CVE-2018-14634 The Linux Foundation kernel Date de parution : 2018-09-25T21:29:00.390 Date de modification : 2026-01-27T02:00:01.893 Disponibilité Integrité Confidentialité Editeur : The Linux Foundation Produit : kernel Version : 2.6.x, 3.10.x, 4.14.x Probleme : CWE-190 Description : An integer overflow flaw was found in the Linux kernel's create_elf_tables() function. An unprivileged local user with access to SUID (or otherwise privileged) binary could use this flaw to escalate their privileges on the system. Kernel versions 2.6.x, 3.10.x and 4.14.x are believed to be vulnerable. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : http://www.openwall.com/lists/oss-security/2021/07/20/2 http://www.securityfocus.com/bid/105407 https://access.redhat.com/errata/RHSA-2018:2748 https://access.redhat.com/errata/RHSA-2018:2763 https://access.redhat.com/errata/RHSA-2018:2846 https://access.redhat.com/errata/RHSA-2018:2924 https://access.redhat.com/errata/RHSA-2018:2925 https://access.redhat.com/errata/RHSA-2018:2933 https://access.redhat.com/errata/RHSA-2018:3540 https://access.redhat.com/errata/RHSA-2018:3586 https://access.redhat.com/errata/RHSA-2018:3590 https://access.redhat.com/errata/RHSA-2018:3591 https://access.redhat.com/errata/RHSA-2018:3643 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634 https://security.netapp.com/advisory/ntap-20190204-0002/ https://security.paloaltonetworks.com/CVE-2018-14634 https://support.f5.com/csp/article/K20934447?utm_source=f5support&%3Butm_medium=RSS https://usn.ubuntu.com/3775-1/ https://usn.ubuntu.com/3775-2/ https://usn.ubuntu.com/3779-1/ https://www.exploit-db.com/exploits/45516/ https://www.openwall.com/lists/oss-security/2018/09/25/4 http://www.openwall.com/lists/oss-security/2021/07/20/2 http://www.securityfocus.com/bid/105407 https://access.redhat.com/errata/RHSA-2018:2748 https://access.redhat.com/errata/RHSA-2018:2763 https://access.redhat.com/errata/RHSA-2018:2846 https://access.redhat.com/errata/RHSA-2018:2924 https://access.redhat.com/errata/RHSA-2018:2925 https://access.redhat.com/errata/RHSA-2018:2933 https://access.redhat.com/errata/RHSA-2018:3540 https://access.redhat.com/errata/RHSA-2018:3586 https://access.redhat.com/errata/RHSA-2018:3590 https://access.redhat.com/errata/RHSA-2018:3591 https://access.redhat.com/errata/RHSA-2018:3643 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-14634 https://security.netapp.com/advisory/ntap-20190204-0002/ https://security.paloaltonetworks.com/CVE-2018-14634 https://support.f5.com/csp/article/K20934447?utm_source=f5support&%3Butm_medium=RSS https://usn.ubuntu.com/3775-1/ https://usn.ubuntu.com/3775-2/ https://usn.ubuntu.com/3779-1/ https://www.exploit-db.com/exploits/45516/ https://www.openwall.com/lists/oss-security/2018/09/25/4 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-14634 En savoir plus
CVE-2025-23419 F5 NGINX Open Source MEDIUM 4.3 Date de parution : 2025-02-05T18:15:33.347 Date de modification : 2026-01-27T13:30:41.190 Disponibilité Integrité Confidentialité NONE NONE LOW Editeur : F5 Produit : NGINX Open Source Version : 1.11.4 Probleme : CWE-863 Incorrect Authorization Description : When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_ticket_key are used and/or the SSL session cache https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_session_cache are used in the default server and the default server is performing client certificate authentication. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. ExploitabilityScore : 2.8 impactScore : 1.4 attackVector : NETWORK attackComplexity : LOW privilegesRequired : LOW userInteraction : NONE scope : UNCHANGED references : https://my.f5.com/manage/s/article/K000149173 http://www.openwall.com/lists/oss-security/2025/02/05/8 https://lists.debian.org/debian-lts-announce/2025/03/msg00017.html En savoir plus
CVE-2025-54236 Adobe Adobe Commerce CRITICAL 9.1 Date de parution : 2025-09-09T14:15:46.563 Date de modification : 2026-01-27T02:00:01.893 Disponibilité Integrité Confidentialité NONE HIGH HIGH Editeur : Adobe Produit : Adobe Commerce Version : 0 Probleme : Improper Input Validation (CWE-20) Description : Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction. ExploitabilityScore : 3.9 impactScore : 5.2 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://helpx.adobe.com/security/products/magento/apsb25-88.html https://experienceleague.adobe.com/en/docs/experience-cloud-kcs/kbarticles/ka-27397 https://nullsecurityx.codes/cve-2025-54236-sessionreaper-unauthenticated-rce-in-magento https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-54236 En savoir plus
CVE-2025-54755 F5 BIG-IP MEDIUM 4.9 Date de parution : 2025-10-15T14:15:49.573 Date de modification : 2026-01-27T13:30:32.340 Disponibilité Integrité Confidentialité NONE NONE HIGH Editeur : F5 Produit : BIG-IP Version : 17.5.0 Probleme : CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Description : A directory traversal vulnerability exists in TMUI that allows a highly privileged authenticated attacker to access files which are not limited to the intended files. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. ExploitabilityScore : 1.2 impactScore : 3.6 attackVector : NETWORK attackComplexity : LOW privilegesRequired : HIGH userInteraction : NONE scope : UNCHANGED references : https://my.f5.com/manage/s/article/K000156801 En savoir plus
CVE-2025-58153 F5 BIG-IP MEDIUM 5.9 Date de parution : 2025-10-15T14:15:52.687 Date de modification : 2026-01-27T13:30:37.000 Disponibilité Integrité Confidentialité HIGH NONE NONE Editeur : F5 Produit : BIG-IP Version : 17.5.0 Probleme : CWE-667 Improper Locking Description : Under undisclosed traffic conditions along with conditions beyond the attacker's control, hardware systems with a High-Speed Bridge (HSB) may experience a lockup of the HSB. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated. ExploitabilityScore : 2.2 impactScore : 3.6 attackVector : NETWORK attackComplexity : HIGH privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://my.f5.com/manage/s/article/K000151658 En savoir plus
CVE-2025-13601 HIGH 7.7 Date de parution : 2025-11-26T15:15:51.723 Date de modification : 2026-01-27T10:15:48.420 Disponibilité Integrité Confidentialité HIGH HIGH NONE Editeur : Produit : Version : 0 Probleme : Integer Overflow or Wraparound Description : A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string. ExploitabilityScore : 2.5 impactScore : 5.2 attackVector : LOCAL attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://access.redhat.com/errata/RHSA-2026:0936 https://access.redhat.com/errata/RHSA-2026:0975 https://access.redhat.com/errata/RHSA-2026:0991 https://access.redhat.com/errata/RHSA-2026:1323 https://access.redhat.com/errata/RHSA-2026:1324 https://access.redhat.com/errata/RHSA-2026:1326 https://access.redhat.com/errata/RHSA-2026:1327 https://access.redhat.com/security/cve/CVE-2025-13601 https://bugzilla.redhat.com/show_bug.cgi?id=2416741 https://gitlab.gnome.org/GNOME/glib/-/issues/3827 https://gitlab.gnome.org/GNOME/glib/-/merge_requests/4914 En savoir plus
CVE-2025-52691 SmarterTools SmarterMail CRITICAL 10 Date de parution : 2025-12-29T03:15:42.837 Date de modification : 2026-01-27T02:00:01.893 Disponibilité Integrité Confidentialité HIGH HIGH HIGH Editeur : SmarterTools Produit : SmarterMail Version : SmarterMail versions Build 9406 and earlier Probleme : Description : Successful exploitation of the vulnerability could allow an unauthenticated attacker to upload arbitrary files to any location on the mail server, potentially enabling remote code execution. ExploitabilityScore : 3.9 impactScore : 6 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : CHANGED references : https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-124/ https://github.com/watchtowrlabs/watchTowr-vs-SmarterMail-CVE-2025-52691?ref=labs.watchtowr.com https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-52691 En savoir plus
