## Updated at UTC 2026-03-09T17:44:37.386785

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-3678 8.8 0.05% 1 0 2026-03-09T16:16:21.987000 A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function
CVE-2026-3588 7.5 0.00% 2 0 2026-03-09T16:16:21.343000 A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 all
CVE-2026-25866 7.8 0.00% 2 0 2026-03-09T16:16:18.970000 MobaXterm versions prior to 26.1 contain an uncontrolled search path element vul
CVE-2025-69219 8.8 0.01% 2 0 2026-03-09T16:16:15.143000 A user with access to the DB could craft a database entry that would result in e
CVE-2026-30834 7.5 0.03% 1 0 2026-03-09T15:50:20 # SSRF with Full Response Exfiltration via Download Handler ### Summary A Serve
CVE-2026-29186 7.7 0.07% 1 0 2026-03-09T15:46:45 ### Impact This is a configuration bypass vulnerability that enables arbitrary c
CVE-2026-29192 7.7 0.03% 1 0 2026-03-09T15:46:35 ### Summary A vulnerability in Zitadel's login V2 interface was discovered, all
CVE-2026-29193 8.2 0.03% 1 0 2026-03-09T15:46:20 ### Summary A vulnerability in Zitadel's login V2 UI allowed users to bypass lo
CVE-2026-3809 8.8 0.05% 2 0 2026-03-09T15:30:24.130000 A flaw has been found in Tenda FH1202 1.2.0.14(408). The impacted element is the
CVE-2026-28466 9.9 0.09% 1 0 2026-03-09T15:30:16.490000 OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in w
CVE-2026-3727 8.8 0.02% 1 0 2026-03-09T15:24:42.697000 A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the
CVE-2026-3729 8.8 0.05% 1 0 2026-03-09T15:24:21.043000 A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the funct
CVE-2026-3768 8.8 0.05% 4 0 2026-03-09T15:17:08.960000 A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by th
CVE-2026-2219 7.5 0.01% 2 0 2026-03-09T15:15:57.870000 It was discovered that dpkg-deb (a component of dpkg, the Debian package managem
CVE-2025-14769 7.5 0.01% 2 0 2026-03-09T14:16:05.250000 In some cases, the `tcp-setmss` handler may free the packet data and throw an er
CVE-2025-29165 9.8 0.04% 1 0 2026-03-09T13:36:08.413000 An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privil
CVE-2026-28342 7.5 0.06% 1 0 2026-03-09T13:36:08.413000 OliveTin gives access to predefined shell commands from a web interface. Prior t
CVE-2025-70995 8.8 0.36% 1 1 2026-03-09T13:36:08.413000 An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated
CVE-2025-70949 7.5 0.03% 1 0 2026-03-09T13:36:08.413000 An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows attackers
CVE-2025-55208 9.0 0.05% 1 0 2026-03-09T13:36:08.413000 Chamilo is a learning management system. Versions prior to 1.11.34 have a Stored
CVE-2026-28451 8.3 0.04% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnera
CVE-2026-28392 7.5 0.03% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions prior to 2026.2.14 contain a privilege escalation vulnerabilit
CVE-2026-28447 8.1 0.03% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vu
CVE-2026-28453 7.5 0.04% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions prior to 2026.2.14 fail to validate TAR archive entry paths du
CVE-2026-28456 7.2 0.06% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a vulnerability in the Gat
CVE-2026-28469 7.5 0.03% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in
CVE-2026-28472 8.1 0.04% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSo
CVE-2026-28478 7.5 0.08% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions prior to 2026.2.13 contain a denial of service vulnerability i
CVE-2026-29613 5.9 0.02% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions prior to 2026.2.12 contain a vulnerability in the BlueBubbles
CVE-2026-29609 7.5 0.10% 1 0 2026-03-09T13:36:08.413000 OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability i
CVE-2025-59541 8.1 0.01% 2 0 2026-03-09T13:36:08.413000 Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site
CVE-2026-28727 7.8 0.01% 1 0 2026-03-09T13:36:08.413000 Local privilege escalation due to insecure Unix socket permissions. The followin
CVE-2026-28514 0 0.11% 3 0 2026-03-09T13:35:34.633000 Rocket.Chat is an open-source, secure, fully customizable communications platfor
CVE-2026-30227 0 1.01% 2 0 2026-03-09T13:35:34.633000 MimeKit is a C# library which may be used for the creation and parsing of messag
CVE-2026-29067 8.1 0.01% 1 0 2026-03-09T13:35:34.633000 ZITADEL is an open source identity management platform. From version 4.0.0-rc.1
CVE-2026-29191 9.3 0.03% 1 0 2026-03-09T13:35:34.633000 ZITADEL is an open source identity management platform. From version 4.0.0 to 4.
CVE-2026-2446 9.8 0.07% 1 0 2026-03-09T13:35:34.633000 The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authoriz
CVE-2026-3589 7.5 0.03% 2 0 2026-03-09T13:35:34.633000 The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly
CVE-2026-24308 0 0.01% 1 0 2026-03-09T13:35:34.633000 Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5
CVE-2026-26018 7.5 0.04% 1 0 2026-03-09T13:35:34.633000 CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial o
CVE-2026-29075 8.3 0.07% 1 0 2026-03-09T13:35:34.633000 Mesa is an open-source Python library for agent-based modeling, simulating compl
CVE-2025-14353 7.5 0.07% 2 0 2026-03-09T13:35:34.633000 The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL
CVE-2026-29091 8.1 0.25% 1 0 2026-03-09T13:35:34.633000 Locutus brings stdlibs of other programming languages to JavaScript for educatio
CVE-2026-29789 9.9 0.05% 2 0 2026-03-09T13:35:34.633000 Vito is a self-hosted web application that helps manage servers and deploy PHP a
CVE-2026-30242 8.5 0.03% 1 0 2026-03-09T13:35:34.633000 Plane is an an open-source project management tool. Prior to version 1.2.3, the
CVE-2026-30823 8.8 0.02% 1 0 2026-03-09T13:35:34.633000 Flowise is a drag & drop user interface to build a customized large language mod
CVE-2026-3823 8.8 0.14% 6 0 2026-03-09T13:35:07.393000 EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Ov
CVE-2026-29784 7.5 0.02% 2 0 2026-03-09T13:35:07.393000 Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, in
CVE-2025-41758 8.8 0.18% 2 0 2026-03-09T13:35:07.393000 A low-privileged remote attacker can exploit an arbitrary file write vulnerabili
CVE-2025-41764 9.1 0.10% 4 0 2026-03-09T13:35:07.393000 Due to insufficient authorization enforcement, an unauthorized remote attacker c
CVE-2025-41761 7.8 0.02% 4 0 2026-03-09T13:35:07.393000 A low‑privileged local attacker who gains access to the UBR service account (e.g
CVE-2025-41756 8.1 0.10% 2 0 2026-03-09T13:35:07.393000 A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.c
CVE-2025-61612 7.5 0.21% 2 0 2026-03-09T13:35:07.393000 In nr modem, there is a possible system crash due to improper input validation.
CVE-2025-61611 7.5 0.21% 2 0 2026-03-09T13:35:07.393000 In modem, there is a possible improper input validation. This could lead to remo
CVE-2025-69279 7.5 0.21% 2 0 2026-03-09T13:35:07.393000 In nr modem, there is a possible system crash due to improper input validation.
CVE-2025-61615 7.5 0.21% 2 0 2026-03-09T13:35:07.393000 In nr modem, there is a possible system crash due to improper input validation.
CVE-2025-61614 7.5 0.21% 2 0 2026-03-09T13:35:07.393000 In nr modem, there is a possible system crash due to improper input validation.
CVE-2026-30896 7.8 0.01% 2 0 2026-03-09T13:35:07.393000 The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic L
CVE-2026-3630 9.8 0.04% 4 0 2026-03-09T13:35:07.393000 Delta Electronics COMMGR2 has Stack-based Buffer Overflow vulnerability.
CVE-2026-3787 7.0 0.01% 2 0 2026-03-09T13:35:07.393000 A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an u
CVE-2026-30832 9.1 0.04% 2 0 2026-03-09T13:35:07.393000 Soft Serve is a self-hostable Git server for the command line. From version 0.6.
CVE-2026-30851 8.1 0.01% 1 0 2026-03-09T13:35:07.393000 Caddy is an extensible server platform that uses TLS by default. From version 2.
CVE-2026-30860 9.9 0.08% 2 0 2026-03-09T13:35:07.393000 WeKnora is an LLM-powered framework designed for deep document understanding and
CVE-2026-3699 8.8 0.04% 1 0 2026-03-09T13:35:07.393000 A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This i
CVE-2026-30863 0 0.07% 1 1 2026-03-09T13:35:07.393000 Parse Server is an open source backend that can be deployed to any infrastructur
CVE-2026-30855 9.8 0.08% 1 0 2026-03-09T13:21:39 ### Summary An authorization bypass in tenant management endpoints of WeKnora ap
CVE-2026-30827 7.5 0.01% 1 0 2026-03-09T13:15:36 ## Summary The default `keyGenerator` in express-rate-limit applies IPv6 subnet
CVE-2026-30822 7.7 0.04% 2 0 2026-03-09T13:15:31 ## Summary **A Mass Assignment vulnerability in the `/api/v1/leads` endpoint al
CVE-2026-30861 10.0 0.21% 3 0 2026-03-09T13:14:29 ### Summary A critical unauthenticated remote code execution (RCE) vulnerabilit
CVE-2026-30244 7.5 0.02% 1 0 2026-03-09T13:12:18 ## Executive Summary A security vulnerability exists in the Plane project manag
CVE-2026-3814 8.8 0.04% 4 0 2026-03-09T12:31:50 A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected
CVE-2026-3815 8.8 0.04% 4 0 2026-03-09T12:31:49 A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects
CVE-2025-41765 9.1 0.06% 2 0 2026-03-09T09:30:37 Due to insufficient authorization enforcement, an unauthorized remote attacker c
CVE-2025-41772 7.5 0.03% 2 0 2026-03-09T09:30:37 An unauthenticated remote attacker can obtain valid session tokens because they
CVE-2025-41766 8.8 0.39% 2 0 2026-03-09T09:30:37 A low-privileged remote attacker can trigger a stack-based buffer overflow via a
CVE-2025-69278 7.5 0.21% 2 0 2026-03-09T09:30:37 In nr modem, there is a possible system crash due to improper input validation.
CVE-2026-3811 8.8 0.05% 4 0 2026-03-09T09:30:37 A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the functi
CVE-2025-41757 8.8 0.22% 2 0 2026-03-09T09:30:36 A low-privileged remote attacker can abuse the backup restore functionality of U
CVE-2025-61616 7.5 0.21% 2 0 2026-03-09T09:30:36 In nr modem, there is a possible system crash due to improper input validation.
CVE-2025-61613 7.5 0.21% 2 0 2026-03-09T09:30:36 In nr modem, there is a possible system crash due to improper input validation.
CVE-2026-3810 8.8 0.05% 2 0 2026-03-09T09:30:36 A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the f
CVE-2026-3808 8.8 0.05% 2 0 2026-03-09T09:30:30 A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element
CVE-2026-3807 8.8 0.09% 2 0 2026-03-09T09:30:30 A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impact
CVE-2026-3803 8.8 0.05% 2 0 2026-03-09T06:31:20 A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the funct
CVE-2026-3802 8.8 0.05% 2 0 2026-03-09T06:31:20 A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue
CVE-2026-3804 8.8 0.05% 4 0 2026-03-09T06:31:19 A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerabilit
CVE-2026-3631 7.5 0.04% 2 0 2026-03-09T06:31:19 Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability.
CVE-2026-3799 8.8 0.05% 2 0 2026-03-09T06:31:19 A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formS
CVE-2026-3801 8.8 0.09% 2 0 2026-03-09T06:31:19 A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerabil
CVE-2026-3769 8.8 0.05% 4 0 2026-03-08T21:30:22 A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is th
CVE-2026-3732 8.8 0.05% 2 0 2026-03-08T12:30:35 A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects t
CVE-2026-3728 8.8 0.05% 1 0 2026-03-08T12:30:34 A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects th
CVE-2026-3726 8.8 0.05% 2 0 2026-03-08T09:30:27 A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function
CVE-2026-3715 8.8 0.04% 2 0 2026-03-08T09:30:21 A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the funct
CVE-2026-3701 8.8 0.04% 1 0 2026-03-08T06:31:15 A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affect
CVE-2026-3703 9.8 0.07% 2 0 2026-03-08T06:31:15 A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_4
CVE-2026-3698 8.8 0.04% 1 0 2026-03-08T03:30:34 A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affect
CVE-2026-3700 8.8 0.04% 1 0 2026-03-08T03:30:34 A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is
CVE-2026-3677 8.8 0.05% 1 0 2026-03-08T00:31:58 A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function from
CVE-2026-3679 8.8 0.05% 1 0 2026-03-08T00:31:58 A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerab
CVE-2025-14675 7.2 0.68% 2 0 2026-03-07T09:30:21 The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due t
CVE-2026-1074 7.2 0.06% 1 0 2026-03-07T09:30:20 The WP App Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting
CVE-2025-8899 8.8 0.04% 1 0 2026-03-07T06:31:23 The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is
CVE-2026-25070 None 1.03% 3 0 2026-03-07T03:30:29 XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain
CVE-2026-2020 7.5 0.09% 1 0 2026-03-07T03:30:27 The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection i
CVE-2025-15602 8.8 0.02% 1 0 2026-03-07T02:33:41 Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to ac
CVE-2025-70948 9.3 0.03% 1 0 2026-03-06T23:00:44 A host header injection vulnerability in the mailer component of @perfood/couch-
CVE-2026-30223 8.8 0.02% 1 0 2026-03-06T22:52:11 ### Summary When JWT authentication is configured using either: - `authJwtPubK
CVE-2026-29087 7.5 0.03% 1 0 2026-03-06T22:43:59 ## Summary When using @hono/node-server's static file serving together with rou
CVE-2026-26017 7.7 0.04% 1 0 2026-03-06T22:43:40 A logical vulnerability in CoreDNS allows DNS access controls to be bypassed due
CVE-2026-29064 8.2 0.01% 1 0 2026-03-06T22:10:52 ### Summary A path traversal vulnerability in archive extraction allows a speci
CVE-2026-29058 9.8 0.10% 2 0 2026-03-06T21:56:51 ## Impact An unauthenticated attacker can execute arbitrary OS commands on the
CVE-2026-24105 9.8 1.69% 2 0 2026-03-06T21:05:36.243000 An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.1
CVE-2026-20882 7.5 0.06% 1 0 2026-03-06T18:31:19 The WebSocket Application Programming Interface lacks restrictions on the number
CVE-2026-26288 9.4 0.07% 2 0 2026-03-06T18:31:19 WebSocket endpoints lack proper authentication mechanisms, enabling attackers to
CVE-2026-24696 7.5 0.05% 1 0 2026-03-06T18:31:19 The WebSocket Application Programming Interface lacks restrictions on the number
CVE-2025-70230 9.8 0.06% 1 0 2026-03-06T17:37:58.670000 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2026-29000 10.0 0.24% 1 1 2026-03-06T15:41:57 pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication by
CVE-2018-25181 7.5 0.57% 2 0 2026-03-06T15:31:36 Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticate
CVE-2026-26051 9.4 0.10% 2 0 2026-03-06T15:31:36 WebSocket endpoints lack proper authentication mechanisms, enabling attackers to
CVE-2026-2754 7.5 0.04% 1 0 2026-03-06T15:31:36 Navtor NavBox exposes sensitive configuration and operational data due to missin
CVE-2026-2753 7.5 0.07% 1 0 2026-03-06T15:31:36 An Absolute Path Traversal vulnerability exists in Navtor NavBox. The applicatio
CVE-2018-25166 8.2 0.06% 1 0 2026-03-06T15:31:35 Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows un
CVE-2025-70614 8.1 0.03% 1 0 2026-03-06T12:31:37 OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken
CVE-2025-13476 9.8 0.05% 1 0 2026-03-06T12:31:36 Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 u
CVE-2025-70231 9.8 0.08% 1 0 2026-03-06T12:31:36 D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When proces
CVE-2025-70229 9.8 0.06% 1 0 2026-03-06T12:31:36 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2025-70616 7.8 0.01% 1 0 2026-03-06T12:31:36 A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys
CVE-2026-26418 7.5 0.06% 1 1 2026-03-06T12:31:36 Missing authentication and authorization in the web API of Tata Consultancy Serv
CVE-2025-70233 9.8 0.06% 1 0 2026-03-06T12:30:31 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2025-70232 9.8 0.06% 1 0 2026-03-06T12:30:31 Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime para
CVE-2026-26417 8.1 0.03% 1 1 2026-03-06T10:16:22.163000 A broken access control vulnerability in the password reset functionality of Tat
CVE-2026-26416 8.8 0.03% 1 1 2026-03-06T10:16:21.983000 An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon
CVE-2025-45691 7.5 0.05% 1 0 2026-03-06T10:16:20.417000 An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in
CVE-2026-2330 9.4 0.21% 1 0 2026-03-06T09:31:41 An attacker may access restricted filesystem areas on the device via the CROWN R
CVE-2026-2331 9.8 0.17% 2 0 2026-03-06T09:31:41 An attacker may perform unauthenticated read and write operations on sensitive f
CVE-2026-28464 5.9 0.09% 1 0 2026-03-06T01:05:25 ## Summary OpenClaw hooks previously compared the provided hook token using a r
CVE-2026-28479 5.4 0.02% 1 0 2026-03-06T01:05:00 ## Affected Packages / Versions - npm package: `openclaw` - Affected versions: `
CVE-2026-28462 7.5 0.04% 1 0 2026-03-06T01:04:45 ## Summary OpenClaw’s browser control API accepted user-supplied output paths
CVE-2026-29610 8.8 0.07% 1 0 2026-03-06T01:04:20 # Command hijacking via PATH handling **Discovered:** 2026-02-04 **Reporter:**
CVE-2026-28476 6.5 0.06% 1 0 2026-03-06T01:04:05 ## Summary The optional Tlon (Urbit) extension previously accepted a user-provid
CVE-2026-28463 5.7 0.02% 1 0 2026-03-06T01:02:55 ## Summary OpenClaw's exec-approvals allowlist supports a small set of "safe bi
CVE-2026-28470 9.8 0.07% 1 0 2026-03-06T01:02:34 ### Summary Exec approvals allowlist bypass via command substitution/backticks
CVE-2026-28458 7.5 0.05% 1 0 2026-03-06T01:02:29 ### Summary In affected versions, the Browser Relay `/cdp` WebSocket endpoint di
CVE-2026-28473 7.2 0.03% 1 0 2026-03-06T01:02:20 ## Summary ### What this means (plain language) If you give a client “chat/wri
CVE-2026-28465 5.9 0.02% 1 0 2026-03-06T01:01:24 ## Affected Packages / Versions This issue affects the optional voice-call plug
CVE-2026-28393 6.0 0.01% 1 0 2026-03-06T01:00:09 ## Summary OpenClaw hook mapping transforms could be loaded via absolute paths
CVE-2026-28454 9.8 0.02% 2 0 2026-03-06T00:58:49 ## Summary When Telegram webhook mode is enabled without a configured webhook s
CVE-2026-21536 9.8 0.40% 1 0 2026-03-06T00:31:41 Microsoft Devices Pricing Program Remote Code Execution Vulnerability
CVE-2026-26125 8.6 0.08% 1 0 2026-03-06T00:31:41 Payment Orchestrator Service Elevation of Privilege Vulnerability
CVE-2026-27778 7.5 0.06% 1 0 2026-03-06T00:31:41 The WebSocket Application Programming Interface lacks restrictions on the number
CVE-2026-22552 9.4 0.10% 1 0 2026-03-06T00:31:41 WebSocket endpoints lack proper authentication mechanisms, enabling attackers to
CVE-2026-29188 9.1 0.06% 1 0 2026-03-05T22:50:22 ### Summary A broken access control vulnerability in the TUS protocol DELETE en
CVE-2026-28790 7.5 0.06% 1 0 2026-03-05T22:49:38 ### Summary OliveTin allows an unauthenticated guest to terminate running actio
CVE-2026-28789 7.5 0.09% 1 0 2026-03-05T22:49:36 ### Summary An unauthenticated denial-of-service vulnerability exists in OliveTi
CVE-2026-25921 9.3 0.02% 1 0 2026-03-05T22:28:33 ### Summary Overwritable LFS object across different repos leads to supply-chain
CVE-2026-29611 7.5 0.03% 1 0 2026-03-05T22:00:37 ### Summary The BlueBubbles extension accepted attacker-controlled local filesys
CVE-2026-28474 None 0.04% 1 0 2026-03-05T21:52:02 ## Summary In affected versions of the optional Nextcloud Talk plugin (installe
CVE-2026-28468 7.1 0.02% 2 0 2026-03-05T21:50:00 ## Summary openclaw could start the sandbox browser bridge server without authe
CVE-2026-28446 9.4 0.26% 1 0 2026-03-05T21:43:07 ### Summary An authentication bypass in the optional `voice-call` extension/plu
CVE-2026-28391 None 0.05% 1 0 2026-03-05T21:40:43 ### Summary On Windows nodes, exec requests were executed via `cmd.exe /d /s /c
CVE-2026-0848 10.0 0.41% 1 0 2026-03-05T21:31:00 NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper
CVE-2026-27944 9.8 0.05% 7 0 2026-03-05T19:38:33.877000 Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.
CVE-2026-24457 9.1 0.19% 1 0 2026-03-05T19:38:33.877000 An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read ar
CVE-2026-26478 9.8 0.86% 2 0 2026-03-05T18:13:33.993000 A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012
CVE-2026-2256 6.5 2.31% 2 1 2026-03-04T21:14:09 A Command Injection vulnerability in ModelScope's MS-Agent versions v1.6.0rc1 an
CVE-2026-1492 9.8 0.10% 1 1 2026-03-03T21:52:29.877000 The User Registration & Membership – Custom Registration Form Builder, Custom Lo
CVE-2026-24107 9.8 1.13% 2 0 2026-03-03T15:55:11.547000 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the
CVE-2026-24101 9.8 1.13% 2 0 2026-03-02T18:31:44 An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_mul
CVE-2026-20127 10.0 2.60% 2 6 2026-02-25T18:31:45 A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controlle
CVE-2026-0651 7.8 0.08% 1 1 2026-02-13T20:45:32.090000 On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of
CVE-2026-25253 8.8 0.05% 2 7 2026-02-13T17:41:02.987000 OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value f
CVE-2025-38617 4.7 0.00% 1 0 2026-01-07T16:57:56.077000 In the Linux kernel, the following vulnerability has been resolved: net/packet:
CVE-2023-38545 9.8 26.25% 1 9 2025-02-13T18:33:03 This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake.
CVE-2021-22901 8.1 0.34% 2 0 2024-03-27T15:30:34 curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting
CVE-2024-47886 0 0.89% 2 0 N/A
CVE-2026-28289 0 0.03% 1 1 N/A
CVE-2026-29779 0 0.03% 1 0 N/A
CVE-2026-28678 0 0.03% 1 0 N/A
CVE-2026-28284 0 0.03% 1 0 N/A
CVE-2026-28210 0 0.05% 1 0 N/A
CVE-2026-28287 0 0.11% 1 0 N/A
CVE-2026-28405 0 0.04% 1 0 N/A
CVE-2026-28442 0 0.04% 1 0 N/A
CVE-2026-29089 0 0.01% 1 0 N/A
CVE-2026-30840 0 0.04% 1 0 N/A
CVE-2025-14297 0 0.00% 1 0 N/A
CVE-2026-28485 0 0.06% 1 0 N/A
CVE-2026-28484 0 0.00% 1 0 N/A
CVE-2025-59543 0 0.04% 2 0 N/A

