VYPR

Vigi

by TP-Link

CVEs (3)

  • CVE-2026-0629HigJan 16, 2026
    risk 0.57cvss epss 0.00

    Authentication bypass in the password recovery feature of the local web interface across multiple VIGI camera models allows an attacker on the LAN to reset the admin password without verification by manipulating client-side state. Attackers can gain full administrative access to…

  • CVE-2025-9293HigFeb 13, 2026
    risk 0.53cvss 8.1epss 0.00

    A vulnerability in the certificate validation logic may allow applications to accept untrusted or improperly validated server identities during TLS communication. An attacker in a privileged network position may be able to intercept or modify traffic if they can position…

  • CVE-2025-9292HigFeb 13, 2026
    risk 0.49cvss 7.5epss 0.00

    A permissive web security configuration may allow cross-origin restrictions enforced by modern browsers to be bypassed under specific circumstances. Exploitation requires the presence of an existing client-side injection vulnerability and user access to the affected web…