CVE-2026-0695 ConnectWise PSA HIGH 8.7 Date de parution : 2026-01-16T14:15:54.793 Date de modification : 2026-01-27T13:15:54.260 Disponibilité Integrité Confidentialité NONE HIGH HIGH Editeur : ConnectWise Produit : PSA Version : All versions prior to 2026.1 Probleme : CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') Description : In ConnectWise PSA versions older than 2026.1, Time Entry notes stored in the Time Entry Audit Trail may be rendered without applying output encoding to certain content. Under specific conditions, this may allow stored script code to execute in the context of a user’s browser when the affected content is displayed. ExploitabilityScore : 2.3 impactScore : 5.8 attackVector : NETWORK attackComplexity : LOW privilegesRequired : LOW userInteraction : REQUIRED scope : CHANGED references : https://www.connectwise.com/company/trust/security-bulletins/2026-01-15-psa-security-fix https://www.themissinglink.com.au/security-advisories/cve-2026-0695 En savoir plus
CVE-2026-0696 ConnectWise PSA MEDIUM 6.5 Date de parution : 2026-01-16T14:15:54.940 Date de modification : 2026-01-27T13:15:54.403 Disponibilité Integrité Confidentialité NONE NONE HIGH Editeur : ConnectWise Produit : PSA Version : All versions prior to 2026.1 Probleme : CWE-1004 Sensitive Cookie Without 'HttpOnly' Flag Description : In ConnectWise PSA versions older than 2026.1, certain session cookies were not set with the HttpOnly attribute. In some scenarios, this could allow client-side scripts access to session cookie values. ExploitabilityScore : 2.8 impactScore : 3.6 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : REQUIRED scope : UNCHANGED references : https://www.connectwise.com/company/trust/security-bulletins/2026-01-15-psa-security-fix https://www.themissinglink.com.au/security-advisories/cve-2026-0696 En savoir plus
CVE-2026-24061 GNU Inetutils CRITICAL 9.8 Date de parution : 2026-01-21T07:16:01.597 Date de modification : 2026-01-27T02:00:01.893 Disponibilité Integrité Confidentialité HIGH HIGH HIGH Editeur : GNU Produit : Inetutils Version : 1.9.3 Probleme : CWE-88 Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') Description : telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable. ExploitabilityScore : 3.9 impactScore : 5.9 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://www.gnu.org/software/inetutils/ https://www.openwall.com/lists/oss-security/2026/01/20/2 https://www.openwall.com/lists/oss-security/2026/01/20/8 http://www.openwall.com/lists/oss-security/2026/01/22/1 https://lists.debian.org/debian-lts-announce/2026/01/msg00025.html https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-24061 https://www.labs.greynoise.io/grimoire/2026-01-22-f-around-and-find-out-18-hours-of-unsolicited-houseguests/index.html https://www.openwall.com/lists/oss-security/2026/01/20/2#:~:text=root@...a%3A~%20USER=' En savoir plus
CVE-2026-23760 SmarterTools SmarterMail Date de parution : 2026-01-22T15:16:55.120 Date de modification : 2026-01-27T02:00:01.893 Disponibilité Integrité Confidentialité Editeur : SmarterTools Produit : SmarterMail Version : 0 Probleme : CWE-288 Authentication Bypass Using an Alternate Path or Channel Description : SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An unauthenticated attacker can supply a target administrator username and a new password to reset the account, resulting in full administrative compromise of the SmarterMail instance. NOTE: SmarterMail system administrator privileges grant the ability to execute operating system commands via built-in management functionality, effectively providing administrative (SYSTEM or root) access on the underlying host. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://code-white.com/public-vulnerability-list/#authenticationserviceforceresetpassword-missing-authentication-in-smartermail https://labs.watchtowr.com/attackers-with-decompilers-strike-again-smartertools-smartermail-wt-2026-0001-auth-bypass/ https://www.smartertools.com/smartermail/release-notes/current https://www.vulncheck.com/advisories/smartertools-smartermail-authentication-bypass-via-password-reset-api https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-23760 https://www.huntress.com/blog/smartermail-account-takeover-leading-to-rce En savoir plus
CVE-2025-59109 dormakaba dormakaba registration unit 9002 Date de parution : 2026-01-26T10:16:08.890 Date de modification : 2026-01-27T07:16:06.670 Disponibilité Integrité Confidentialité Editeur : dormakaba Produit : dormakaba registration unit 9002 Version : Probleme : CWE-1295: Debug Messages Revealing Unnecessary Information Description : The dormakaba registration units 9002 (PIN Pad Units) have an exposed UART header on the backside. The PIN pad is sending every button press to the UART interface. An attacker can use the interface to exfiltrate PINs. As the devices are explicitly built as Plug-and-Play to be easily replaced, an attacker is easily able to remove the device, install a hardware implant which connects to the UART and exfiltrates the data exposed via UART to another system (e.g. via WiFi). ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://r.sec-consult.com/dkaccess https://r.sec-consult.com/dormakaba https://www.dormakabagroup.com/en/security-advisories http://seclists.org/fulldisclosure/2026/Jan/24 En savoir plus
CVE-2026-21509 Microsoft Microsoft Office 2019 HIGH 7.8 Date de parution : 2026-01-26T18:16:38.540 Date de modification : 2026-01-27T13:19:55.513 Disponibilité Integrité Confidentialité HIGH HIGH HIGH Editeur : Microsoft Produit : Microsoft Office 2019 Version : 19.0.0 Probleme : CWE-807: Reliance on Untrusted Inputs in a Security Decision Description : Reliance on untrusted inputs in a security decision in Microsoft Office allows an unauthorized attacker to bypass a security feature locally. ExploitabilityScore : 1.8 impactScore : 5.9 attackVector : LOCAL attackComplexity : LOW privilegesRequired : NONE userInteraction : REQUIRED scope : UNCHANGED references : https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-21509 https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-21509 En savoir plus
CVE-2025-14756 TP-Link Systems Inc. Archer MR600 v5.0 Date de parution : 2026-01-26T19:16:08.573 Date de modification : 2026-01-27T02:16:01.463 Disponibilité Integrité Confidentialité Editeur : TP-Link Systems Inc. Produit : Archer MR600 v5.0 Version : 0 Probleme : CWE-77 Improper Neutralization of Special Elements used in a Command ('Command Injection') Description : Command injection vulnerability was found in the admin interface component of TP-Link Archer MR600 v5 firmware, allowing authenticated attackers to execute system commands with a limited character length via crafted input in the browser developer console, possibly leading to service disruption or full compromise. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://jvn.jp/en/vu/JVNVU94651499/ https://jvn.jp/vu/JVNVU94651499/ https://www.tp-link.com/en/support/download/archer-mr600/#Firmware https://www.tp-link.com/jp/support/download/archer-mr600/#Firmware https://www.tp-link.com/us/support/faq/4916/ En savoir plus
CVE-2026-1448 D-Link DIR-615 HIGH 7.2 Date de parution : 2026-01-27T00:15:50.573 Date de modification : 2026-01-27T00:15:50.573 Disponibilité Integrité Confidentialité HIGH HIGH HIGH Editeur : D-Link Produit : DIR-615 Version : 4.0 Probleme : OS Command Injection Description : A vulnerability was detected in D-Link DIR-615 up to 4.10. This impacts an unknown function of the file /wiz_policy_3_machine.php of the component Web Management Interface. Performing a manipulation of the argument ipaddr results in os command injection. It is possible to initiate the attack remotely. The exploit is now public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. ExploitabilityScore : 1.2 impactScore : 5.9 attackVector : NETWORK attackComplexity : LOW privilegesRequired : HIGH userInteraction : NONE scope : UNCHANGED references : https://pentagonal-time-3a7.notion.site/DIR-615-v4-10-2e7e5dd4c5a580a5aac5c8ce35933396?pvs=73 https://vuldb.com/?ctiid.342880 https://vuldb.com/?id.342880 https://vuldb.com/?submit.737006 https://www.dlink.com/ En savoir plus