CVE-2026-3678
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T16:16:21.987000

1 posts

A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized.

thehackerwire@mastodon.social at 2026-03-08T09:01:20.000Z ##

🟠 CVE-2026-3678 - High (8.8)

A vulnerability was determined in Tenda FH451 1.0.0.9. Affected is the function sub_3C434 of the file /goform/AdvSetWan. This manipulation of the argument wanmode/PPPOEPassword causes stack-based buffer overflow. It is possible to initiate the att...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3588
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-09T16:16:21.343000

2 posts

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request.

thehackerwire@mastodon.social at 2026-03-09T16:38:10.000Z ##

🟠 CVE-2026-3588 - High (7.5)

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T16:38:10.000Z ##

🟠 CVE-2026-3588 - High (7.5)

A server-side request forgery (SSRF) vulnerability in IKEA Dirigera v2.866.4 allows an attacker to exfiltrate private keys by sending a crafted request.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25866
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-09T16:16:18.970000

2 posts

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search path behavior by placing a malicious executable earlier in the search order, resulting in arbitrary code execution in the context of the affected user.

thehackerwire@mastodon.social at 2026-03-09T16:38:20.000Z ##

🟠 CVE-2026-25866 - High (7.8)

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T16:38:20.000Z ##

🟠 CVE-2026-25866 - High (7.8)

MobaXterm versions prior to 26.1 contain an uncontrolled search path element vulnerability. The application calls WinExec to execute Notepad++ without a fully qualified executable path when opening remote files. An attacker can exploit the search ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69219
(8.8 HIGH)

EPSS: 0.01%

updated 2026-03-09T16:16:15.143000

2 posts

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airflow, the likelihood of it making any damage is low. You should upgrade to version 6.0.0 of the provider to avoid even that risk.

thehackerwire@mastodon.social at 2026-03-09T16:38:29.000Z ##

🟠 CVE-2025-69219 - High (8.8)

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airfl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T16:38:29.000Z ##

🟠 CVE-2025-69219 - High (8.8)

A user with access to the DB could craft a database entry that would result in executing code on Triggerer - which gives anyone who have access to DB the same permissions as Dag Author. Since direct DB access is not usual and recommended for Airfl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30834
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-09T15:50:20

1 posts

# SSRF with Full Response Exfiltration via Download Handler ### Summary A Server-Side Request Forgery (SSRF) vulnerability in the `/download` endpoint allows any user with API access to induce the PinchTab server to make requests to arbitrary URLs, including internal network services and local system files, and exfiltrate the full response content. ### Details The `GET /download?url=<url>` handl

thehackerwire@mastodon.social at 2026-03-08T09:38:48.000Z ##

🟠 CVE-2026-30834 - High (7.5)

PinchTab is a standalone HTTP server that gives AI agents direct control over a Chrome browser. Prior to version 0.7.7, a Server-Side Request Forgery (SSRF) vulnerability in the /download endpoint allows any user with API access to induce the Pinc...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29186
(7.7 HIGH)

EPSS: 0.07%

updated 2026-03-09T15:46:45

1 posts

### Impact This is a configuration bypass vulnerability that enables arbitrary code execution. The `@backstage/plugin-techdocs-node` package uses an allowlist to filter dangerous MkDocs configuration keys during the documentation build process. A gap in this allowlist allows attackers to craft an `mkdocs.yml` that causes arbitrary Python code execution, completely bypassing TechDocs' security co

thehackerwire@mastodon.social at 2026-03-07T15:17:00.000Z ##

🟠 CVE-2026-29186 - High (7.7)

Backstage is an open framework for building developer portals. Prior to version 1.14.3, this is a configuration bypass vulnerability that enables arbitrary code execution. The @backstage/plugin-techdocs-node package uses an allowlist to filter dan...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29192
(7.7 HIGH)

EPSS: 0.03%

updated 2026-03-09T15:46:35

1 posts

### Summary A vulnerability in Zitadel's login V2 interface was discovered, allowing for possible account takeover. ### Impact Zitadel allows organization administrators to change the default redirect URI for their organization. This setting enables them to redirect users to an arbitrary location after they log in. Due to missing restrictions and improper handling, malicious javascrtipt code c

thehackerwire@mastodon.social at 2026-03-07T15:37:46.000Z ##

🟠 CVE-2026-29192 - High (7.7)

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via Default URI Redirect. This issue has been patched in ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29193
(8.2 HIGH)

EPSS: 0.03%

updated 2026-03-09T15:46:20

1 posts

### Summary A vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password even if corresponding options were disabled in their organizaton. ### Impact Zitadel enables administrators to configure their organization’s login behavior and security policies. As part of this functionality, they can disabl

thehackerwire@mastodon.social at 2026-03-07T15:37:55.000Z ##

🟠 CVE-2026-29193 - High (8.2)

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.12.0, a vulnerability in Zitadel's login V2 UI allowed users to bypass login behavior and security policies and self-register new accounts or sign in using password ev...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3809
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T15:30:24.130000

2 posts

A flaw has been found in Tenda FH1202 1.2.0.14(408). The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.

thehackerwire@mastodon.social at 2026-03-09T08:20:21.000Z ##

🟠 CVE-2026-3809 - High (8.8)

A flaw has been found in Tenda FH1202 1.2.0.14(408). The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack m...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T08:20:21.000Z ##

🟠 CVE-2026-3809 - High (8.8)

A flaw has been found in Tenda FH1202 1.2.0.14(408). The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack m...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28466
(9.9 CRITICAL)

EPSS: 0.09%

updated 2026-03-09T15:30:16.490000

1 posts

OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. Attackers with valid gateway credentials can inject approval control fields to execute arbitrary commands on connected node hosts, potentially compromising

thehackerwire@mastodon.social at 2026-03-06T11:01:14.000Z ##

🟠 CVE-2026-28466 - High (8.8)

OpenClaw versions prior to 2026.2.14 contain a vulnerability in the gateway in which it fails to sanitize internal approval fields in node.invoke parameters, allowing authenticated clients to bypass exec approval gating for system.run commands. At...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3727
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-09T15:24:42.697000

1 posts

A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function sub_3C6C0 of the file /goform/QuickIndex. The manipulation of the argument mit_linktype/PPPOEPassword results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.

thehackerwire@mastodon.social at 2026-03-08T10:18:28.000Z ##

🟠 CVE-2026-3727 - High (8.8)

A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function sub_3C6C0 of the file /goform/QuickIndex. The manipulation of the argument mit_linktype/PPPOEPassword results in stack-based buffer overflow. The attack may b...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3729
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T15:24:21.043000

1 posts

A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.

thehackerwire@mastodon.social at 2026-03-08T11:19:24.000Z ##

🟠 CVE-2026-3729 - High (8.8)

A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. The attack can be execute...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3768
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T15:17:08.960000

4 posts

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used.

offseq at 2026-03-09T03:00:32.011Z ##

🚩 CVE-2026-3768 (HIGH, CVSS 8.7): Stack buffer overflow in Tenda F453 v1.0.0.3 — remote, unauthenticated exploit possible. Public exploit code released. Patch ASAP or restrict remote access! radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T21:27:19.000Z ##

🟠 CVE-2026-3768 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote expl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T03:00:32.000Z ##

🚩 CVE-2026-3768 (HIGH, CVSS 8.7): Stack buffer overflow in Tenda F453 v1.0.0.3 — remote, unauthenticated exploit possible. Public exploit code released. Patch ASAP or restrict remote access! radar.offseq.com/threat/cve-20 #OffSeq #CVE20263768 #RouterSecurity #Infosec

##

thehackerwire@mastodon.social at 2026-03-08T21:27:19.000Z ##

🟠 CVE-2026-3768 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO leads to stack-based buffer overflow. Remote expl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2219
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-09T15:15:57.870000

2 posts

It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite loop spinning the CPU).

thehackerwire@mastodon.social at 2026-03-09T16:45:11.000Z ##

🟠 CVE-2026-2219 - High (7.5)

It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite lo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T16:45:11.000Z ##

🟠 CVE-2026-2219 - High (7.5)

It was discovered that dpkg-deb (a component of dpkg, the Debian package management system) does not properly validate the end of the data stream when uncompressing a zstd-compressed .deb archive, which may result in denial of service (infinite lo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-14769
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-09T14:16:05.250000

2 posts

In some cases, the `tcp-setmss` handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference. Maliciously crafted packets sent from a remote host may result in a Denial of Service (DoS) if the `tcp-setmss` directive is used and a subsequent rule w

thehackerwire@mastodon.social at 2026-03-09T14:25:32.000Z ##

🟠 CVE-2025-14769 - High (7.5)

In some cases, the `tcp-setmss` handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference.

...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T14:25:32.000Z ##

🟠 CVE-2025-14769 - High (7.5)

In some cases, the `tcp-setmss` handler may free the packet data and throw an error without halting the rule processing engine. A subsequent rule can then allow the traffic after the packet data is gone, resulting in a NULL pointer dereference.

