Threat Intelligence Feed

Aggregating 3101 articles from trusted cybersecurity sources

/
LATEST CVEs
CVE-2026-6134 A security flaw has been discovered in Tenda F451 1.0.0.7_cn_svn7958. This vulnerability affects the function fromqosset CVE-2026-6133 A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. This affects the function fromSafeUrlFilter of the file CVE-2026-6132 A vulnerability was determined in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setLedCf CVE-2026-6131 A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTr CVE-2026-6130 A flaw has been found in chatboxai chatbox up to 1.20.0. This impacts the function StdioClientTransport of the file src/ CVE-2026-6129 A vulnerability was detected in zhayujie chatgpt-on-wechat CowAgent up to 2.0.4. This affects an unknown function of the CVE-2026-40396 Varnish Cache 9 before 9.0.1 allows a "workspace overflow" denial of service (daemon panic) after timeout_linger. A mali CVE-2026-40395 Varnish Enterprise before 6.0.16r12 allows a "workspace overflow" denial of service (daemon panic) for shared VCL. The h CVE-2026-40394 Varnish Cache 9 before 9.0.1 and Varnish Enterprise before 6.0.16r11 allows a "workspace overflow" denial of service (da CVE-2026-40393 In Mesa before 25.3.6 and 26 before 26.0.1, out-of-bounds memory access can occur in WebGPU because the amount of to-be- CVE-2026-40386 In libexif through 0.6.25, an integer underflow in size checking for Fuji and Olympus MakerNote decoding could be used b CVE-2026-40385 In libexif through 0.6.25, an unsigned 32bit integer overflow in Nikon MakerNote handling could be used by local attacke CVE-2019-25713 MyT-PM 1.5.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL querie CVE-2019-25712 BlueAuditor 1.7.2.0 contains a buffer overflow vulnerability in the registration key field that allows local attackers t CVE-2019-25711 SpotFTP Password Recover 2.4.2 contains a denial of service vulnerability that allows local attackers to crash the appli CVE-2019-25710 Dolibarr ERP-CRM 8.0.4 contains an SQL injection vulnerability in the rowid parameter of the admin dict.php endpoint tha CVE-2019-25709 CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the application database by access CVE-2019-25708 Heatmiser Wifi Thermostat 1.7 contains a cross-site request forgery vulnerability that allows attackers to change admini CVE-2019-25707 eBrigade ERP 4.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL qu CVE-2019-25706 Across DR-810 contains an unauthenticated file disclosure vulnerability that allows remote attackers to download the rom CVE-2019-25705 Echo Mirage 3.1 contains a stack buffer overflow vulnerability that allows local attackers to crash the application or e CVE-2019-25703 ImpressCMS 1.3.11 contains a time-based blind SQL injection vulnerability that allows authenticated attackers to manipul CVE-2019-25701 Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that a CVE-2019-25699 Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authentic CVE-2019-25697 CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries CVE-2019-25695 R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting mali CVE-2019-25693 ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL q CVE-2019-25691 Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attac CVE-2019-25689 HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code CVE-2018-25258 RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass CVE-2018-25257 Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate CVE-2017-20239 MDwiki contains a cross-site scripting vulnerability that allows remote attackers to execute arbitrary JavaScript by inj CVE-2026-6126 A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function CVE-2026-6125 A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpressio CVE-2026-6124 A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the f CVE-2026-6123 A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat CVE-2026-6122 A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file / CVE-2026-6121 A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /go CVE-2026-6120 A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/Dhcp CVE-2026-6119 A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get o
1320 General 377 CVE 361 Vulnerability Disclosure 249 Campaigns 169 Malware 160 Data Breach

Trending Vendors

Microsoft (252) Google (185) Apple (139) Amazon (120) Intel (95) Cisco (85) Fortinet (35) Linux (35) GitHub (34) Oracle (29) Cloudflare (28) Check Point (27) Rapid7 (25) WordPress (25) Palo Alto Networks (24)

Latest News

Rapid7 Blog Vulnerability Disclosure Rapid7

Metasploit Wrap-Up 03/20/2026

♫ I Just Called ♫ To Say ♫ 7f45 4c46 0201 0100 0000 0000 0000 0000 0300 3e00 0100♫ This release contains 2 new exploit modules, 2 enhancements, and 7 bug fix...

Rapid7 Blog →

Data Breaches