CVE-2026-1449 Hisense TransTech Smart Bus Management System HIGH 7.3 Date de parution : 2026-01-27T00:15:50.790 Date de modification : 2026-01-27T00:15:50.790 Disponibilité Integrité Confidentialité LOW LOW LOW Editeur : Hisense TransTech Produit : Smart Bus Management System Version : 20260113 Probleme : SQL Injection Description : A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function Page_Load of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way. ExploitabilityScore : 3.9 impactScore : 3.4 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://github.com/master-abc/cve/issues/15 https://vuldb.com/?ctiid.342881 https://vuldb.com/?id.342881 https://vuldb.com/?submit.737032 En savoir plus
CVE-2026-24477 Mintplex-Labs anything-llm Date de parution : 2026-01-27T00:15:51.150 Date de modification : 2026-01-27T00:15:51.150 Disponibilité Integrité Confidentialité Editeur : Mintplex-Labs Produit : anything-llm Version : < 1.10.0 Probleme : CWE-201: Insertion of Sensitive Information Into Sent Data Description : AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. If AnythingLLM prior to version 1.10.0 is configured to use Qdrant as the vector database with an API key, this QdrantApiKey could be exposed in plain text to unauthenticated users via the `/api/setup-complete` endpoint. Leakage of QdrantApiKey allows an unauthenticated attacker full read/write access to the Qdrant vector database instance used by AnythingLLM. Since Qdrant often stores the core knowledge base for RAG in AnythingLLM, this can lead to complete compromise of the semantic search / retrieval functionality and indirect leakage of confidential uploaded documents. Version 1.10.0 patches the issue. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-gm94-qc2p-xcwf En savoir plus
CVE-2026-24478 Mintplex-Labs anything-llm HIGH 7.2 Date de parution : 2026-01-27T00:15:51.297 Date de modification : 2026-01-27T00:15:51.297 Disponibilité Integrité Confidentialité HIGH HIGH HIGH Editeur : Mintplex-Labs Produit : anything-llm Version : < 1.10.0 Probleme : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Description : AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. Prior to version 1.10.0, a critical Path Traversal vulnerability in the DrupalWiki integration allows a malicious admin (or an attacker who can convince an admin to configure a malicious DrupalWiki URL) to write arbitrary files to the server. This can lead to Remote Code Execution (RCE) by overwriting configuration files or writing executable scripts. Version 1.10.0 fixes the issue. ExploitabilityScore : 1.2 impactScore : 5.9 attackVector : NETWORK attackComplexity : LOW privilegesRequired : HIGH userInteraction : NONE scope : UNCHANGED references : https://github.com/Mintplex-Labs/anything-llm/security/advisories/GHSA-jp2f-99h9-7vjv En savoir plus
CVE-2026-23683 SAP_SE SAP Fiori App (Intercompany Balance Reconciliation) MEDIUM 4.3 Date de parution : 2026-01-27T01:16:01.813 Date de modification : 2026-01-27T01:16:01.813 Disponibilité Integrité Confidentialité NONE NONE LOW Editeur : SAP_SE Produit : SAP Fiori App (Intercompany Balance Reconciliation) Version : S4CORE 102 Probleme : CWE-862: Missing Authorization Description : SAP Fiori App Intercompany Balance Reconciliation does not perform necessary authorization checks for an authenticated user, resulting in escalation of privileges. This has low impact on confidentiality, integrity and availability are not impacted. ExploitabilityScore : 2.8 impactScore : 1.4 attackVector : NETWORK attackComplexity : LOW privilegesRequired : LOW userInteraction : NONE scope : UNCHANGED references : https://me.sap.com/notes/3122486 https://url.sap/sapsecuritypatchday En savoir plus
CVE-2026-24479 zhblue hustoj Date de parution : 2026-01-27T01:16:02.017 Date de modification : 2026-01-27T01:16:02.017 Disponibilité Integrité Confidentialité Editeur : zhblue Produit : hustoj Version : < 26.01.24 Probleme : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Description : HUSTOF is an open source online judge based on PHP/C++/MySQL/Linux for ACM/ICPC and NOIP training. Prior to version 26.01.24, the problem_import_qduoj.php and problem_import_hoj.php modules fail to properly sanitize filenames within uploaded ZIP archives. Attackers can craft a malicious ZIP file containing files with path traversal sequences (e.g., ../../shell.php). When extracted by the server, this allows writing files to arbitrary locations in the web root, leading to Remote Code Execution (RCE). Version 26.01.24 contains a fix for the issue. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/zhblue/hustoj/commit/902bd09e6d0011fe89cd84d4236899314b33101f https://github.com/zhblue/hustoj/security/advisories/GHSA-xmgg-2rw4-7fxj En savoir plus
CVE-2026-24480 qgis QGIS Date de parution : 2026-01-27T01:16:02.160 Date de modification : 2026-01-27T01:16:02.160 Disponibilité Integrité Confidentialité Editeur : qgis Produit : QGIS Version : < 76a693cd91650f9b4e83edac525e5e4f90d954e9 Probleme : CWE-863: Incorrect Authorization Description : QGIS is a free, open source, cross platform geographical information system (GIS) The repository contains a GitHub Actions workflow called "pre-commit checks" that, before commit 76a693cd91650f9b4e83edac525e5e4f90d954e9, was vulnerable to remote code execution and repository compromise because it used the `pull_request_target` trigger and then checked out and executed untrusted pull request code in a privileged context. Workflows triggered by `pull_request_target` ran with the base repository's credentials and access to secrets. If these workflows then checked out and executed code from the head of an external pull request (which could have been attacker controlled), the attacker could have executed arbitrary commands with elevated privileges. This insecure pattern has been documented as a security risk by GitHub and security researchers. Commit 76a693cd91650f9b4e83edac525e5e4f90d954e9 removed the vulnerable code. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/qgis/QGIS/commit/76a693cd91650f9b4e83edac525e5e4f90d954e9 https://github.com/qgis/QGIS/security/advisories/GHSA-7h99-4f97-h6rw En savoir plus
CVE-2026-24486 Kludex python-multipart HIGH 8.6 Date de parution : 2026-01-27T01:16:02.303 Date de modification : 2026-01-27T01:16:02.303 Disponibilité Integrité Confidentialité LOW HIGH LOW Editeur : Kludex Produit : python-multipart Version : < 0.0.22 Probleme : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Description : Python-Multipart is a streaming multipart parser for Python. Prior to version 0.0.22, a Path Traversal vulnerability exists when using non-default configuration options `UPLOAD_DIR` and `UPLOAD_KEEP_FILENAME=True`. An attacker can write uploaded files to arbitrary locations on the filesystem by crafting a malicious filename. Users should upgrade to version 0.0.22 to receive a patch or, as a workaround, avoid using `UPLOAD_KEEP_FILENAME=True` in project configurations. ExploitabilityScore : 3.9 impactScore : 4.7 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://github.com/Kludex/python-multipart/commit/9433f4bbc9652bdde82bbe380984e32f8cfc89c4 https://github.com/Kludex/python-multipart/releases/tag/0.0.22 https://github.com/Kludex/python-multipart/security/advisories/GHSA-wp53-j4wj-2cfg En savoir plus