...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-29165
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-03-09T13:36:08.413000

1 posts

An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component

thehackerwire@mastodon.social at 2026-03-07T15:00:36.000Z ##

🔴 CVE-2025-29165 - Critical (9.8)

An issue in D-Link DIR-1253 MESH V1.6.1684 allows an attacker to escalate privileges via the etc/shadow.sample component

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28342
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-09T13:36:08.413000

1 posts

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.2, the PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests. By issuing multiple parallel requests, an attacker can exhaust available container memory, leading to service degradation or complete denial of service

thehackerwire@mastodon.social at 2026-03-07T15:00:26.000Z ##

🟠 CVE-2026-28342 - High (7.5)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.2, the PasswordHash API endpoint allows unauthenticated users to trigger excessive memory allocation by sending concurrent password hashing requests....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70995
(8.8 HIGH)

EPSS: 0.36%

updated 2026-03-09T13:36:08.413000

1 posts

An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafted POST request to /ASDKAPI/api/v8.6/item/addfile, which is processed by the ASP.NET runtime. The uploaded configuration file alters the execution context

1 repos

https://github.com/0xcronos/CVE

thehackerwire@mastodon.social at 2026-03-07T14:00:29.000Z ##

🟠 CVE-2025-70995 - High (8.8)

An issue in Aranda Service Desk Web Edition (ASDK API 8.6) allows authenticated attackers to achieve remote code execution due to improper validation of uploaded files. An authenticated user can upload a crafted web.config file by sending a crafte...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70949
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-09T13:36:08.413000

1 posts

An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows attackers to access sensitive information via a timing side-channel.

thehackerwire@mastodon.social at 2026-03-07T14:00:19.000Z ##

🟠 CVE-2025-70949 - High (7.5)

An observable timing discrepancy in @perfood/couch-auth v0.26.0 allows attackers to access sensitive information via a timing side-channel.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-55208
(9.0 CRITICAL)

EPSS: 0.05%

updated 2026-03-09T13:36:08.413000

1 posts

Chamilo is a learning management system. Versions prior to 1.11.34 have a Stored XSS through insecure file uploads in `Social Networks`. Through it, a low-privilege user can execute arbitrary code in the admin user inbox, allowing takeover of the admin account. Version 1.11.34 fixes the issue.

thehackerwire@mastodon.social at 2026-03-07T13:01:18.000Z ##

🔴 CVE-2025-55208 - Critical (9)

Chamilo is a learning management system. Versions prior to 1.11.34 have a Stored XSS through insecure file uploads in `Social Networks`. Through it, a low-privilege user can execute arbitrary code in the admin user inbox, allowing takeover of the ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28451
(8.3 HIGH)

EPSS: 0.04%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections via sendMediaFeishu function and markdown image processing. Attackers can influence tool calls through direct manipulation or prompt injection to trigger requests to internal services and re-upload re

thehackerwire@mastodon.social at 2026-03-07T12:01:37.000Z ##

🟠 CVE-2026-28451 - High (8.3)

OpenClaw versions prior to 2026.2.14 contain server-side request forgery vulnerabilities in the Feishu extension that allow attackers to fetch attacker-controlled remote URLs without SSRF protections via sendMediaFeishu function and markdown image...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28392
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions prior to 2026.2.14 contain a privilege escalation vulnerability in the Slack slash-command handler that incorrectly authorizes any direct message sender when dmPolicy is set to open (must be configured). Attackers can execute privileged slash commands via direct message to bypass allowlist and access-group restrictions.

thehackerwire@mastodon.social at 2026-03-06T11:47:44.000Z ##

🔴 CVE-2026-28392 - Critical (9.8)

OpenClaw versions prior to 2026.2.14 contain a privilege escalation vulnerability in the Slack slash-command handler that incorrectly authorizes any direct message sender when dmPolicy is set to open (must be configured). Attackers can execute pri...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28447
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vulnerability in plugin installation that allows malicious plugin package names to escape the extensions directory. Attackers can craft scoped package names containing path traversal sequences like .. to write files outside the intended installation directory when victims run the plugins install command.

thehackerwire@mastodon.social at 2026-03-06T11:20:42.000Z ##

🟠 CVE-2026-28447 - High (7.5)

OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.1 contain a path traversal vulnerability in plugin installation that allows malicious plugin package names to escape the extensions directory. Attackers can craft scoped package names containing p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28453
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions prior to 2026.2.14 fail to validate TAR archive entry paths during extraction, allowing path traversal sequences to write files outside the intended directory. Attackers can craft malicious archives with traversal sequences like ../../ to write files outside extraction boundaries, potentially enabling configuration tampering and code execution.

thehackerwire@mastodon.social at 2026-03-06T11:20:08.000Z ##

🟠 CVE-2026-28453 - High (7.5)

OpenClaw versions prior to 2026.2.14 fail to validate TAR archive entry paths during extraction, allowing path traversal sequences to write files outside the intended directory. Attackers can craft malicious archives with traversal sequences like ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28456
(7.2 HIGH)

EPSS: 0.06%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a vulnerability in the Gateway in which it does not sufficiently constrain configured hook module paths before passing them to dynamic import(), allowing code execution. An attacker with gateway configuration modification access can load and execute unintended local modules in the Node.js process.

thehackerwire@mastodon.social at 2026-03-06T11:01:26.000Z ##

🟠 CVE-2026-28456 - High (8.4)

OpenClaw versions 2026.1.5 prior to 2026.2.14 contain a vulnerability in the Gateway in which it does not sufficiently constrain configured hook module paths before passing them to dynamic import(), allowing code execution. An attacker with gatewa...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28469
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in the Google Chat monitor component that allows cross-account policy context misrouting when multiple webhook targets share the same HTTP path. Attackers can exploit first-match request verification semantics to process inbound webhook events under incorrect account contexts, bypassing intended allowlists and session pol

thehackerwire@mastodon.social at 2026-03-06T10:16:34.000Z ##

🔴 CVE-2026-28469 - Critical (9.8)

OpenClaw versions prior to 2026.2.14 contain a webhook routing vulnerability in the Google Chat monitor component that allows cross-account policy context misrouting when multiple webhook targets share the same HTTP path. Attackers can exploit fir...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28472
(8.1 HIGH)

EPSS: 0.04%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSocket connect handshake in which it allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without providing device identity or pairing by exploiting the presence check instead of validation, potentially gaining operator access in vulnerable deployments.

thehackerwire@mastodon.social at 2026-03-06T10:01:03.000Z ##

🔴 CVE-2026-28472 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 contain a vulnerability in the gateway WebSocket connect handshake in which it allows skipping device identity checks when auth.token is present but not validated. Attackers can connect to the gateway without pr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28478
(7.5 HIGH)

EPSS: 0.08%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions prior to 2026.2.13 contain a denial of service vulnerability in webhook handlers that buffer request bodies without strict byte or time limits. Remote unauthenticated attackers can send oversized JSON payloads or slow uploads to webhook endpoints causing memory pressure and availability degradation.

thehackerwire@mastodon.social at 2026-03-06T10:00:44.000Z ##

🟠 CVE-2026-28478 - High (7.5)

OpenClaw versions prior to 2026.2.13 contain a denial of service vulnerability in webhook handlers that buffer request bodies without strict byte or time limits. Remote unauthenticated attackers can send oversized JSON payloads or slow uploads to ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29613
(5.9 MEDIUM)

EPSS: 0.02%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions prior to 2026.2.12 contain a vulnerability in the BlueBubbles (optional plugin) webhook handler in which it authenticates requests based solely on loopback remoteAddress without validating forwarding headers, allowing bypass of configured webhook passwords. When the gateway operates behind a reverse proxy, unauthenticated remote attackers can inject arbitrary BlueBubbles message

thehackerwire@mastodon.social at 2026-03-06T09:59:54.000Z ##

🟠 CVE-2026-29613 - High (7.5)

OpenClaw versions prior to 2026.2.12 contain a vulnerability in the BlueBubbles (optional plugin) webhook handler in which it authenticates requests based solely on loopback remoteAddress without validating forwarding headers, allowing bypass of c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29609
(7.5 HIGH)

EPSS: 0.10%

updated 2026-03-09T13:36:08.413000

1 posts

OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the fetchWithGuard function that allocates entire response payloads in memory before enforcing maxBytes limits. Remote attackers can trigger memory exhaustion by serving oversized responses without content-length headers to cause availability loss.

thehackerwire@mastodon.social at 2026-03-06T09:00:25.000Z ##

🟠 CVE-2026-29609 - High (7.5)

OpenClaw versions prior to 2026.2.14 contain a denial of service vulnerability in the fetchWithGuard function that allocates entire response payloads in memory before enforcing maxBytes limits. Remote attackers can trigger memory exhaustion by ser...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-59541
(8.1 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:36:08.413000

2 posts

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions such as project deletion do not implement anti-CSRF protections (tokens) and GET based requests. As a result, an authenticated user (Trainer) can be tricked

thehackerwire@mastodon.social at 2026-03-06T08:35:25.000Z ##

🟠 CVE-2025-59541 - High (8.1)

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:23:41.000Z ##

🟠 CVE-2025-59541 - High (8.1)

Chamilo is a learning management system. Prior to version 1.11.34, a Cross-Site Request Forgery (CSRF) vulnerability allows an attacker to delete projects inside a course without the victim’s consent. The issue arises because sensitive actions s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28727
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:36:08.413000

1 posts

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124.

thehackerwire@mastodon.social at 2026-03-06T08:23:50.000Z ##

🟠 CVE-2026-28727 - High (7.8)

Local privilege escalation due to insecure Unix socket permissions. The following products are affected: Acronis Cyber Protect 17 (macOS) before build 41186, Acronis Cyber Protect Cloud Agent (macOS) before build 41124.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28514
(0 None)

EPSS: 0.11%

updated 2026-03-09T13:35:34.633000

3 posts

Rocket.Chat is an open-source, secure, fully customizable communications platform. Prior to versions 7.8.6, 7.9.8, 7.10.7, 7.11.4, 7.12.4, 7.13.3, and 8.0.0, a critical authentication bypass vulnerability exists in Rocket.Chat's account service used in the ddp-streamer micro service that allows an attacker to log in to the service as any user with a password set, using any arbitrary password. The

_r_netsec at 2026-03-09T16:28:05.278Z ##

Sign in with ANY password into Rocket.Chat EE (CVE-2026-28514) and other vulnerabilities we’ve found with our open source AI framework github.blog/security/how-to-sc

##

_r_netsec@infosec.exchange at 2026-03-09T16:28:05.000Z ##

Sign in with ANY password into Rocket.Chat EE (CVE-2026-28514) and other vulnerabilities we’ve found with our open source AI framework github.blog/security/how-to-sc

##

offseq@infosec.exchange at 2026-03-07T03:00:28.000Z ##

🚩 CRITICAL: CVE-2026-28514 in Rocket.Chat (<8.0.0) allows auth bypass via username-only login. Full account takeover possible! Patch now or restrict access + enable MFA. Details: radar.offseq.com/threat/cve-20 #OffSeq #RocketChat #Security #CVE202628514

##

CVE-2026-30227
(0 None)

EPSS: 1.01%

updated 2026-03-09T13:35:34.633000

2 posts

MimeKit is a C# library which may be used for the creation and parsing of messages using the Multipurpose Internet Mail Extension (MIME), as defined by numerous IETF specifications. Prior to version 4.15.1, a CRLF injection vulnerability in MimeKit allows an attacker to embed \r\n into the SMTP envelope address local-part (when the local-part is a quoted-string). This is non-compliant with RFC 532

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-29067
(8.1 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:35:34.633000

1 posts

ZITADEL is an open source identity management platform. From version 4.0.0-rc.1 to 4.7.0, a potential vulnerability exists in ZITADEL's password reset mechanism in login V2. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming requests to construct the URL for the password reset confirmation link. This link, containing a secret code, is then emailed to the user. This issue has b

thehackerwire@mastodon.social at 2026-03-07T15:39:14.000Z ##

🟠 CVE-2026-29067 - High (8.1)

ZITADEL is an open source identity management platform. From version 4.0.0-rc.1 to 4.7.0, a potential vulnerability exists in ZITADEL's password reset mechanism in login V2. ZITADEL utilizes the Forwarded or X-Forwarded-Host header from incoming r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29191
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-03-09T13:35:34.633000

1 posts

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via XSS in /saml-post Endpoint. This issue has been patched in version 4.12.0.

thehackerwire@mastodon.social at 2026-03-07T15:37:36.000Z ##

🔴 CVE-2026-29191 - Critical (9.3)

ZITADEL is an open source identity management platform. From version 4.0.0 to 4.11.1, a vulnerability in Zitadel's login V2 interface was discovered that allowed a possible account takeover via XSS in /saml-post Endpoint. This issue has been patch...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2446
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-03-09T13:35:34.633000

1 posts

The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users

thehackerwire@mastodon.social at 2026-03-07T11:17:16.000Z ##

🔴 CVE-2026-2446 - Critical (9.8)

The PowerPack for LearnDash WordPress plugin before 1.3.0 does not have authorization and CRSF checks in an AJAX action, allowing unauthenticated users to update arbitrary WordPress options (such as default_role etc) and create arbitrary admin users

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3589
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-09T13:35:34.633000

2 posts

The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF attack for example.

thehackerwire@mastodon.social at 2026-03-07T11:17:06.000Z ##

🟠 CVE-2026-3589 - High (7.5)

The WooCommerce WordPress plugin from versions 5.4.0 to 10.5.2 does not properly handle batch requests, which could allow unauthenticated users to make a logged in admin call non store/WC REST endpoints, and create arbitrary admin users via a CSRF...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-06T10:30:29.000Z ##

🚨 CVE-2026-3589: CRITICAL CSRF in WooCommerce (5.4.0 – 10.5.2) lets unauth users create admin accounts via REST API batch requests. Patch ASAP! Restrict API access & monitor for abuse. More: radar.offseq.com/threat/cve-20 #OffSeq #WooCommerce #WordPress #CSRF

##

CVE-2026-24308
(0 None)

EPSS: 0.01%

updated 2026-03-09T13:35:34.633000

1 posts

Improper handling of configuration values in ZKConfig in Apache ZooKeeper 3.8.5 and 3.9.4 on all platforms allows an attacker to expose sensitive information stored in client configuration in the client's logfile. Configuration values are exposed at INFO level logging rendering potential production systems affected by the issue. Users are recommended to upgrade to version 3.8.6 or 3.9.5 which fixe

offseq@infosec.exchange at 2026-03-07T10:30:28.000Z ##

💡 HIGH severity: CVE-2026-24308 in Apache ZooKeeper 3.8.0 – 3.9.4 logs sensitive config at INFO level. Risk of secret exposure via logs. Patch to 3.8.6/3.9.5 & restrict log access! radar.offseq.com/threat/cve-20 #OffSeq #ZooKeeper #CVE202624308 #Security

##

CVE-2026-26018
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-09T13:35:34.633000

1 posts

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnerability stems from the use of a predictable pseudo-random number generator (PRNG) for generating a secret query name, combined with a fatal error handler

thehackerwire@mastodon.social at 2026-03-07T10:23:51.000Z ##

🟠 CVE-2026-26018 - High (7.5)

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a denial of service vulnerability exists in CoreDNS's loop detection plugin that allows an attacker to crash the DNS server by sending specially crafted DNS queries. The vulnera...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29075
(8.3 HIGH)

EPSS: 0.07%

updated 2026-03-09T13:35:34.633000

1 posts

Mesa is an open-source Python library for agent-based modeling, simulating complex systems and exploring emergent behaviors. In version 3.5.0 and prior, checking out of untrusted code in benchmarks.yml workflow may lead to code execution in privileged runner. This issue has been patched via commit c35b8cd.

thehackerwire@mastodon.social at 2026-03-07T09:30:32.000Z ##

🟠 CVE-2026-29075 - High (8.3)

Mesa is an open-source Python library for agent-based modeling, simulating complex systems and exploring emergent behaviors. In version 3.5.0 and prior, checking out of untrusted code in benchmarks.yml workflow may lead to code execution in privil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-14353
(7.5 HIGH)

EPSS: 0.07%

updated 2026-03-09T13:35:34.633000

2 posts

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 via the 'zipcode' parameter. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing

thehackerwire@mastodon.social at 2026-03-07T09:05:38.000Z ##

🟠 CVE-2025-14353 - High (7.5)

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 via the 'zipcode' parameter. This is due to insufficient escaping on the user supplied parameter and lack of suff...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T08:15:04.000Z ##

🟠 CVE-2025-14353 - High (7.5)

The ZIP Code Based Content Protection plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 1.0.2 via the 'zipcode' parameter. This is due to insufficient escaping on the user supplied parameter and lack of suff...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29091
(8.1 HIGH)

EPSS: 0.25%

updated 2026-03-09T13:35:34.633000

1 posts

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.0, a remote code execution (RCE) flaw was discovered in the locutus project, specifically within the call_user_func_array function implementation. The vulnerability allows an attacker to inject arbitrary JavaScript code into the application's runtime environment. This issue stems from

thehackerwire@mastodon.social at 2026-03-07T08:15:39.000Z ##

🟠 CVE-2026-29091 - High (8.1)

Locutus brings stdlibs of other programming languages to JavaScript for educational purposes. Prior to version 3.0.0, a remote code execution (RCE) flaw was discovered in the locutus project, specifically within the call_user_func_array function i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29789
(9.9 CRITICAL)

EPSS: 0.05%

updated 2026-03-09T13:35:34.633000

2 posts

Vito is a self-hosted web application that helps manage servers and deploy PHP applications into production servers. Prior to version 3.20.3, a missing authorization check in workflow site-creation actions allows an authenticated attacker with workflow write access in one project to create/manage sites on servers belonging to other projects by supplying a foreign server_id. This issue has been pat

thehackerwire@mastodon.social at 2026-03-07T08:15:28.000Z ##

🔴 CVE-2026-29789 - Critical (9.9)

Vito is a self-hosted web application that helps manage servers and deploy PHP applications into production servers. Prior to version 3.20.3, a missing authorization check in workflow site-creation actions allows an authenticated attacker with wor...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-07T00:00:42.000Z ##

🚨 CVE-2026-29789 (CRITICAL, CVSS 10): vitodeploy vito <3.20.3 has missing auth checks in workflow site-creation. Attackers with workflow write can act across projects. Patch to 3.20.3+ now! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #PatchTuesday

##

CVE-2026-30242
(8.5 HIGH)

EPSS: 0.03%

updated 2026-03-09T13:35:34.633000

1 posts

Plane is an an open-source project management tool. Prior to version 1.2.3, the webhook URL validation in plane/app/serializers/webhook.py only checks ip.is_loopback, allowing attackers with workspace ADMIN role to create webhooks pointing to private/internal network addresses (10.x.x.x, 172.16.x.x, 192.168.x.x, 169.254.169.254, etc.). When webhook events fire, the server makes requests to these i

thehackerwire@mastodon.social at 2026-03-07T08:15:03.000Z ##

🟠 CVE-2026-30242 - High (8.5)

Plane is an an open-source project management tool. Prior to version 1.2.3, the webhook URL validation in plane/app/serializers/webhook.py only checks ip.is_loopback, allowing attackers with workspace ADMIN role to create webhooks pointing to priv...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30823
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-09T13:35:34.633000

1 posts

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there is an IDOR vulnerability, leading to account takeover and enterprise feature bypass via SSO configuration. This issue has been patched in version 3.0.13.

thehackerwire@mastodon.social at 2026-03-07T08:07:24.000Z ##

🟠 CVE-2026-30823 - High (8.8)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, there is an IDOR vulnerability, leading to account takeover and enterprise feature bypass via SSO configuration. This issue has been ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3823
(8.8 HIGH)

EPSS: 0.14%

updated 2026-03-09T13:35:07.393000

6 posts

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

offseq at 2026-03-09T16:30:30.999Z ##

🚨 CRITICAL: CVE-2026-3823 exposes Atop EHG2408 switches to unauthenticated RCE via stack-based buffer overflow. No patch yet — segment, restrict access, and monitor traffic. Full device compromise risk. radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-09T08:01:20.000Z ##

🟠 CVE-2026-3823 - High (8.8)

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-09T07:30:30.001Z ##

CRITICAL: CVE-2026-3823 in Atop EHG2408 switches — stack-based buffer overflow allows unauth'd remote code exec. No patch yet. Segment, monitor & restrict access ASAP! 🛡️ radar.offseq.com/threat/cve-20

##

offseq@infosec.exchange at 2026-03-09T16:30:30.000Z ##

🚨 CRITICAL: CVE-2026-3823 exposes Atop EHG2408 switches to unauthenticated RCE via stack-based buffer overflow. No patch yet — segment, restrict access, and monitor traffic. Full device compromise risk. radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vuln #OTSecurity

##

thehackerwire@mastodon.social at 2026-03-09T08:01:20.000Z ##

🟠 CVE-2026-3823 - High (8.8)

EHG2408 series switch developed by Atop Technologies has a Stack-based Buffer Overflow vulnerability, allowing unauthenticated remote attackers to control the program's execution flow and execute arbitrary code.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T07:30:30.000Z ##

CRITICAL: CVE-2026-3823 in Atop EHG2408 switches — stack-based buffer overflow allows unauth'd remote code exec. No patch yet. Segment, monitor & restrict access ASAP! 🛡️ radar.offseq.com/threat/cve-20 #OffSeq #CVE20263823 #ICS #Vulnerability

##

CVE-2026-29784
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-09T13:35:07.393000

2 posts

Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, incomplete CSRF protections around /session/verify made it possible to use OTCs in login sessions different from the requesting session. In some scenarios this might have made it easier for phishers to take over a Ghost site. This issue has been patched in version 6.19.3.

