31,509 indexed
CVECVE vulnerabilities
31,509 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 1,001–1,050 of 31,509 · page 21 of 631
| ID | Title | Summary |
|---|---|---|
| CVE-2026-6186 | CVE-2026-6186 CVSS 8.8 | A security vulnerability has been detected in UTT HiPER 1200GW up to 2.5.3-170306. This vulnerability affects the function strcpy of the file /goform/formNatSt… |
| CVE-2026-6180 | CVE-2026-6180 CVSS 8.1 | A race condition exists in PaperCut MF when processing badge-swipe data from certain HP multifunction devices. Under specific network conditions involving drop… |
| CVE-2026-6168 | CVE-2026-6168 CVSS 8.8 | A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. This man… |
| CVE-2026-6157 | CVE-2026-6157 CVSS 8.8 | A vulnerability was detected in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so… |
| CVE-2026-6156 | CVE-2026-6156 CVSS 9.8 | A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi o… |
| CVE-2026-6155 | CVE-2026-6155 CVSS 9.8 | A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component… |
| CVE-2026-6154 | CVE-2026-6154 CVSS 9.8 | A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cg… |
| CVE-2026-6140 | CVE-2026-6140 CVSS 9.8 | A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the compon… |
| CVE-2026-6139 | CVE-2026-6139 CVSS 9.8 | A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the co… |
| CVE-2026-6138 | CVE-2026-6138 CVSS 9.8 | A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the… |
| CVE-2026-6137 | CVE-2026-6137 CVSS 8.8 | A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulati… |
| CVE-2026-6136 | CVE-2026-6136 CVSS 8.8 | A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of… |
| CVE-2026-6135 | CVE-2026-6135 CVSS 8.8 | A weakness has been identified in Tenda F451 1.0.0.7_cn_svn7958. This issue affects the function fromSetIpBind of the file /goform/SetIpBind. Executing a manip… |
| CVE-2026-6134 | CVE-2026-6134 CVSS 8.8 | A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqossetting of the file /goform/qossetting. Pe… |
| CVE-2026-6133 | CVE-2026-6133 CVSS 8.8 | A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Such manipulati… |
| CVE-2026-6132 | CVE-2026-6132 CVSS 9.8 | A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of t… |
| CVE-2026-6131 | CVE-2026-6131 CVSS 9.8 | A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTracerouteCfg of the file /cgi-bin/cstecg… |
| CVE-2026-6124 | CVE-2026-6124 CVSS 8.8 | A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the compon… |
| CVE-2026-6123 | CVE-2026-6123 CVSS 8.8 | A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a m… |
| CVE-2026-6122 | CVE-2026-6122 CVSS 8.8 | A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. S… |
| CVE-2026-6121 | CVE-2026-6121 CVSS 8.8 | A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component http… |
| CVE-2026-6120 | CVE-2026-6120 CVSS 8.8 | A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The … |
| CVE-2026-6116 | CVE-2026-6116 CVSS 9.8 | A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.c… |
| CVE-2026-6115 | CVE-2026-6115 CVSS 9.8 | A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handl… |
| CVE-2026-6114 | CVE-2026-6114 CVSS 9.8 | A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of… |
| CVE-2026-6113 | CVE-2026-6113 CVSS 9.8 | A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the fil… |
| CVE-2026-6112 | CVE-2026-6112 CVSS 9.8 | A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component… |
| CVE-2026-6110 | CVE-2026-6110 CVSS 9.8 | A vulnerability was identified in FoundationAgents MetaGPT up to 0.8.1. This affects the function generate_thoughts of the file metagpt/strategy/tot.py of the … |
| CVE-2026-6109 | CVE-2026-6109 CVSS 8.8 | A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minec… |
| CVE-2026-6104 | CVE-2026-6104 CVSS 9.1 | In PHP versions 8.4.* before 8.4.21 and 8.5.* before 8.5.6, when an encoding name containing an embedded NUL byte is passed to mb_convert_encoding() or related… |
| CVE-2026-6090 | CVE-2026-6090 CVSS 7.0 | A potential authentication bypass was reported in Lenovo Smart Connect for Windows that could allow a local authenticated user to execute arbitrary code with e… |
| CVE-2026-6074 | CVE-2026-6074 CVSS 9.8 | Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x contain a path traversal vulnerability in the download_debuglog_file.php endpoint used for Debug Logs dow… |
| CVE-2026-6068 | CVE-2026-6068 CVSS 9.6 | NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file… |
| CVE-2026-6057 | CVE-2026-6057 CVSS 9.8 | FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows remote attackers to write arbitrary files an… |
| CVE-2026-6047 | CVE-2026-6047 | LibreOffice can import documents in the OOXML format (DOCX). A heap buffer overflow existed when replaying deferred parser events for a text box element. A han… |
| CVE-2026-6046 | CVE-2026-6046 CVSS 5.3mattermost | Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 fail to validate that a username returned during bot registrat… |
| CVE-2026-6045 | CVE-2026-6045 | LibreOffice can import EMF+ graphics, which may be embedded in documents. A heap buffer overflow existed when importing an EMF+ gradient brush. The number of g… |
| CVE-2026-6040 | CVE-2026-6040 | A heap use-after-free existed when importing the blank-width characters of an ODF number format. A position value read from the document was not checked agains… |
| CVE-2026-6039 | CVE-2026-6039 | LibreOffice can import drawings in the DXF format used by CAD software. A heap buffer overflow existed when importing a DXF polyline. The point count taken fro… |
| CVE-2026-6029 | CVE-2026-6029 CVSS 9.8 | A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi o… |
| CVE-2026-6028 | CVE-2026-6028 CVSS 9.8 | A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi… |
| CVE-2026-6027 | CVE-2026-6027 CVSS 9.8 | A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of … |
| CVE-2026-6026 | CVE-2026-6026 CVSS 9.8 | A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setPortalConfWeChat of the file /cgi-bin/… |
| CVE-2026-6025 | CVE-2026-6025 CVSS 9.8 | A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the compone… |
| CVE-2026-6024 | CVE-2026-6024 CVSS 9.8 | A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. T… |
| CVE-2026-6023 | CVE-2026-6023 CVSS 9.8 | In Progress® Telerik® UI for AJAX versions 2024.4.1114 through 2026.1.421, the RadFilter control is vulnerable to insecure deserialization when restoring filte… |
| CVE-2026-6016 | CVE-2026-6016 CVSS 8.8 | A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Reque… |
| CVE-2026-6015 | CVE-2026-6015 CVSS 8.8 | A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request H… |
| CVE-2026-6014 | CVE-2026-6014 CVSS 8.8 | A flaw has been found in D-Link DIR-513 1.10. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup of the component POST Reque… |
| CVE-2026-6013 | CVE-2026-6013 CVSS 8.8 | A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POS… |