31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 251–300 of 8,161 in High · page 6 of 164
| ID | Title | Summary |
|---|---|---|
| CVE-2026-7418 | CVE-2026-7418 CVSS 8.8 | A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Exec… |
| CVE-2026-7412 | CVE-2026-7412 CVSS 8.6 | In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, the Operation Delegation feature fails to validate the destination URI of delegated requ… |
| CVE-2026-7402 | CVE-2026-7402 CVSS 8.1 | Improper Control of Interaction Frequency vulnerability in MeWare Software Development Inc. PDKS allows Flooding. This issue affects PDKS: from V16.20200313 b… |
| CVE-2026-7399 | CVE-2026-7399 CVSS 8.1 | Authorization bypass through User-Controlled key vulnerability in MeWare Software Development Inc. PDKS allows Privilege Abuse. This issue affects PDKS: from … |
| CVE-2026-7363 | CVE-2026-7363 CVSS 8.8 | Use after free in Canvas in Google Chrome on Linux, ChromeOS prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a… |
| CVE-2026-7361 | CVE-2026-7361 CVSS 8.8 | Use after free in iOS in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chrom… |
| CVE-2026-7359 | CVE-2026-7359 CVSS 8.8 | Use after free in ANGLE in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a sa… |
| CVE-2026-7358 | CVE-2026-7358 CVSS 8.8 | Use after free in Animation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML pa… |
| CVE-2026-7356 | CVE-2026-7356 CVSS 8.8 | Use after free in Navigation in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via a crafted HTML page. (Chromium se… |
| CVE-2026-7355 | CVE-2026-7355 CVSS 8.8 | Use after free in Media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. … |
| CVE-2026-7354 | CVE-2026-7354 CVSS 8.8 | Out of bounds read and write in Angle in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted … |
| CVE-2026-7353 | CVE-2026-7353 CVSS 8.3 | Heap buffer overflow in Skia in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform… |
| CVE-2026-7352 | CVE-2026-7352 CVSS 8.3 | Use after free in Media in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially p… |
| CVE-2026-7350 | CVE-2026-7350 CVSS 8.3 | Use after free in WebMIDI in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to potentially perform a … |
| CVE-2026-7348 | CVE-2026-7348 CVSS 8.8 | Use after free in Codecs in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.… |
| CVE-2026-7347 | CVE-2026-7347 CVSS 8.1 | Use after free in Chromoting in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code via malicious network traffic. (Chrom… |
| CVE-2026-7346 | CVE-2026-7346 CVSS 8.1 | Inappropriate implementation in Tint in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to perform out of bounds memory access via a crafted HT… |
| CVE-2026-7345 | CVE-2026-7345 CVSS 8.3 | Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer proc… |
| CVE-2026-7344 | CVE-2026-7344 CVSS 8.8 | Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727.138 allowed a remote attacker who had compromised the renderer process to poten… |
| CVE-2026-7342 | CVE-2026-7342 CVSS 8.8 | Use after free in WebView in Google Chrome on Android prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafte… |
| CVE-2026-7341 | CVE-2026-7341 CVSS 8.8 | Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.… |
| CVE-2026-7339 | CVE-2026-7339 CVSS 8.8 | Heap buffer overflow in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pag… |
| CVE-2026-7337 | CVE-2026-7337 CVSS 8.8 | Type Confusion in V8 in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Ch… |
| CVE-2026-7336 | CVE-2026-7336 CVSS 8.8 | Use after free in WebRTC in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.… |
| CVE-2026-7335 | CVE-2026-7335 CVSS 8.8 | Use after free in media in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. … |
| CVE-2026-7334 | CVE-2026-7334 CVSS 8.8 | Use after free in Views in Google Chrome on Mac prior to 147.0.7727.138 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML pag… |
| CVE-2026-7289 | CVE-2026-7289 CVSS 8.8 | A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the… |
| CVE-2026-7288 | CVE-2026-7288 CVSS 8.8 | A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub_4151FC of the file /boafrm/formVpnConfigSetup. The manipu… |
| CVE-2026-7256 | CVE-2026-7256 CVSS 8.8 | ** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjace… |
| CVE-2026-7252 | CVE-2026-7252 CVSS 8.1 | The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deleti… |
| CVE-2026-7160 | CVE-2026-7160 CVSS 8.8 | A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boaform/formTracert. Executing a manipulation… |
| CVE-2026-7151 | CVE-2026-7151 CVSS 8.8 | A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6Routing. This manipulation of the argum… |
| CVE-2026-7119 | CVE-2026-7119 CVSS 8.8 | A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argumen… |
| CVE-2026-7111 | CVE-2026-7111 CVSS 8.4 | Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or m… |
| CVE-2026-7106 | CVE-2026-7106 CVSS 8.8 | The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.0.0. This is due to insu… |
| CVE-2026-7102 | CVE-2026-7102 CVSS 8.8 | A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipula… |
| CVE-2026-7101 | CVE-2026-7101 CVSS 8.8 | A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The m… |
| CVE-2026-7100 | CVE-2026-7100 CVSS 8.8 | A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing… |
| CVE-2026-7099 | CVE-2026-7099 CVSS 8.8 | A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. … |
| CVE-2026-7098 | CVE-2026-7098 CVSS 8.8 | A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the compone… |
| CVE-2026-7097 | CVE-2026-7097 CVSS 8.8 | A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the … |
| CVE-2026-7096 | CVE-2026-7096 CVSS 8.8 | A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerability affects the function formgponConf of the file /boaform/admin/formgponConf. T… |
| CVE-2026-7082 | CVE-2026-7082 CVSS 8.8 | A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component ht… |
| CVE-2026-7081 | CVE-2026-7081 CVSS 8.8 | A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Perfor… |
| CVE-2026-7080 | CVE-2026-7080 CVSS 8.8 | A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the comp… |
| CVE-2026-7079 | CVE-2026-7079 CVSS 8.8 | A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipu… |
| CVE-2026-7078 | CVE-2026-7078 CVSS 8.8 | A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component ht… |
| CVE-2026-7069 | CVE-2026-7069 CVSS 8.0 | A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd… |
| CVE-2026-7068 | CVE-2026-7068 CVSS 8.8 | A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation… |
| CVE-2026-7057 | CVE-2026-7057 CVSS 8.8 | A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component httpd. This manipulation o… |