Sun, Jun 14 · 09:16 PM CDTCVE-2026-12186
8.8/10 · Worth your timeNVDvuln
Summary
A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function replace_country in the library /usr/lib/oui-httpd/rpc/tor of the component Tor Proxy Service Configuration Handler. This manipulation causes command injection. The attack can be initiated remotely. The exploit has been made availa
CVECVE-2026-12186
SeverityHIGH
TypeNEW
PublishedSun, Jun 14 · 09:16 PM CDT
ModifiedSun, Jun 14 · 09:16 PM CDT
Sun, Jun 14 · 11:16 PM CDTCVE-2026-12187
8.8/10 · Worth your timeNVDvuln
Summary
A security vulnerability has been detected in GL.iNet GL-MT3000 up to 4.4.5. Affected by this vulnerability is an unknown functionality of the file /usr/bin/one_click_upgrade of the component Online Firmware Upgrade Handler. Such manipulation leads to command injection. The attack can be launched remotely. The exploit
CVECVE-2026-12187
SeverityHIGH
TypeNEW
PublishedSun, Jun 14 · 11:16 PM CDT
ModifiedSun, Jun 14 · 11:16 PM CDT
Mon, Jun 15 · 12:16 AM CDTCVE-2026-12192
8.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosu
CVECVE-2026-12192
SeverityHIGH
TypeNEW
PublishedMon, Jun 15 · 12:16 AM CDT
ModifiedMon, Jun 15 · 12:16 AM CDT
Thu, Jun 11 · 12:16 PM CDTCVE-2026-10087
8.7/10 · Worth your timeNVDvuln
Summary
GitLab has remediated an issue in GitLab EE affecting all versions from 17.1 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary client-side code on behalf of a targeted user due to impro
CVECVE-2026-10087
SeverityHIGH
TypeUPDATED
PublishedThu, Jun 11 · 12:16 PM CDT
ModifiedMon, Jun 15 · 01:46 AM CDT
Fri, Jun 12 · 03:16 PM CDTCVE-2026-45674
8.7/10 · Worth your timeNVDvuln
Summary
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's DnsResolveContext fails to validate the origin (bailiwick) of CNAME records in DNS responses. Versions 4.1.135.Final and 4.2.15.Final patch the issue.
CVECVE-2026-45674
SeverityHIGH
TypeUPDATED
PublishedFri, Jun 12 · 03:16 PM CDT
ModifiedMon, Jun 15 · 02:13 AM CDT
Fri, Jun 12 · 04:16 PM CDTCVE-2026-47691
8.7/10 · Worth your timeNVDvuln
Summary
Netty is a network application framework for development of protocol servers and clients. Prior to versions 4.1.135.Final and 4.2.15.Final, Netty's `DnsResolveContext` insufficiently validates the bailiwick of NS records, enabling DNS Cache Poisoning. An attacker controlling an authoritative name server for a subdomain
CVECVE-2026-47691
SeverityHIGH
TypeUPDATED
PublishedFri, Jun 12 · 04:16 PM CDT
ModifiedMon, Jun 15 · 01:57 AM CDT
Sun, Jun 14 · 06:17 PM CDTCVE-2026-54410
8.6/10 · Worth your timeNVDvuln
Summary
nanoMODBUS through v1.23.0 contains an off-by-one buffer overflow in the recv_msg_header() function of the Modbus/TCP server that allows remote unauthenticated attackers to write one attacker-controlled byte past the end of the 260-byte receive buffer by sending a crafted MBAP frame whose Length field is set to 255. Th
CVECVE-2026-54410
SeverityHIGH
TypeNEW
PublishedSun, Jun 14 · 06:17 PM CDT
ModifiedSun, Jun 14 · 06:17 PM CDT
Fri, Jun 12 · 03:16 PM CDTCVE-2026-53721
8.2/10 · Worth your timeNVDvuln
Summary
Nuxt is an open-source web development framework for Vue.js. From versions 3.11.0 to before 3.21.7 and 4.0.0 to before 4.4.7, there is a route-rule middleware bypass via case-sensitivity mismatch between vue-router and the routeRules matcher. This issue has been patched in versions 3.21.7 and 4.4.7.