Matchbook3469@mastodon.social at 2026-03-09T14:00:14.000Z ##

🔶 New security advisory:

CVE-2026-29784 affects multiple systems.

• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #PatchNow #InfoSecCommunity

##

thehackerwire@mastodon.social at 2026-03-08T10:00:21.000Z ##

🟠 CVE-2026-29784 - High (7.5)

Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, incomplete CSRF protections around /session/verify made it possible to use OTCs in login sessions different from the requesting session. In some scenarios this might hav...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41758
(8.8 HIGH)

EPSS: 0.18%

updated 2026-03-09T13:35:07.393000

2 posts

A low-privileged remote attacker can exploit an arbitrary file write vulnerability in the wwupload.cgi endpoint. Due to path traversal this can lead to overwriting arbitrary files on the device and achieving a full system compromise.

thehackerwire@mastodon.social at 2026-03-09T12:48:24.000Z ##

🟠 CVE-2025-41758 - High (8.8)

A low-privileged remote attacker can exploit an arbitrary file write vulnerability in the wwupload.cgi endpoint. Due to path traversal this can lead to overwriting arbitrary files on the device and achieving a full system compromise.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:48:24.000Z ##

🟠 CVE-2025-41758 - High (8.8)

A low-privileged remote attacker can exploit an arbitrary file write vulnerability in the wwupload.cgi endpoint. Due to path traversal this can lead to overwriting arbitrary files on the device and achieving a full system compromise.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41764
(9.1 CRITICAL)

EPSS: 0.10%

updated 2026-03-09T13:35:07.393000

4 posts

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

thehackerwire@mastodon.social at 2026-03-09T12:48:14.000Z ##

🔴 CVE-2025-41764 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:54.000Z ##

🔴 CVE-2025-41764 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:48:14.000Z ##

🔴 CVE-2025-41764 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:54.000Z ##

🔴 CVE-2025-41764 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupdate.cgi endpoint to upload and apply arbitrary updates.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41761
(7.8 HIGH)

EPSS: 0.02%

updated 2026-03-09T13:35:07.393000

4 posts

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and ip) with sudo.

thehackerwire@mastodon.social at 2026-03-09T12:48:05.000Z ##

🟠 CVE-2025-41761 - High (7.8)

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:45.000Z ##

🟠 CVE-2025-41761 - High (7.8)

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:48:05.000Z ##

🟠 CVE-2025-41761 - High (7.8)

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:45.000Z ##

🟠 CVE-2025-41761 - High (7.8)

A low‑privileged local attacker who gains access to the UBR service account (e.g., via SSH) can escalate privileges to obtain full system access. This is due to the service account being permitted to execute certain binaries (e.g., tcpdump and i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41756
(8.1 HIGH)

EPSS: 0.10%

updated 2026-03-09T13:35:07.393000

2 posts

A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system.

thehackerwire@mastodon.social at 2026-03-09T12:01:34.000Z ##

🟠 CVE-2025-41756 - High (8.1)

A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:01:34.000Z ##

🟠 CVE-2025-41756 - High (8.1)

A low-privileged remote attacker can exploit the ubr-editfile method in wwwubr.cgi, an undocumented and unused API endpoint to write arbitrary files on the system.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61612
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T11:07:30.000Z ##

🟠 CVE-2025-61612 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T11:07:30.000Z ##

🟠 CVE-2025-61612 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61611
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed..

thehackerwire@mastodon.social at 2026-03-09T11:07:22.000Z ##

🟠 CVE-2025-61611 - High (7.5)

In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed..

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T11:07:22.000Z ##

🟠 CVE-2025-61611 - High (7.5)

In modem, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed..

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69279
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:07:08.000Z ##

🟠 CVE-2025-69279 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:07:08.000Z ##

🟠 CVE-2025-69279 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61615
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:01:19.000Z ##

🟠 CVE-2025-61615 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:01:19.000Z ##

🟠 CVE-2025-61615 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61614
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T13:35:07.393000

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:00:51.000Z ##

🟠 CVE-2025-61614 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:00:51.000Z ##

🟠 CVE-2025-61614 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30896
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:35:07.393000

2 posts

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed with the administrative privilege.

thehackerwire@mastodon.social at 2026-03-09T07:01:10.000Z ##

🟠 CVE-2026-30896 - High (7.8)

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T07:01:10.000Z ##

🟠 CVE-2026-30896 - High (7.8)

The installer for Qsee Client versions 1.0.1 and prior insecurely load Dynamic Link Libraries (DLLs). When a user is directed to place some malicious DLL to the same directory and execute the affected installer, then arbitrary code may be executed...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3630
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-03-09T13:35:07.393000

4 posts

Delta Electronics COMMGR2 has Stack-based Buffer Overflow vulnerability.

offseq at 2026-03-09T04:30:28.137Z ##

🔴 CVE-2026-3630: CRITICAL stack-based buffer overflow in DeltaWW COMMGR2 (ver 0) enables unauthenticated RCE. No patch available. Segment networks, enable IDS/IPS, & monitor for exploitation. Details: radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-09T04:19:28.000Z ##

🔴 CVE-2026-3630 - Critical (9.8)

Delta Electronics COMMGR2 has

Stack-based Buffer Overflow vulnerability.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T04:30:28.000Z ##

🔴 CVE-2026-3630: CRITICAL stack-based buffer overflow in DeltaWW COMMGR2 (ver 0) enables unauthenticated RCE. No patch available. Segment networks, enable IDS/IPS, & monitor for exploitation. Details: radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vuln #CyberSecurity

##

thehackerwire@mastodon.social at 2026-03-09T04:19:28.000Z ##

🔴 CVE-2026-3630 - Critical (9.8)

Delta Electronics COMMGR2 has

Stack-based Buffer Overflow vulnerability.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3787
(7.0 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:35:07.393000

2 posts

A weakness has been identified in UltraVNC 1.6.4.0 on Windows. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path. The attack requires local access. A high degree of complexity is needed for the attack. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but

offseq at 2026-03-09T00:00:39.537Z ##

UltraVNC 1.6.4.0 on Windows hit by HIGH-severity vuln (CVE-2026-3787): uncontrolled DLL search path in cryptbase.dll. Local attackers could escalate privileges. No patch yet — restrict access & monitor for DLL hijacking. radar.offseq.com/threat/cve-20

##

offseq@infosec.exchange at 2026-03-09T00:00:39.000Z ##

UltraVNC 1.6.4.0 on Windows hit by HIGH-severity vuln (CVE-2026-3787): uncontrolled DLL search path in cryptbase.dll. Local attackers could escalate privileges. No patch yet — restrict access & monitor for DLL hijacking. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #UltraVNC

##

CVE-2026-30832
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-03-09T13:35:07.393000

2 posts

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted --lfs-endpoint URL. The initial batch request is blind (the response from a metadata endpoint won't parse as valid LFS JSON), but an attacker hosting a

thehackerwire@mastodon.social at 2026-03-08T10:00:34.000Z ##

🔴 CVE-2026-30832 - Critical (9.1)

Soft Serve is a self-hostable Git server for the command line. From version 0.6.0 to before version 0.11.4, an authenticated SSH user can force the server to make HTTP requests to internal/private IP addresses by running repo import with a crafted...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T07:00:27.000Z ##

🔔 CRITICAL CVE-2026-30832: charmbracelet soft-serve (0.6.0 – 0.11.4) allows authenticated SSH users to exploit SSRF via repo import, exposing internal resources. Update to 0.11.4+ now. More: radar.offseq.com/threat/cve-20 #OffSeq #SSRF #Vulnerability

##

CVE-2026-30851
(8.1 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:35:07.393000

1 posts

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has been patched in version 2.11.2.

thehackerwire@mastodon.social at 2026-03-08T09:38:38.000Z ##

🟠 CVE-2026-30851 - High (8.1)

Caddy is an extensible server platform that uses TLS by default. From version 2.10.0 to before version 2.11.2, forward_auth copy_headers does not strip client-supplied headers, allowing identity injection and privilege escalation. This issue has b...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30860
(9.9 CRITICAL)

EPSS: 0.08%

updated 2026-03-09T13:35:07.393000

2 posts

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation system fails to recursively inspect child nodes within PostgreSQL array expressions and row expressions, allowing attackers to bypass SQL injection protectio

thehackerwire@mastodon.social at 2026-03-08T09:20:03.000Z ##

🔴 CVE-2026-30860 - Critical (9.9)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.2.12, a remote code execution (RCE) vulnerability exists in the application's database query functionality. The validation syst...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T02:30:28.000Z ##

⚠️ CRITICAL: Tencent WeKnora (<0.2.12) hit by CVE-2026-30860 — SQLi in PostgreSQL array/row parsing enables unauthenticated RCE. Patch to 0.2.12 ASAP. Restrict DB rights and monitor logs. radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #InfoSec

##

CVE-2026-3699
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-09T13:35:07.393000

1 posts

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-03-08T08:18:38.000Z ##

🟠 CVE-2026-3699 - High (8.8)

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has bee...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30863
(0 None)

EPSS: 0.07%

updated 2026-03-09T13:35:07.393000

1 posts

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. Prior to versions 8.6.10 and 9.5.0-alpha.11, the Google, Apple, and Facebook authentication adapters use JWT verification to validate identity tokens. When the adapter's audience configuration option is not set (clientId for Google/Apple, appIds for Facebook), JWT verification silently skips aud

1 repos

https://github.com/Worthes/CVE-2026-30863-Exploit

offseq@infosec.exchange at 2026-03-08T04:00:28.000Z ##

🚨 CRITICAL: parse-server (<8.6.10, <9.5.0-alpha.11) has CWE-287 improper authentication (CVE-2026-30863). JWT audience check skipped by default; attackers can impersonate users. Patch or set audience now. radar.offseq.com/threat/cve-20 #OffSeq #CVE202630863 #ParseServer #infosec

##

CVE-2026-30855
(9.8 CRITICAL)

EPSS: 0.08%

updated 2026-03-09T13:21:39

1 posts

### Summary An authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modify, or delete any tenant by ID. Since account registration is open to the public, this vulnerability allows any unauthenticated attacker to register an account and subsequently exploit the system. This enables cross-tenant account takeover and destruction, making the

thehackerwire@mastodon.social at 2026-03-08T09:19:54.000Z ##

🟠 CVE-2026-30855 - High (8.8)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. Prior to version 0.3.2, an authorization bypass in tenant management endpoints of WeKnora application allows any authenticated user to read, modif...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30827
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-09T13:15:36

1 posts

## Summary The default `keyGenerator` in express-rate-limit applies IPv6 subnet masking (`/56` by default) to all addresses that `net.isIPv6()` returns true for. This includes IPv4-mapped IPv6 addresses (`::ffff:x.x.x.x`), which Node.js returns as `request.ip` on dual-stack servers. Because the first 80 bits of all IPv4-mapped addresses are zero, a `/56` (or any `/32` to `/80`) subnet mask produ

thehackerwire@mastodon.social at 2026-03-07T08:07:34.000Z ##

🟠 CVE-2026-30827 - High (7.5)

express-rate-limit is a basic rate-limiting middleware for Express. In versions starting from 8.0.0 and prior to versions 8.0.2, 8.1.1, 8.2.2, and 8.3.0, the default keyGenerator in express-rate-limit applies IPv6 subnet masking (/56 by default) t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30822
(7.7 HIGH)

EPSS: 0.04%

updated 2026-03-09T13:15:31

2 posts

## Summary **A Mass Assignment vulnerability in the `/api/v1/leads` endpoint allows any unauthenticated user to control internal entity fields (`id`, `createdDate`, `chatId`) by including them in the request body.** The endpoint uses `Object.assign()` to copy all properties from the request body to the Lead entity without any input validation or field filtering. This allows attackers to bypass a

thehackerwire@mastodon.social at 2026-03-07T09:05:28.000Z ##

🟠 CVE-2026-30822 - High (7.7)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in v...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-07T08:14:54.000Z ##

🟠 CVE-2026-30822 - High (7.7)

Flowise is a drag & drop user interface to build a customized large language model flow. Prior to version 3.0.13, unauthenticated users can inject arbitrary values into internal database fields when creating leads. This issue has been patched in v...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30861
(10.0 CRITICAL)

EPSS: 0.21%

updated 2026-03-09T13:14:29

3 posts

### Summary A critical unauthenticated remote code execution (RCE) vulnerability exists in the MCP stdio configuration validation introduced in version 2.0.5. The application allows unrestricted user registration, meaning any attacker can create an account and exploit the command injection flaw. Despite implementing a whitelist for allowed commands (`npx`, `uvx`) and blacklists for dangerous ar

thehackerwire@mastodon.social at 2026-03-08T09:38:29.000Z ##

🔴 CVE-2026-30861 - Critical (9.9)

WeKnora is an LLM-powered framework designed for deep document understanding and semantic retrieval. From version 0.2.5 to before version 0.2.10, an unauthenticated remote code execution (RCE) vulnerability exists in the MCP stdio configuration va...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T01:00:29.000Z ##

⚠️ CRITICAL: Tencent WeKnora (0.2.5 – 0.2.9) hit by unauthenticated RCE (CVE-2026-30861) — attackers bypass command validation using npx - p node. Patch to 0.2.10 ASAP! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #RCE #Tencent

##

offseq@infosec.exchange at 2026-03-08T00:00:39.000Z ##

🚨 CRITICAL CVE-2026-30861: Tencent WeKnora (0.2.5 – 0.2.9) OS command injection enables unauth RCE — full system compromise possible. Patch to 0.2.10 now! More info: radar.offseq.com/threat/cve-20 #OffSeq #RCE #Vulnerability #InfoSec

##

CVE-2026-30244
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-09T13:12:18

1 posts

## Executive Summary A security vulnerability exists in the Plane project management platform that allows unauthenticated attackers to enumerate workspace members and extract sensitive information including email addresses, user roles, and internal identifiers. The vulnerability stems from Django REST Framework permission classes being incorrectly configured to allow anonymous access to protected

thehackerwire@mastodon.social at 2026-03-07T08:15:14.000Z ##

🟠 CVE-2026-30244 - High (7.5)

Plane is an an open-source project management tool. Prior to version 1.2.2, unauthenticated attackers can enumerate workspace members and extract sensitive information including email addresses, user roles, and internal identifiers. The vulnerabil...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3814
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-09T12:31:50

4 posts

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the attack remotely. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-03-09T11:02:57.000Z ##

🟠 CVE-2026-3814 - High (8.8)

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-09T10:32:40.007Z ##

🚨 HIGH severity (CVSS 8.7) buffer overflow in UTT HiPER 810G (≤1.7.7-1711), via strcpy in /goform/getOneApConfTempEntry. Public exploit released — urgent monitoring advised. CVE-2026-3814 radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-09T11:02:57.000Z ##

🟠 CVE-2026-3814 - High (8.8)

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-1711. Affected by this issue is the function strcpy of the file /goform/getOneApConfTempEntry. Performing a manipulation results in buffer overflow. It is possible to initiate the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T10:32:40.000Z ##

🚨 HIGH severity (CVSS 8.7) buffer overflow in UTT HiPER 810G (≤1.7.7-1711), via strcpy in /goform/getOneApConfTempEntry. Public exploit released — urgent monitoring advised. CVE-2026-3814 radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #UTT #InfoSec

##

CVE-2026-3815
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-09T12:31:49

4 posts

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

thehackerwire@mastodon.social at 2026-03-09T12:03:49.000Z ##

🟠 CVE-2026-3815 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:35.000Z ##

🟠 CVE-2026-3815 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:03:49.000Z ##

