31,509 indexed
CVECVE vulnerabilities
31,509 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 1,051–1,100 of 31,509 · page 22 of 631
| ID | Title | Summary |
|---|---|---|
| CVE-2026-6012 | CVE-2026-6012 CVSS 8.8 | A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the compone… |
| CVE-2026-6011 | CVE-2026-6011 CVSS 8.1 | A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of t… |
| CVE-2026-6002 | CVE-2026-6002 CVSS 8.8 | Improper neutralization of Script-Related HTML tags in a web page (basic XSS) vulnerability in DivvyDrive Information Technologies Inc. DivvyDrive allows Cross… |
| CVE-2026-6001 | CVE-2026-6001 CVSS 8.8 | Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affec… |
| CVE-2026-5997 | CVE-2026-5997 CVSS 9.8 | A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cg… |
| CVE-2026-5996 | CVE-2026-5996 CVSS 9.8 | A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setAdvancedInfoShow of the file /cgi-… |
| CVE-2026-5995 | CVE-2026-5995 CVSS 9.8 | A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the… |
| CVE-2026-5994 | CVE-2026-5994 CVSS 9.8 | A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of … |
| CVE-2026-5993 | CVE-2026-5993 CVSS 9.8 | A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.c… |
| CVE-2026-5992 | CVE-2026-5992 CVSS 8.8 | A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2pListFilter. This manipulation of the a… |
| CVE-2026-5991 | CVE-2026-5991 CVSS 8.8 | A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of th… |
| CVE-2026-5990 | CVE-2026-5990 CVSS 8.8 | A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function fromSafeEmailFilter of the file /goform/SafeEmailFilter. T… |
| CVE-2026-5989 | CVE-2026-5989 CVSS 8.8 | A flaw has been found in Tenda F451 1.0.0.7. Affected is the function fromRouteStatic of the file /goform/RouteStatic. Executing a manipulation of the argument… |
| CVE-2026-5988 | CVE-2026-5988 CVSS 8.8 | A vulnerability was detected in Tenda F451 1.0.0.7. This impacts the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Performing a manipulation of… |
| CVE-2026-5984 | CVE-2026-5984 CVSS 8.8 | A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of the file /goform/formSetLog of the component POST Request Han… |
| CVE-2026-5983 | CVE-2026-5983 CVSS 8.8 | A vulnerability was determined in D-Link DIR-605L 2.13B01. This issue affects the function formSetDDNS of the file /goform/formSetDDNS of the component POST Re… |
| CVE-2026-5982 | CVE-2026-5982 CVSS 8.8 | A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAdvNetwork of the file /goform/formAdvNetwork of the componen… |
| CVE-2026-5981 | CVE-2026-5981 CVSS 8.8 | A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform/formAdvFirewall of the component POST … |
| CVE-2026-5980 | CVE-2026-5980 CVSS 8.8 | A flaw has been found in D-Link DIR-605L 2.13B01. Affected by this issue is the function formSetMACFilter of the file /goform/formSetMACFilter of the component… |
| CVE-2026-5979 | CVE-2026-5979 CVSS 8.8 | A vulnerability was detected in D-Link DIR-605L 2.13B01. Affected by this vulnerability is the function formVirtualServ of the file /goform/formVirtualServ of … |
| CVE-2026-5978 | CVE-2026-5978 CVSS 9.8 | A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi … |
| CVE-2026-5977 | CVE-2026-5977 CVSS 9.8 | A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the comp… |
| CVE-2026-5976 | CVE-2026-5976 CVSS 9.8 | A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the c… |
| CVE-2026-5975 | CVE-2026-5975 CVSS 9.8 | A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the… |
| CVE-2026-5974 | CVE-2026-5974 CVSS 9.8 | A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The affected element is the function Bash.run in the library metagpt/tools/libs/termina… |
| CVE-2026-5973 | CVE-2026-5973 CVSS 9.8 | A vulnerability was found in FoundationAgents MetaGPT up to 0.8.1. Impacted is the function get_mime_type of the file metagpt/utils/common.py. The manipulation… |
