VYPR

CVEs

101,963 total · page 126 of 2,040

  • CVE-2026-6031HigApr 10, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability has been found in code-projects Simple IT Discussion Forum 1.0. This affects an unknown function of the file /add-category-function.php. Such manipulation of the argument Category leads to sql injection. The attack can be executed remotely. The exploit has been…

  • CVE-2026-22750HigApr 10, 2026
    risk 0.42cvss 7.5epss 0.00

    When configuring SSL bundles in Spring Cloud Gateway by using the configuration property spring.ssl.bundle, the configuration was silently ignored and the default SSL configuration was used instead. Note: The 4.2.x branch is no longer under open source support. If you are…

  • CVE-2026-28704HigApr 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Emocheck insecurely loads Dynamic Link Libraries (DLLs). If a crafted DLL file is placed to the same directory, an arbitrary code may be executed with the privilege of the user invoking EmoCheck.

  • CVE-2026-6024HigApr 10, 2026
    risk 0.47cvss 7.3epss 0.01

    A vulnerability was determined in Tenda i6 1.0.0.7(2204). Affected by this issue is the function R7WebsSecurityHandlerfunction of the component HTTP Handler. This manipulation causes path traversal. It is possible to initiate the attack remotely. The exploit has been publicly…

  • CVE-2026-6016HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda AC9 15.03.02.13. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Performing a manipulation of the argument WANS results in stack-based buffer overflow. The attack can be…

  • CVE-2026-6015HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda AC9 15.03.02.13. Impacted is the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. Such manipulation of the argument PPPOEPassword leads to stack-based buffer overflow. It is possible to launch…

  • CVE-2026-5477HigApr 10, 2026
    risk 0.42cvss 7.5epss 0.00

    An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wc_CmacUpdate used the guard `if (cmac->totalSz != 0)` to skip XOR-chaining on the first block (where digest is all-zeros and the XOR is a…

  • CVE-2026-6014HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in D-Link DIR-513 1.10. This issue affects the function formAdvanceSetup of the file /goform/formAdvanceSetup of the component POST Request Handler. This manipulation of the argument webpage causes buffer overflow. It is possible to initiate the attack…

  • CVE-2026-6013HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in D-Link DIR-513 1.10. This vulnerability affects the function formSetRoute of the file /goform/formSetRoute of the component POST Request Handler. The manipulation of the argument curTime results in buffer overflow. The attack may be performed from…

  • CVE-2026-6012HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A security vulnerability has been detected in D-Link DIR-513 1.10. This affects the function formSetPassword of the file /goform/formSetPassword of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be…

  • CVE-2026-5501HigApr 10, 2026
    risk 0.46cvss 8.1epss 0.00

    wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker supplies an untrusted intermediate with Basic Constraints `CA:FALSE` that is legitimately signed by a trusted root. An attacker…

  • CVE-2026-5479HigApr 10, 2026
    risk 0.46cvss 8.1epss 0.00

    In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSL_EVP_CipherFinal (and related EVP cipher finalization functions) fails to verify the authentication tag before returning plaintext to the caller. When an application uses the EVP API to perform…

  • CVE-2026-5466HigApr 10, 2026
    risk 0.46cvss 8.1epss 0.00

    wolfSSL's ECCSI signature verifier `wc_VerifyEccsiHash` decodes the `r` and `s` scalars from the signature blob via `mp_read_unsigned_bin` with no check that they lie in `[1, q-1]`. A crafted forged signature could verify against any message for any identity, using only…

  • CVE-2026-5188HigApr 10, 2026
    risk 0.46cvss 8.1epss 0.00

    An integer underflow issue exists in wolfSSL when parsing the Subject Alternative Name (SAN) extension of X.509 certificates. A malformed certificate can specify an entry length larger than the enclosing sequence, causing the internal length counter to wrap during parsing. This…

  • CVE-2026-6004HigApr 10, 2026
    risk 0.47cvss 7.3epss 0.00

    A vulnerability was detected in code-projects Simple IT Discussion Forum 1.0. Impacted is an unknown function of the file /delete-category.php. Performing a manipulation of the argument cat_id results in sql injection. It is possible to initiate the attack remotely. The exploit…

  • CVE-2026-4351HigApr 10, 2026
    risk 0.53cvss 8.1epss 0.00

    The Perfmatters plugin for WordPress is vulnerable to arbitrary file overwrite via path traversal in all versions up to, and including, 2.5.9. This is due to the `PMCS::action_handler()` method processing the bulk action `activate`/`deactivate` handlers without any authorization…

  • CVE-2026-3360HigApr 10, 2026
    risk 0.42cvss 7.5epss 0.01

    The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to an Insecure Direct Object Reference in all versions up to, and including, 3.9.7. This is due to missing authentication and authorization checks in the `pay_incomplete_order()` function.…

  • CVE-2026-25203HigApr 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Samsung MagicINFO 9 Server Incorrect Default Permissions Local Privilege Escalation Vulnerability This issue affects MagicINFO 9 Server: less than 21.1091.1.

