π¨ CVE-2026-5246
A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. Upgrading to version 7.21 is able to address this issue. This patch is called 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
π@cveNotify
A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mg_tls_verify_cert_signature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature are highly complex. The exploitability is told to be difficult. The exploit has been publicly disclosed and may be utilized. Upgrading to version 7.21 is able to address this issue. This patch is called 0d882f1b43ff2308b7486a56a9d60cd6dba8a3f1. The affected component should be upgraded. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
π@cveNotify
GitHub
GitHub - cesanta/mongoose: Embedded web server, with TCP/IP network stack, MQTT and Websocket
Embedded web server, with TCP/IP network stack, MQTT and Websocket - cesanta/mongoose
π¨ CVE-2025-54236
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
π@cveNotify
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
π@cveNotify
Adobe
Adobe Security Bulletin
Security Updates Available for Adobe Commerce | APSB25-88
π¨ CVE-2026-4538
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through a pull request but has not reacted yet.
π@cveNotify
A vulnerability was identified in PyTorch 2.10.0. The affected element is an unknown function of the component pt2 Loading Handler. The manipulation leads to deserialization. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The project was informed of the problem early through a pull request but has not reacted yet.
π@cveNotify
GitHub
GitHub - pytorch/pytorch: Tensors and Dynamic neural networks in Python with strong GPU acceleration
Tensors and Dynamic neural networks in Python with strong GPU acceleration - pytorch/pytorch
π¨ CVE-2026-4566
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A flaw has been found in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
GitHub
vul_db/Belkin/vul_151/README.md at main Β· Litengzheng/vul_db
command injection. Contribute to Litengzheng/vul_db development by creating an account on GitHub.
π¨ CVE-2026-4962
A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A security flaw has been discovered in UltraVNC up to 1.6.4.0. Affected by this issue is some unknown functionality in the library version.dll of the component Service. The manipulation results in uncontrolled search path. The attack needs to be approached locally. This attack is characterized by high complexity. The exploitation is known to be difficult. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
π¨ CVE-2026-4964
A security vulnerability has been detected in letta-ai letta 0.16.4. This vulnerability affects the function _convert_message_create_to_message of the file letta/helpers/message_helper.py of the component File URL Handler. Such manipulation of the argument ImageContent leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A security vulnerability has been detected in letta-ai letta 0.16.4. This vulnerability affects the function _convert_message_create_to_message of the file letta/helpers/message_helper.py of the component File URL Handler. Such manipulation of the argument ImageContent leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
Gist
SSRF / Arbitrary File Read via `file://` URL in ImageContent (Incomplete Fix for 90f3ab91)
SSRF / Arbitrary File Read via `file://` URL in ImageContent (Incomplete Fix for 90f3ab91) - ISSUE-Github-REPORT-SSRF-FileRead.md
π¨ CVE-2026-4965
A vulnerability was detected in letta-ai letta 0.16.4. This issue affects the function resolve_type of the file letta/functions/ast_parsers.py of the component Incomplete Fix CVE-2025-6101. Performing a manipulation results in improper neutralization of directives in dynamically evaluated code. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
A vulnerability was detected in letta-ai letta 0.16.4. This issue affects the function resolve_type of the file letta/functions/ast_parsers.py of the component Incomplete Fix CVE-2025-6101. Performing a manipulation results in improper neutralization of directives in dynamically evaluated code. The attack can be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
π@cveNotify
Gist
RCE via eval() Injection in Type Annotation Coercion (Incomplete Fix for CVE-2025-6101)
RCE via eval() Injection in Type Annotation Coercion (Incomplete Fix for CVE-2025-6101) - ISSUE-Github-REPORT-EvalInjection-TypeCoercion.md
π¨ CVE-2026-5685
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used.
π@cveNotify
A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used.
