Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
9.0 HIGH
CVE-2026-8775 — Edimax BR-6428NS POST Request formL2TPSetup buffer overflow

A flaw has been found in Edimax BR-6428NS 1.10. This affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. This manipulation of the argument L2TP…

br-6428ns_firmware | Remote | Memory Corruption
May 18, 2026 May 18, 2026
May 18, 2026
May 18, 2026
6.5 MEDIUM
CVE-2026-8774 — Edimax BR-6228NC POST Request mp command injection

A vulnerability was detected in Edimax BR-6228NC 1.22. Affected by this issue is the function mp of the file /goform/mp of the component POST Request Handler. The manipulation of the argument command…

br-6228nc | Remote | Injection
May 18, 2026 May 18, 2026
May 18, 2026
May 18, 2026
5.8 MEDIUM
CVE-2026-8773 — linlinjava litemall Database Setting DbUtil.java load argument injection

A security vulnerability has been detected in linlinjava litemall up to 1.8.0. Affected by this vulnerability is the function backup/load of the file litemall-db/src/main/java/org/linlinjava/litemall…

litemall | Remote | Injection
May 18, 2026 May 18, 2026
May 18, 2026
May 18, 2026
5.8 MEDIUM
CVE-2026-8772 — linlinjava litemall Admin Endpoint sql injection

A weakness has been identified in linlinjava litemall up to 1.8.0. Affected is an unknown function of the component Admin Endpoint. Executing a manipulation can lead to sql injection. The attack can …

litemall | Remote | Injection
May 18, 2026 May 18, 2026
May 18, 2026
May 18, 2026
7.5 HIGH
CVE-2026-8771 — linlinjava litemall Front-end WeChat API WxGoodsController.java list sql injection

A security flaw has been discovered in linlinjava litemall up to 1.8.0. This impacts the function list of the file litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/web/WxGoodsController.java …

litemall | Remote | Injection
May 18, 2026 May 18, 2026
May 18, 2026
May 18, 2026
3.3 LOW
CVE-2026-8770 — continuedev continue JSON-RPC Server lsTool.ts lsTool path traversal

A vulnerability was identified in continuedev continue up to 1.2.22. This affects the function lsTool of the file core/tools/implementations/lsTool.ts of the component JSON-RPC Server. Such manipulat…

continue continue | Path Traversal
May 18, 2026 May 19, 2026
May 18, 2026
May 19, 2026
6.5 MEDIUM
CVE-2026-8769 — vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource cons…

A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/respons…

ai | Remote | Denial of Service
May 17, 2026 May 19, 2026
May 17, 2026
May 19, 2026
7.5 HIGH
CVE-2026-8768 — vercel ai provider-utils download-blob.ts validateDownloadUrl server-side request forgery

A vulnerability was found in vercel ai up to 3.0.97. The affected element is the function validateDownloadUrl of the file packages/provider-utils/src/download-blob.ts of the component provider-utils.…

ai | Remote | Server-Side Request Forgery
May 17, 2026 May 19, 2026
May 17, 2026
May 19, 2026
7.5 HIGH
CVE-2026-8767 — vercel ai PR Branch Name Interpolation prettier-on-automerge.yml run os command injection

A vulnerability has been found in vercel ai up to 3.0.97. Impacted is the function run of the file .github/workflows/prettier-on-automerge.yml of the component PR Branch Name Interpolation. The manip…

ai | Remote | Injection
May 17, 2026 May 19, 2026
May 17, 2026
May 19, 2026
6.5 MEDIUM
CVE-2026-8766 — Kilo-Org kilocode Environment Variable config.ts load information disclosure

A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executi…

kilo_code kilo_code_cli kilocode | Remote | Information Disclosure
May 17, 2026 May 20, 2026
May 17, 2026
May 20, 2026
6.5 MEDIUM
CVE-2026-8765 — Kilo-Org kilocode File Diff API Endpoint worktree-diff.ts Bun.file path traversal

A vulnerability was detected in Kilo-Org kilocode up to 7.0.47. This vulnerability affects the function Bun.file of the file packages/opencode/src/kilocode/review/worktree-diff.ts of the component Fi…

kilo_code kilocode | Remote | Path Traversal
May 17, 2026 May 19, 2026
May 17, 2026
May 19, 2026
Showing 20 of 7351 Results