Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
4.8 MEDIUM
CVE-2026-2897 — funadmin Backend index.html cross site scripting

A security vulnerability has been detected in funadmin up to 7.1.0-rc4. This vulnerability affects unknown code of the file app/backend/view/index/index.html of the component Backend Interface. The m…

funadmin | Remote | Cross-Site Scripting
Feb 22, 2026 Feb 24, 2026
Feb 22, 2026
Feb 24, 2026
7.5 HIGH
CVE-2026-2896 — funadmin Configuration Ajax.php setConfig improper authorization

A weakness has been identified in funadmin up to 7.1.0-rc4. This affects the function setConfig of the file app/backend/controller/Ajax.php of the component Configuration Handler. Executing a manipul…

funadmin | Remote | Authorization
Feb 22, 2026 Feb 24, 2026
Feb 22, 2026
Feb 24, 2026
8.1 HIGH
CVE-2026-2895 — funadmin Member.php repass password recovery

A security flaw has been discovered in funadmin up to 7.1.0-rc4. Affected by this issue is the function repass of the file app/frontend/controller/Member.php. Performing a manipulation of the argumen…

funadmin | Remote | Authentication
Feb 21, 2026 Feb 24, 2026
Feb 21, 2026
Feb 24, 2026
9.1 CRITICAL
CVE-2026-2894 — funadmin forget.html getMember information disclosure

A vulnerability was identified in funadmin up to 7.1.0-rc4. Affected by this vulnerability is the function getMember of the file app/frontend/view/login/forget.html. Such manipulation leads to inform…

funadmin | Remote | Information Disclosure
Feb 21, 2026 Feb 24, 2026
Feb 21, 2026
Feb 24, 2026
4.8 MEDIUM
CVE-2026-2889 — CCExtractor mp4.c processmp4 use after free

A vulnerability was detected in CCExtractor up to 0.96.5. Affected is the function processmp4 in the library src/lib_ccx/mp4.c. Performing a manipulation results in use after free. The attack is only…

| Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
5.5 MEDIUM
CVE-2026-2887 — aardappel lobster idents.h TypeName recursion

A security vulnerability has been detected in aardappel lobster up to 2025.4. This impacts the function lobster::TypeName in the library dev/src/lobster/idents.h. Such manipulation leads to uncontrol…

lobster | Denial of Service
Feb 21, 2026 Feb 26, 2026
Feb 21, 2026
Feb 26, 2026
9.0 HIGH
CVE-2026-2886 — Tenda A21 SetOnlineDevName set_device_name stack-based overflow

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function set_device_name of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffe…

a21_firmware a21 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2885 — D-Link DWR-M960 formIpv6Setup sub_469104 stack-based overflow

A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted element is the function sub_469104 of the file /boafrm/formIpv6Setup. The manipulation of the argument submit-url results …

dwr-m960_firmware dwr-m960 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2884 — D-Link DWR-M960 WAN Interface Setting formWanConfigSetup sub_41914C stack-based overflow

A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub_41914C of the file /boafrm/formWanConfigSetup of the component WAN Interface Setting Handler. The m…

dwr-m960_firmware dwr-m960 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2883 — D-Link DWR-M960 formIpQoS sub_427D74 stack-based overflow

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-bas…

dwr-m960_firmware dwr-m960 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2882 — D-Link DWR-M960 formDosCfg sub_46385C stack-based overflow

A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_46385C of the file /boafrm/formDosCfg. Performing a manipulation of the argument submit-url results in stack-…

dwr-m960_firmware dwr-m960 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2881 — D-Link DWR-M960 Advanced Firewall Configuration Endpoint formFirewallAdv sub_425FF8 stack…

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endp…

dwr-m960_firmware dwr-m960 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2877 — Tenda A18 Httpd Service WifiExtraSet strcpy stack-based overflow

A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The manipulation of the argument wpapsk_cryp…

a18_firmware a18 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2876 — Tenda A18 setBlackRule parse_macfilter_rule stack-based overflow

A vulnerability was determined in Tenda A18 15.13.07.13. This affects the function parse_macfilter_rule of the file /goform/setBlackRule. This manipulation of the argument deviceList causes stack-bas…

a18_firmware a18 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2874 — Tenda A21 fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflow

A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. Executing a manipulation of the argument ssid can lead to st…

a21_firmware a21 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2873 — Tenda A21 openSchedWifi setSchedWifi stack-based overflow

A vulnerability was detected in Tenda A21 1.0.0.0. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTim…

a21_firmware a21 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2872 — Tenda A21 MAC Filtering Configuration Endpoint setBlackRule set_device_name stack-based o…

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration …

a21_firmware a21 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2871 — Tenda A21 SetIpMacBind fromSetIpMacBind stack-based overflow

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer over…

a21_firmware a21 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
9.0 HIGH
CVE-2026-2870 — Tenda A21 formSetQosBand set_qosMib_list stack-based overflow

A security flaw has been discovered in Tenda A21 1.0.0.0. Affected by this issue is the function set_qosMib_list of the file /goform/formSetQosBand. The manipulation of the argument list results in s…

a21_firmware a21 | Remote | Memory Corruption
Feb 21, 2026 Feb 23, 2026
Feb 21, 2026
Feb 23, 2026
5.5 MEDIUM
CVE-2026-2869 — janet-lang janet handleattr specials.c janetc_varset out-of-bounds

A vulnerability was identified in janet-lang janet up to 1.40.1. Affected by this vulnerability is the function janetc_varset of the file src/core/specials.c of the component handleattr Handler. The …

janet | Memory Corruption
Feb 21, 2026 Feb 26, 2026
Feb 21, 2026
Feb 26, 2026
Showing 20 of 5449 Results