| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2025-15548 | Missing Application-Layer Encryption in Web Interface Endpoints on TP-Link VX800v | TP-Link Systems Inc. | VX800v v1.0 | - | - | 2026-01-29 18:07:09 | Deep Dive |
| CVE-2025-15543 | Read-Only Root Access via USB Storage Device in TP-Link VX800v | TP-Link Systems Inc. | VX800v v1.0 | - | - | 2026-01-29 18:06:45 | Deep Dive |
| CVE-2025-15542 | Denial of Service (DoS) of VoIP Communication on TP-Link VX800v | TP-Link Systems Inc. | VX800v v1.0 | - | - | 2026-01-29 18:06:21 | Deep Dive |
| CVE-2025-15541 | Access to System Files via SFTP on TP-Link VX800v | TP-Link Systems Inc. | VX800v v1.0 | - | - | 2026-01-29 18:05:57 | Deep Dive |
| CVE-2025-13399 | Insecure Encryption in Communication with the Web Interface on TP-Link VX800v | TP-Link Systems Inc. | VX800v v1.0 | - | - | 2026-01-29 18:05:29 | Deep Dive |
| CVE-2025-15545 | Insufficient Backup File Upload Input Validation on TP-Link Archer RE605X | TP-Link Systems Inc. | Archer RE605X | - | - | 2026-01-29 17:31:10 | Deep Dive |
| CVE-2026-1596 | D-Link DWR-M961 formLtefotaUpgradeQuectel sub_419920 command injection | D-Link | DWR-M961 | Medium | 6.3 | 2026-01-29 15:32:12 | Deep Dive |
| CVE-2026-1544 | D-Link DIR-823X set_mode sub_41E2A0 os command injection | D-Link | DIR-823X | Medium | 6.3 | 2026-01-28 21:32:10 | Deep Dive |
| CVE-2026-1532 | D-Link DCS-700L Music File Upload Service setUploadMusic uploadmusic path traversal | D-Link | DCS-700L | Low | 2.4 | 2026-01-28 20:32:09 | Deep Dive |
| CVE-2026-1506 | D-Link DIR-615 MAC Filter Configuration adv_mac_filter.php os command injection | D-Link | DIR-615 | High | 7.2 | 2026-01-28 02:32:09 | Deep Dive |
| CVE-2026-1505 | D-Link DIR-615 URL Filter set_temp_nodes.php os command injection | D-Link | DIR-615 | High | 7.2 | 2026-01-28 01:32:09 | Deep Dive |
| CVE-2026-1315 | Unauthenticated Denial of Service via Firmware Update Endpoint on TP-Link Tapo C220 & C520WS | TP-Link Systems Inc. | Tapo C220 v1 | - | - | 2026-01-27 17:53:29 | Deep Dive |
| CVE-2026-0919 | Unauthenticated Denial of Service via Oversized URL in HTTP Parser on TP-Link Tapo C220 & C520WS | TP-Link Systems Inc. | Tapo C220 v1 | - | - | 2026-01-27 17:52:39 | Deep Dive |
| CVE-2026-0918 | Null Pointer Dereference in Tapo SmartCam HTTP Service on TP-Link Tapo C220 & C520WS | TP-Link Systems Inc. | Tapo C220 v1 | - | - | 2026-01-27 17:52:04 | Deep Dive |
| CVE-2025-12387 | Denial of Service in Pix-Link LV-WR21Q | Pix-Link | LV-WR21Q | - | - | 2026-01-27 11:57:56 | Deep Dive |
| CVE-2025-12386 | Missing Authentication for Critical Endpoint in Pix-Link LV-WR21Q | Pix-Link | LV-WR21Q | - | - | 2026-01-27 11:57:50 | Deep Dive |
| CVE-2025-14971 | Link Invoice Payment for WooCommerce <= 2.8.0 - Missing Authorization to Unauthenticated Arbitrary Partial Payment Creation/Cancellation | linknacional | Link Invoice Payment for WooCommerce | Medium | 5.3 | 2026-01-27 06:44:14 | Deep Dive |
| CVE-2026-1448 | D-Link DIR-615 Web Management wiz_policy_3_machine.php os command injection | D-Link | DIR-615 | High | 7.2 | 2026-01-26 23:32:09 | Deep Dive |
| CVE-2025-9522 | Blind Server-Side Request Forgery (SSRF) in Omada Controller | TP-Link Systems Inc. | Omada Controller | - | - | 2026-01-26 19:36:00 | Deep Dive |
| CVE-2025-9521 | Password Confirmation Bypass in Omada Controller | TP-Link Systems Inc. | Omada Controller | - | - | 2026-01-26 19:35:27 | Deep Dive |