Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1310 CNY

100%
Buy Us a Coffee

Vulnerability List - Page 43

CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2026-10064 TRENDnet TEW-432BRP formSetPortTr stack-based overflow TRENDnetTEW-432BRP Medium 6.3 2026-05-29 14:45:08 Deep Dive
CVE-2026-10042 manga-image-translator RCE via Unsafe Pickle Deserialization in Share Model zyddnysmanga-image-translator Critical 9.8 2026-05-29 14:29:22 Deep Dive
CVE-2026-4290 WP Travel Pro <= 10.6.0 - Missing Authorization to Unauthenticated Arbitrary User Deletion Including Administrators WPTravelWP Travel Pro Critical 9.1 2026-05-29 14:29:08 Deep Dive
CVE-2026-10063 TRENDnet TEW-432BRP formWPS stack-based overflow TRENDnetTEW-432BRP High 8.8 2026-05-29 14:15:09 Deep Dive
CVE-2026-41150 Mermaid Gantt Charts are vulnerable to an Infinite Loop DoS mermaid-jsmermaid--2026-05-29 13:54:52 Deep Dive
CVE-2026-41159 Mermaid: Improper sanitization of configuration leads to CSS injection mermaid-jsmermaid--2026-05-29 13:53:10 Deep Dive
CVE-2026-45609 mcp-security: Unvalidated URL Fetching (SSRF) spring-ai-communitymcp-security High 7.2 2026-05-29 13:48:07 Deep Dive
CVE-2026-10062 TRENDnet TEW-432BRP formSetRoute stack-based overflow TRENDnetTEW-432BRP High 8.8 2026-05-29 13:45:08 Deep Dive
CVE-2026-46510 Prototype pollution in form-data-objectizer via bracket-notation form keys kaspernjform-data-objectizer High 8.2 2026-05-29 13:40:23 Deep Dive
CVE-2026-40528 OpenSC < 0.27.0 Buffer Overrun in do_key_value() via profile.c OpenSCOpenSC Low 3.8 2026-05-29 13:38:12 Deep Dive
CVE-2026-45582 n8n-MCP: Workflow telemetry sanitizer could retain partial values from URL-shaped node parameters czlonkowskin8n-mcp Medium 6.5 2026-05-29 13:37:31 Deep Dive
CVE-2026-45707 n8n-MCP: Multi-tenant MCP requests fall back to process-level n8n credentials when tenant headers are absent or incomplete czlonkowskin8n-mcp High 8.1 2026-05-29 13:35:42 Deep Dive
CVE-2026-44698 Home Assistant: Cross-origin iframe access token exfiltration via WebView JS bridge callback injection home-assistantcore High 8.3 2026-05-29 13:32:21 Deep Dive
CVE-2026-10061 TRENDnet TEW-432BRP formWPS command injection TRENDnetTEW-432BRP Medium 6.3 2026-05-29 13:30:12 Deep Dive
CVE-2026-40510 OpenSC < 0.27.0-rc1 Stack Buffer Overflow via piv_process_history() in card-piv.c OpenSCOpenSC Low 3.8 2026-05-29 13:26:40 Deep Dive
CVE-2026-45615 mouse07410/asn1c: 1-byte Heap Out-of-Bounds Read in `INTEGER_decode_oer` via Malformed OER Payload mouse07410asn1c High 8.2 2026-05-29 13:24:52 Deep Dive
CVE-2026-49318 Indian Scout Bobber 2025 Infotainment Digital Round skips PIN entry when WCM is silent at boot Indian Motorcycle (Polaris Inc.)Scout Bobber + Tech Low 2.4 2026-05-29 13:18:52 Deep Dive
CVE-2026-10060 TRENDnet TEW-432BRP formSetRoute command injection TRENDnetTEW-432BRP Medium 6.3 2026-05-29 13:15:09 Deep Dive
CVE-2026-45580 WWBN AVideo Live: stored XSS via unescaped stream key in modeYoutubeLive.php class attribute WWBNAVideo Medium 5.4 2026-05-29 13:14:50 Deep Dive
CVE-2026-45578 WWBN AVideo Live: OS command injection in on_publish.php execAsync via unescaped m3u8 URL WWBNAVideo High 8.8 2026-05-29 13:14:03 Deep Dive