Export limit exceeded: 347458 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347458 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347458 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-6111 | 2 Deepwisdom, Foundation Agents | 2 Metagpt, Metagpt | 2026-04-30 | 6.3 Medium |
| A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of the file metagpt/utils/common.py. The manipulation of the argument img_url_or_b64 results in server-side request forgery. It is possible to launch the attack remotely. The exploit has been released to the public and may be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-36959 | 2026-04-30 | N/A | ||
| U-SPEED N300 router V1.0.0 does not implement rate limiting or account lockout protections on the /api/login endpoint. This allows an attacker on the local network to perform unlimited authentication attempts, enabling brute-force attacks against the administrator account and potential unauthorized access to the router management interface. | ||||
| CVE-2026-36958 | 2026-04-30 | N/A | ||
| A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the router web interface to become unresponsive and may require manual reboot to restore normal operation. | ||||
| CVE-2026-36957 | 2026-04-30 | N/A | ||
| Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory buffers. This results in a kernel deadlock or system hang that disables the web management portal and all routing capabilities. | ||||
| CVE-2026-36956 | 2026-04-30 | N/A | ||
| A Cross-Site Request Forgery (CSRF) vulnerability exists in the web management interface of the Dbit N300 T1 Pro wireless router V1.0.0. The router fails to implement proper CSRF protection mechanisms such as anti-CSRF tokens or strict Origin/Referer validation for administrative API endpoints. An attacker can craft a malicious webpage that sends forged HTTP requests to configuration endpoints such as /api/setWlan. If an authenticated administrator visits the malicious webpage, the victim's browser automatically includes the valid session cookie in the request, allowing the router to process the request as a legitimate administrative action. | ||||
| CVE-2026-7078 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 8.8 High |
| A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component httpd. The manipulation of the argument page results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-7079 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 8.8 High |
| A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipulation of the argument wanmode causes buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-7080 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 8.8 High |
| A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-7081 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 8.8 High |
| A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now public and may be used. | ||||
| CVE-2026-7082 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 8.8 High |
| A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the argument Go can lead to buffer overflow. The attack can be executed remotely. The exploit has been published and may be used. | ||||
| CVE-2026-7097 | 1 Tenda | 2 F456, F456 Firmware | 2026-04-30 | 8.8 High |
| A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-40972 | 2 Spring, Vmware | 2 Spring Boot, Spring Boot | 2026-04-30 | 7.5 High |
| An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving remote code execution in the remote application. Affected: Spring Boot 4.0.0–4.0.5 (fix 4.0.6), 3.5.0–3.5.13 (fix 3.5.14), 3.4.0–3.4.15 (fix 3.4.16), 3.3.0–3.3.18 (fix 3.3.19), 2.7.0–2.7.32 (fix 2.7.33); DevTools remote secret comparison. Versions that are no longer supported are also affected per vendor advisory. | ||||
| CVE-2026-40973 | 2 Spring, Vmware | 2 Spring Boot, Spring Boot | 2026-04-30 | 7 High |
| A local attacker on the same host as the application may be able to take control of the directory used by `ApplicationTemp`. When `server.servlet.session.persistent` is set to `true` and the attack persists across application restarts, this may allow the attacker to read session information and hijack authenticated users or deploy a gadget chain and execute code as the application's user. Affected: Spring Boot 4.0.0–4.0.5 (fix 4.0.6), 3.5.0–3.5.13 (fix 3.5.14), 3.4.0–3.4.15 (fix 3.4.16), 3.3.0–3.3.18 (fix 3.3.19), 2.7.0–2.7.32 (fix 2.7.33); predictable temp directory / `ApplicationTemp` ownership verification. Versions that are no longer supported are also affected per vendor advisory. | ||||
| CVE-2026-4546 | 2 Flos-freeware, Flos Freeware | 2 Notepad2, Notepad2 | 2026-04-30 | 7 High |
| A weakness has been identified in Flos Freeware Notepad2 4.2.25. This impacts an unknown function in the library TextShaping.dll. Executing a manipulation can lead to uncontrolled search path. The attack is restricted to local execution. The attack requires a high level of complexity. The exploitability is said to be difficult. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4545 | 2 Flos-freeware, Flos Freeware | 2 Notepad2, Notepad2 | 2026-04-30 | 7 High |
| A security flaw has been discovered in Flos Freeware Notepad2 4.2.25. This affects an unknown function in the library PROPSYS.dll. Performing a manipulation results in uncontrolled search path. The attack is only possible with local access. The attack is considered to have high complexity. The exploitability is reported as difficult. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-4775 | 3 Debian, Libtiff, Redhat | 5 Debian Linux, Libtiff, Enterprise Linux and 2 more | 2026-04-30 | 7.8 High |
| A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a denial of service (application crash) or arbitrary code execution. | ||||
| CVE-2026-6011 | 1 Openclaw | 1 Openclaw | 2026-04-30 | 5.6 Medium |
| A weakness has been identified in OpenClaw up to 2026.1.26. Affected by this issue is some unknown functionality of the file src/agents/tools/web-fetch.ts of the component assertPublicHostname Handler. Executing a manipulation can lead to server-side request forgery. The attack can be executed remotely. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been made available to the public and could be used for attacks. Upgrading to version 2026.1.29 can resolve this issue. This patch is called b623557a2ec7e271bda003eb3ac33fbb2e218505. Upgrading the affected component is advised. | ||||
| CVE-2025-15610 | 1 Opentext | 1 Rightfax | 2026-04-30 | N/A |
| The .NET Remoting framework used by OpenText Fax (RightFax) includes known security vulnerabilities that could be exploited if the service is exposed in environments where the remoting ports are accessible. | ||||
| CVE-2026-3861 | 1 Line Corporation | 1 Line Client For Ios | 2026-04-30 | 6.5 Medium |
| LINE client for iOS versions prior to 26.3.0 contains a vulnerability in the in-app browser where opening a crafted web page can repeatedly trigger OS-level dialogs due to insufficient safeguards when handling arbitrary URL schemes, potentially causing the iOS device to become temporarily inoperable. | ||||
| CVE-2026-36837 | 1 Totolink | 1 A3002ru | 2026-04-30 | 7.5 High |
| TOTOLINK A3002RU V3 <= V3.0.0-B20220304.1804 was discovered to contain a stack-based buffer overflow via the hostname parameter in the formMapDelDevice function. | ||||