Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
4.6 MEDIUM
CVE-2026-0420 — Missing TLS certificate validation in ReadyCloud client app

An improper implementation of TLS certificate validation vulnerability found in ReadyCloud client app which can allow an attacker to perform attacker-in-the-middle (MiTM) style attacks impacting prod…

rax40 rax35 rax38 rax120v1 rax120v2 | Remote | Misconfiguration
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.6 MEDIUM
CVE-2026-9212 — Insufficient authentication and input validation in certain NETGEAR products

Insufficient authentication and input validation in the listed NETGEAR models allow users connected to the local network to execute commands impacting product's confidentiality or change certain conf…

rax120 xr500 rbr20 rbs20 rbr40 rbs40 +14 more | Authentication
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.2 MEDIUM
CVE-2026-0411 — A Sensitive Information Disclosure Vulnerability in NETGEAR Orbi Satellites

An information disclosure vulnerability in the NETGEAR Orbi satellites could allow a user connected to your network to gain administrator access to the Orbi router. The listed NETGEAR models are affe…

rbr350 rbs350 rbr760 | Information Disclosure
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.3 MEDIUM
CVE-2026-0415 — Insufficient input validation vulnerability in certain Orbi routers

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu…

rbr750 rbs750 rbr850 rbs850 rbr840 rbs840 +6 more | Authentication
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.3 MEDIUM
CVE-2026-0414 — Arbitrary Code Execution vulnerability exists in RBE970

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu…

| Authentication
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.3 MEDIUM
CVE-2026-0413 — Buffer overflow vulnerability in certain NETGEAR Nighthawk routers

Insufficient input validation of buffers vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router soft…

rbr750 rbs750 rbr850 rbs850 rbr840 rbs840 +6 more | Memory Corruption
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.3 MEDIUM
CVE-2026-0418 — Certain NETGEAR devices allow administrators to tamper with system

Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network to tamper with the system.

xr1000 ex6120 xr1000 ex6130 rbr750 rbs750 +28 more | Misconfiguration
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.3 MEDIUM
CVE-2026-0417 — Insufficient input validation in certain NETGEAR routers

Insufficient input validation vulnerability in NETGEAR devices allows authenticated administrators connected to the local network to tamper with the router's integrity.

xr1000 xr1000 mr60 ms60 rax20 rax45 +12 more | Authentication
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.9 MEDIUM
CVE-2026-9210 — Certain NETGEAR routers allow authenticated administrators to gain unintended control of …

Insufficient input validation vulnerability in the listed NETGEAR models allows authenticated administrators connected to the local network to make unauthorized modification of router software and fu…

xr1000 ex6120 ex3700 xr1000 ex3800 ex6130 +16 more | Authorization
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
5.2 MEDIUM
CVE-2026-9211 — Certain NETGEAR routers allow unauthenticated users to gain control of the router

An unauthenticated user on the local network can gain control of the router and make unauthorized changes to its operation.

rax30 raxe300 cax30 | Authentication
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.3 MEDIUM
CVE-2026-0416 — RAXE450 and RAXE500 routers allow administrators to modify router functionality beyond in…

Authenticated administrators connected to the local network can modify router functionality beyond what is intended through the standard management interface.

raxe450 raxe500 | Authorization
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.9 MEDIUM
CVE-2026-3088 — Unauthenticated users can disrupt router operation

Unauthenticated users on the local network can cause the router to become unavailable by sending specially crafted requests.

rbre960 rbse960 rbr860 rbs860 rbre950 rbse950 | Denial of Service
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
6.9 MEDIUM
CVE-2026-9213 — Insufficient input validation in certain NETGEAR routers

A vulnerability in the affected NETGEAR gaming routers allows attackers with the ability to intercept and tamper traffic between the router and the Internet, to execute code on the device.

xr1000 xr1000 raxe500 | Remote | Injection
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.4 MEDIUM
CVE-2026-0419 — Insufficient input validation vulnerability in NETGEAR JR6150

Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands.…

jr6150 | Injection
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.3 MEDIUM
CVE-2026-0412 — Insufficient input validation vulnerability in NETGEAR JR6150 Web UI

Insufficient input validation vulnerability in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows administrators connected to the local network to make unauthorized…

jr6150 | Misconfiguration
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
1.9 LOW
CVE-2026-0410 — Insufficient input validation in certain NETGEAR routers

Authenticated administrators connected to the local network can gain elevated access to the router and make unauthorized changes to router software and functionality.

xr1000 xr1000 rax20 rax45 rax50 rax35v2 +13 more | Authentication
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.8 MEDIUM
CVE-2026-28301 — SolarWinds Observability Self-Hosted Open Redirect Vulnerability

A vulnerability in which an attacker can provide a crafted external URL that may redirect a user to an unintended website.

observability_self-hosted | Server-Side Request Forgery
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
4.8 MEDIUM
CVE-2026-0409 — Netgear Orbi 370 Series Remote Code Execution vulnerability

A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrato…

Remote | Authentication
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
8.7 HIGH
CVE-2026-9279 — Shell command injection in Logseq

Logseq exposes an IPC handler that allows the renderer process to execute shell commands. While an allowlist restricts the command name (e.g. `git`, `pandoc`, `grep`), the argument string is concaten…

| Injection
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
9.8 CRITICAL
CVE-2026-7486 — SQLi in Netcad's E-İmar

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Netcad Software Inc. E-İmar allows SQL Injection. This issue affects E-İmar: from 2.10.1.0 befor…

Remote | Injection
Jun 09, 2026 Jun 09, 2026
Jun 09, 2026
Jun 09, 2026
Showing 20 of 7314 Results