π@cveNotify
GitHub
Tenda Router CX12L V16.03.53.12 - Buffer Overflow in `/goform/addressNat` Β· Issue #3 Β· cve-a/lvdan
NAME OF AFFECTED PRODUCT(S) Tenda Router CX12L V16.03.53.12 - Buffer Overflow in /goform/addressNat Vulnerability Details Detail Information Vendor Shenzhen Jixiang Tengda Technology Co., Ltd. Prod...
π¨ CVE-2026-5686
A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
π@cveNotify
A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.
π@cveNotify
GitHub
Tenda Router CX12L V16.03.53.12 - Buffer Overflow in `/goform/RouteStatic` Β· Issue #4 Β· cve-a/lvdan
NAME OF AFFECTED PRODUCT(S) Tenda Router CX12L V16.03.53.12 - Buffer Overflow in /goform/RouteStatic Vulnerability Details Detail Information Vendor Shenzhen Jixiang Tengda Technology Co., Ltd. Pro...
π¨ CVE-2026-5687
A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
π@cveNotify
A weakness has been identified in Tenda CX12L 16.03.53.12. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. This manipulation of the argument page causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks.
π@cveNotify
GitHub
Tenda Router CX12L V16.03.53.12 - Buffer Overflow in `/goform/NatStaticSetting` Β· Issue #5 Β· cve-a/lvdan
NAME OF AFFECTED PRODUCT(S) Tenda Router CX12L V16.03.53.12 - Buffer Overflow in /goform/NatStaticSetting Vulnerability Details Detail Information Vendor Shenzhen Jixiang Tengda Technology Co., Ltd...
π¨ CVE-2026-7033
A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menufacturer/Go leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menufacturer/Go leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
π@cveNotify
GitHub
vuldb_new/F456/vul_123/README.md at main Β· Litengzheng/vuldb_new
CVE. Contribute to Litengzheng/vuldb_new development by creating an account on GitHub.
π¨ CVE-2026-7053
A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
π@cveNotify
A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
π@cveNotify
GitHub
vuldb_new/F456/vul_124/README.md at main Β· Litengzheng/vuldb_new
CVE. Contribute to Litengzheng/vuldb_new development by creating an account on GitHub.
π¨ CVE-2026-7054
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
π@cveNotify
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.
π@cveNotify
GitHub
vuldb_new/F456/vul_125/README.md at main Β· Litengzheng/vuldb_new
CVE. Contribute to Litengzheng/vuldb_new development by creating an account on GitHub.
π¨ CVE-2026-5549
A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.
π@cveNotify
A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Private Key Handler. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.
π@cveNotify
GitHub
tenda-ac10v4-vulnerabilities/findings/CRITICAL-05-exposed-rsa-private-key.md at main Β· somanyerrors/tenda-ac10v4-vulnerabilities
Contribute to somanyerrors/tenda-ac10v4-vulnerabilities development by creating an account on GitHub.
π¨ CVE-2026-5550
A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected.
π@cveNotify
A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The attack may be initiated remotely. Multiple endpoints might be affected.
π@cveNotify
GitHub
tenda-ac10v4-vulnerabilities/findings/HIGH-01-getvalue-229-callers.md at main Β· somanyerrors/tenda-ac10v4-vulnerabilities
Contribute to somanyerrors/tenda-ac10v4-vulnerabilities development by creating an account on GitHub.
π¨ CVE-2018-25259
Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input file with shellcode and jump instructions that overwrite the SEH handler pointer to execute calc.exe or other payloads when imported through the add computers wizard.
π@cveNotify
Terminal Services Manager 3.1 contains a stack-based buffer overflow vulnerability in the computer names field that allows local attackers to execute arbitrary code by triggering structured exception handling. Attackers can craft a malicious input file with shellcode and jump instructions that overwrite the SEH handler pointer to execute calc.exe or other payloads when imported through the add computers wizard.