CVE-2026-24489 HappyHackingSpace gakido MEDIUM 5.3 Date de parution : 2026-01-27T01:16:02.453 Date de modification : 2026-01-27T01:16:02.453 Disponibilité Integrité Confidentialité NONE LOW NONE Editeur : HappyHackingSpace Produit : gakido Version : < 0.1.1 Probleme : CWE-93: Improper Neutralization of CRLF Sequences ('CRLF Injection') Description : Gakido is a Python HTTP client focused on browser impersonation and anti-bot evasion. A vulnerability was discovered in Gakido prior to version 0.1.1 that allowed HTTP header injection through CRLF (Carriage Return Line Feed) sequences in user-supplied header values and names. When making HTTP requests with user-controlled header values containing `\r\n` (CRLF), `\n` (LF), or `\x00` (null byte) characters, an attacker could inject arbitrary HTTP headers into the request. The fix in version 0.1.1 adds a `_sanitize_header()` function that strips `\r`, `\n`, and `\x00` characters from both header names and values before they are included in HTTP requests. ExploitabilityScore : 3.9 impactScore : 1.4 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://github.com/HappyHackingSpace/gakido/commit/369c67e67c63da510c8a9ab021e54a92ccf1f788 https://github.com/HappyHackingSpace/gakido/releases/tag/v0.1.1-1bc6019 https://github.com/HappyHackingSpace/gakido/security/advisories/GHSA-gcgx-chcp-hxp9 En savoir plus
CVE-2026-24490 MobSF Mobile-Security-Framework-MobSF HIGH 8.1 Date de parution : 2026-01-27T01:16:02.610 Date de modification : 2026-01-27T01:16:02.610 Disponibilité Integrité Confidentialité NONE HIGH HIGH Editeur : MobSF Produit : Mobile-Security-Framework-MobSF Version : < 4.4.5 Probleme : CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Description : MobSF is a mobile application security testing tool used. Prior to version 4.4.5, a Stored Cross-site Scripting (XSS) vulnerability in MobSF's Android manifest analysis allows an attacker to execute arbitrary JavaScript in the context of a victim's browser session by uploading a malicious APK. The `android:host` attribute from `` elements is rendered in HTML reports without sanitization, enabling session hijacking and account takeover. Version 4.4.5 fixes the issue. ExploitabilityScore : 1.7 impactScore : 5.8 attackVector : NETWORK attackComplexity : LOW privilegesRequired : HIGH userInteraction : REQUIRED scope : CHANGED references : https://github.com/MobSF/Mobile-Security-Framework-MobSF/commit/2b08dd050e7685ee2a14fdbb454affab94129eae https://github.com/MobSF/Mobile-Security-Framework-MobSF/releases/tag/v4.4.5 https://github.com/MobSF/Mobile-Security-Framework-MobSF/security/advisories/GHSA-8hf7-h89p-3pqj En savoir plus
CVE-2026-24686 theupdateframework go-tuf MEDIUM 4.7 Date de parution : 2026-01-27T01:16:02.790 Date de modification : 2026-01-27T01:16:02.790 Disponibilité Integrité Confidentialité NONE HIGH NONE Editeur : theupdateframework Produit : go-tuf Version : >= 2.0.0, < 2.4.1 Probleme : CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Description : go-tuf is a Go implementation of The Update Framework (TUF). go-tuf's TAP 4 Multirepo Client uses the map file repository name string (`repoName`) as a filesystem path component when selecting the local metadata cache directory. Starting in version 2.0.0 and prior to version 2.4.1, if an application accepts a map file from an untrusted source, an attacker can supply a `repoName` containing traversal (e.g., `../escaped-repo`) and cause go-tuf to create directories and write the root metadata file outside the intended `LocalMetadataDir` cache base, within the running process's filesystem permissions. Version 2.4.1 contains a patch. ExploitabilityScore : 1 impactScore : 3.6 attackVector : LOCAL attackComplexity : HIGH privilegesRequired : LOW userInteraction : NONE scope : UNCHANGED references : https://github.com/theupdateframework/go-tuf/commit/d361e2ea24e427581343dee5c7a32b485d79fcc0 https://github.com/theupdateframework/go-tuf/security/advisories/GHSA-jqc5-w2xx-5vq4 En savoir plus
CVE-2026-1361 Delta Electronics ASDA-Soft HIGH 7.8 Date de parution : 2026-01-27T04:16:03.580 Date de modification : 2026-01-27T04:16:03.580 Disponibilité Integrité Confidentialité HIGH HIGH HIGH Editeur : Delta Electronics Produit : ASDA-Soft Version : 0 Probleme : CWE-121 Stack-based Buffer Overflow Description : ASDA-Soft Stack-based Buffer Overflow Vulnerability ExploitabilityScore : 1.8 impactScore : 5.9 attackVector : LOCAL attackComplexity : LOW privilegesRequired : NONE userInteraction : REQUIRED scope : UNCHANGED references : https://filecenter.deltaww.com/news/download/doc/Delta-PCSA-2026-00003_ASDA-Soft%20Stack-based%20Buffer%20Overflow%20Vulnerability%20(CVE-2026-1361).pdf En savoir plus
CVE-2026-21408 FUJIFILM Business Innovation Corp. beat-access for Windows Date de parution : 2026-01-27T06:15:59.583 Date de modification : 2026-01-27T06:15:59.583 Disponibilité Integrité Confidentialité Editeur : FUJIFILM Business Innovation Corp. Produit : beat-access for Windows Version : version 3.0.3 and prior Probleme : Uncontrolled Search Path Element Description : beat-access for Windows version 3.0.3 and prior contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with SYSTEM privileges. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://jvn.jp/en/jp/JVN03776126/ https://www.fujifilm.com/fbglobal/eng/company/news/notice/2026/0127_announce.html En savoir plus
CVE-2025-14971 linknacional Link Invoice Payment for WooCommerce MEDIUM 5.3 Date de parution : 2026-01-27T07:16:05.880 Date de modification : 2026-01-27T07:16:05.880 Disponibilité Integrité Confidentialité NONE LOW NONE Editeur : linknacional Produit : Link Invoice Payment for WooCommerce Version : * Probleme : CWE-862 Missing Authorization Description : The Link Invoice Payment for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the createPartialPayment and cancelPartialPayment functions in all versions up to, and including, 2.8.0. This makes it possible for unauthenticated attackers to create partial payments on any order or cancel any existing partial payment via ID enumeration. ExploitabilityScore : 3.9 impactScore : 1.4 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://plugins.trac.wordpress.org/browser/invoice-payment-for-woocommerce/tags/2.8.0/Includes/WcPaymentInvoiceEndpoint.php#L179 https://plugins.trac.wordpress.org/browser/invoice-payment-for-woocommerce/tags/2.8.0/Includes/WcPaymentInvoiceEndpoint.php#L19 https://www.wordfence.com/threat-intel/vulnerabilities/id/96a8fc8b-6f0a-486c-89d1-7211b4ca31bd?source=cve En savoir plus
CVE-2026-1464 MuntashirAkon AppManager Date de parution : 2026-01-27T09:15:48.080 Date de modification : 2026-01-27T09:15:48.080 Disponibilité Integrité Confidentialité Editeur : MuntashirAkon Produit : AppManager Version : 0 Probleme : CWE-190 Integer Overflow or Wraparound Description : Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager (app/src/main/java/org/apache/commons/compress/archivers/tar modules). This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/MuntashirAkon/AppManager/pull/1598 En savoir plus
CVE-2026-1465 anyrtcIO-Community anyRTC-RTMP-OpenSource Date de parution : 2026-01-27T09:15:48.330 Date de modification : 2026-01-27T09:15:48.330 Disponibilité Integrité Confidentialité Editeur : anyrtcIO-Community Produit : anyRTC-RTMP-OpenSource Version : 0 Probleme : CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Description : Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in anyrtcIO-Community anyRTC-RTMP-OpenSource (third_party/faad2-2.7/libfaad modules). This vulnerability is associated with program files bits.C, syntax.C. This issue affects anyRTC-RTMP-OpenSource: before 1.0. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/anyrtcIO-Community/anyRTC-RTMP-OpenSource/pull/166 En savoir plus
CVE-2026-21720 Grafana grafana/grafana-enterprise HIGH 7.5 Date de parution : 2026-01-27T09:15:48.490 Date de modification : 2026-01-27T09:15:48.490 Disponibilité Integrité Confidentialité HIGH NONE NONE Editeur : Grafana Produit : grafana/grafana-enterprise Version : 3.0.0 Probleme : Description : Every uncached /avatar/:hash request spawns a goroutine that refreshes the Gravatar image. If the refresh sits in the 10-slot worker queue longer than three seconds, the handler times out and stops listening for the result, so that goroutine blocks forever trying to send on an unbuffered channel. Sustained traffic with random hashes keeps tripping this timeout, so goroutine count grows linearly, eventually exhausting memory and causing Grafana to crash on some systems. ExploitabilityScore : 3.9 impactScore : 3.6 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://grafana.com/security/security-advisories/CVE-2026-21720 En savoir plus