🟠 CVE-2026-3815 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:00:35.000Z ##

🟠 CVE-2026-3815 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-1711. This affects the function strcpy of the file /goform/formApMail. Executing a manipulation can lead to buffer overflow. It is possible to launch the attack remotely. The exploit has...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41765
(9.1 CRITICAL)

EPSS: 0.06%

updated 2026-03-09T09:30:37

2 posts

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for restoration, server peer configurations, and BACnet/SC server certificates and keys.

thehackerwire@mastodon.social at 2026-03-09T12:01:23.000Z ##

🔴 CVE-2025-41765 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:01:23.000Z ##

🔴 CVE-2025-41765 - Critical (9.1)

Due to insufficient authorization enforcement, an unauthorized remote attacker can exploit the wwwupload.cgi endpoint to upload and apply arbitrary data. This includes, but is not limited to, contact images, HTTPS certificates, system backups for ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41772
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-09T09:30:37

2 posts

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.

thehackerwire@mastodon.social at 2026-03-09T10:07:27.000Z ##

🟠 CVE-2025-41772 - High (7.5)

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:07:27.000Z ##

🟠 CVE-2025-41772 - High (7.5)

An unauthenticated remote attacker can obtain valid session tokens because they are exposed in plaintext within the URL parameters of the wwwupdate.cgi endpoint in UBR.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41766
(8.8 HIGH)

EPSS: 0.39%

updated 2026-03-09T09:30:37

2 posts

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.

thehackerwire@mastodon.social at 2026-03-09T10:07:17.000Z ##

🟠 CVE-2025-41766 - High (8.8)

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:07:17.000Z ##

🟠 CVE-2025-41766 - High (8.8)

A low-privileged remote attacker can trigger a stack-based buffer overflow via a crafted HTTP POST request using the ubr-network method resulting in full device compromise.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69278
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T09:30:37

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:01:38.000Z ##

🟠 CVE-2025-69278 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:01:38.000Z ##

🟠 CVE-2025-69278 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3811
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T09:30:37

4 posts

A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.

thehackerwire@mastodon.social at 2026-03-09T10:00:31.000Z ##

🟠 CVE-2026-3811 - High (8.8)

A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remote...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-09T09:00:32.164Z ##

⚠️ HIGH severity: Tenda FH1202 (1.2.0.14) vulnerable to stack-based buffer overflow (CVE-2026-3811). Remote exploit is public. No fix yet — monitor, isolate, and watch for updates. radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-09T10:00:31.000Z ##

🟠 CVE-2026-3811 - High (8.8)

A vulnerability was found in Tenda FH1202 1.2.0.14(408). This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remote...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T09:00:32.000Z ##

⚠️ HIGH severity: Tenda FH1202 (1.2.0.14) vulnerable to stack-based buffer overflow (CVE-2026-3811). Remote exploit is public. No fix yet — monitor, isolate, and watch for updates. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #IoTSecurity #CVE20263811

##

CVE-2025-41757
(8.8 HIGH)

EPSS: 0.22%

updated 2026-03-09T09:30:36

2 posts

A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the system.

thehackerwire@mastodon.social at 2026-03-09T12:01:43.000Z ##

🟠 CVE-2025-41757 - High (8.8)

A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the sy...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T12:01:43.000Z ##

🟠 CVE-2025-41757 - High (8.8)

A low-privileged remote attacker can abuse the backup restore functionality of UBR (ubr-restore) which runs with elevated privileges and does not validate the contents of the backup archive to create or overwrite arbitrary files anywhere on the sy...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61616
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T09:30:36

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:01:29.000Z ##

🟠 CVE-2025-61616 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:01:29.000Z ##

🟠 CVE-2025-61616 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-61613
(7.5 HIGH)

EPSS: 0.21%

updated 2026-03-09T09:30:36

2 posts

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-03-09T10:00:40.000Z ##

🟠 CVE-2025-61613 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T10:00:40.000Z ##

🟠 CVE-2025-61613 - High (7.5)

In nr modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3810
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T09:30:36

2 posts

A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

thehackerwire@mastodon.social at 2026-03-09T08:20:30.000Z ##

🟠 CVE-2026-3810 - High (8.8)

A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T08:20:30.000Z ##

🟠 CVE-2026-3810 - High (8.8)

A vulnerability has been found in Tenda FH1202 1.2.0.14(408). This affects the function fromDhcpListClient of the file /goform/DhcpListClient. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3808
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T09:30:30

2 posts

A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.

thehackerwire@mastodon.social at 2026-03-09T08:20:11.000Z ##

🟠 CVE-2026-3808 - High (8.8)

A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T08:20:11.000Z ##

🟠 CVE-2026-3808 - High (8.8)

A vulnerability was detected in Tenda FH1202 1.2.0.14(408). The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3807
(8.8 HIGH)

EPSS: 0.09%

updated 2026-03-09T09:30:30

2 posts

A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mit_ssid/mit_ssid_index leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

thehackerwire@mastodon.social at 2026-03-09T08:01:11.000Z ##

🟠 CVE-2026-3807 - High (8.8)

A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mit_ssid/mit_ssid_index leads to stack-based buffer overflow....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T08:01:11.000Z ##

🟠 CVE-2026-3807 - High (8.8)

A security vulnerability has been detected in Tenda FH1202 1.2.0.14(408). Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mit_ssid/mit_ssid_index leads to stack-based buffer overflow....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3803
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T06:31:20

2 posts

A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is publicly available and might be used.

thehackerwire@mastodon.social at 2026-03-09T07:01:20.000Z ##

🟠 CVE-2026-3803 - High (8.8)

A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T07:01:20.000Z ##

🟠 CVE-2026-3803 - High (8.8)

A vulnerability was identified in Tenda i3 1.0.0.6(2204). This affects the function formWifiMacFilterGet of the file /goform/WifiMacFilterGet. The manipulation of the argument index leads to stack-based buffer overflow. It is possible to initiate ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3802
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T06:31:20

2 posts

A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been publicly disclosed and may be utilized.

thehackerwire@mastodon.social at 2026-03-09T06:00:49.000Z ##

🟠 CVE-2026-3802 - High (8.8)

A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack m...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T06:00:49.000Z ##

🟠 CVE-2026-3802 - High (8.8)

A vulnerability was determined in Tenda i3 1.0.0.6(2204). Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack m...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3804
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T06:31:19

4 posts

A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-03-09T07:00:58.000Z ##

🟠 CVE-2026-3804 - High (8.8)

A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-03-09T06:00:26.812Z ##

⚠️ HIGH severity: CVE-2026-3804 in Tenda i3 v1.0.0.6(2204) enables remote stack-based buffer overflow via /goform/WifiMacFilterSet. Exploit is public — prioritize mitigation or isolation. radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-09T07:00:58.000Z ##

🟠 CVE-2026-3804 - High (8.8)

A security flaw has been discovered in Tenda i3 1.0.0.6(2204). This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T06:00:26.000Z ##

⚠️ HIGH severity: CVE-2026-3804 in Tenda i3 v1.0.0.6(2204) enables remote stack-based buffer overflow via /goform/WifiMacFilterSet. Exploit is public — prioritize mitigation or isolation. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Tenda #InfoSec

##

CVE-2026-3631
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-09T06:31:19

2 posts

Delta Electronics COMMGR2 has Buffer Over-read DoS vulnerability.

CVE-2026-3799
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-09T06:31:19

2 posts

A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formSetCfm of the file /goform/setcfm. This manipulation of the argument funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used.

thehackerwire@mastodon.social at 2026-03-09T04:19:19.000Z ##

🟠 CVE-2026-3799 - High (8.8)

A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formSetCfm of the file /goform/setcfm. This manipulation of the argument funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The ex...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T04:19:19.000Z ##

🟠 CVE-2026-3799 - High (8.8)

A flaw has been found in Tenda i3 1.0.0.6(2204). This impacts the function formSetCfm of the file /goform/setcfm. This manipulation of the argument funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The ex...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3801
(8.8 HIGH)

EPSS: 0.09%

updated 2026-03-09T06:31:19

2 posts

A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made public and could be used.

thehackerwire@mastodon.social at 2026-03-09T04:19:09.000Z ##

🟠 CVE-2026-3801 - High (8.8)

A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-09T04:19:09.000Z ##

🟠 CVE-2026-3801 - High (8.8)

A vulnerability was found in Tenda i3 1.0.0.6(2204). Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3769
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T21:30:22

4 posts

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used.

offseq at 2026-03-09T01:30:26.707Z ##

🚩 CVE-2026-3769: HIGH severity vuln in Tenda F453 (v1.0.0.3) — stack-based buffer overflow in /goform/WrlclientSet. Public exploit released! Limit remote access, monitor traffic, apply mitigations. Details: radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-03-08T21:27:29.000Z ##

🟠 CVE-2026-3769 - High (8.8)

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remote...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-09T01:30:26.000Z ##

🚩 CVE-2026-3769: HIGH severity vuln in Tenda F453 (v1.0.0.3) — stack-based buffer overflow in /goform/WrlclientSet. Public exploit released! Limit remote access, monitor traffic, apply mitigations. Details: radar.offseq.com/threat/cve-20 #OffSeq #NetworkSecurity #Vuln

##

thehackerwire@mastodon.social at 2026-03-08T21:27:29.000Z ##

🟠 CVE-2026-3769 - High (8.8)

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function WrlclientSet of the file /goform/WrlclientSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack can be executed remote...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3732
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T12:30:35

2 posts

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.

offseq@infosec.exchange at 2026-03-08T11:32:31.000Z ##

🛑 CVE-2026-3732: HIGH severity stack buffer overflow in Tenda F453 (v1.0.0.3). Remote, unauthenticated code execution risk — no patch yet. Block remote mgmt & monitor endpoints. Details: radar.offseq.com/threat/cve-20 #OffSeq #Vuln #RouterSecurity #CVE20263732

##

thehackerwire@mastodon.social at 2026-03-08T11:19:15.000Z ##

🟠 CVE-2026-3732 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3728
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T12:30:34

1 posts

A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

thehackerwire@mastodon.social at 2026-03-08T10:18:18.000Z ##

🟠 CVE-2026-3728 - High (8.8)

A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. Remote exploitation of the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3726
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T09:30:27

2 posts

A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

offseq@infosec.exchange at 2026-03-08T10:00:27.000Z ##

🚨 CVE-2026-3726 (HIGH, CVSS 8.7) in Tenda F453 (v1.0.0.3): Stack buffer overflow in /goform/webExcptypemanFilter enables remote, unauthenticated code execution. Public exploit code raises risk — restrict access & monitor now! radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Infosec

##

thehackerwire@mastodon.social at 2026-03-08T09:19:45.000Z ##

🟠 CVE-2026-3726 - High (8.8)

A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initia...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3715
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-08T09:30:21

2 posts

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument del_flag results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. Upgrading to version 20260226 is able to mitigate this issue. You should upgrad

offseq@infosec.exchange at 2026-03-08T08:30:28.000Z ##

🛡️ CVE-2026-3715: HIGH-severity stack overflow in Wavlink WL-WN579X3-C routers (v231124). Remote attackers can execute code w/o auth. Exploit code is public — patch to 20260226 now! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #RouterSecurity #Infosec

##

thehackerwire@mastodon.social at 2026-03-08T08:14:57.000Z ##

🟠 CVE-2026-3715 - High (8.8)

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument del_flag results in stack-based buffer overflow. It is possible to initiate...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3701
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-08T06:31:15

1 posts

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond

thehackerwire@mastodon.social at 2026-03-08T08:15:20.000Z ##

🟠 CVE-2026-3701 - High (8.8)

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack ca...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3703
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-03-08T06:31:15

2 posts

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to out-of-bounds write. The attack may be performed from remote. The exploit has been published and may be used. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professiona

thehackerwire@mastodon.social at 2026-03-08T08:15:09.000Z ##

🔴 CVE-2026-3703 - Critical (9.8)

A flaw has been found in Wavlink NU516U1 251208. This affects the function sub_401A10 of the file /cgi-bin/login.cgi. Executing a manipulation of the argument ipaddr can lead to out-of-bounds write. The attack may be performed from remote. The exp...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-08T05:30:26.000Z ##

🚨 CRITICAL: CVE-2026-3703 in Wavlink NU516U1 (firmware 251208) allows remote, unauthenticated out-of-bounds write via /cgi-bin/login.cgi. Public exploit available — patch immediately! Monitor for abnormal ipaddr activity. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #RouterSecurity #Wavlink

##

CVE-2026-3698
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-08T03:30:34

1 posts

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /goform/NTP. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.

thehackerwire@mastodon.social at 2026-03-08T08:23:30.000Z ##

🟠 CVE-2026-3698 - High (8.8)

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /goform/NTP. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and m...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3700
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-08T03:30:34

1 posts

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks.

thehackerwire@mastodon.social at 2026-03-08T08:15:29.000Z ##

🟠 CVE-2026-3700 - High (8.8)

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3677
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T00:31:58

1 posts

A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function fromSetCfm of the file /goform/setcfm. The manipulation of the argument funcname/funcpara1 results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been made public and could be used.

thehackerwire@mastodon.social at 2026-03-08T09:01:30.000Z ##

🟠 CVE-2026-3677 - High (8.8)

A vulnerability was found in Tenda FH451 1.0.0.9. This impacts the function fromSetCfm of the file /goform/setcfm. The manipulation of the argument funcname/funcpara1 results in stack-based buffer overflow. The attack may be performed from remote....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3679
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-08T00:31:58

1 posts

A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex. Such manipulation of the argument mit_linktype/PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and might be used.

thehackerwire@mastodon.social at 2026-03-08T09:01:09.000Z ##

🟠 CVE-2026-3679 - High (8.8)

A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex. Such manipulation of the argument mit_linktype/PPPOEPassword leads to stack-based buffer overflow....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-14675
(7.2 HIGH)

EPSS: 0.68%

updated 2026-03-07T09:30:21

2 posts

The Meta Box plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'ajax_delete_file' function in all versions up to, and including, 5.11.1. This makes it possible for authenticated attackers, with Contributor-level access and above, to delete arbitrary files on the server, which can easily lead to remote code execution when the right file is

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-1074
(7.2 HIGH)

EPSS: 0.06%

updated 2026-03-07T09:30:20

1 posts

The WP App Bar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'app-bar-features' parameter in all versions up to, and including, 1.5. This is due to insufficient input sanitization and output escaping combined with a missing authorization check in the `App_Bar_Settings` class constructor. This makes it possible for unauthenticated attackers to inject arbitrary web script

offseq@infosec.exchange at 2026-03-07T09:00:29.000Z ##

🚨 CVE-2026-1074: High-severity stored XSS in WP App Bar plugin (all versions). No auth needed — attackers inject scripts via 'app-bar-features' & compromise admin sessions. Patch or disable urgently! radar.offseq.com/threat/cve-20 #OffSeq #WordPress #XSS #Vuln

##

CVE-2025-8899
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-07T06:31:23

1 posts

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisper_register_form() function not restricting user roles that can be set during registration. This makes it possible for authenticated attackers, with Author-level access and above, to create posts/pages with the re

thehackerwire@mastodon.social at 2026-03-07T08:14:44.000Z ##

🟠 CVE-2025-8899 - High (8.8)

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisper_register_form() function not restricting user roles tha...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25070(CVSS UNKNOWN)

EPSS: 1.03%

updated 2026-03-07T03:30:29

3 posts

XikeStor SKS8310-8X Network Switch firmware versions 1.04.B07 and prior contain an OS command injection vulnerability in the /goform/PingTestSet endpoint that allows unauthenticated remote attackers to execute arbitrary operating system commands. Attackers can inject malicious commands through the destIp parameter to achieve remote code execution with root privileges on the network switch.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

offseq@infosec.exchange at 2026-03-07T01:30:30.000Z ##

⚠️ CRITICAL: CVE-2026-25070 in XikeStor SKS8310-8X allows unauthenticated remote OS command injection (CVSS 9.3). No patch yet. Restrict access, segment networks, and monitor endpoints. Full root risk! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #NetworkSecurity

##

CVE-2026-2020
(7.5 HIGH)

EPSS: 0.09%

updated 2026-03-07T03:30:27

1 posts

The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.1.7 via the 'included' shortcode attribute. This is due to the deserialization of untrusted input supplied via the 'included' parameter of the plugin's shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject a PHP Object. N

thehackerwire@mastodon.social at 2026-03-07T08:14:54.000Z ##

🟠 CVE-2026-2020 - High (7.5)

The JS Archive List plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 6.1.7 via the 'included' shortcode attribute. This is due to the deserialization of untrusted input supplied via the 'included' pa...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15602
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-07T02:33:41

1 posts

Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insufficiently protected against mass assignment. An authenticated, low-privileged user can craft a malicious API request to modify restricted fields of another user account, including the Super Admin account. By changing the email address of the Super Admin and triggering a password reset, an

thehackerwire@mastodon.social at 2026-03-07T10:01:10.000Z ##

🟠 CVE-2025-15602 - High (8.8)

Snipe-IT versions prior to 8.3.7 contain sensitive user attributes related to account privileges that are insufficiently protected against mass assignment. An authenticated, low-privileged user can craft a malicious API request to modify restricte...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70948
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-03-06T23:00:44

1 posts

A host header injection vulnerability in the mailer component of @perfood/couch-auth v0.26.0 allows attackers to obtain reset tokens and execute an account takeover via spoofing the HTTP Host header.