CVECVE-2026-53721
SeverityHIGH
TypeUPDATED
PublishedFri, Jun 12 · 03:16 PM CDT
ModifiedMon, Jun 15 · 02:11 AM CDT
Sun, Jun 14 · 06:17 PM CDTCVE-2026-54412
8.2/10 · Worth your timeNVDvuln
Summary
LiamBindle MQTT-C through version 1.1.6 contains a heap-based out-of-bounds read and integer underflow in the mqtt_unpack_publish_response() function in src/mqtt.c that allows a remote unauthenticated attacker controlling an MQTT broker - or able to inject MQTT traffic into an unencrypted session - to crash a subscribe
CVECVE-2026-54412
SeverityHIGH
TypeNEW
PublishedSun, Jun 14 · 06:17 PM CDT
ModifiedSun, Jun 14 · 06:17 PM CDT
Sun, Jun 14 · 06:17 PM CDTCVE-2026-54413
8.2/10 · Worth your timeNVDvuln
Summary
driftregion iso14229 through 0.9.0 contains an integer underflow and downstream out-of-bounds read in the Handle_0x27_SecurityAccess() function in iso14229.c that allows a remote unauthenticated attacker to crash a UDS server and potentially read memory past the receive buffer by sending a single-byte 0x27 SecurityAcce
CVECVE-2026-54413
SeverityHIGH
TypeNEW
PublishedSun, Jun 14 · 06:17 PM CDT
ModifiedSun, Jun 14 · 06:17 PM CDT
Thu, Jun 11 · 10:16 PM CDTCVE-2026-44249
8.1/10 · Worth your timeNVDvuln
Summary
Netty is a network application framework for development of protocol servers and clients. In netty-handler prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can bypass IPv6 subnet rules due to an incorrect masking operation in IpSubnetFilterRule.compareTo(). Valid public IP addresses can bypass the restrict
CVECVE-2026-44249
SeverityHIGH
TypeUPDATED
PublishedThu, Jun 11 · 10:16 PM CDT
ModifiedMon, Jun 15 · 02:30 AM CDT
Mon, Jun 15 · 06:16 AM CDTCVE-2026-12218
8.0/10 · Worth your timeNVDvuln
Summary
A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. The manipulation of the argument port results in stack-based buffer overflow. Access to the local network is required for
CVECVE-2026-12218
SeverityHIGH
TypeNEW
PublishedMon, Jun 15 · 06:16 AM CDT
ModifiedMon, Jun 15 · 06:16 AM CDT
Mon, Jun 15 · 06:16 AM CDTCVE-2026-12220
8.0/10 · Worth your timeNVDvuln
Summary
A vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function mod_upgrade.SparePartsUpload of the file /api/upgrade/accupgradebychunk of the component Firmware Chunk Upload handler. Such manipulation of the argument uid leads to stack-based buffer overflow. The attack can only be initiated
CVECVE-2026-12220
SeverityHIGH
TypeNEW
PublishedMon, Jun 15 · 06:16 AM CDT
ModifiedMon, Jun 15 · 06:16 AM CDT
Mon, Jun 15 · 06:16 AM CDTCVE-2026-12221
8.0/10 · Worth your timeNVDvuln
Summary
A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload Handler. Performing a manipulation of the argument uid/start_offset results in stack-based buffer overflow. The attack needs to be approached within the l
CVECVE-2026-12221
SeverityHIGH
TypeNEW
PublishedMon, Jun 15 · 06:16 AM CDT
ModifiedMon, Jun 15 · 06:16 AM CDT
Mon, Jun 15 · 06:16 AM CDTCVE-2026-12222
8.0/10 · Worth your timeNVDvuln
Summary
A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function mod_webd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserved can lead to stack-based buffer overflow. The attack needs to be done within the
CVECVE-2026-12222
SeverityHIGH
TypeNEW
PublishedMon, Jun 15 · 06:16 AM CDT
ModifiedMon, Jun 15 · 06:16 AM CDT
Wed, Feb 28 · 09:15 AM CSTCVE-2020-36785
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: media: atomisp: Fix use after free in atomisp_alloc_css_stat_bufs() The "s3a_buf" is freed along with all the other items on the "asd->s3a_stats" list. It leads to a double free and a use after free.