CVE-2026-21721 Grafana grafana/grafana HIGH 8.1 Date de parution : 2026-01-27T09:15:48.640 Date de modification : 2026-01-27T09:15:48.640 Disponibilité Integrité Confidentialité NONE HIGH HIGH Editeur : Grafana Produit : grafana/grafana Version : 12.3.0 Probleme : Description : The dashboard permissions API does not verify the target dashboard scope and only checks the dashboards.permissions:* action. As a result, a user who has permission management rights on one dashboard can read and modify permissions on other dashboards. This is an organization‑internal privilege escalation. ExploitabilityScore : 2.8 impactScore : 5.2 attackVector : NETWORK attackComplexity : LOW privilegesRequired : LOW userInteraction : NONE scope : UNCHANGED references : https://grafana.com/security/security-advisories/CVE-2026-21721 En savoir plus
CVE-2026-24344 EZCast EZCast Pro II Date de parution : 2026-01-27T09:15:48.767 Date de modification : 2026-01-27T09:15:48.767 Disponibilité Integrité Confidentialité Editeur : EZCast Produit : EZCast Pro II Version : 1.17478.146 Probleme : CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Description : Multiple Buffer Overflows in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to cause a program crash and potential remote code execution ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://hub.ntc.swiss/ntcf-2025-68873 En savoir plus
CVE-2026-24793 azerothcore azerothcore-wotlk Date de parution : 2026-01-27T09:15:48.940 Date de modification : 2026-01-27T09:15:48.940 Disponibilité Integrité Confidentialité Editeur : azerothcore Produit : azerothcore-wotlk Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in azerothcore azerothcore-wotlk (deps/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects azerothcore-wotlk: through v4.0.0. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/azerothcore/azerothcore-wotlk/pull/21599 En savoir plus
CVE-2026-24794 CardboardPowered cardboard Date de parution : 2026-01-27T09:15:49.090 Date de modification : 2026-01-27T09:15:49.090 Disponibilité Integrité Confidentialité Editeur : CardboardPowered Produit : cardboard Version : 0 Probleme : CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Description : Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in CardboardPowered cardboard (src/main/java/org/cardboardpowered/impl/world modules). This vulnerability is associated with program files WorldImpl.Java. This issue affects cardboard: before 1.21.4. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/CardboardPowered/cardboard/pull/506 En savoir plus
CVE-2026-24795 CloverHackyColor CloverBootloader Date de parution : 2026-01-27T09:15:49.233 Date de modification : 2026-01-27T09:15:49.233 Disponibilité Integrité Confidentialité Editeur : CloverHackyColor Produit : CloverBootloader Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regcomp.C. This issue affects CloverBootloader: before 5162. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/CloverHackyColor/CloverBootloader/pull/733 En savoir plus
CVE-2026-24796 CloverHackyColor CloverBootloader Date de parution : 2026-01-27T09:15:49.370 Date de modification : 2026-01-27T09:15:49.370 Disponibilité Integrité Confidentialité Editeur : CloverHackyColor Produit : CloverBootloader Version : 0 Probleme : CWE-125 Out-of-bounds Read Description : Out-of-bounds Read vulnerability in CloverHackyColor CloverBootloader (MdeModulePkg/Universal/RegularExpressionDxe/Oniguruma modules). This vulnerability is associated with program files regparse.C. This issue affects CloverBootloader: before 5162. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/CloverHackyColor/CloverBootloader/pull/732 En savoir plus
CVE-2026-24797 neka-nat cupoch Date de parution : 2026-01-27T09:15:49.510 Date de modification : 2026-01-27T09:15:49.510 Disponibilité Integrité Confidentialité Editeur : neka-nat Produit : cupoch Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write vulnerability in neka-nat cupoch (third_party/libjpeg-turbo/libjpeg-turbo modules). This vulnerability is associated with program files tjbench.C. This issue affects cupoch. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/neka-nat/cupoch/pull/138 En savoir plus
CVE-2026-24798 GaijinEntertainment DagorEngine Date de parution : 2026-01-27T09:15:49.643 Date de modification : 2026-01-27T09:15:49.643 Disponibilité Integrité Confidentialité Editeur : GaijinEntertainment Produit : DagorEngine Version : 0 Probleme : CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer Description : Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GaijinEntertainment DagorEngine (prog/3rdPartyLibs/miniupnpc modules). This vulnerability is associated with program files upnpreplyparse.C. This issue affects DagorEngine: through dagor_2025_01_15. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/GaijinEntertainment/DagorEngine/pull/136 En savoir plus
CVE-2026-24799 davisking dlib Date de parution : 2026-01-27T09:15:49.787 Date de modification : 2026-01-27T09:15:49.787 Disponibilité Integrité Confidentialité Editeur : davisking Produit : dlib Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in davisking dlib (dlib/external/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/davisking/dlib/pull/3063 En savoir plus
CVE-2026-24800 tildearrow furnace Date de parution : 2026-01-27T09:15:49.920 Date de modification : 2026-01-27T09:15:49.920 Disponibilité Integrité Confidentialité Editeur : tildearrow Produit : furnace Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in tildearrow furnace (extern/zlib modules). This vulnerability is associated with program files inflate.C. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/tildearrow/furnace/pull/2471 En savoir plus
CVE-2026-24801 Ralim IronOS Date de parution : 2026-01-27T09:15:50.057 Date de modification : 2026-01-27T09:15:50.057 Disponibilité Integrité Confidentialité Editeur : Ralim Produit : IronOS Version : 0 Probleme : Description : Vulnerability in Ralim IronOS (source/Core/BSP/Pinecilv2/bl_mcu_sdk/components/ble/ble_stack/common/tinycrypt/source modules). This vulnerability is associated with program files ecc_dsa.C. This issue affects IronOS: before v2.23-rc3. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/Ralim/IronOS/pull/2087 En savoir plus
CVE-2026-24802 briandilley jsonrpc4j Date de parution : 2026-01-27T09:15:50.187 Date de modification : 2026-01-27T09:15:50.187 Disponibilité Integrité Confidentialité Editeur : briandilley Produit : jsonrpc4j Version : 0 Probleme : CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop') Description : Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in briandilley jsonrpc4j (src/main/java/com/googlecode/jsonrpc4j modules). This vulnerability is associated with program files NoCloseOutputStream.Java. This issue affects jsonrpc4j: through 1.6.0. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/briandilley/jsonrpc4j/pull/333 En savoir plus
CVE-2026-24803 coolsnowwolf lede Date de parution : 2026-01-27T09:15:50.337 Date de modification : 2026-01-27T09:15:50.337 Disponibilité Integrité Confidentialité Editeur : coolsnowwolf Produit : lede Version : 0 Probleme : CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop') Description : Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in coolsnowwolf lede (package/lean/mt/drivers/mt7615d/src/mt_wifi/embedded/security modules). This vulnerability is associated with program files bn_lib.C. This issue affects lede: through r25.10.1. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/coolsnowwolf/lede/pull/13346 En savoir plus