thehackerwire@mastodon.social at 2026-03-07T13:01:38.000Z ##

🔴 CVE-2025-70948 - Critical (9.3)

A host header injection vulnerability in the mailer component of @perfood/couch-auth v0.26.0 allows attackers to obtain reset tokens and execute an account takeover via spoofing the HTTP Host header.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30223
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-06T22:52:11

1 posts

### Summary When JWT authentication is configured using either: - `authJwtPubKeyPath` (local RSA public key), or - `authJwtHmacSecret` (HMAC secret), the configured audience value (`authJwtAud`) is not enforced during token parsing. As a result, validly signed JWT tokens with an incorrect `aud` claim are accepted for authentication. This allows authentication using tokens intended for a differe

thehackerwire@mastodon.social at 2026-03-07T08:15:19.000Z ##

🟠 CVE-2026-30223 - High (8.8)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.1, when JWT authentication is configured using either "authJwtPubKeyPath" (local RSA public key) or "authJwtHmacSecret" (HMAC secret), the configured...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29087
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-06T22:43:59

1 posts

## Summary When using @hono/node-server's static file serving together with route-based middleware protections (e.g. protecting `/admin/*`), inconsistent URL decoding can allow protected static resources to be accessed without authorization. In particular, paths containing encoded slashes (`%2F`) may be evaluated differently by routing/middleware matching versus static file path resolution, enab

thehackerwire@mastodon.social at 2026-03-07T09:05:48.000Z ##

🟠 CVE-2026-29087 - High (7.5)

@Hono/node-server allows running the Hono application on Node.js. Prior to version 1.19.10, when using @Hono/node-server's static file serving together with route-based middleware protections (e.g. protecting /admin/*), inconsistent URL decoding c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26017
(7.7 HIGH)

EPSS: 0.04%

updated 2026-03-06T22:43:40

1 posts

A logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the rewrite plugin, resulting in a Time-of-Check Time-of-Use (TOCTOU) flaw. ### Impact In multi-tenant Kubernetes clusters, this flaw undermines DNS-based segmentation strategies. Example scenario: 1. ACL blocks access to

thehackerwire@mastodon.social at 2026-03-07T10:01:33.000Z ##

🟠 CVE-2026-26017 - High (7.7)

CoreDNS is a DNS server that chains plugins. Prior to version 1.14.2, a logical vulnerability in CoreDNS allows DNS access controls to be bypassed due to the default execution order of plugins. Security plugins such as acl are evaluated before the...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29064
(8.2 HIGH)

EPSS: 0.01%

updated 2026-03-06T22:10:52

1 posts

### Summary A path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destination directory, enabling arbitrary file read or write on the system processing the package. ### What users should do Upgrade immediately to version v0.73.1 If developers cannot upgrade immediately, only process Zarf packages from fully truste

thehackerwire@mastodon.social at 2026-03-07T09:30:21.000Z ##

🟠 CVE-2026-29064 - High (8.2)

Zarf is an Airgap Native Packager Manager for Kubernetes. From version 0.54.0 to before version 0.73.1, a path traversal vulnerability in archive extraction allows a specifically crafted Zarf package to create symlinks pointing outside the destina...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29058
(9.8 CRITICAL)

EPSS: 0.10%

updated 2026-03-06T21:56:51

2 posts

## Impact An unauthenticated attacker can execute arbitrary OS commands on the server by injecting shell command substitution into the `base64Url` GET parameter. This can lead to full server compromise, data exfiltration (e.g., configuration secrets, internal keys, credentials), and service disruption. ## Root Cause The `base64Url` parameter is Base64-decoded and then interpolated directly into

beyondmachines1 at 2026-03-08T20:01:11.636Z ##

Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking

AVideo version 6.0 contains a critical zero-click command injection vulnerability (CVE-2026-29058) that allows unauthenticated attackers to execute arbitrary OS commands and hijack video streams.

**If you are using AVideo platform this is urgent and important. Patch ASAP to version 7.0, because your server will be attacked. Until you update today, use a web application firewall or reverse proxy to block access to the getImage.php component.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2026-03-08T20:01:11.000Z ##

Critical Zero-Click Command Injection in AVideo Platform Allows Stream Hijacking

AVideo version 6.0 contains a critical zero-click command injection vulnerability (CVE-2026-29058) that allows unauthenticated attackers to execute arbitrary OS commands and hijack video streams.

**If you are using AVideo platform this is urgent and important. Patch ASAP to version 7.0, because your server will be attacked. Until you update today, use a web application firewall or reverse proxy to block access to the getImage.php component.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-24105
(9.8 CRITICAL)

EPSS: 1.69%

updated 2026-03-06T21:05:36.243000

2 posts

An issue was discovered in goform/formsetUsbUnload in Tenda AC15V1.0 V15.03.05.18_multi. The value of `v1` was not checked, potentially leading to a command injection vulnerability if injected into doSystemCmd.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-20882
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-06T18:31:19

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-03-07T10:24:10.000Z ##

🟠 CVE-2026-20882 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26288
(9.4 CRITICAL)

EPSS: 0.07%

updated 2026-03-06T18:31:19

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this

thehackerwire@mastodon.social at 2026-03-07T10:24:01.000Z ##

🔴 CVE-2026-26288 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a kno...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-07T04:30:31.000Z ##

🚨 CRITICAL: CVE-2026-26288 in Everon api.everon.io (all versions) allows unauthenticated WebSocket access — attackers can impersonate charging stations & control backend data. Restrict access & implement auth now! radar.offseq.com/threat/cve-20 #OffSeq #Cybersecurity #EVCharging #CVE

##

CVE-2026-24696
(7.5 HIGH)

EPSS: 0.05%

updated 2026-03-06T18:31:19

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-03-07T10:01:21.000Z ##

🟠 CVE-2026-24696 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70230
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-03-06T17:37:58.670000

1 posts

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS.

thehackerwire@mastodon.social at 2026-03-08T13:00:15.000Z ##

🔴 CVE-2025-70230 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29000
(10.0 CRITICAL)

EPSS: 0.24%

updated 2026-03-06T15:41:57

1 posts

pac4j-jwt versions prior to 4.5.9, 5.7.9, and 6.3.3 contain an authentication bypass vulnerability in JwtAuthenticator when processing encrypted JWTs that allows remote attackers to forge authentication tokens. Attackers who possess the server's RSA public key can create a JWE-wrapped PlainJWT with arbitrary subject and role claims, bypassing signature verification to authenticate as any user incl

1 repos

https://github.com/kernelzeroday/CVE-2026-29000

beyondmachines1@infosec.exchange at 2026-03-06T09:01:12.000Z ##

Critical Authentication Bypass in pac4j-jwt Library Allows Full User Impersonation

A critical authentication bypass vulnerability (CVE-2026-29000) in the pac4j-jwt Java library allows attackers to impersonate any user by forging encrypted but unsigned tokens. The flaw is caused by a logic error in JwtAuthenticator that skips signature verification when a token is wrapped in an RSA-encrypted envelope.

**If your Java applications use pac4j-jwt, this is urgent! Update to the latest patched versions immediately because there is no practical way to hide your app from the internet, and the exploit is trivial - it will be exploited in a matter of days.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2018-25181
(7.5 HIGH)

EPSS: 0.57%

updated 2026-03-06T15:31:36

2 posts

Musicco 2.0.0 contains a path traversal vulnerability that allows unauthenticated attackers to download arbitrary directories by manipulating the parent parameter. Attackers can supply directory traversal sequences in the parent parameter of the getAlbum endpoint to access sensitive system directories and download them as ZIP files.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-26051
(9.4 CRITICAL)

EPSS: 0.10%

updated 2026-03-06T15:31:36

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this

thehackerwire@mastodon.social at 2026-03-07T11:00:37.000Z ##

🔴 CVE-2026-26051 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a kno...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-07T06:00:28.000Z ##

⚠️ CVE-2026-26051 (CRITICAL, CVSS 9.4) in Mobiliti e-mobi.hu: Unauthenticated OCPP WebSocket endpoints allow charging station impersonation + backend manipulation. Enforce strong auth & monitor now. radar.offseq.com/threat/cve-20 #OffSeq #CVE202626051 #EVsecurity

##

CVE-2026-2754
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-06T15:31:36

1 posts

Navtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints. An unauthenticated remote attacker with network access to the device can execute HTTP GET requests to TCP port 8080 to retrieve internal network parameters including ECDIS & OT Information, device identifiers, and service status logs.

thehackerwire@mastodon.social at 2026-03-07T11:00:27.000Z ##

🟠 CVE-2026-2754 - High (7.5)

Navtor NavBox exposes sensitive configuration and operational data due to missing authentication on HTTP API endpoints. An unauthenticated remote attacker with network access to the device can execute HTTP GET requests to TCP port 8080 to retrieve...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2753
(7.5 HIGH)

EPSS: 0.07%

updated 2026-03-06T15:31:36

1 posts

An Absolute Path Traversal vulnerability exists in Navtor NavBox. The application exposes an HTTP service that fails to properly sanitize user-supplied path input. Unauthenticated remote attackers can exploit this issue by submitting requests containing absolute filesystem paths. Successful exploitation allows the attacker to retrieve arbitrary files from the underlying filesystem, limited only by

thehackerwire@mastodon.social at 2026-03-07T11:00:15.000Z ##

🟠 CVE-2026-2753 - High (7.5)

An Absolute Path Traversal vulnerability exists in Navtor NavBox. The application exposes an HTTP service that fails to properly sanitize user-supplied path input. Unauthenticated remote attackers can exploit this issue by submitting requests cont...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2018-25166
(8.2 HIGH)

EPSS: 0.06%

updated 2026-03-06T15:31:35

1 posts

Meneame English Pligg 5.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers can send GET requests to index.php with crafted SQL payloads in the search parameter to extract sensitive database information including usernames, database names, and version details.

Matchbook3469@mastodon.social at 2026-03-08T22:50:37.000Z ##

🟠 New security advisory:

CVE-2018-25166 affects multiple systems.

• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #VulnerabilityManagement #CyberSec

##

CVE-2025-70614
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-06T12:31:37

1 posts

OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken access control vulnerability in the web-based control panel allowing authenticated low-privileged attackers to gain to access to arbitrary SMS messages via a crafted company or tenant identifier parameter.

thehackerwire@mastodon.social at 2026-03-07T13:01:28.000Z ##

🟠 CVE-2025-70614 - High (8.1)

OpenCode Systems OC Messaging / USSD Gateway OC Release 6.32.2 contains a broken access control vulnerability in the web-based control panel allowing authenticated low-privileged attackers to gain to access to arbitrary SMS messages via a crafted ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-13476
(9.8 CRITICAL)

EPSS: 0.05%

updated 2026-03-06T12:31:36

1 posts

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block proxy traffic, undermining censorship circumvention. (CWE-327)

thehackerwire@mastodon.social at 2026-03-08T13:00:37.000Z ##

🔴 CVE-2025-13476 - Critical (9.8)

Rakuten Viber Cloak mode in Android v25.7.2.0g and Windows v25.6.0.0–v25.8.1.0 uses a static and predictable TLS ClientHello fingerprint lacking extension diversity, allowing Deep Packet Inspection (DPI) systems to trivially identify and block p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70231
(9.8 CRITICAL)

EPSS: 0.08%

updated 2026-03-06T12:31:36

1 posts

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability.

thehackerwire@mastodon.social at 2026-03-08T13:00:27.000Z ##

🔴 CVE-2025-70231 - Critical (9.8)

D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70229
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-03-06T12:31:36

1 posts

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule.

thehackerwire@mastodon.social at 2026-03-08T12:31:35.000Z ##

🔴 CVE-2025-70229 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70616
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-06T12:31:36

1 posts

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options parameter before copying data into a 40-byte stack buffer (Src[40]) using memmove. An attacker with local access can exploit this vulnerability by sending a cra

thehackerwire@mastodon.social at 2026-03-08T12:00:21.000Z ##

🟠 CVE-2025-70616 - High (7.8)

A stack buffer overflow vulnerability exists in the Wincor Nixdorf wnBios64.sys kernel driver (version 1.2.0.0) in the IOCTL handler for code 0x80102058. The vulnerability is caused by missing bounds checking on the user-controlled Options paramet...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26418
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-06T12:31:36

1 posts

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network.

1 repos

https://github.com/aksalsalimi/CVE-2026-26418

thehackerwire@mastodon.social at 2026-03-08T11:00:29.000Z ##

🟠 CVE-2026-26418 - High (7.5)

Missing authentication and authorization in the web API of Tata Consultancy Services Cognix Recon Client v3.0 allows remote attackers to access application functionality without restriction via the network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70233
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-03-06T12:30:31

1 posts

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard.

thehackerwire@mastodon.social at 2026-03-08T12:31:15.000Z ##

🔴 CVE-2025-70233 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70232
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-03-06T12:30:31

1 posts

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter.

thehackerwire@mastodon.social at 2026-03-08T12:00:44.000Z ##

🔴 CVE-2025-70232 - Critical (9.8)

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26417
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-06T10:16:22.163000

1 posts

A broken access control vulnerability in the password reset functionality of Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to reset passwords of arbitrary user accounts via crafted requests.

1 repos

https://github.com/aksalsalimi/CVE-2026-26417

thehackerwire@mastodon.social at 2026-03-08T11:00:18.000Z ##

🟠 CVE-2026-26417 - High (8.1)

A broken access control vulnerability in the password reset functionality of Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to reset passwords of arbitrary user accounts via crafted requests.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26416
(8.8 HIGH)

EPSS: 0.03%

updated 2026-03-06T10:16:21.983000

1 posts

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests.

1 repos

https://github.com/aksalsalimi/CVE-2026-26416

thehackerwire@mastodon.social at 2026-03-07T16:00:31.000Z ##

🟠 CVE-2026-26416 - High (8.8)

An authorization bypass vulnerability in Tata Consultancy Services Cognix Recon Client v3.0 allows authenticated users to escalate privileges across role boundaries via crafted requests.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-45691
(7.5 HIGH)

EPSS: 0.05%

updated 2026-03-06T10:16:20.417000

1 posts

An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter when handling multimodal inputs.

thehackerwire@mastodon.social at 2026-03-08T12:31:26.000Z ##

🟠 CVE-2025-45691 - High (7.5)

An Arbitrary File Read vulnerability exists in the ImageTextPromptValue class in Exploding Gradients RAGAS v0.2.3 to v0.2.14. The vulnerability stems from improper validation and sanitization of URLs supplied in the retrieved_contexts parameter wh...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2330
(9.4 CRITICAL)

EPSS: 0.21%

updated 2026-03-06T09:31:41

1 posts

An attacker may access restricted filesystem areas on the device via the CROWN REST interface due to incomplete whitelist enforcement. Certain directories intended for internal testing were not covered by the whitelist and are accessible without authentication. An unauthenticated attacker could place a manipulated parameter file that becomes active after a reboot, allowing modification of critical

offseq@infosec.exchange at 2026-03-07T07:30:25.000Z ##

🚨 CRITICAL: CVE-2026-2330 in SICK Lector85x lets remote, unauthenticated attackers modify device configs via the CROWN REST interface. Patch or restrict access now to prevent OT compromise. radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vulnerability #Infosec

##

CVE-2026-2331
(9.8 CRITICAL)

EPSS: 0.17%

updated 2026-03-06T09:31:41

2 posts

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTTP-based file access feature, allowing access without authentication. This includes device parameter files, enabling an attacker to read and modify applic

offseq@infosec.exchange at 2026-03-06T09:00:31.000Z ##

🔴 CRITICAL: CVE-2026-2331 in SICK Lector85x v2.6.0 allows unauthenticated HTTP access to sensitive files & Lua code execution. No patch yet — segment networks & restrict HTTP access. Monitor for abuse! radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vuln #OTSecurity

##

thehackerwire@mastodon.social at 2026-03-06T08:26:29.000Z ##

🔴 CVE-2026-2331 - Critical (9.8)

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas via the AppEngine Fileaccess over HTTP due to improper access restrictions. A critical filesystem directory was unintentionally exposed through the HTT...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28464
(5.9 MEDIUM)

EPSS: 0.09%

updated 2026-03-06T01:05:25

1 posts

## Summary OpenClaw hooks previously compared the provided hook token using a regular string comparison. Because this comparison is not constant-time, an attacker with network access to the hooks endpoint could potentially use timing measurements across many requests to gradually infer the token. In practice, this typically requires hooks to be exposed to an untrusted network and a large number

thehackerwire@mastodon.social at 2026-03-06T10:55:21.000Z ##

🔴 CVE-2026-28464 - Critical (9.8)

OpenClaw versions prior to 2026.2.12 use non-constant-time string comparison for hook token validation, allowing attackers to infer tokens through timing measurements. Remote attackers with network access to the hooks endpoint can exploit timing s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28479
(5.4 MEDIUM)

EPSS: 0.02%

updated 2026-03-06T01:05:00

1 posts

## Affected Packages / Versions - npm package: `openclaw` - Affected versions: `<= 2026.2.14` - Fixed version (pre-set): `2026.2.15` ## Description The sandbox identifier cache key for Docker/browser sandbox configuration used SHA-1 to hash normalized configuration payloads. SHA-1 is deprecated for cryptographic use and has known collision weaknesses. In this code path, deterministic IDs are use

thehackerwire@mastodon.social at 2026-03-06T10:00:54.000Z ##

🟠 CVE-2026-28479 - High (7.5)

