Total
14145 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-2567 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-02-23 | 7.2 High |
| A vulnerability was detected in Wavlink WL-NU516U1 20251208. This vulnerability affects the function sub_401218 of the file /cgi-bin/nas.cgi. Performing a manipulation of the argument User1Passwd results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. | ||||
| CVE-2026-2566 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-02-23 | 7.2 High |
| A security vulnerability has been detected in Wavlink WL-NU516U1 up to 130/260. This affects the function sub_406194 of the file /cgi-bin/adm.cgi. Such manipulation of the argument firmware_url leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-2565 | 1 Wavlink | 2 Wl-nu516u1, Wl-nu516u1 Firmware | 2026-02-23 | 6.6 Medium |
| A weakness has been identified in Wavlink WL-NU516U1 20251208. Affected by this issue is the function sub_40785C of the file /cgi-bin/adm.cgi. This manipulation of the argument time_zone causes stack-based buffer overflow. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitation is known to be difficult. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-2522 | 1 Open5gs | 1 Open5gs | 2026-02-23 | 5.3 Medium |
| A security vulnerability has been detected in Open5GS up to 2.7.6. Impacted is an unknown function of the file /src/mme/esm-build.c of the component MME. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-2521 | 1 Open5gs | 1 Open5gs | 2026-02-23 | 5.3 Medium |
| A weakness has been identified in Open5GS up to 2.7.6. This issue affects the function sgwc_s5c_handle_create_session_response of the component SGW-C. Executing a manipulation can lead to memory corruption. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-2259 | 2 Aardappel, Strlen | 2 Lobster, Lobster | 2026-02-23 | 3.3 Low |
| A vulnerability has been found in aardappel lobster up to 2025.4. Affected by this issue is the function lobster::Parser::ParseStatements in the library dev/src/lobster/parser.h of the component Parsing. The manipulation leads to memory corruption. The attack can only be performed from a local environment. The exploit has been disclosed to the public and may be used. The identifier of the patch is 2f45fe860d00990e79e13250251c1dde633f1f89. Applying a patch is the recommended action to fix this issue. | ||||
| CVE-2026-2258 | 2 Aardappel, Strlen | 2 Lobster, Lobster | 2026-02-23 | 3.3 Low |
| A flaw has been found in aardappel lobster up to 2025.4. Affected by this vulnerability is the function WaveFunctionCollapse in the library dev/src/lobster/wfc.h. Executing a manipulation can lead to memory corruption. The attack can only be executed locally. The exploit has been published and may be used. This patch is called c2047a33e1ac2c42ab7e8704b33f7ea518a11ffd. It is advisable to implement a patch to correct this issue. | ||||
| CVE-2026-2246 | 1 Aprilrobotics | 1 Apriltag | 2026-02-23 | 3.3 Low |
| A security vulnerability has been detected in AprilRobotics apriltag up to 3.4.5. Affected by this vulnerability is the function apriltag_detector_detect of the file apriltag.c. The manipulation leads to memory corruption. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The identifier of the patch is cfac2f5ce1ffe2de25967eb1ab80bc5d99fc1a61. It is suggested to install a patch to address this issue. | ||||
| CVE-2026-2245 | 1 Ccextractor | 1 Ccextractor | 2026-02-23 | 3.3 Low |
| A vulnerability was identified in CCExtractor up to 183. This affects the function parse_PAT/parse_PMT in the library src/lib_ccx/ts_tables.c of the component MPEG-TS File Parser. Such manipulation leads to out-of-bounds read. The attack can only be performed from a local environment. The exploit is publicly available and might be used. The name of the patch is fd7271bae238ccb3ae8a71304ea64f0886324925. It is best practice to apply a patch to resolve this issue. | ||||
| CVE-2026-2203 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-02-23 | 8.8 High |
| A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fast_setting_wifi_set of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used. | ||||
| CVE-2026-2202 | 1 Tenda | 2 Ac8, Ac8 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability was detected in Tenda AC8 16.03.33.05. Affected is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet of the component httpd. The manipulation of the argument shareSpeed results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used. | ||||
| CVE-2026-2192 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2026-02-23 | 7.2 High |
| A security vulnerability has been detected in Tenda AC9 15.03.06.42_multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.start_time/sys.schedulereboot.end_time leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. | ||||
| CVE-2026-2191 | 1 Tenda | 2 Ac9, Ac9 Firmware | 2026-02-23 | 7.2 High |
| A weakness has been identified in Tenda AC9 15.03.06.42_multi. Affected is the function formGetDdosDefenceList. This manipulation of the argument security.ddos.map causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-2187 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability was found in Tenda RX3 16.03.13.11. The affected element is the function set_qosMib_list of the file /goform/formSetQosBand. Performing a manipulation of the argument list results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-2186 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-2185 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-23 | 8.8 High |
| A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used. | ||||
| CVE-2026-2181 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-23 | 8.8 High |
| A security flaw has been discovered in Tenda RX3 16.03.13.11. Affected by this vulnerability is an unknown functionality of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. | ||||
| CVE-2026-2180 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fast_setting_wifi_set. Such manipulation of the argument ssid_5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-2140 | 1 Tenda | 2 Tx9, Tx9 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability was identified in Tenda TX9 up to 22.03.02.10_multi. Affected by this issue is the function sub_4223E0 of the file /goform/setMacFilterCfg. Such manipulation of the argument deviceList leads to buffer overflow. The attack may be launched remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-2139 | 1 Tenda | 2 Tx9, Tx9 Firmware | 2026-02-23 | 8.8 High |
| A vulnerability was determined in Tenda TX9 up to 22.03.02.10_multi. Affected by this vulnerability is the function sub_432580 of the file /goform/fast_setting_wifi_set. This manipulation of the argument ssid causes buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||