CVE-2026-24804 coolsnowwolf lede Date de parution : 2026-01-27T09:15:50.470 Date de modification : 2026-01-27T09:15:50.470 Disponibilité Integrité Confidentialité Editeur : coolsnowwolf Produit : lede Version : 0 Probleme : CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop') Description : Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in coolsnowwolf lede (package/lean/mt/drivers/mt7603e/src/mt7603_wifi/common modules). This vulnerability is associated with program files bn_lib.C. This issue affects lede: through r25.10.1. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/coolsnowwolf/lede/pull/13368 En savoir plus
CVE-2026-24805 visualfc liteide Date de parution : 2026-01-27T09:15:50.607 Date de modification : 2026-01-27T09:15:50.607 Disponibilité Integrité Confidentialité Editeur : visualfc Produit : liteide Version : 0 Probleme : CWE-476 NULL Pointer Dereference Description : NULL Pointer Dereference vulnerability in visualfc liteide (liteidex/src/3rdparty/libvterm/src modules). This vulnerability is associated with program files screen.C, state.C, vterm.C. This issue affects liteide: before x38.4. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/visualfc/liteide/pull/1326 En savoir plus
CVE-2026-24806 liuyueyi quick-media Date de parution : 2026-01-27T09:15:50.743 Date de modification : 2026-01-27T09:15:50.743 Disponibilité Integrité Confidentialité Editeur : liuyueyi Produit : quick-media Version : 0 Probleme : CWE-94 Improper Control of Generation of Code ('Code Injection') Description : Improper Control of Generation of Code ('Code Injection') vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/png modules). This vulnerability is associated with program files PNGImageEncoder.Java. This issue affects quick-media: before v1.0. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/liuyueyi/quick-media/pull/122 En savoir plus
CVE-2026-24807 liuyueyi quick-media Date de parution : 2026-01-27T09:15:50.890 Date de modification : 2026-01-27T09:15:50.890 Disponibilité Integrité Confidentialité Editeur : liuyueyi Produit : quick-media Version : 0 Probleme : CWE-347 Improper Verification of Cryptographic Signature Description : Improper Verification of Cryptographic Signature vulnerability in liuyueyi quick-media (plugins/svg-plugin/batik-codec-fix/src/main/java/org/apache/batik/ext/awt/image/codec/util modules). This vulnerability is associated with program files SeekableOutputStream.Java. This issue affects quick-media: before v1.0. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/liuyueyi/quick-media/pull/123 En savoir plus
CVE-2026-24808 RawTherapee RawTherapee Date de parution : 2026-01-27T09:15:51.023 Date de modification : 2026-01-27T09:15:51.023 Disponibilité Integrité Confidentialité Editeur : RawTherapee Produit : RawTherapee Version : 0 Probleme : CWE-190 Integer Overflow or Wraparound Description : Integer Overflow or Wraparound vulnerability in RawTherapee (rtengine modules). This vulnerability is associated with program files dcraw.Cc. This issue affects RawTherapee: through 5.11. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/RawTherapee/RawTherapee/pull/7359 En savoir plus
CVE-2026-24809 praydog REFramework Date de parution : 2026-01-27T09:15:51.160 Date de modification : 2026-01-27T09:15:51.160 Disponibilité Integrité Confidentialité Editeur : praydog Produit : REFramework Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : An issue from the component luaG_runerror in dependencies/lua/src/ldebug.c in praydog/REFramework version before 1.5.5 leads to a heap-buffer overflow when a recursive error occurs. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/praydog/REFramework/pull/1320 En savoir plus
CVE-2026-24810 rethinkdb rethinkdb Date de parution : 2026-01-27T09:15:51.300 Date de modification : 2026-01-27T09:15:51.300 Disponibilité Integrité Confidentialité Editeur : rethinkdb Produit : rethinkdb Version : 0 Probleme : CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') Description : Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in rethinkdb (src/cjson modules). This vulnerability is associated with program files cJSON.Cc. This issue affects rethinkdb: through v2.4.4. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/rethinkdb/rethinkdb/pull/7163 En savoir plus
CVE-2026-24811 root-project root Date de parution : 2026-01-27T09:15:51.440 Date de modification : 2026-01-27T09:15:51.440 Disponibilité Integrité Confidentialité Editeur : root-project Produit : root Version : 0 Probleme : Description : Vulnerability in root-project root (builtins/zlib modules). This vulnerability is associated with program files inffast.C. This issue affects root. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/root-project/root/pull/18526 En savoir plus
CVE-2026-24812 root-project root Date de parution : 2026-01-27T09:15:51.567 Date de modification : 2026-01-27T09:15:51.567 Disponibilité Integrité Confidentialité Editeur : root-project Produit : root Version : 0 Probleme : Description : Vulnerability in root-project root (builtins/zlib modules). This vulnerability is associated with program files inftrees.C. This issue affects root: through 6.36.00-rc1. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/root-project/root/pull/18527 En savoir plus
CVE-2026-24813 abcz316 SKRoot-linuxKernelRoot Date de parution : 2026-01-27T09:15:51.680 Date de modification : 2026-01-27T09:15:51.680 Disponibilité Integrité Confidentialité Editeur : abcz316 Produit : SKRoot-linuxKernelRoot Version : 0 Probleme : CWE-476 NULL Pointer Dereference Description : NULL Pointer Dereference vulnerability in abcz316 SKRoot-linuxKernelRoot (testRoot/jni/utils modules). This vulnerability is associated with program files cJSON.Cpp. This issue affects SKRoot-linuxKernelRoot. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/abcz316/SKRoot-linuxKernelRoot/pull/116 En savoir plus
CVE-2026-24814 swoole swoole-src Date de parution : 2026-01-27T09:15:51.830 Date de modification : 2026-01-27T09:15:51.830 Disponibilité Integrité Confidentialité Editeur : swoole Produit : swoole-src Version : 0 Probleme : CWE-190 Integer Overflow or Wraparound Description : Integer Overflow or Wraparound vulnerability in swoole swoole-src (thirdparty/hiredis modules). This vulnerability is associated with program files sds.C. This issue affects swoole-src: before 6.0.2. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/swoole/swoole-src/pull/5698 En savoir plus
CVE-2026-24815 datavane tis Date de parution : 2026-01-27T09:15:51.967 Date de modification : 2026-01-27T09:15:51.967 Disponibilité Integrité Confidentialité Editeur : datavane Produit : tis Version : 0 Probleme : CWE-434 Unrestricted Upload of File with Dangerous Type Description : Unrestricted Upload of File with Dangerous Type, Deserialization of Untrusted Data vulnerability in datavane tis (tis-plugin/src/main/java/com/qlangtech/tis/extension/impl modules). This vulnerability is associated with program files XmlFile.Java. This issue affects tis: before v4.3.0. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/datavane/tis/pull/443 En savoir plus
CVE-2026-24816 datavane tis Date de parution : 2026-01-27T09:15:52.110 Date de modification : 2026-01-27T09:15:52.110 Disponibilité Integrité Confidentialité Editeur : datavane Produit : tis Version : 0 Probleme : CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop') Description : Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in datavane tis (tis-console/src/main/java/com/qlangtech/tis/runtime/module/action modules). This vulnerability is associated with program files ChangeDomainAction.Java. This issue affects tis: before v4.3.0. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/datavane/tis/pull/444 En savoir plus
CVE-2026-24817 praydog UEVR Date de parution : 2026-01-27T09:15:52.247 Date de modification : 2026-01-27T09:15:52.247 Disponibilité Integrité Confidentialité Editeur : praydog Produit : UEVR Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write vulnerability in praydog UEVR (dependencies/lua/src modules). This vulnerability is associated with program files ldebug.C, lvm.C. This issue affects UEVR: before 1.05. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/praydog/UEVR/pull/336 En savoir plus
