VYPR

U42 Vulnerability Disclosures

by Paloaltonetworks

Source repositories

CVEs (2)

  • CVE-2026-1723CriJan 30, 2026
    risk 0.60cvss epss 0.01

    Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in TOTOLINK X6000R allows OS Command Injection.This issue affects X6000R: through V9.4.0cu.1498_B20250826.

  • CVE-2026-12425MedJun 16, 2026
    risk 0.37cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PowerSchool Employee Access Center allows Cross-Site Scripting (XSS). This issue affects Employee Access Center: 23.10. It is possible to add in javascript code after…