31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 401–450 of 8,161 in High · page 9 of 164
| ID | Title | Summary |
|---|---|---|
| CVE-2026-6134 | CVE-2026-6134 CVSS 8.8 | A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Pe… |
| CVE-2026-6133 | CVE-2026-6133 CVSS 8.8 | A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulati… |
| CVE-2026-6124 | CVE-2026-6124 CVSS 8.8 | A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the compon… |
| CVE-2026-6123 | CVE-2026-6123 CVSS 8.8 | A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a m… |
| CVE-2026-6122 | CVE-2026-6122 CVSS 8.8 | A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. S… |
| CVE-2026-6121 | CVE-2026-6121 CVSS 8.8 | A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component http… |
| CVE-2026-6120 | CVE-2026-6120 CVSS 8.8 | A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The … |
| CVE-2026-6109 | CVE-2026-6109 CVSS 8.8 | A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minec… |
| CVE-2026-6016 | CVE-2026-6016 CVSS 8.8 | A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Reque… |
| CVE-2026-6015 | CVE-2026-6015 CVSS 8.8 | A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request H… |
| CVE-2026-6014 | CVE-2026-6014 CVSS 8.8 | A flaw has been found in D-Link DIR-513 1.10. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup of the component POST Reque… |
| CVE-2026-6013 | CVE-2026-6013 CVSS 8.8 | A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POS… |
| CVE-2026-6012 | CVE-2026-6012 CVSS 8.8 | A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the compone… |
| CVE-2026-6011 | CVE-2026-6011 CVSS 8.1 | A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of t… |
| CVE-2026-6002 | CVE-2026-6002 CVSS 8.8 | Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross… |
| CVE-2026-6001 | CVE-2026-6001 CVSS 8.8 | Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affec… |
| CVE-2026-5992 | CVE-2026-5992 CVSS 8.8 | A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2pListFilter. This manipulation of the a… |
| CVE-2026-5991 | CVE-2026-5991 CVSS 8.8 | A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of th… |
| CVE-2026-5990 | CVE-2026-5990 CVSS 8.8 | A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function fromSafeEmailFilter of the file /goform/SafeEmailFilter. T… |
| CVE-2026-5989 | CVE-2026-5989 CVSS 8.8 | A flaw has been found in Tenda F451 1.0.0.7. Affected is the function fromRouteStatic of the file /goform/RouteStatic. Executing a manipulation of the argument… |
| CVE-2026-5988 | CVE-2026-5988 CVSS 8.8 | A vulnerability was detected in Tenda F451 1.0.0.7. This impacts the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Performing a manipulation of… |
| CVE-2026-5984 | CVE-2026-5984 CVSS 8.8 | A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of the file /goform/formSetLog of the component POST Request Han… |
| CVE-2026-5983 | CVE-2026-5983 CVSS 8.8 | A vulnerability was determined in D-Link DIR-605L 2.13B01. This issue affects the function formSetDDNS of the file /goform/formSetDDNS of the component POST Re… |
| CVE-2026-5982 | CVE-2026-5982 CVSS 8.8 | A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAdvNetwork of the file /goform/formAdvNetwork of the componen… |
| CVE-2026-5981 | CVE-2026-5981 CVSS 8.8 | A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform/formAdvFirewall of the component POST … |
| CVE-2026-5980 | CVE-2026-5980 CVSS 8.8 | A flaw has been found in D-Link DIR-605L 2.13B01. Affected by this issue is the function formSetMACFilter of the file /goform/formSetMACFilter of the component… |
| CVE-2026-5979 | CVE-2026-5979 CVSS 8.8 | A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of … |
| CVE-2026-5967 | CVE-2026-5967 CVSS 8.8 | ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers with shell access can inject OS comma… |
| CVE-2026-5966 | CVE-2026-5966 CVSS 8.1 | ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path T… |
| CVE-2026-5944 | CVE-2026-5944 CVSS 8.2 | An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endp… |
| CVE-2026-5936 | CVE-2026-5936 CVSS 8.5 | An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior… |
| CVE-2026-5921 | CVE-2026-5921 CVSS 8.9 | A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variabl… |
| CVE-2026-5915 | CVE-2026-5915 CVSS 8.1 | Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write … |
| CVE-2026-5914 | CVE-2026-5914 CVSS 8.8 | Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit … |
| CVE-2026-5913 | CVE-2026-5913 CVSS 8.1 | Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. … |
| CVE-2026-5912 | CVE-2026-5912 CVSS 8.8 | Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. … |
| CVE-2026-5910 | CVE-2026-5910 CVSS 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (C… |
| CVE-2026-5909 | CVE-2026-5909 CVSS 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (C… |
| CVE-2026-5908 | CVE-2026-5908 CVSS 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (C… |
| CVE-2026-5907 | CVE-2026-5907 CVSS 8.1 | Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted v… |
| CVE-2026-5904 | CVE-2026-5904 CVSS 8.8 | Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit h… |
| CVE-2026-5884 | CVE-2026-5884 CVSS 8.8 | Insufficient validation of untrusted input in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process … |
| CVE-2026-5883 | CVE-2026-5883 CVSS 8.8google | Use after free in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (… |
| CVE-2026-5879 | CVE-2026-5879 CVSS 8.8 | Insufficient validation of untrusted input in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a… |
| CVE-2026-5877 | CVE-2026-5877 CVSS 8.8 | Use after free in Navigation in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML pa… |
| CVE-2026-5873 | CVE-2026-5873 CVSS 8.8 | Out of bounds read and write in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted H… |
| CVE-2026-5872 | CVE-2026-5872 CVSS 8.8 | Use after free in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (… |
| CVE-2026-5871 | CVE-2026-5871 CVSS 8.8 | Type Confusion in V8 in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chr… |
| CVE-2026-5870 | CVE-2026-5870 CVSS 8.8 | Integer overflow in Skia in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. … |
| CVE-2026-5868 | CVE-2026-5868 CVSS 8.8 | Heap buffer overflow in ANGLE in Google Chrome on Mac prior to 147.0.7727.55 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted… |