CVE-2026-24818 praydog UEVR Date de parution : 2026-01-27T09:15:52.383 Date de modification : 2026-01-27T09:15:52.383 Disponibilité Integrité Confidentialité Editeur : praydog Produit : UEVR Version : 0 Probleme : CWE-125 Out-of-bounds Read Description : Out-of-bounds Read vulnerability in praydog UEVR (dependencies/lua/src modules). This vulnerability is associated with program files lparser.C. This issue affects UEVR: before 1.05. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/praydog/UEVR/pull/337 En savoir plus
CVE-2026-24819 foxinmy weixin4j Date de parution : 2026-01-27T09:15:52.520 Date de modification : 2026-01-27T09:15:52.520 Disponibilité Integrité Confidentialité Editeur : foxinmy Produit : weixin4j Version : 0 Probleme : CWE-1325 Improperly Controlled Sequential Memory Allocation Description : Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j (weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules). This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects weixin4j. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/foxinmy/weixin4j/pull/229 En savoir plus
CVE-2026-24820 turanszkij WickedEngine Date de parution : 2026-01-27T09:15:52.663 Date de modification : 2026-01-27T09:15:52.663 Disponibilité Integrité Confidentialité Editeur : turanszkij Produit : WickedEngine Version : 0 Probleme : CWE-125 Out-of-bounds Read Description : Out-of-bounds Read vulnerability in turanszkij WickedEngine (WickedEngine/LUA modules). This vulnerability is associated with program files ldebug.C. This issue affects WickedEngine: before 0.71.705. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/turanszkij/WickedEngine/pull/1054 En savoir plus
CVE-2026-24821 turanszkij WickedEngine Date de parution : 2026-01-27T09:15:52.797 Date de modification : 2026-01-27T09:15:52.797 Disponibilité Integrité Confidentialité Editeur : turanszkij Produit : WickedEngine Version : 0 Probleme : CWE-125 Out-of-bounds Read Description : Out-of-bounds Read vulnerability in turanszkij WickedEngine (WickedEngine/LUA modules). This vulnerability is associated with program files lparser.C. This issue affects WickedEngine: through 0.71.727. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/turanszkij/WickedEngine/pull/1095 En savoir plus
CVE-2026-24822 ttttupup wxhelper Date de parution : 2026-01-27T09:15:52.937 Date de modification : 2026-01-27T09:15:52.937 Disponibilité Integrité Confidentialité Editeur : ttttupup Produit : wxhelper Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper (src modules). This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/ttttupup/wxhelper/pull/515 En savoir plus
CVE-2026-24823 FASTSHIFT X-TRACK Date de parution : 2026-01-27T09:15:53.067 Date de modification : 2026-01-27T09:15:53.067 Disponibilité Integrité Confidentialité Editeur : FASTSHIFT Produit : X-TRACK Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FASTSHIFT X-TRACK (Software/X-Track/USER/App/Utils/lv_img_png/PNGdec/src modules). This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/FASTSHIFT/X-TRACK/pull/120 En savoir plus
CVE-2026-24824 yacy yacy_search_server Date de parution : 2026-01-27T09:15:53.203 Date de modification : 2026-01-27T09:15:53.203 Disponibilité Integrité Confidentialité Editeur : yacy Produit : yacy_search_server Version : 0 Probleme : CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') Description : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in yacy yacy_search_server (source/net/yacy/http/servlets modules). This vulnerability is associated with program files YaCyDefaultServlet.Java. This issue affects yacy_search_server. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/yacy/yacy_search_server/pull/722 En savoir plus
CVE-2026-24825 ydb-platform ydb Date de parution : 2026-01-27T09:15:53.347 Date de modification : 2026-01-27T09:15:53.347 Disponibilité Integrité Confidentialité Editeur : ydb-platform Produit : ydb Version : 0 Probleme : CWE-401 Missing Release of Memory after Effective Lifetime Description : Missing Release of Memory after Effective Lifetime vulnerability in ydb-platform ydb (contrib/libs/yajl modules). This vulnerability is associated with program files yail_tree.C. This issue affects ydb: through 24.4.4.2. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/ydb-platform/ydb/pull/17570 En savoir plus
CVE-2026-1467 Red Hat Red Hat Enterprise Linux 10 MEDIUM 6.1 Date de parution : 2026-01-27T10:15:48.597 Date de modification : 2026-01-27T10:15:48.597 Disponibilité Integrité Confidentialité NONE LOW LOW Editeur : Red Hat Produit : Red Hat Enterprise Linux 10 Version : Probleme : Improper Neutralization of CRLF Sequences ('CRLF Injection') Description : A flaw was found in libsoup, an HTTP client library. This vulnerability, known as CRLF (Carriage Return Line Feed) Injection, occurs when an HTTP proxy is configured and the library improperly handles URL-decoded input used to create the Host header. A remote attacker can exploit this by providing a specially crafted URL containing CRLF sequences, allowing them to inject additional HTTP headers or complete HTTP request bodies. This can lead to unintended or unauthorized HTTP requests being forwarded by the proxy, potentially impacting downstream services. ExploitabilityScore : 2.8 impactScore : 2.7 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : REQUIRED scope : CHANGED references : https://access.redhat.com/security/cve/CVE-2026-1467 https://bugzilla.redhat.com/show_bug.cgi?id=2433174 En savoir plus
CVE-2026-21417 Dell CloudBoost Virtual Appliance HIGH 7 Date de parution : 2026-01-27T10:15:48.763 Date de modification : 2026-01-27T10:15:48.763 Disponibilité Integrité Confidentialité HIGH LOW LOW Editeur : Dell Produit : CloudBoost Virtual Appliance Version : N/A Probleme : CWE-256: Plaintext Storage of a Password Description : Dell CloudBoost Virtual Appliance, versions prior to 19.14.0.0, contains a Plaintext Storage of Password vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges. ExploitabilityScore : 2.2 impactScore : 4.7 attackVector : NETWORK attackComplexity : HIGH privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://www.dell.com/support/kbdoc/en-us/000419894/dsa-2026-025-security-update-for-dell-cloudboost-virtual-appliance-multiple-vulnerabilities En savoir plus
CVE-2026-24345 EZCast EZCast Pro II Date de parution : 2026-01-27T10:15:48.937 Date de modification : 2026-01-27T10:15:48.937 Disponibilité Integrité Confidentialité Editeur : EZCast Produit : EZCast Pro II Version : 1.17478.146 Probleme : CWE-20 Improper Input Validation Description : Cross-Site Request Forgery in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to bypass authorization checks and gain full access to the admin UI ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://hub.ntc.swiss/ntcf-2025-32832 En savoir plus
CVE-2026-24346 EZCast EZCast Pro II Date de parution : 2026-01-27T10:15:49.073 Date de modification : 2026-01-27T10:15:49.073 Disponibilité Integrité Confidentialité Editeur : EZCast Produit : EZCast Pro II Version : 1.17478.146 Probleme : CWE-798 Use of Hard-coded Credentials Description : Use of well-known default credentials in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to access protected areas in the web application ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://hub.ntc.swiss/ntcf-2025-13993 En savoir plus
CVE-2026-24347 EZCast EZCast Pro II Date de parution : 2026-01-27T10:15:49.220 Date de modification : 2026-01-27T10:15:49.220 Disponibilité Integrité Confidentialité Editeur : EZCast Produit : EZCast Pro II Version : 1.17478.146 Probleme : CWE-20 Improper Input Validation Description : Improper input validation in Admin UI of EZCast Pro II version 1.17478.146 allows attackers to manipulate files in the /tmp directory ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://hub.ntc.swiss/ntcf-2025-32806 En savoir plus
