VYPR

CVEs

30,473 total · page 32 of 610

  • CVE-2026-29861CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.00

    PHP-MYSQL-User-Login-System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at login.php.

  • CVE-2025-44560CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.00

    owntone-server 2ca10d9 is vulnerable to Buffer Overflow due to lack of recursive checking.

  • CVE-2026-6068CriApr 10, 2026
    risk 0.62cvss 9.6epss 0.00

    NASM contains a heap use after free vulnerability in response file (-@) processing where a dangling pointer to freed memory is stored in the global depend_file and later dereferenced, as the response-file buffer is freed before the pointer is used, allowing for data corruption…

  • CVE-2026-5412CriApr 10, 2026
    risk 0.57cvss 9.9epss 0.00

    In Juju versions prior to 2.9.57 and 3.6.21, an authorization issue exists in the Controller facade. An authenticated user can call the CloudSpec API method to extract the cloud credentials used to bootstrap the controller. This allows a low-privileged user to access sensitive…

  • CVE-2026-6057CriApr 10, 2026
    risk 0.57cvss 9.8epss 0.01

    FalkorDB Browser 1.9.3 contains an unauthenticated path traversal vulnerability in the file upload API that allows remote attackers to write arbitrary files and achieve remote code execution.

  • CVE-2026-6029CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.03

    A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument User results in os command injection. The attack may be…

  • CVE-2026-6028CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.03

    A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable leads to os command injection. The attack may be…

  • CVE-2026-6027CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.03

    A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack…

  • CVE-2026-6026CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.03

    A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setPortalConfWeChat of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument enable results in os command…

  • CVE-2026-1115CriApr 10, 2026
    risk 0.55cvss 9.6epss 0.00

    A Stored Cross-Site Scripting (XSS) vulnerability was identified in the social feature of parisneo/lollms, affecting the latest version prior to 2.2.0. The vulnerability exists in the `create_post` function within `backend/routers/social/__init__.py`, where user-provided content…

  • CVE-2026-6025CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.03

    A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the…

  • CVE-2026-5997CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass results in os command injection. It is possible…

  • CVE-2026-5996CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.02

    A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument tty_server leads to os command injection.…

  • CVE-2026-5995CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.02

    A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument lan_info can lead to os command injection. The attack…

  • CVE-2026-5994CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.02

    A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument telnet_enabled results in os command injection. The…

  • CVE-2026-5993CriApr 10, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wifiOff leads to os command injection. The attack can…

  • CVE-2026-5393CriApr 10, 2026
    risk 0.52cvss 9.1epss 0.00

    Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-experimental and --enable-dual-alg-certs is used when building wolfSSL.

  • CVE-2026-5503CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.00

    In TLSX_EchChangeSNI, the ctx->extensions branch set extensions unconditionally even when TLSX_Find returned NULL. This caused TLSX_UseSNI to attach the attacker-controlled publicName to the shared WOLFSSL_CTX when no inner SNI was configured. TLSX_EchRestoreSNI then failed to…

  • CVE-2026-34424CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.01

    Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute arbitrary code and commands. Attackers can trigger pre-authentication remote…

  • CVE-2026-5264CriApr 9, 2026
    risk 0.57cvss 9.8epss 0.00

    Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow.

  • CVE-2026-40154CriApr 9, 2026
    risk 0.53cvss 9.3epss 0.00

    PraisonAI is a multi-agent teams system. Prior to 4.5.128, PraisonAI treats remotely fetched template files as trusted executable code without integrity verification, origin validation, or user confirmation, enabling supply chain attacks through malicious templates. This…

  • CVE-2026-33784CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.00

    A Use of Default Password vulnerability in the Juniper Networks Support Insights (JSI) Virtual Lightweight Collector (vLWC) allows an unauthenticated, network-based attacker to take full control of the device. vLWC software images ship with an initial password for a high…

  • CVE-2026-5978CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.02

    A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument mode leads to os command injection. The attack can be…

  • CVE-2026-5977CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.02

    A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wifiOff can lead to os command injection. It is possible to…

  • CVE-2026-5976CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.02

    A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sambaEnabled results in os command injection. It is…

  • CVE-2026-5975CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.02

    A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wanIdx leads to os command injection. The attack may be…

  • CVE-2026-5194CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.00

    Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA…

  • CVE-2026-5187CriApr 9, 2026
    risk 0.57cvss 9.8epss 0.00

    Two potential heap out-of-bounds write locations existed in DecodeObjectId() in wolfcrypt/src/asn.c. First, a bounds check only validates one available slot before writing two OID arc values (out[0] and out[1]), enabling a 2-byte out-of-bounds write when outSz equals 1. Second,…

  • CVE-2026-40089CriApr 9, 2026
    risk 0.57cvss 9.9epss 0.00

    Sonicverse is a Self-hosted Docker Compose stack for live radio streaming. The Sonicverse Radio Audio Streaming Stack dashboard contains a Server-Side Request Forgery (SSRF) vulnerability in its API client (apps/dashboard/lib/api.ts). Installations created using the provided…

  • CVE-2026-40088CriApr 9, 2026
    risk 0.55cvss 9.6epss 0.00

    PraisonAI is a multi-agent teams system. Prior to 4.5.121, the execute_command function and workflow shell execution are exposed to user-controlled input via agent workflows, YAML definitions, and LLM-generated tool calls, allowing attackers to inject arbitrary shell commands…

  • CVE-2026-29145CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.01

    CLIENT_CERT authentication does not fail as expected for some scenarios when soft fail is disabled vulnerability in Apache Tomcat, Apache Tomcat Native. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M7 through 10.1.52, from 9.0.83 through…

  • CVE-2025-13926CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.00

    An attacker could use data obtained by sniffing the network traffic to forge packets in order to make arbitrary requests to Contemporary Controls BASC 20T.