OpenClaw versions prior to 2026.2.15 use SHA-1 to hash sandbox identifier cache keys for Docker and browser sandbox configurations, which is deprecated and vulnerable to collision attacks. An attacker can exploit SHA-1 collisions to cause cache po...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28462
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-06T01:04:45

1 posts

## Summary OpenClaw’s browser control API accepted user-supplied output paths for trace/download files without consistently constraining writes to OpenClaw-managed temporary directories. ## Impact If an attacker can access the browser control API, they could attempt to write trace/download output files outside intended temp roots, depending on process filesystem permissions. ## Aff

thehackerwire@mastodon.social at 2026-03-06T11:19:58.000Z ##

🟠 CVE-2026-28462 - High (7.5)

OpenClaw versions prior to 2026.2.13 contain a vulnerability in the browser control API in which it accepts user-supplied output paths for trace and download files without consistently constraining writes to temporary directories. Attackers with A...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29610
(8.8 HIGH)

EPSS: 0.07%

updated 2026-03-06T01:04:20

1 posts

# Command hijacking via PATH handling **Discovered:** 2026-02-04 **Reporter:** @akhmittra ## Summary OpenClaw previously accepted untrusted PATH sources in limited situations. In affected versions, this could cause OpenClaw to resolve and execute an unintended binary ("command hijacking") when running host commands. This issue primarily matters when OpenClaw is relying on allowlist/safe-bin pr

thehackerwire@mastodon.social at 2026-03-06T09:00:36.000Z ##

🟠 CVE-2026-29610 - High (7.8)

OpenClaw versions prior to 2026.2.14 contain a command hijacking vulnerability that allows attackers to execute unintended binaries by manipulating PATH environment variables through node-host execution or project-local bootstrapping. Attackers wi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28476
(6.5 MEDIUM)

EPSS: 0.06%

updated 2026-03-06T01:04:05

1 posts

## Summary The optional Tlon (Urbit) extension previously accepted a user-provided base URL for authentication and used it to construct an outbound HTTP request, enabling server-side request forgery (SSRF) in affected deployments. ## Impact This only affects deployments that have installed and configured the Tlon (Urbit) extension, and where an attacker can influence the configured Urbit URL. Und

thehackerwire@mastodon.social at 2026-03-07T12:01:27.000Z ##

🟠 CVE-2026-28476 - High (8.3)

OpenClaw versions prior to 2026.2.14 contain a server-side request forgery vulnerability in the optional Tlon Urbit extension that accepts user-provided base URLs for authentication without proper validation. Attackers who can influence the config...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28463
(5.7 MEDIUM)

EPSS: 0.02%

updated 2026-03-06T01:02:55

1 posts

## Summary OpenClaw's exec-approvals allowlist supports a small set of "safe bins" intended to be stdin-only (no positional file arguments) when running `tools.exec.host=gateway|node` with `security=allowlist`. In affected configurations, the allowlist validation checked pre-expansion argv tokens, but execution used a real shell (`sh -c`) which expands globs and environment variables. This allow

thehackerwire@mastodon.social at 2026-03-06T10:16:52.000Z ##

🟠 CVE-2026-28463 - High (8.4)

OpenClaw exec-approvals allowlist validation checks pre-expansion argv tokens but execution uses real shell expansion, allowing safe bins like head, tail, or grep to read arbitrary local files via glob patterns or environment variables. Authorized...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28470
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-03-06T01:02:34

1 posts

### Summary Exec approvals allowlist bypass via command substitution/backticks inside double quotes. ### Affected Packages / Versions - Package: `openclaw` (npm) - Affected: `<= 2026.2.1` - Fixed: `>= 2026.2.2` ### Impact Only affects setups that explicitly enable the optional exec approvals allowlist feature. Default installs are unaffected. ### Fix Reject unescaped `$()` and backticks ins

thehackerwire@mastodon.social at 2026-03-06T10:16:43.000Z ##

🔴 CVE-2026-28470 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 contain an exec approvals (must be enabled) allowlist bypass vulnerability that allows attackers to execute arbitrary commands by injecting command substitution syntax. Attackers can bypass the allowlist protect...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28458
(7.5 HIGH)

EPSS: 0.05%

updated 2026-03-06T01:02:29

1 posts

### Summary In affected versions, the Browser Relay `/cdp` WebSocket endpoint did not require an authentication token. As a result, a website running in the browser could potentially connect to the local relay (via loopback WebSocket) and use CDP to access cookies from other open tabs and run JavaScript in the context of other tabs. ### Affected Packages / Versions - npm: `openclaw` `>= 2026.1.20

thehackerwire@mastodon.social at 2026-03-06T11:01:36.000Z ##

🟠 CVE-2026-28458 - High (7.5)

OpenClaw version 2026.1.20 prior to 2026.2.1 contains a vulnerability in the Browser Relay (extension must be installed and enabled) /cdp WebSocket endpoint in which it does not require authentication tokens, allowing websites to connect via loopb...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28473
(7.2 HIGH)

EPSS: 0.03%

updated 2026-03-06T01:02:20

1 posts

## Summary ### What this means (plain language) If you give a client “chat/write” access to the gateway (`operator.write`) but you do not intend to let that client approve exec requests (`operator.approvals`), affected versions could still let that client approve/deny a pending exec approval by sending the `/approve` chat command. This is mainly relevant for shared or multi-client setups where

thehackerwire@mastodon.social at 2026-03-06T10:16:03.000Z ##

🔴 CVE-2026-28473 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 contain an authorization bypass vulnerability where clients with operator.write scope can approve or deny exec approval requests by sending the /approve chat command. The /approve command path invokes exec.appro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28465
(5.9 MEDIUM)

EPSS: 0.02%

updated 2026-03-06T01:01:24

1 posts

## Affected Packages / Versions This issue affects the optional voice-call plugin only. It is not enabled by default; it only applies to installations where the plugin is installed and enabled. - Package: `@openclaw/voice-call` - Vulnerable versions: `< 2026.2.3` - Patched versions: `>= 2026.2.3` Legacy package name (if you are still using it): - Package: `@clawdbot/voice-call` - Vulnerable ve

thehackerwire@mastodon.social at 2026-03-06T10:55:31.000Z ##

🟠 CVE-2026-28465 - High (7.5)

OpenClaw's voice-call plugin versions before 2026.2.3 contain an improper authentication vulnerability in webhook verification that allows remote attackers to bypass verification by supplying untrusted forwarded headers. Attackers can spoof webhoo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28393
(6.0 MEDIUM)

EPSS: 0.01%

updated 2026-03-06T01:00:09

1 posts

## Summary OpenClaw hook mapping transforms could be loaded via absolute paths or `..` traversal, allowing arbitrary JavaScript module loading/execution in the gateway process when an attacker can modify hooks configuration. ## Affected Versions - Affected: >= 2.0.0-beta3 and <= 2026.2.13 - Fixed: 2026.2.14 ## Details `hooks.mappings[].transform.module` is dynamically imported and executed du

thehackerwire@mastodon.social at 2026-03-06T11:47:54.000Z ##

🟠 CVE-2026-28393 - High (7.5)

OpenClaw versions 2.0.0-beta3 prior to 2026.2.14 contain a path traversal vulnerability in hook transform module loading that allows arbitrary JavaScript execution. The hooks.mappings[].transform.module parameter accepts absolute paths and travers...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28454
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-06T00:58:49

2 posts

## Summary When Telegram webhook mode is enabled without a configured webhook secret, OpenClaw may accept unauthenticated HTTP POST requests at the Telegram webhook endpoint and trust attacker-controlled update JSON. This can allow forged Telegram updates that spoof `message.from.id` / `chat.id`, potentially bypassing sender allowlists and executing privileged bot commands. ## Affected Packages

thehackerwire@mastodon.social at 2026-03-06T11:47:34.000Z ##

🔴 CVE-2026-28454 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 fail to validate webhook secrets in Telegram webhook mode (must be enabled), allowing unauthenticated HTTP POST requests to the webhook endpoint that trust attacker-controlled JSON payloads. Remote attackers can...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T11:20:19.000Z ##

🔴 CVE-2026-28454 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 fail to validate webhook secrets in Telegram webhook mode (must be enabled), allowing unauthenticated HTTP POST requests to the webhook endpoint that trust attacker-controlled JSON payloads. Remote attackers can...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21536
(9.8 CRITICAL)

EPSS: 0.40%

updated 2026-03-06T00:31:41

1 posts

Microsoft Devices Pricing Program Remote Code Execution Vulnerability

thehackerwire@mastodon.social at 2026-03-06T09:00:15.000Z ##

🔴 CVE-2026-21536 - Critical (9.8)

Microsoft Devices Pricing Program Remote Code Execution Vulnerability

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26125
(8.6 HIGH)

EPSS: 0.08%

updated 2026-03-06T00:31:41

1 posts

Payment Orchestrator Service Elevation of Privilege Vulnerability

CVE-2026-27778
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-06T00:31:41

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-03-06T08:24:03.000Z ##

🟠 CVE-2026-27778 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22552
(9.4 CRITICAL)

EPSS: 0.10%

updated 2026-03-06T00:31:41

1 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required, this

thehackerwire@mastodon.social at 2026-03-06T08:23:57.000Z ##

🔴 CVE-2026-22552 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a kno...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29188
(9.1 CRITICAL)

EPSS: 0.06%

updated 2026-03-05T22:50:22

1 posts

### Summary A broken access control vulnerability in the TUS protocol DELETE endpoint allows authenticated users with only Create permission to delete arbitrary files and directories within their scope, bypassing the intended Delete permission restriction. Any multi-user deployment where administrators explicitly restrict file deletion for certain users is affected. ### Details The tusDeleteHan

thehackerwire@mastodon.social at 2026-03-06T12:00:48.000Z ##

🔴 CVE-2026-29188 - Critical (9.1)

File Browser provides a file managing interface within a specified directory and it can be used to upload, delete, preview, rename and edit files. Prior to version 2.61.1, a broken access control vulnerability in the TUS protocol DELETE endpoint a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28790
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-05T22:49:38

1 posts

### Summary OliveTin allows an unauthenticated guest to terminate running actions through KillAction even when authRequireGuestsToLogin: true is enabled. In the tested release (3000.10.2), guests are correctly blocked from dashboard access, but an still call the KillAction RPC directly and successfully stop a running action. This is a broken access control issue that causes unauthorized denial of

thehackerwire@mastodon.social at 2026-03-07T15:00:15.000Z ##

🟠 CVE-2026-28790 - High (7.5)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.11.0, OliveTin allows an unauthenticated guest to terminate running actions through KillAction even when authRequireGuestsToLogin: true is enabled. Gues...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28789
(7.5 HIGH)

EPSS: 0.09%

updated 2026-03-05T22:49:36

1 posts

### Summary An unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsynchronized access to a shared registeredStates map, causing a Go runtime panic (fatal error: concurrent map writes) and process termination. This allows remote attackers to crash the service when OAuth2 is enabled. ### Details The OAuth2 han

thehackerwire@mastodon.social at 2026-03-07T14:00:38.000Z ##

🟠 CVE-2026-28789 - High (7.5)

OliveTin gives access to predefined shell commands from a web interface. Prior to version 3000.10.3, an unauthenticated denial-of-service vulnerability exists in OliveTin’s OAuth2 login flow. Concurrent requests to /oauth/login can trigger unsyn...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25921
(9.3 CRITICAL)

EPSS: 0.02%

updated 2026-03-05T22:28:33

1 posts

### Summary Overwritable LFS object across different repos leads to supply-chain attack, all LFS objects are vulnerable to be maliciously overwritten by malicious attackers. ### Details Gogs store all LFS objects in the same place, no isolation between different repositories. (repo id not concatenated to storage path) https://github.com/gogs/gogs/blob/7a2dffa95ac64f31c8322cb50d32694b05610144/inte

thehackerwire@mastodon.social at 2026-03-08T11:00:40.000Z ##

🔴 CVE-2026-25921 - Critical (9.3)

Gogs is an open source self-hosted Git service. Prior to version 0.14.2, overwritable LFS object across different repos leads to supply-chain attack, all LFS objects are vulnerable to be maliciously overwritten by malicious attackers. This issue h...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29611
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-05T22:00:37

1 posts

### Summary The BlueBubbles extension accepted attacker-controlled local filesystem paths via `mediaPath` and could read arbitrary local files from disk before sending them as media attachments. ### Details When `sendBlueBubblesMedia` received a non-HTTP media source, the previous implementation resolved it to a local path and read it directly from disk. There was no required allowlist of safe di

thehackerwire@mastodon.social at 2026-03-07T12:01:15.000Z ##

🟠 CVE-2026-29611 - High (7.5)

OpenClaw versions prior to 2026.2.14 contain a local file inclusion vulnerability in BlueBubbles extension (must be installed and enabled) media path handling that allows attackers to read arbitrary files from the local filesystem. The sendBlueBub...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28474(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-03-05T21:52:02

1 posts

## Summary In affected versions of the optional Nextcloud Talk plugin (installed separately; not bundled with the core OpenClaw install), an untrusted webhook field (`actor.name`, display name) could be treated as an allowlist identifier. An attacker could change their Nextcloud display name to match an allowlisted user ID and bypass DM or room allowlists. ## Details Nextcloud Talk webhook payl

thehackerwire@mastodon.social at 2026-03-06T10:16:12.000Z ##

🔴 CVE-2026-28474 - Critical (9.8)

OpenClaw's Nextcloud Talk plugin versions prior to 2026.2.6 accept equality matching on the mutable actor.name display name field for allowlist validation, allowing attackers to bypass DM and room allowlists. An attacker can change their Nextcloud...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28468
(7.1 HIGH)

EPSS: 0.02%

updated 2026-03-05T21:50:00

2 posts

## Summary openclaw could start the sandbox browser bridge server without authentication. When the sandboxed browser is enabled, openclaw runs a local (loopback) HTTP bridge that exposes browser control endpoints (for example `/profiles`, `/tabs`, `/tabs/open`, `/agent/*`). Due to missing auth wiring in the sandbox initialization path, that bridge server accepted requests without requiring gatew

thehackerwire@mastodon.social at 2026-03-06T10:55:11.000Z ##

🟠 CVE-2026-28468 - High (7.8)

OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.14 contain a vulnerability in the sandbox browser bridge server in which it accepts requests without requiring gateway authentication, allowing local attackers to access browser control endpoints....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T10:16:22.000Z ##

🟠 CVE-2026-28468 - High (7.8)

OpenClaw versions 2026.1.29-beta.1 prior to 2026.2.14 contain a vulnerability in the sandbox browser bridge server in which it accepts requests without requiring gateway authentication, allowing local attackers to access browser control endpoints....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28446
(9.4 CRITICAL)

EPSS: 0.26%

updated 2026-03-05T21:43:07

1 posts

### Summary An authentication bypass in the optional `voice-call` extension/plugin allowed unapproved or anonymous callers to reach the voice-call agent when inbound policy was set to `allowlist` or `pairing`. Deployments that do not install/enable the `voice-call` extension are not affected. ### Affected Packages / Versions - `openclaw` (npm): `<= 2026.2.1` - Fixed in: `>= 2026.2.2` ### Deta

thehackerwire@mastodon.social at 2026-03-06T11:20:32.000Z ##

🔴 CVE-2026-28446 - Critical (9.8)

OpenClaw versions prior to 2026.2.1 with the voice-call extension installed and enabled contain an authentication bypass vulnerability in inbound allowlist policy validation that accepts empty caller IDs and uses suffix-based matching instead of s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28391(CVSS UNKNOWN)

EPSS: 0.05%

updated 2026-03-05T21:40:43

1 posts

### Summary On Windows nodes, exec requests were executed via `cmd.exe /d /s /c <rawCommand>`. In allowlist/approval-gated mode, the allowlist analysis did not model Windows `cmd.exe` parsing and metacharacter behavior. A crafted command string could cause `cmd.exe` to interpret additional operations (for example command chaining via `&`, or expansion via `%...%` / `!...!`) beyond what was allowl

thehackerwire@mastodon.social at 2026-03-06T11:20:52.000Z ##

🔴 CVE-2026-28391 - Critical (9.8)

OpenClaw versions prior to 2026.2.2 fail to properly validate Windows cmd.exe metacharacters in allowlist-gated exec requests, allowing attackers to bypass command approval restrictions. Remote attackers can craft command strings with shell metach...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0848
(10.0 CRITICAL)

EPSS: 0.41%

updated 2026-03-05T21:31:00

1 posts

NLTK versions <=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply or replace the JAR file, enabling the execution of arbitrary Java bytecode at import time. This vulnerability can be exploited through methods such as model

thehackerwire@mastodon.social at 2026-03-07T12:06:53.000Z ##

🔴 CVE-2026-0848 - Critical (10)

NLTK versions &lt;=3.9.2 are vulnerable to arbitrary code execution due to improper input validation in the StanfordSegmenter module. The module dynamically loads external Java .jar files without verification or sandboxing. An attacker can supply ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27944
(9.8 CRITICAL)

EPSS: 0.05%

updated 2026-03-05T19:38:33.877000

7 posts

Nginx UI is a web user interface for the Nginx web server. Prior to version 2.3.3, the /api/backup endpoint is accessible without authentication and discloses the encryption keys required to decrypt the backup in the X-Backup-Security response header. This allows an unauthenticated attacker to download a full system backup containing sensitive data (user credentials, session tokens, SSL private ke

rhudaur@flipboard.com at 2026-03-09T13:23:09.000Z ##

Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data
thecyberexpress.com/cve-2026-2

Posted into Cybersecurity Today @cybersecurity-today-rhudaur

##

oversecurity@mastodon.social at 2026-03-09T11:00:12.000Z ##

Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data

A newly disclosed vulnerability in Nginx UI, tracked as CVE-2026-27944, has raised major security concerns after researchers confirmed that...