CVE-2026-24348 EZCast EZCast Pro II Date de parution : 2026-01-27T10:15:49.360 Date de modification : 2026-01-27T10:15:49.360 Disponibilité Integrité Confidentialité Editeur : EZCast Produit : EZCast Pro II Version : 1.17478.146 Probleme : CWE-20 Improper Input Validation Description : Multiple cross-site scripting vulnerabilities in Admin UI of EZCast Pro II version 1.17478.146 allow attackers to execute arbitrary JavaScript code in the browser of other Admin UI users. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://hub.ntc.swiss/ntcf-2025-145332 En savoir plus
CVE-2026-24826 cadaver turso3d Date de parution : 2026-01-27T10:15:49.507 Date de modification : 2026-01-27T10:15:49.507 Disponibilité Integrité Confidentialité Editeur : cadaver Produit : turso3d Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write, Divide By Zero, NULL Pointer Dereference, Use of Uninitialized Resource, Out-of-bounds Read, Reachable Assertion vulnerability in cadaver turso3d.This issue affects . ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://github.com/cadaver/turso3d/pull/11 En savoir plus
CVE-2026-24827 gerstrong Commander-Genius HIGH 7.5 Date de parution : 2026-01-27T10:15:49.650 Date de modification : 2026-01-27T10:15:49.650 Disponibilité Integrité Confidentialité HIGH NONE NONE Editeur : gerstrong Produit : Commander-Genius Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write vulnerability in gerstrong Commander-Genius.This issue affects Commander-Genius: before Release refs/pull/358/merge. ExploitabilityScore : 3.9 impactScore : 3.6 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://github.com/gerstrong/Commander-Genius/pull/379 En savoir plus
CVE-2026-24828 Is-Daouda is-Engine HIGH 7.5 Date de parution : 2026-01-27T10:15:49.780 Date de modification : 2026-01-27T10:15:49.780 Disponibilité Integrité Confidentialité HIGH NONE NONE Editeur : Is-Daouda Produit : is-Engine Version : 0 Probleme : CWE-401 Missing Release of Memory after Effective Lifetime Description : Missing Release of Memory after Effective Lifetime vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4. ExploitabilityScore : 3.9 impactScore : 3.6 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://github.com/Is-Daouda/is-Engine/pull/6 En savoir plus
CVE-2026-24829 Is-Daouda is-Engine MEDIUM 6.5 Date de parution : 2026-01-27T10:15:49.917 Date de modification : 2026-01-27T10:15:49.917 Disponibilité Integrité Confidentialité HIGH NONE NONE Editeur : Is-Daouda Produit : is-Engine Version : 0 Probleme : CWE-787 Out-of-bounds Write Description : Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in Is-Daouda is-Engine.This issue affects is-Engine: before 3.3.4. ExploitabilityScore : 2.8 impactScore : 3.6 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : REQUIRED scope : UNCHANGED references : https://github.com/Is-Daouda/is-Engine/pull/7 En savoir plus
CVE-2026-24830 Ralim IronOS CRITICAL 9.8 Date de parution : 2026-01-27T10:15:50.053 Date de modification : 2026-01-27T10:15:50.053 Disponibilité Integrité Confidentialité HIGH HIGH HIGH Editeur : Ralim Produit : IronOS Version : 0 Probleme : CWE-190 Integer Overflow or Wraparound Description : Integer Overflow or Wraparound vulnerability in Ralim IronOS.This issue affects IronOS: before v2.23-rc2. ExploitabilityScore : 3.9 impactScore : 5.9 attackVector : NETWORK attackComplexity : LOW privilegesRequired : NONE userInteraction : NONE scope : UNCHANGED references : https://github.com/Ralim/IronOS/pull/2083 En savoir plus
CVE-2025-12386 Pix-Link LV-WR21Q Date de parution : 2026-01-27T12:15:56.473 Date de modification : 2026-01-27T12:15:56.473 Disponibilité Integrité Confidentialité Editeur : Pix-Link Produit : LV-WR21Q Version : V108_108 Probleme : CWE-306 Missing Authentication for Critical Function Description : Pix-Link LV-WR21Q does not enforce any form of authentication for endpoint /goform/getHomePageInfo. Remote unauthenticated attacker is able to use this endpoint to e.g: retrieve cleartext password to the access point. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version V108_108 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://cert.pl/en/posts/2026/01/CVE-2025-12386 https://github.com/wcyb/security_research https://www.pix-link.com/lv-wr21q En savoir plus
CVE-2025-12387 Pix-Link LV-WR21Q Date de parution : 2026-01-27T12:15:57.243 Date de modification : 2026-01-27T12:15:57.243 Disponibilité Integrité Confidentialité Editeur : Pix-Link Produit : LV-WR21Q Version : V108_108 Probleme : CWE-754 Improper Check for Unusual or Exceptional Conditions Description : A vulnerability in the Pix-Link LV-WR21Q router's language module allows remote attackers to trigger a denial of service (DoS) by sending a specially crafted HTTP POST request containing non-existing language parameter. This renders the server unable to serve correct lang.js file, which causes administrator panel to not work, resulting in DoS until the language settings is reverted to a correct value. The Denial of Service affects only the administrator panel and does not affect other router functionalities. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version V108_108 was tested and confirmed as vulnerable, other versions were not tested and might also be vulnerable. ExploitabilityScore : impactScore : attackVector : attackComplexity : privilegesRequired : userInteraction : scope : references : https://cert.pl/en/posts/2026/01/CVE-2025-12386 https://github.com/wcyb/security_research https://www.pix-link.com/lv-wr21q En savoir plus
CVE-2025-41726 Beckhoff Automation Beckhoff.Device.Manager.XAR HIGH 8.8 Date de parution : 2026-01-27T12:15:57.400 Date de modification : 2026-01-27T12:15:57.400 Disponibilité Integrité Confidentialité HIGH HIGH HIGH Editeur : Beckhoff Automation Produit : Beckhoff.Device.Manager.XAR Version : 0.0.0 Probleme : CWE-190 Integer Overflow or Wraparound Description : A low privileged remote attacker can execute arbitrary code by sending specially crafted calls to the web service of the Device Manager or locally via an API and can cause integer overflows which then may lead to arbitrary code execution within privileged processes. ExploitabilityScore : 2.8 impactScore : 5.9 attackVector : NETWORK attackComplexity : LOW privilegesRequired : LOW userInteraction : NONE scope : UNCHANGED references : https://certvde.com/de/advisories/VDE-2025-092 En savoir plus
CVE-2025-41727 Beckhoff Automation Beckhoff.Device.Manager.XAR HIGH 7.8 Date de parution : 2026-01-27T12:15:57.573 Date de modification : 2026-01-27T12:15:57.573 Disponibilité Integrité Confidentialité HIGH HIGH HIGH Editeur : Beckhoff Automation Produit : Beckhoff.Device.Manager.XAR Version : 0.0.0 Probleme : CWE-420 Unprotected Alternate Channel Description : A local low privileged attacker can bypass the authentication of the Device Manager user interface, allowing them to perform privileged operations and gain administrator access. ExploitabilityScore : 1.8 impactScore : 5.9 attackVector : LOCAL attackComplexity : LOW privilegesRequired : LOW userInteraction : NONE scope : UNCHANGED references : https://certvde.com/de/advisories/VDE-2025-092 En savoir plus
CVE-2025-41728 Beckhoff Automation Beckhoff.Device.Manager.XAR MEDIUM 5.3 Date de parution : 2026-01-27T12:15:57.717 Date de modification : 2026-01-27T12:15:57.717 Disponibilité Integrité Confidentialité NONE NONE HIGH Editeur : Beckhoff Automation Produit : Beckhoff.Device.Manager.XAR Version : 0.0.0 Probleme : CWE-125 Out-of-bounds Read Description : A low privileged remote attacker may be able to disclose confidential information from the memory of a privileged process by sending specially crafted calls to the Device Manager web service that cause an out-of-bounds read operation under certain circumstances due to ASLR and thereby potentially copy confidential information into a response. ExploitabilityScore : 1.6 impactScore : 3.6 attackVector : NETWORK attackComplexity : HIGH privilegesRequired : LOW userInteraction : NONE scope : UNCHANGED references : https://certvde.com/de/advisories/VDE-2025-092 En savoir plus