HIGH)

CVE-2026-28478
(7.5 HIGH)

CVE-2026-29613
(5.9 MEDIUM)

CVE-2026-29609
(7.5 HIGH)

CVE-2025-59541
(8.1 HIGH)

CVE-2026-28727
(7.8 HIGH)

CVE-2026-28514
(0 None)

CVE-2026-30227
(0 None)

CVE-2026-29067
(8.1 HIGH)

CVE-2026-29191
(9.3 CRITICAL)

CVE-2026-2446
(9.8 CRITICAL)

CVE-2026-3589
(7.5 HIGH)

CVE-2026-24308
(0 None)

CVE-2026-26018
(7.5 HIGH)

CVE-2026-29075
(8.3 HIGH)

CVE-2025-14353
(7.5 HIGH)

CVE-2026-29091
(8.1 HIGH)

CVE-2026-29789
(9.9 CRITICAL)

CVE-2026-30242
(8.5 HIGH)

CVE-2026-30823
(8.8 HIGH)

CVE-2026-3823
(8.8 HIGH)

CVE-2026-29784
(7.5 HIGH)

CVE-2025-41758
(8.8 HIGH)

CVE-2025-41764
(9.1 CRITICAL)

CVE-2025-41761
(7.8 HIGH)

CVE-2025-41756
(8.1 HIGH)

CVE-2025-61612
(7.5 HIGH)

CVE-2025-61611
(7.5 HIGH)

CVE-2025-69279
(7.5 HIGH)

CVE-2025-61615
(7.5 HIGH)

CVE-2025-61614
(7.5 HIGH)

CVE-2026-30896
(7.8 HIGH)

CVE-2026-3630
(9.8 CRITICAL)

CVE-2026-3787
(7.0 HIGH)

CVE-2026-30832
(9.1 CRITICAL)

CVE-2026-30851
(8.1 HIGH)

CVE-2026-30860
(9.9 CRITICAL)

CVE-2026-3699
(8.8 HIGH)

CVE-2026-30863
(0 None)

CVE-2026-30855
(9.8 CRITICAL)

CVE-2026-30827
(7.5 HIGH)

CVE-2026-30822
(7.7 HIGH)

CVE-2026-30861
(10.0 CRITICAL)

CVE-2026-30244
(7.5 HIGH)

CVE-2026-3814
(8.8 HIGH)

CVE-2026-3815
(8.8 HIGH)

CVE-2025-41765
(9.1 CRITICAL)

CVE-2025-41772
(7.5 HIGH)

CVE-2025-41766
(8.8 HIGH)