  • CVE-2026-39912CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.01

    V2Board 1.6.1 through 1.7.4 and Xboard through 0.1.9 expose authentication tokens in HTTP response bodies of the loginWithMailLink endpoint when the login_with_mail_link_enable feature is active. Unauthenticated attackers can POST to the loginWithMailLink endpoint with a known…

  • CVE-2026-34987CriApr 9, 2026
    risk 0.57cvss 9.9epss 0.00

    Wasmtime is a runtime for WebAssembly. From 25.0.0 to before 36.0.7, 42.0.2, and 43.0.1, Wasmtime with its Winch (baseline) non-default compiler backend may allow properly constructed guest Wasm to access host memory outside of its linear-memory sandbox. This vulnerability…

  • CVE-2026-31170CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.01

    An issue was discovered in ToToLink A3300R firmware v17.0.0cu.557_B20221024 allowing attackers to execute arbitrary commands via the stun-pass parameter to /cgi-bin/cstecgi.cgi.

  • CVE-2026-28205CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.00

    OpenPLC_V3 is vulnerable to an Initialization of a Resource with an Insecure Default vulnerability which could allow an attacker to gain access to the system by bypassing authentication via an API.

  • CVE-2026-39987CriKEVApr 9, 2026
    risk 0.76cvss 9.8epss 0.96

    marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands.…

  • CVE-2026-39980CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.01

    OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to 6.9.5, the safeEjs.ts file does not properly sanitize EJS templates. Users with the Manage customization capability can run arbitrary JavaScript in the context of the…

  • CVE-2026-39962CriApr 9, 2026
    risk 0.55cvss 9.6epss 0.00

    MISP is an open source threat intelligence and sharing platform. Prior to 2.5.36, improper neutralization of special elements in an LDAP query in ApacheAuthenticate.php allows LDAP injection via an unsanitized username value when ApacheAuthenticate.apacheEnv is configured to use…

  • CVE-2026-39958CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.00

    oma is a package manager for AOSC OS. Prior to 1.25.2, oma-topics is responsible for fetching metadata for testing repositories (topics) named "Topic Manifests" ({mirror}/debs/manifest/topics.json) from remote repository servers, registering them as APT source entries. However,…

  • CVE-2026-30479CriApr 9, 2026
    risk 0.59cvss 9.1epss 0.00

    A Dynamic-link Library Injection vulnerability in OSGeo Project MapServer before v8.0 allows attackers to execute arbitrary code via a crafted executable.

  • CVE-2025-15480CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.00

    In Ubuntu, ubuntu-desktop-provision version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, ubuntu-desktop-provision could include the user's password hash in the attached logs.

  • CVE-2026-5445CriApr 9, 2026
    risk 0.59cvss 9.1epss 0.01

    An out-of-bounds read vulnerability exists in the `DecodeLookupTable` function within `DicomImageDecoder.cpp`. The lookup-table decoding logic used for `PALETTE COLOR` images does not validate pixel indices against the lookup table size. Crafted images containing indices larger…

  • CVE-2026-5443CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.01

    A heap buffer overflow vulnerability exists during the decoding of `PALETTE COLOR` DICOM images. Pixel length validation uses 32-bit multiplication for width and height calculations. If these values overflow, the validation check incorrectly succeeds, allowing the decoder to…

  • CVE-2026-5442CriApr 9, 2026
    risk 0.64cvss 9.8epss 0.01

    A heap buffer overflow vulnerability exists in the DICOM image decoder. Dimension fields are encoded using Value Representation (VR) Unsigned Long (UL), instead of the expected VR Unsigned Short (US), which allows extremely large dimensions to be processed. This causes an…

  • CVE-2025-62718CriApr 9, 2026
    risk 0.57cvss 9.9epss 0.01

    Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.0 and 0.31.0, Axios does not correctly handle hostname normalization when checking NO_PROXY rules. Requests to loopback addresses like localhost. (with a trailing dot) or [::1] (IPv6 literal) skip…

  • CVE-2025-50228CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.00

    Jizhicms v2.5.4 is vulnerable to Server-Side Request Forgery (SSRF) in User Evaluation, Message, and Comment modules.

  • CVE-2025-57735CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.01

    When user logged out, the JWT token the user had authtenticated with was not invalidated, which could lead to reuse of that token in case it was intercepted. In Airflow 3.2 we implemented the mechanism that implements token invalidation at logout. Users who are concerned about…

  • CVE-2026-34184CriApr 9, 2026
    risk 0.59cvss 9.1epss 0.00

    Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically the attacker could run PHP scripts directly on the connected database.This issue…

  • CVE-2026-34179CriApr 9, 2026
    risk 0.52cvss 9.1epss 0.00

    In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint} for restricted TLS certificate users, allowing a remote authenticated attacker…