π@cveNotify
LizardSystems
Terminal Services Manager, Remote Desktop Audit, Remote Process Explorer, Wi-Fi
Scanner, Network Scanner, Find MAC Addressβ¦
Scanner, Network Scanner, Find MAC Addressβ¦
Terminal Services Manager, Remote Desktop Audit, Remote Process Explorer, Wi-Fi Scanner, Network Scanner, Find MAC Address, LanSend, Remote Shutdown, Change MAC Address - network monitoring tools by LizardSystems
π¨ CVE-2018-25260
MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it into the Server field via the CD menu's FreeDB Proxy Options, and trigger code execution when settings are accepted.
π@cveNotify
MAGIX Music Editor 3.1 contains a buffer overflow vulnerability in the FreeDB Proxy Options dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling. Attackers can craft a malicious payload, paste it into the Server field via the CD menu's FreeDB Proxy Options, and trigger code execution when settings are accepted.
π@cveNotify
Exploit Database
MAGIX Music Editor 3.1 - Buffer Overflow (SEH)
MAGIX Music Editor 3.1 - Buffer Overflow (SEH).. local exploit for Windows_x86 platform
π¨ CVE-2018-25261
Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the external file location field that triggers a buffer overflow when the backup job executes, enabling code execution with application privileges.
π@cveNotify
Iperius Backup 5.8.1 contains a local buffer overflow vulnerability in the structured exception handling (SEH) mechanism that allows local attackers to execute arbitrary code by supplying a malicious file path. Attackers can create a backup job with a crafted payload in the external file location field that triggers a buffer overflow when the backup job executes, enabling code execution with application privileges.
π@cveNotify
Exploit Database
Iperius Backup 5.8.1 - Buffer Overflow (SEH)
Iperius Backup 5.8.1 - Buffer Overflow (SEH).. local exploit for Windows_x86 platform
π¨ CVE-2018-25267
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite values and paste it into the Output FileName field to trigger a denial of service crash.
π@cveNotify
UltraISO 9.7.1.3519 contains a local buffer overflow vulnerability in the Output FileName field of the Make CD/DVD Image dialog that allows attackers to overwrite SEH and SE handler records. Attackers can craft a malicious filename string with 304 bytes of data followed by SEH record overwrite values and paste it into the Output FileName field to trigger a denial of service crash.
π@cveNotify
Exploit Database
UltraISO 9.7.1.3519 - 'Output FileName' Denial of Service (PoC)
UltraISO 9.7.1.3519 - 'Output FileName' Denial of Service (PoC).. dos exploit for Windows platform
π¨ CVE-2026-7445
A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
GitHub
Path Traversal and Arbitrary Local File Read Vulnerability in ZMCPTools Β· Issue #23 Β· BruceJqs/public_exp
Path Traversal and Arbitrary Local File Read Vulnerability in ZMCPTools 1) CNA / Submission Type Submission type: Report a vulnerability (CVE ID request) Reporter role: Independent security researc...
π¨ CVE-2026-7446
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/export_results/compare_results/scan_directory/create_rule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command injection. The attack can be executed remotely. The exploit is now public and may be used. Upgrading to version 1.0.1 is able to mitigate this issue. The patch is identified as 141335da044e53c3f5b315e0386e01238405b771. It is advisable to upgrade the affected component.
π@cveNotify
A vulnerability was detected in VetCoders mcp-server-semgrep 1.0.0. This affects the function analyze_results/filter_results/export_results/compare_results/scan_directory/create_rule of the file src/index.ts of the component MCP Interface. The manipulation of the argument ID results in os command injection. The attack can be executed remotely. The exploit is now public and may be used. Upgrading to version 1.0.1 is able to mitigate this issue. The patch is identified as 141335da044e53c3f5b315e0386e01238405b771. It is advisable to upgrade the affected component.
π@cveNotify
GitHub
GitHub - VetCoders/mcp-server-semgrep: MCP Server Semgrep is a [Model Context Protocol](https://modelcontextprotocol.io) compliantβ¦
MCP Server Semgrep is a [Model Context Protocol](https://modelcontextprotocol.io) compliant server that integrates the powerful Semgrep static analysis tool with AI assistants like Anthropic Claude...