Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
6.5 MEDIUM
CVE-2026-6118 — AstrBotDevs AstrBot MCP Endpoint tools.py add_mcp_server command injection

A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function add_mcp_server of the file astrbot/dashboard/routes/tools.py of the component MCP Endpoint. This manipulat…

astrbot | Remote | Injection
Apr 12, 2026 Apr 29, 2026
Apr 12, 2026
Apr 29, 2026
6.5 MEDIUM
CVE-2026-6117 — AstrBotDevs AstrBot install-upload Endpoint plugin.py install_plugin_upload sandbox

A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of the file astrbot/dashboard/routes/plugin.py of the component install-upload End…

astrbot | Remote | Misconfiguration
Apr 12, 2026 Apr 29, 2026
Apr 12, 2026
Apr 29, 2026
10.0 HIGH
CVE-2026-6116 — Totolink A7100RU CGI cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The man…

a7100ru_firmware | Remote | Injection
Apr 12, 2026 Apr 27, 2026
Apr 12, 2026
Apr 27, 2026
10.0 HIGH
CVE-2026-6115 — Totolink A7100RU CGI cstecgi.cgi setAppCfg os command injection

A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argu…

a7100ru_firmware | Remote | Injection
Apr 12, 2026 Apr 27, 2026
Apr 12, 2026
Apr 27, 2026
Showing 20 of 5804 Results