  • CVE-2026-5992HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2pListFilter. This manipulation of the argument page causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been…

  • CVE-2026-5991HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made…

  • CVE-2026-5990HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function fromSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The…

  • CVE-2026-5989HigApr 10, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Tenda F451 1.0.0.7. Affected is the function fromRouteStatic of the file /goform/RouteStatic. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and…

  • CVE-2026-5988HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in Tenda F451 1.0.0.7. This impacts the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Performing a manipulation of the argument mit_ssid results in stack-based buffer overflow. The attack can be initiated remotely. The exploit is now…

  • CVE-2026-5985HigApr 9, 2026
    risk 0.47cvss 7.3epss 0.00

    A security flaw has been discovered in code-projects Simple IT Discussion Forum 1.0. The affected element is an unknown function of the file /crud.php. The manipulation of the argument user_Id results in sql injection. The attack may be performed from remote. The exploit has…

  • CVE-2026-5295HigApr 9, 2026
    risk 0.45cvss 8.0epss 0.00

    A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wc_PKCS7_DecryptOri() function in wolfcrypt/src/pkcs7.c. When processing a CMS EnvelopedData message containing an OtherRecipientInfo (ORI) recipient, the function copies an ASN.1-parsed OID into a fixed…

  • CVE-2026-5984HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was identified in D-Link DIR-605L 2.13B01. Impacted is the function formSetLog of the file /goform/formSetLog of the component POST Request Handler. The manipulation of the argument curTime leads to buffer overflow. The attack is possible to be carried out…

  • CVE-2026-5983HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in D-Link DIR-605L 2.13B01. This issue affects the function formSetDDNS of the file /goform/formSetDDNS of the component POST Request Handler. Executing a manipulation of the argument curTime can lead to buffer overflow. The attack can be executed…

  • CVE-2026-5982HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in D-Link DIR-605L 2.13B01. This vulnerability affects the function formAdvNetwork of the file /goform/formAdvNetwork of the component POST Request Handler. Performing a manipulation of the argument curTime results in buffer overflow. Remote…

  • CVE-2026-5981HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall of the file /goform/formAdvFirewall of the component POST Request Handler. Such manipulation of the argument curTime leads to buffer overflow. The attack may be launched…

  • CVE-2026-40153HigApr 9, 2026
    risk 0.48cvss 7.4epss 0.00

    PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, the execute_command function in shell_tools.py calls os.path.expandvars() on every command argument at line 64, manually re-implementing shell-level environment variable expansion despite using shell=False (line…

  • CVE-2026-40150HigApr 9, 2026
    risk 0.50cvss 7.7epss 0.00

    PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, the web_crawl() function in praisonaiagents/tools/web_crawl_tools.py accepts arbitrary URLs from AI agents with zero validation. No scheme allowlisting, hostname/IP blocklisting, or private network checks are…

  • CVE-2026-40149HigApr 9, 2026
    risk 0.44cvss 7.9epss 0.00

    PraisonAI is a multi-agent teams system. Prior to 4.5.128, the gateway's /api/approval/allow-list endpoint permits unauthenticated modification of the tool approval allowlist when no auth_token is configured (the default). By adding dangerous tool names (e.g., shell_exec,…

  • CVE-2026-40116HigApr 9, 2026
    risk 0.42cvss 7.5epss 0.00

    PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /media-stream WebSocket endpoint in PraisonAI's call module accepts connections from any client without authentication or Twilio signature validation. Each connection opens an authenticated session to OpenAI's…

  • CVE-2026-40114HigApr 9, 2026
    risk 0.40cvss 7.2epss 0.00

    PraisonAI is a multi-agent teams system. Prior to 4.5.128, the /api/v1/runs endpoint accepts an arbitrary webhook_url in the request body with no URL validation. When a submitted job completes (success or failure), the server makes an HTTP POST request to this URL using…

  • CVE-2026-40113HigApr 9, 2026
    risk 0.48cvss 8.4epss 0.00

    PraisonAI is a multi-agent teams system. Prior to 4.5.128, deploy.py constructs a single comma-delimited string for the gcloud run deploy --set-env-vars argument by directly interpolating openai_model, openai_key, and openai_base without validating that these values do not…

  • CVE-2026-40111HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.00

    PraisonAIAgents is a multi-agent teams system. Prior to 1.5.128, he memory hooks executor in praisonaiagents passes a user-controlled command string directly to subprocess.run() with shell=True at src/praisonai-agents/praisonaiagents/memory/hooks.py. No sanitization is performed…

