Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
3.7 LOW
CVE-2026-9396 — Besen BS20 EV Charging Station Firmware Version Check ui layer

A security flaw has been discovered in Besen BS20 EV Charging Station up to 20260426. Affected by this vulnerability is an unknown functionality of the component Firmware Version Check. The manipulat…

bs20_ev_charging_station | Remote | Misconfiguration
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
3.5 LOW
CVE-2026-9395 — Besen BS20 EV Charging Station BLE/UDP insufficiently protected credentials

A vulnerability was identified in Besen BS20 EV Charging Station up to 20260426. Affected is an unknown function of the component BLE/UDP. The manipulation leads to insufficiently protected credentia…

bs20_ev_charging_station | Authentication
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
3.1 LOW
CVE-2026-9394 — Besen BS20 EV Charging Station Bluetooth Low Energy weak password

A vulnerability was determined in Besen BS20 EV Charging Station up to 20260426. This impacts an unknown function of the component Bluetooth Low Energy Handler. Executing a manipulation can lead to w…

bs20_ev_charging_station | Authentication
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
9.0 HIGH
CVE-2026-9393 — H3C Magic B0 aspForm Edit_BasicSSID_5G buffer overflow

A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer ove…

magic_b0_firmware | Remote | Memory Corruption
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
9.0 HIGH
CVE-2026-9389 — Tenda F456 L7Im frmL7ImForm buffer overflow

A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to buffer overflow. The a…

f456_firmware | Remote | Memory Corruption
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
10.0 HIGH
CVE-2026-9388 — Totolink A8000RU Web Management cstecgi.cgi setScheduleCfg os command injection

A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface.…

a8000ru_firmware | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
10.0 HIGH
CVE-2026-9387 — Totolink A8000RU Web Management cstecgi.cgi setUpgradeFW os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component Web Management Interfa…

a8000ru_firmware | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
10.0 HIGH
CVE-2026-9386 — Totolink A8000RU Web Management cstecgi.cgi setLanguageCfg os command injection

A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipu…

a8000ru_firmware | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
10.0 HIGH
CVE-2026-9385 — Totolink A8000RU Web Management cstecgi.cgi setTracerouteCfg os command injection

A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Th…

a8000ru_firmware | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
10.0 HIGH
CVE-2026-9384 — Totolink A8000RU Web Management cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. …

a8000ru_firmware | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
7.5 HIGH
CVE-2026-9383 — itsourcecode Electronic Judging System login.php sql injection

A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql…

electronic_judging_system | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
7.8 HIGH
CVE-2026-4372 — Arbitrary Remote Code Execution via `_attn_implementation_internal` Config Injection in h…

A critical remote code execution vulnerability exists in all versions of the HuggingFace transformers library prior to version 5.3.0. The vulnerability allows an attacker to craft a malicious `config…

transformers | Supply Chain
May 24, 2026 Jun 04, 2026
May 24, 2026
Jun 04, 2026
9.0 HIGH
CVE-2026-9382 — Edimax BR-6675nD POST Request formPPTPSetup buffer overflow

A flaw has been found in Edimax BR-6675nD 1.12. Affected by this issue is the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Executing a manipulation …

br-6675nd | Remote | Memory Corruption
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
9.0 HIGH
CVE-2026-9381 — Edimax BR-6675nD POST Request formPPPoESetup buffer overflow

A vulnerability was detected in Edimax BR-6675nD 1.12. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performi…

br-6675nd | Remote | Memory Corruption
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
9.0 HIGH
CVE-2026-9380 — Edimax BR-6675nD POST Request formL2TPSetup buffer overflow

A security vulnerability has been detected in Edimax BR-6675nD 1.12. Affected is the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation …

br-6675nd | Remote | Memory Corruption
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
6.5 MEDIUM
CVE-2026-9379 — Edimax BR-6675nD POST Request formWpsStart command injection

A weakness has been identified in Edimax BR-6675nD 1.12. This impacts the function formWpsStart of the file /goform/formWpsStart of the component POST Request Handler. This manipulation of the argume…

br-6675nd | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
6.5 MEDIUM
CVE-2026-9378 — Edimax BR-6675nD POST Request formHwSet command injection

A security flaw has been discovered in Edimax BR-6675nD 1.12. This affects the function formHwSet of the file /goform/formHwSet of the component POST Request Handler. The manipulation of the argument…

br-6675nd | Remote | Injection
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
3.3 LOW
CVE-2026-9377 — SourceCodester SUP Online Shopping productedit.php cross site scripting

A vulnerability was identified in SourceCodester SUP Online Shopping 1.0. The impacted element is an unknown function of the file /admin/productedit.php. The manipulation of the argument productName …

sup_online_shopping | Remote | Cross-Site Scripting
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
6.5 MEDIUM
CVE-2026-9376 — JPress UCenter Article Submission Endpoint doWriteSave improper authorization

A vulnerability was determined in JPress up to 1.0.3. The affected element is an unknown function of the file /ucenter/article/doWriteSave of the component UCenter Article Submission Endpoint. Execut…

jpress | Remote | Authorization
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
6.5 MEDIUM
CVE-2026-9374 — yangzongzhuan RuoYi-Vue Common Upload Endpoint upload FileUploadUtils.upload unrestricted…

A vulnerability was found in yangzongzhuan RuoYi-Vue up to 3.9.2. Impacted is the function FileUploadUtils.upload of the file /common/upload of the component Common Upload Endpoint. Performing a mani…

ruoyi-vue | Remote | Misconfiguration
May 24, 2026 May 26, 2026
May 24, 2026
May 26, 2026
Showing 20 of 6834 Results