CVECVE-2020-36785
SeverityHIGH
TypeUPDATED
PublishedWed, Feb 28 · 09:15 AM CST
ModifiedMon, Jun 15 · 10:16 AM CDT
Tue, Aug 19 · 05:15 PM CDTCVE-2025-38585
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Fix stack buffer overflow in gmin_get_var_int() When gmin_get_config_var() calls efi.get_variable() and the EFI variable is larger than the expected buffer size, two behaviors combine to create a stack buffer overflow: 1. gmin_
CVECVE-2025-38585
SeverityHIGH
TypeUPDATED
PublishedTue, Aug 19 · 05:15 PM CDT
ModifiedMon, Jun 15 · 10:16 AM CDT
Sun, Jun 14 · 11:16 PM CDTCVE-2026-12191
7.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdrive/modeld/modeld.py of the component Pickle Module. The manipulation results in deserialization. The attack is only possible with local access. The vendor was contacted early about this disc
CVECVE-2026-12191
SeverityHIGH
TypeNEW
PublishedSun, Jun 14 · 11:16 PM CDT
ModifiedSun, Jun 14 · 11:16 PM CDT
Mon, Jun 15 · 12:16 AM CDTCVE-2026-12193
7.8/10 · Worth your timeNVDvuln
Summary
A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and m
CVECVE-2026-12193
SeverityHIGH
TypeNEW
PublishedMon, Jun 15 · 12:16 AM CDT
ModifiedMon, Jun 15 · 12:16 AM CDT
Mon, Jun 15 · 04:16 AM CDTCVE-2026-12214
7.8/10 · Worth your timeNVDvuln
Summary
A security flaw has been discovered in Qihoo 360 Total Security 6.0. This vulnerability affects the function RpcStringBindingComposeW of the component Nucleus Engine Monitoring Logic. Performing a manipulation of the argument NetworkAddr results in protection mechanism failure. The attack requires a local approach. The
CVECVE-2026-12214
SeverityHIGH
TypeNEW
PublishedMon, Jun 15 · 04:16 AM CDT
ModifiedMon, Jun 15 · 04:16 AM CDT
Mon, Jun 15 · 04:16 AM CDTCVE-2026-12217
7.8/10 · Worth your timeNVDvuln
Summary
A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed publicly and may
CVECVE-2026-12217
SeverityHIGH
TypeNEW
PublishedMon, Jun 15 · 04:16 AM CDT
ModifiedMon, Jun 15 · 04:16 AM CDT
Thu, May 28 · 10:16 AM CDTCVE-2026-46205
7.8/10 · Worth your timeNVDvuln
Summary
In the Linux kernel, the following vulnerability has been resolved: staging: media: atomisp: Disallow all private IOCTLs Disallow all private IOCTLs. These aren't quite as safe as one could assume of IOCTL handlers; disable them for now. Instead of removing the code, return in the beginning of the function if cmd is no
CVECVE-2026-46205
SeverityHIGH
TypeUPDATED
PublishedThu, May 28 · 10:16 AM CDT
ModifiedMon, Jun 15 · 10:16 AM CDT
Tue, Mar 24 · 03:16 PM CDTCVE-2026-4775
7.8/10 · Worth your timeNVDvuln
Summary
A flaw was found in the libtiff library. A remote attacker could exploit a signed integer overflow vulnerability in the putcontig8bitYCbCr44tile function by providing a specially crafted TIFF file. This flaw can lead to an out-of-bounds heap write due to incorrect memory pointer calculations, potentially causing a deni
CVECVE-2026-4775
SeverityHIGH
TypeUPDATED
PublishedTue, Mar 24 · 03:16 PM CDT
ModifiedMon, Jun 15 · 03:16 AM CDT
Mon, Jun 15 · 10:16 AM CDTCVE-2026-50100
7.8/10 · Worth your timeNVDvuln
Summary
Multiple printer drivers provided by Ricoh Company, Ltd. and KONICA MINOLTA JAPAN, INC. contain a privilege escalation vulnerability. If this vulnerability is exploited, an attacker who can log in to a computer running an affected printer driver could elevate privileges by using a specially crafted driver.
CVECVE-2026-50100
SeverityHIGH
TypeNEW
PublishedMon, Jun 15 · 10:16 AM CDT
ModifiedMon, Jun 15 · 10:16 AM CDT
Thu, Jun 11 · 10:16 PM CDTCVE-2026-44250
7.5/10 · Worth your timeNVDvuln
Summary
Netty is a network application framework for development of protocol servers and clients. In netty-codec-redis prior to versions 4.1.135.Final and 4.2.15.Final, an attacker can cause DoS by sending a crafted Redis payload with deeply nested arrays. This forces the server to allocate a massive number of state objects an
CVECVE-2026-44250
SeverityHIGH
TypeUPDATED
PublishedThu, Jun 11 · 10:16 PM CDT
ModifiedMon, Jun 15 · 02:30 AM CDT