  • CVE-2026-35645HigApr 9, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.3.25 contains a privilege escalation vulnerability in the gateway plugin subagent fallback deleteSession function that uses a synthetic operator.admin runtime scope. Attackers can exploit this by triggering session deletion without a request-scoped client to…

  • CVE-2026-35639HigApr 9, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the device.pair.approve method that allows an operator.pairing approver to approve pending device requests with broader operator scopes than the approver actually holds. Attackers can exploit insufficient…

  • CVE-2026-35638HigApr 9, 2026
    risk 0.50cvss 8.8epss 0.00

    OpenClaw before 2026.3.22 contains a privilege escalation vulnerability in the Control UI that allows unauthenticated sessions to retain self-declared privileged scopes without device identity verification. Attackers can exploit the device-less allow path in the trusted-proxy…

  • CVE-2026-35637HigApr 9, 2026
    risk 0.40cvss 7.3epss 0.00

    OpenClaw before 2026.3.22 performs cite expansion before completing channel and DM authorization checks, allowing cite work and content handling prior to final auth decisions. Attackers can exploit this timing vulnerability to access or manipulate content before proper…

  • CVE-2026-35632HigApr 9, 2026
    risk 0.39cvss 7.1epss 0.00

    OpenClaw through 2026.2.22 contains a symlink traversal vulnerability in agents.create and agents.update handlers that use fs.appendFile on IDENTITY.md without symlink containment checks. Attackers with workspace access can plant symlinks to append attacker-controlled content to…

  • CVE-2026-35629HigApr 9, 2026
    risk 0.41cvss 7.4epss 0.00

    OpenClaw before 2026.3.25 contains a server-side request forgery vulnerability in multiple channel extensions that fail to properly guard configured base URLs against SSRF attacks. Attackers can exploit unprotected fetch() calls against configured endpoints to rebind requests to…

  • CVE-2026-35625HigApr 9, 2026
    risk 0.44cvss 7.8epss 0.00

    OpenClaw before 2026.3.25 contains a privilege escalation vulnerability where silent local shared-auth reconnects auto-approve scope-upgrade requests, widening paired device permissions from operator.read to operator.admin. Attackers can exploit this by triggering local…

  • CVE-2026-34512HigApr 9, 2026
    risk 0.46cvss 8.1epss 0.00

    OpenClaw before 2026.3.25 contains an improper access control vulnerability in the HTTP /sessions/:sessionKey/kill route that allows any bearer-authenticated user to invoke admin-level session termination functions without proper scope validation. Attackers can exploit this by…

  • CVE-2026-33797HigApr 9, 2026
    risk 0.48cvss 7.4epss 0.00

    An Improper Input Validation vulnerability in Juniper Networks Junos OS and Junos OS Evolved allows an unauthenticated, adjacent attacker, sending a specific genuine BGP packet in an already established BGP session to reset only that session causing a Denial of Service (DoS). …

  • CVE-2026-33793HigApr 9, 2026
    risk 0.51cvss 7.8epss 0.00

    An Execution with Unnecessary Privileges vulnerability in the User Interface (UI) of Juniper Networks Junos OS and Junos OS Evolved allows a local, low-privileged attacker to gain root privileges, thus compromising the system. When a configuration that allows unsigned Python…

  • CVE-2026-33790HigApr 9, 2026
    risk 0.49cvss 7.5epss 0.00

    An Improper Check for Unusual or Exceptional Conditions vulnerability in the flow daemon (flowd) of Juniper Networks Junos OS on SRX Series allows an attacker sending a specific, malformed ICMPv6 packet to cause the srxpfe process to crash and restart. Continued receipt and…

  • CVE-2026-33788HigApr 9, 2026
    risk 0.51cvss 7.8epss 0.00

    A Missing Authentication for Critical Function vulnerability in the Flexible PIC Concentrators (FPCs) of Juniper Networks Junos OS Evolved on PTX Series allows a local, authenticated attacker with low privileges to gain direct access to FPCs installed in the device. A local…

  • CVE-2026-33785HigApr 9, 2026
    risk 0.57cvss 8.8epss 0.00

    A Missing Authorization vulnerability in the CLI of Juniper Networks Junos OS on MX Series allows a local, authenticated user with low privileges to execute specific commands which will lead to a complete compromise of managed devices. Any user logged in, without requiring…

  • CVE-2026-33778HigApr 9, 2026
    risk 0.49cvss 7.5epss 0.00

    An Improper Validation of Syntactic Correctness of Input vulnerability in the IPsec library used by kmd and iked of Juniper Networks Junos OS on SRX Series and MX Series allows an unauthenticated, network-based attacker to cause a complete Denial-of-Service (DoS). If an…