| CVE-2026-5972 | CVE-2026-5972 CVSS 9.8 | A vulnerability has been found in FoundationAgents MetaGPT up to 0.8.1. This issue affects the function Terminal.run_command in the library metagpt/tools/libs/… |
| CVE-2026-5971 | CVE-2026-5971 CVSS 9.8 | A flaw has been found in FoundationAgents MetaGPT up to 0.8.1. This vulnerability affects the function ActionNode.xml_fill of the file metagpt/actions/action_n… |
| CVE-2026-5970 | CVE-2026-5970 CVSS 9.8 | A vulnerability was detected in FoundationAgents MetaGPT up to 0.8.1. This affects the function check_solution of the component HumanEvalBenchmark/MBPPBenchmar… |
| CVE-2026-5967 | CVE-2026-5967 CVSS 8.8 | ThreatSonar Anti-Ransomware developed by TeamT5 has an Privilege Escalation vulnerability. Authenticated remote attackers with shell access can inject OS comma… |
| CVE-2026-5966 | CVE-2026-5966 CVSS 8.1 | ThreatSonar Anti-Ransomware developed by TeamT5 has an Arbitrary File Deletion vulnerability. Authenticated remote attackers with web access can exploit Path T… |
| CVE-2026-5965 | CVE-2026-5965 CVSS 9.8 | NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute … |
| CVE-2026-5964 | CVE-2026-5964 CVSS 9.8 | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modif… |
| CVE-2026-5963 | CVE-2026-5963 CVSS 9.8 | EasyFlow .NET developed by Digiwin has a SQL Injection vulnerability, allowing unauthenticated remote attackers to inject arbitrary SQL commands to read, modif… |
| CVE-2026-5962 | CVE-2026-5962 CVSS 9.8 | A vulnerability was detected in Tenda CH22 1.0.0.6(468). This issue affects the function R7WebsSecurityHandlerfunction of the component httpd. The manipulation… |
| CVE-2026-5944 | CVE-2026-5944 CVSS 8.2 | An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endp… |
| CVE-2026-5936 | CVE-2026-5936 CVSS 8.5 | An attacker can control a server-side HTTP request by supplying a crafted URL, causing the server to initiate requests to arbitrary destinations. This behavior… |
| CVE-2026-5935 | CVE-2026-5935 CVSS 9.8 | IBM Total Storage Service Console (TSSC) / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands with n… |
| CVE-2026-5921 | CVE-2026-5921 CVSS 8.9 | A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an attacker to extract sensitive environment variabl… |
| CVE-2026-5915 | CVE-2026-5915 CVSS 8.1 | Insufficient validation of untrusted input in WebML in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write … |
| CVE-2026-5914 | CVE-2026-5914 CVSS 8.8 | Type Confusion in CSS in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit … |
| CVE-2026-5913 | CVE-2026-5913 CVSS 8.1 | Out of bounds read in Blink in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. … |
| CVE-2026-5912 | CVE-2026-5912 CVSS 8.8 | Integer overflow in WebRTC in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. … |
| CVE-2026-5910 | CVE-2026-5910 CVSS 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (C… |
| CVE-2026-5909 | CVE-2026-5909 CVSS 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (C… |
| CVE-2026-5908 | CVE-2026-5908 CVSS 8.8 | Integer overflow in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to potentially exploit heap corruption via a crafted video file. (C… |
| CVE-2026-5907 | CVE-2026-5907 CVSS 8.1 | Insufficient data validation in Media in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to perform an out of bounds memory read via a crafted v… |
| CVE-2026-5904 | CVE-2026-5904 CVSS 8.8 | Use after free in V8 in Google Chrome prior to 147.0.7727.55 allowed an attacker who convinced a user to install a malicious extension to potentially exploit h… |
| CVE-2026-5902 | CVE-2026-5902 CVSS 9.8 | Race in Media in Google Chrome on Android prior to 147.0.7727.55 allowed a remote attacker who had compromised the renderer process to corrupt media stream met… |
| CVE-2026-5890 | CVE-2026-5890 CVSS 5.3google | Race in WebCodecs in Google Chrome prior to 147.0.7727.55 allowed a remote attacker to obtain potentially sensitive information from process memory via a craft… |