Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-9395 — Besen BS20 EV Charging Station BLE/UDP insufficiently protected credentials

A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentia…

| Authentication
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9394 — Besen BS20 EV Charging Station Bluetooth Low Energy weak password

A vulnerability was determined in Besen BS20 EV Charging Station up to 20260426. This impacts an unknown function of the component Bluetooth Low Energy Handler. Executing a manipulation can lead to w…

| Authentication
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9393 — H3C Magic B0 aspForm Edit_BasicSSID_5G buffer overflow

A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer ove…

| Memory Corruption
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9389 — Tenda F456 L7Im frmL7ImForm buffer overflow

A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to buffer overflow. The a…

| Memory Corruption
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9388 — Totolink A8000RU Web Management cstecgi.cgi setScheduleCfg os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface.…

| Injection
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9387 — Totolink A8000RU Web Management cstecgi.cgi setUpgradeFW os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component Web Management Interfa…

| Injection
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9386 — Totolink A8000RU Web Management cstecgi.cgi setLanguageCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipu…

| Injection
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9385 — Totolink A8000RU Web Management cstecgi.cgi setTracerouteCfg os command injection

A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Th…

| Injection
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-4372 — Arbitrary Remote Code Execution via `_attn_implementation_internal` Config Injection in h…

A critical remote code execution vulnerability exists in all versions of the HuggingFace transformers library prior to version 5.3.0. The vulnerability allows an attacker to craft a malicious `config…

| Supply Chain
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9384 — Totolink A8000RU Web Management cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. …

| Injection
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9383 — itsourcecode Electronic Judging System login.php sql injection

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql…

| Injection
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9382 — Edimax BR-6675nD POST Request formPPTPSetup buffer overflow

A flaw has been found in Edimax BR-6675nD 1.12. Affected by this issue is the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Executing a manipulation …

| Memory Corruption
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9381 — Edimax BR-6675nD POST Request formPPPoESetup buffer overflow

A vulnerability was detected in Edimax BR-6675nD 1.12. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performi…

| Memory Corruption
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9380 — Edimax BR-6675nD POST Request formL2TPSetup buffer overflow

A security vulnerability has been detected in Edimax BR-6675nD 1.12. Affected is the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation …

| Memory Corruption
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9379 — Edimax BR-6675nD POST Request formWpsStart command injection

A weakness has been identified in Edimax BR-6675nD 1.12. This impacts the function formWpsStart of the file /goform/formWpsStart of the component POST Request Handler. This manipulation of the argume…

| Injection
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9378 — Edimax BR-6675nD POST Request formHwSet command injection

A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument…

| Injection
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9377 — SourceCodester SUP Online Shopping productedit.php cross site scripting

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName …

| Cross-Site Scripting
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9376 — JPress UCenter Article Submission Endpoint doWriteSave improper authorization

A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Execut…

| Authorization
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9374 — yangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted…

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a mani…

| Misconfiguration
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
0.0 NA
CVE-2026-9373 — JeecgBoot OpenAPI Endpoint call improper authentication

A vulnerability has been found in JeecgBoot 3.9.1. This issue affects some unknown processing of the file /openapi/call/ of the component OpenAPI Endpoint. Such manipulation leads to improper authent…

| Authentication
May 24, 2026 May 24, 2026
May 24, 2026
May 24, 2026
Showing 20 of 5709 Results