🔗️ [Thecyberexpress] link.is.it/HfceZC

##

beyondmachines1 at 2026-03-09T09:01:11.908Z ##

Critical Nginx UI Flaw Allows Unauthenticated Backup Theft and Decryption

Nginx UI version 2.3.3 patches a critical vulnerability (CVE-2026-27944) that allows unauthenticated attackers to download and decrypt full server backups. The flaw exposes sensitive data including SSL private keys, admin credentials, and server configurations via an unprotected API endpoint.

**If you are using Nginx UI, first make sure they are isolated from the internet. Then patch to version 2.3.3 immediately because the exploit is trivial - especially if your Nginix UI is exposed to the internet.**

beyondmachines.net/event_detai

##

undercodenews@mastodon.social at 2026-03-08T19:41:38.000Z ##

Critical Security Alert: CVE-2026-27944 Exposes Nginx UI Backups and Encryption Keys

Introduction: A Severe Flaw in a Widely Used Web Server Management Tool A newly disclosed security vulnerability has raised serious concerns across the cybersecurity community. The flaw, identified as CVE-2026-27944, affects Nginx UI, a popular web-based dashboard used to manage and configure Nginx servers. With a CVSS severity score of 9.8, the issue is classified as critical and…

undercodenews.com/critical-sec

##

rhudaur@flipboard.com at 2026-03-09T13:23:09.000Z ##

Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data
thecyberexpress.com/cve-2026-2

Posted into Cybersecurity Today @cybersecurity-today-rhudaur

##

oversecurity@mastodon.social at 2026-03-09T11:00:12.000Z ##

Critical Nginx UI Vulnerability Exposes Server Backups and Sensitive Data

A newly disclosed vulnerability in Nginx UI, tracked as CVE-2026-27944, has raised major security concerns after researchers confirmed that...

🔗️ [Thecyberexpress] link.is.it/HfceZC

##

beyondmachines1@infosec.exchange at 2026-03-09T09:01:11.000Z ##

Critical Nginx UI Flaw Allows Unauthenticated Backup Theft and Decryption

Nginx UI version 2.3.3 patches a critical vulnerability (CVE-2026-27944) that allows unauthenticated attackers to download and decrypt full server backups. The flaw exposes sensitive data including SSL private keys, admin credentials, and server configurations via an unprotected API endpoint.

**If you are using Nginx UI, first make sure they are isolated from the internet. Then patch to version 2.3.3 immediately because the exploit is trivial - especially if your Nginix UI is exposed to the internet.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-24457
(9.1 CRITICAL)

EPSS: 0.19%

updated 2026-03-05T19:38:33.877000

1 posts

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

thehackerwire@mastodon.social at 2026-03-08T12:00:32.000Z ##

🔴 CVE-2026-24457 - Critical (9.1)

An unsafe parsing of OpenMQ's configuration, allows a remote attacker to read arbitrary files from a MQ Broker's server. A full exploitation could read unauthorized files of the OpenMQ’s host OS. In some scenarios RCE could be achieved.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26478
(9.8 CRITICAL)

EPSS: 0.86%

updated 2026-03-05T18:13:33.993000

2 posts

A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially crafted UDP datagram and execute arbitrary shell code as the root account.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-2256
(6.5 MEDIUM)

EPSS: 2.31%

updated 2026-03-04T21:14:09

2 posts

A Command Injection vulnerability in ModelScope's MS-Agent versions v1.6.0rc1 and earlier exists, allowing an attacker to execute arbitrary operating system commands through crafted prompt-derived input.

1 repos

https://github.com/Itamar-Yochpaz/CVE-2026-2256-PoC

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-1492
(9.8 CRITICAL)

EPSS: 0.10%

updated 2026-03-03T21:52:29.877000

1 posts

The User Registration & Membership – Custom Registration Form Builder, Custom Login Form, User Profile, Content Restriction & Membership Plugin plugin for WordPress is vulnerable to improper privilege management in all versions up to, and including, 5.1.2. This is due to the plugin accepting a user-supplied role during membership registration without properly enforcing a server-side allowlist. Thi

1 repos

https://github.com/dreamboyim66-boop/CVE-2026-1492-POC

CVE-2026-24107
(9.8 CRITICAL)

EPSS: 1.13%

updated 2026-03-03T15:55:11.547000

2 posts

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the value of `usbPartitionName`, which is directly used in `doSystemCmd`, may lead to critical command injection vulnerabilities.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-24101
(9.8 CRITICAL)

EPSS: 1.13%

updated 2026-03-02T18:31:44

2 posts

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a command injection vulnerability.

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-20127
(10.0 CRITICAL)

EPSS: 2.60%

updated 2026-02-25T18:31:45

2 posts

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not

6 repos

https://github.com/abrahamsurf/sdwan-scanner-CVE-2026-20127

https://github.com/zerozenxlabs/CVE-2026-20127---Cisco-SD-WAN-Preauth-RCE

https://github.com/bluefalconink/cisa-ed-26-03-tracker

https://github.com/yonathanpy/CVE-2026-20127-Cisco-SD-WAN-Preauth-RCE

https://github.com/leemuun/CVE-2026-20127

https://github.com/BugFor-Pings/CVE-2026-20127_EXP

technadu at 2026-03-09T11:58:00.713Z ##

Critical Cisco Catalyst SD-WAN vulnerability (CVE-2026-20127, CVSS 10.0) is now under widespread exploitation.

Attackers are deploying webshells after the flaw moved from targeted zero-day use to global opportunistic campaigns.

technadu.com/cisco-catalyst-sd

Have your systems been patched?

##

technadu@infosec.exchange at 2026-03-09T11:58:00.000Z ##

Critical Cisco Catalyst SD-WAN vulnerability (CVE-2026-20127, CVSS 10.0) is now under widespread exploitation.

Attackers are deploying webshells after the flaw moved from targeted zero-day use to global opportunistic campaigns.

technadu.com/cisco-catalyst-sd

Have your systems been patched?

#infosec #cybersecurity #cisco #zeroday #threatintel

##

CVE-2026-0651
(7.8 HIGH)

EPSS: 0.08%

updated 2026-02-13T20:45:32.090000

1 posts

On TP-Link Tapo C260 v1, path traversal is possible due to improper handling of specific GET request paths via https, allowing local unauthenticated probing of filesystem paths. An attacker on the local network can determine whether certain files exists on the device, with no read, write or code execution possibilities.

1 repos

https://github.com/l0lsec/tapo-c260-rce

cyberveille@mastobot.ping.moi at 2026-03-09T17:00:11.000Z ##

📢 TP-Link Tapo C260 : divulgation de fichiers, RCE invité et élévation de privilèges (CVE-2026-0651 à -0653)
📝 Sur un billet de blog technique daté du 6 mars 2026, l’auteur décrit le processus ayant mené à l’...
📖 cyberveille : cyberveille.ch/posts/2026-03-0
🌐 source : spaceraccoon.dev/getting-shell
#CVE_2026_0651_0652_0653 #IOC #Cyberveille

##

CVE-2026-25253
(8.8 HIGH)

EPSS: 0.05%

updated 2026-02-13T17:41:02.987000

2 posts

OpenClaw (aka clawdbot or Moltbot) before 2026.1.29 obtains a gatewayUrl value from a query string and automatically makes a WebSocket connection without prompting, sending a token value.

7 repos

https://github.com/ethiack/moltbot-1click-rce

https://github.com/Ckokoski/moatbot-security

https://github.com/EQSTLab/CVE-2026-25253

https://github.com/Joseph19820124/openclaw-vuln-report

https://github.com/FrigateCaptain/openclaw_vulnerabilities_and_solutions

https://github.com/al4n4n/CVE-2026-25253-research

https://github.com/adibirzu/openclaw-security-monitor

TiamatEnity@mastodon.social at 2026-03-08T15:12:12.000Z ##

🚨 SECURITY ALERT: 42,089 OpenClaw AI instances exposed with critical RCE vulnerability (CVE-2026-25253, CVSS 8.8).

93% lack authentication. 1.5M API tokens compromised. One-click shell access via malicious websites.

Full analysis + protection strategies:
dev.to/tiamatenity/your-ai-ass

#infosec #privacy #cybersecurity #ai

##

TiamatEnity@mastodon.social at 2026-03-07T15:57:11.000Z ##

The OpenClaw AI security crisis:

42,000+ exposed instances, 93% auth bypass
CVE-2026-25253 (CVSS 8.8): one malicious link = shell RCE via WebSocket hijack
1.5M API tokens leaked (Moltbook breach)
341 malicious skills in official marketplace
36.82% flaw rate across all ClawHub skills

New coined terms:
→ One-Click Compromise
→ The Skill Poisoning Problem
→ The Sovereign AI Paradox

Sovereignty ≠ security.

tiamat.live

#privacy #infosec #ai #cybersecurity #openclaw

##

CVE-2025-38617
(4.7 MEDIUM)

EPSS: 0.00%

updated 2026-01-07T16:57:56.077000

1 posts

In the Linux kernel, the following vulnerability has been resolved: net/packet: fix a race in packet_set_ring() and packet_notifier() When packet_set_ring() releases po->bind_lock, another thread can run packet_notifier() and process an NETDEV_UP event. This race and the fix are both similar to that of commit 15fe076edea7 ("net/packet: fix a race in packet_bind() and packet_notifier()"). There

_r_netsec@infosec.exchange at 2026-03-06T22:43:05.000Z ##

A Race Within A Race: Exploiting CVE-2025-38617 in Linux Packet Sockets blog.calif.io/p/a-race-within-

##

CVE-2023-38545
(9.8 CRITICAL)

EPSS: 26.25%

updated 2025-02-13T18:33:03

1 posts

This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it getting done by curl itself, the maximum length that host name can be is 255 bytes. If the host name is detected to be longer, curl switches to local name resolving and instead passes on the resolved

9 repos

https://github.com/dbrugman/CVE-2023-38545-POC

https://github.com/nphuang/NS-Project-2024-Spring

https://github.com/vanigori/CVE-2023-38545-sample

https://github.com/d0rb/CVE-2023-38545

https://github.com/bcdannyboy/CVE-2023-38545

https://github.com/UTsweetyfish/CVE-2023-38545

https://github.com/Yang-Shun-Yu/CVE-2023-38545

https://github.com/imfht/CVE-2023-38545

https://github.com/fatmo666/CVE-2023-38545-libcurl-SOCKS5-heap-buffer-overflow

bagder@mastodon.social at 2026-03-07T22:14:19.000Z ##

@spinnyspinlock we've only had two severity HIGH CVEs in #curl within the last five years, both of them were C mistakes: curl.se/docs/CVE-2023-38545.ht and curl.se/docs/CVE-2021-22901.ht

##

CVE-2021-22901
(8.1 HIGH)

EPSS: 0.34%

updated 2024-03-27T15:30:34

2 posts

curl 7.75.0 through 7.76.1 suffers from a use-after-free vulnerability resulting in already freed memory being used when a TLS 1.3 session ticket arrives over a connection. A malicious server can use this in rare unfortunate circumstances to potentially reach remote code execution in the client. When libcurl at run-time sets up support for TLS 1.3 session tickets on a connection using OpenSSL, it

spinnyspinlock@infosec.exchange at 2026-03-07T22:30:52.000Z ##

@bagder CVE-2021-22901 was exactly the kind of interesting vulnerability I wanted to see, thank you! well done on the good security track record too :)

##

bagder@mastodon.social at 2026-03-07T22:14:19.000Z ##

@spinnyspinlock we've only had two severity HIGH CVEs in #curl within the last five years, both of them were C mistakes: curl.se/docs/CVE-2023-38545.ht and curl.se/docs/CVE-2021-22901.ht

##

CVE-2024-47886
(0 None)

EPSS: 0.89%

2 posts

N/A

secdb at 2026-03-09T00:01:23.710Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

secdb@infosec.exchange at 2026-03-09T00:01:23.000Z ##

📈 CVE Published in last 7 days (2026-03-02 - 2026-03-09)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 1428

Severity:
- Critical: 187
- High: 549
- Medium: 456
- Low: 43
- None: 193

Status:
- : 38
- Analyzed: 324
- Awaiting Analysis: 475
- Modified: 83
- Received: 445
- Rejected: 7
- Undergoing Analysis: 56

Top CNAs:
- GitHub, Inc.: 283
- Patchstack: 271
- MITRE: 128
- VulnCheck: 107
- VulDB: 85
- Wordfence: 74
- Android (associated with Google Inc. or Open Handset Alliance): 57
- Cisco Systems, Inc.: 50
- N/A: 38
- Acronis International GmbH: 23

Top Affected Products:
- UNKNOWN: 1003
- Google Android: 74
- Chamilo Lms: 25
- Dlink Dir-513 Firmware: 20
- Huawei Harmonyos: 18
- Qualcomm Qca6595au Firmware: 14
- Qualcomm Wcd9380 Firmware: 14
- Qualcomm Wcd9385 Firmware: 14
- Qualcomm Wsa8830 Firmware: 14
- Qualcomm Wsa8815 Firmware: 14

Top EPSS Score:
- CVE-2026-2256 - 1.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24105 - 1.29 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25070 - 1.03 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26478 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24101 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24107 - 0.86 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-30227 - 0.80 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2024-47886 - 0.75 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-14675 - 0.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2018-25181 - 0.57 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-28289
(0 None)

EPSS: 0.03%

1 posts

N/A

1 repos

https://github.com/0xAshwesker/CVE-2026-28289

CVE-2026-29779
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-08T10:18:37.000Z ##

🟠 CVE-2026-29779 - High (7.5)

UptimeFlare is a serverless uptime monitoring & status page solution, powered by Cloudflare Workers. Prior to commit 377a596, configuration file uptime.config.ts exports both pageConfig (safe for client use) and workerConfig (server-only, contains...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28678
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-08T10:00:45.000Z ##

🟠 CVE-2026-28678 - High (8.1)

DSA Study Hub is an interactive educational web application. Prior to commit d527fba, the user authentication system in server/routes/auth.js was found to be vulnerable to Insufficiently Protected Credentials. Authentication tokens (JWTs) were sto...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28284
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T16:00:20.000Z ##

🟠 CVE-2026-28284 - High (8.8)

FreePBX is an open source IP PBX. Prior to versions 16.0.10 and 17.0.5, the FreePBX logfiles module contains several authenticated SQL injection vulnerabilities. This issue has been patched in versions 16.0.10 and 17.0.5.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28210
(0 None)

EPSS: 0.05%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T15:39:35.000Z ##

🟠 CVE-2026-28210 - High (8.8)

FreePBX is an open source IP PBX. Prior to versions 16.0.49 and 17.0.7, FreePBX module cdr (Call Data Record) is vulnerable to SQL query injection. This issue has been patched in versions 16.0.49 and 17.0.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28287
(0 None)

EPSS: 0.11%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T15:39:25.000Z ##

🟠 CVE-2026-28287 - High (8.8)

FreePBX is an open source IP PBX. From versions 16.0.17.2 to before 16.0.20 and from version 17.0.2.4 to before 17.0.5, multiple command injection vulnerabilities exist in the recordings module. This issue has been patched in versions 16.0.20 and ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28405
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T12:06:44.000Z ##

🟠 CVE-2026-28405 - High (8)

MarkUs is a web application for the submission and grading of student assignments. Prior to version 2.9.1, the courses//assignments//submissions/html_content route reads the contents of a student-submitted file and renders them without sanitizatio...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28442
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T12:06:33.000Z ##

🟠 CVE-2026-28442 - High (8.5)

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, users are restricted from deleting internal system files or folders through the application interface. However, when interacting...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29089
(0 None)

EPSS: 0.01%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T09:30:12.000Z ##

🟠 CVE-2026-29089 - High (8.8)

TimescaleDB is a time-series database for high-performance real-time analytics packaged as a Postgres extension. From version 2.23.0 to 2.25.1, PostgreSQL uses the search_path setting to locate unqualified database objects (tables, functions, oper...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30840
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-07T08:07:15.000Z ##

🟠 CVE-2026-30840 - High (8.8)

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, there is a server-side request forgery vulnerability in notification testers. This issue has been patched in version 4.6.2.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-14297
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2026-28485
(0 None)

EPSS: 0.06%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-06T10:00:16.000Z ##

🟠 CVE-2026-28485 - High (8.4)

OpenClaw versions 2026.1.5 prior to 2026.2.12 fail to enforce mandatory authentication on the /agent/act browser-control HTTP route, allowing unauthorized local callers to invoke privileged operations. Remote attackers on the local network or loca...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28484
(0 None)

EPSS: 0.00%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-06T10:00:04.000Z ##

🔴 CVE-2026-28484 - Critical (9.8)

OpenClaw versions prior to 2026.2.15 contain an option injection vulnerability in the git-hooks/pre-commit hook that allows attackers to stage ignored files by creating maliciously-named files beginning with dashes. The hook fails to use a -- sepa...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-59543
(0 None)

EPSS: 0.04%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-06T08:35:15.000Z ##

🔴 CVE-2025-59543 - Critical (9)

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an attacker with a low-privileged account (e.g., tr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-06T08:23:34.000Z ##

🔴 CVE-2025-59543 - Critical (9)

Chamilo is a learning management system. Prior to version 1.11.34, there is a stored cross-site scripting (XSS) vulnerability. By injecting malicious JavaScript into the course description field, an attacker with a low-privileged account (e.g., tr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

Visit counter For Websites