Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-10152 — TaleLin lin-cms-spring-boot book Endpoint BookController.java access control

A vulnerability was detected in TaleLin lin-cms-spring-boot up to 0.2.1. This issue affects some unknown processing of the file src/main/java/io/github/talelin/latticy/controller/v1/BookController.ja…

Remote | Authorization
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
6.5 MEDIUM
CVE-2026-10127 — Edimax BR-6478AC POST Request formStaDrvSetup command injection

A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. This manipulation of the …

Remote | Injection
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
9.0 HIGH
CVE-2026-10126 — Edimax BR-6478AC POST Request formQoS buffer overflow

A security flaw has been discovered in Edimax BR-6478AC 1.23. Affected by this issue is the function formQoS of the file /goform/formQoS of the component POST Request Handler. The manipulation of the…

Remote | Memory Corruption
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
0.0 NA
CVE-2026-8594 — Text::LineFold versions through 2019.001 for Perl duplicate the output based on the numbe…

Text::LineFold versions through 2019.001 for Perl duplicate the output based on the number of special break characters. Text::LineFold splits the input string by specific line break characters (such…

| Denial of Service
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
9.0 HIGH
CVE-2026-10125 — Edimax BR-6478AC POST Request formPPPoESetup stack-based overflow

A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The ma…

Remote | Memory Corruption
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
9.0 HIGH
CVE-2026-10124 — Shibby Tomato Zserv ripd rip_zebra_read_ipv4 stack-based overflow

A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead t…

Remote | Memory Corruption
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
9.0 HIGH
CVE-2026-10123 — TRENDnet TEW-432BRP formSetDomainFilter stack-based overflow

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_doma…

Remote | Memory Corruption
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
9.0 HIGH
CVE-2026-10122 — TRENDnet TEW-432BRP formSetProtocolFilter stack-based overflow

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file /goform/formSetProtocolFilter. Such manipulation of the argument protocol_na…

Remote | Memory Corruption
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
9.0 HIGH
CVE-2026-10121 — TRENDnet TEW-432BRP formSetUrlFilter stack-based overflow

A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formSetUrlFilter of the file /goform/formSetUrlFilter. This manipulation of the argument keyword_list/keywor…

Remote | Memory Corruption
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
7.5 HIGH
CVE-2018-25426 — WinMTR 0.91 Denial of Service via Buffer Overflow

WinMTR 0.91 contains a denial of service vulnerability that allows attackers to crash the application by sending a malformed payload file containing a large buffer of repeated characters. Attackers c…

Remote | Denial of Service
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
8.2 HIGH
CVE-2018-25425 — Yot CMS 3.3.1 SQL Injection via aid and cid Parameters

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers …

Remote | Injection
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
8.2 HIGH
CVE-2018-25424 — Gate Pass Management System 2.1 SQL Injection via login-exec.php

Gate Pass Management System 2.1 contains an SQL injection vulnerability that allows unauthenticated attackers to bypass authentication by injecting SQL code through the login and password parameters.…

Remote | Injection
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
6.2 MEDIUM
CVE-2018-25423 — Arm Whois 3.11 Denial of Service via Buffer Overflow

Arm Whois 3.11 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a malicious buffer of 700 byte…

| Denial of Service
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
8.2 HIGH
CVE-2018-25422 — MOGG web simulator Script All Version SQL Injection via play.php

MOGG web simulator Script contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands by injecting malicious code through the id parameter. Attacke…

Remote | Injection
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
6.5 MEDIUM
CVE-2018-25421 — Open STA Manager 2.3 Arbitrary File Download via Path Traversal

Open STA Manager 2.3 contains a path traversal vulnerability that allows authenticated users to download arbitrary files by manipulating the file parameter. Attackers can send GET requests to modules…

Remote | Path Traversal
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
8.2 HIGH
CVE-2018-25420 — AiOPMSD Final 1.0.0 SQL Injection via watch.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter. Attackers ca…

Remote | Injection
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
8.2 HIGH
CVE-2018-25419 — AiOPMSD Final 1.0.0 SQL Injection via genre.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the genre parameter. Attackers c…

Remote | Injection
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
8.2 HIGH
CVE-2018-25418 — AiOPMSD Final 1.0.0 SQL Injection via year.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the year parameter. Attackers ca…

Remote | Injection
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
8.2 HIGH
CVE-2018-25417 — AiOPMSD Final 1.0.0 SQL Injection via quality.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the quality parameter. Attackers…

Remote | Injection
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
8.2 HIGH
CVE-2018-25416 — AiOPMSD Final 1.0.0 SQL Injection via country.php

AiOPMSD Final 1.0.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the country parameter. Attackers…

Remote | Injection
May 30, 2026 May 30, 2026
May 30, 2026
May 30, 2026
Showing 20 of 6943 Results