Threat Intelligence Feed

CVE-2026-6134 A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqosset CVE-2026-6133 A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file CVE-2026-6132 A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCf CVE-2026-6131 A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTr CVE-2026-6130 A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/ CVE-2026-6129 A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the CVE-2026-40396 Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after timeout_linger. A mali CVE-2026-40395 Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service (daemon panic) for shared VCL. The h CVE-2026-40394 Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (da CVE-2026-40393 In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be- CVE-2026-40386 In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used b CVE-2026-40385 In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attacke CVE-2019-25713 MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL querie CVE-2019-25712 BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers t CVE-2019-25711 SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the appli CVE-2019-25710 Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint tha CVE-2019-25709 CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by access CVE-2019-25708 Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change admini CVE-2019-25707 eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL qu CVE-2019-25706 Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom CVE-2019-25705 Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or e CVE-2019-25703 ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipul CVE-2019-25701 Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that a CVE-2019-25699 Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authentic CVE-2019-25697 CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries CVE-2019-25695 R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting mali CVE-2019-25693 ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL q CVE-2019-25691 Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attac CVE-2019-25689 HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code CVE-2018-25258 RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass CVE-2018-25257 Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate CVE-2017-20239 MDwiki contains a cross-site scripting vulnerability that allows remote attackers to execute arbitrary JavaScript by inj CVE-2026-6126 A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function CVE-2026-6125 A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpressio CVE-2026-6124 A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the f CVE-2026-6123 A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat CVE-2026-6122 A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file / CVE-2026-6121 A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /go CVE-2026-6120 A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/Dhcp CVE-2026-6119 A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get o CVE-2026-6134 A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqosset CVE-2026-6133 A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file CVE-2026-6132 A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCf CVE-2026-6131 A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTr CVE-2026-6130 A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/ CVE-2026-6129 A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the CVE-2026-40396 Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after timeout_linger. A mali CVE-2026-40395 Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service (daemon panic) for shared VCL. The h CVE-2026-40394 Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (da CVE-2026-40393 In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be- CVE-2026-40386 In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used b CVE-2026-40385 In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attacke CVE-2019-25713 MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL querie CVE-2019-25712 BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers t CVE-2019-25711 SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the appli CVE-2019-25710 Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint tha CVE-2019-25709 CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by access CVE-2019-25708 Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change admini CVE-2019-25707 eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL qu CVE-2019-25706 Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom CVE-2019-25705 Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or e CVE-2019-25703 ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipul CVE-2019-25701 Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that a CVE-2019-25699 Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authentic CVE-2019-25697 CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries CVE-2019-25695 R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting mali CVE-2019-25693 ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL q CVE-2019-25691 Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attac CVE-2019-25689 HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code CVE-2018-25258 RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass CVE-2018-25257 Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate CVE-2017-20239 MDwiki contains a cross-site scripting vulnerability that allows remote attackers to execute arbitrary JavaScript by inj CVE-2026-6126 A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function CVE-2026-6125 A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpressio CVE-2026-6124 A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the f CVE-2026-6123 A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat CVE-2026-6122 A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file / CVE-2026-6121 A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /go CVE-2026-6120 A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/Dhcp CVE-2026-6119 A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get o