Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
10.0 HIGH
CVE-2026-5995 — Totolink A7100RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Impacted is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a mani…

a7100ru_firmware | Remote | Injection
Apr 10, 2026 Apr 27, 2026
Apr 10, 2026
Apr 27, 2026
10.0 HIGH
CVE-2026-5994 — Totolink A7100RU CGI cstecgi.cgi setTelnetCfg os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. This issue affects the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a …

a7100ru_firmware | Remote | Injection
Apr 10, 2026 Apr 27, 2026
Apr 10, 2026
Apr 27, 2026
10.0 HIGH
CVE-2026-5993 — Totolink A7100RU CGI cstecgi.cgi setWiFiGuestCfg os command injection

A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such ma…

a7100ru_firmware | Remote | Injection
Apr 10, 2026 Apr 27, 2026
Apr 10, 2026
Apr 27, 2026
9.0 HIGH
CVE-2026-5992 — Tenda F451 P2pListFilter fromP2pListFilter stack-based overflow

A vulnerability was determined in Tenda F451 1.0.0.7. This affects the function fromP2pListFilter of the file /goform/P2pListFilter. This manipulation of the argument page causes stack-based buffer o…

f451_firmware f451 | Remote | Memory Corruption
Apr 10, 2026 Apr 30, 2026
Apr 10, 2026
Apr 30, 2026
9.0 HIGH
CVE-2026-5991 — Tenda F451 WrlExtraSet formWrlExtraSet stack-based overflow

A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO results in stack-based buf…

f451_firmware f451 | Remote | Memory Corruption
Apr 10, 2026 Apr 29, 2026
Apr 10, 2026
Apr 29, 2026
9.0 HIGH
CVE-2026-5990 — Tenda F451 SafeEmailFilter fromSafeEmailFilter stack-based overflow

A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function fromSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page lea…

f451_firmware f451 | Remote | Memory Corruption
Apr 10, 2026 Apr 29, 2026
Apr 10, 2026
Apr 29, 2026
9.0 HIGH
CVE-2026-5989 — Tenda F451 RouteStatic fromRouteStatic stack-based overflow

A flaw has been found in Tenda F451 1.0.0.7. Affected is the function fromRouteStatic of the file /goform/RouteStatic. Executing a manipulation of the argument page can lead to stack-based buffer ove…

f451_firmware f451 | Remote | Memory Corruption
Apr 10, 2026 Apr 30, 2026
Apr 10, 2026
Apr 30, 2026
6.5 MEDIUM
CVE-2026-5460 — Heap Use-After-Free in PQC Hybrid KeyShare Error Cleanup in wolfSSL TLS 1.3

A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography (PQC) hybrid KeyShare processing. In the error handling path of TLSX_KeyShare_ProcessPqcHybridClient() in src/tls.c, the in…

wolfssl | Remote | Memory Corruption
Apr 10, 2026 Apr 29, 2026
Apr 10, 2026
Apr 29, 2026
4.3 MEDIUM
CVE-2026-5448 — 1-2 Byte Buffer Overflow in wolfSSL_X509_notAfter/notBefore

X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A buffer overflow may occur when parsing date fields from a crafted X.509 certificate via the compatibility layer API. Th…

wolfssl | Memory Corruption
Apr 10, 2026 Apr 29, 2026
Apr 10, 2026
Apr 29, 2026
9.1 CRITICAL
CVE-2026-5393 — OOB Read in DoTls13CertificateVerify with WOLFSSL_DUAL_ALG_CERTS

Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on crafted input. This can only occur when --enable-ex…

wolfssl | Remote | Memory Corruption
Apr 10, 2026 Apr 29, 2026
Apr 10, 2026
Apr 29, 2026
5.4 MEDIUM
CVE-2026-5392 — wolfSSL heap OOB read in PKCS7 SignedData streaming

Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite-length end-of-content verification loop in PKCS7_V…

wolfssl | Memory Corruption
Apr 10, 2026 Apr 29, 2026
Apr 10, 2026
Apr 29, 2026
Showing 20 of 5591 Results