Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
0.0 NA
CVE-2026-7038 — tufantunc ssh-mcp Command Line index.ts insufficiently protected credentials

A weakness has been identified in tufantunc ssh-mcp up to 1.5.0. Impacted is an unknown function of the file src/index.ts of the component Command Line Handler. This manipulation causes insufficientl…

| Information Disclosure
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
0.0 NA
CVE-2026-7037 — Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulat…

| Injection
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
0.0 NA
CVE-2026-7036 — Tenda i9 HTTP R7WebsSecurityHandlerfunction path traversal

A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal…

| Path Traversal
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
9.0 HIGH
CVE-2026-7033 — Tenda F456 SafeClientFilter fromSafeClientFilter buffer overflow

A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menuf…

Remote | Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
9.0 HIGH
CVE-2026-7032 — Tenda F456 SafeEmailFilter buffer overflow

A flaw has been found in Tenda F456 1.0.0.5. Affected is the function SafeEmailFilter of the file /goform/SafeEmailFilter. This manipulation of the argument page causes buffer overflow. The attack ca…

Remote | Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
0.0 NA
CVE-2026-7035 — Tenda FH1202 httpd WrlclientSet fromWrlclientSet stack-based overflow

A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument G…

| Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
0.0 NA
CVE-2026-7034 — Tenda FH1202 httpd WrlExtraSet stack-based overflow

A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the ar…

| Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
9.0 HIGH
CVE-2026-7031 — Tenda F456 SafeMacFilter fromSafeMacFilter buffer overflow

A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argument page results in buffer overflow. It…

Remote | Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
9.0 HIGH
CVE-2026-7030 — Tenda F456 RouteStatic fromRouteStatic buffer overflow

A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page leads to buffer over…

Remote | Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
9.0 HIGH
CVE-2026-7029 — Tenda F456 addressNat fromaddressNat buffer overflow

A weakness has been identified in Tenda F456 1.0.0.5. The impacted element is the function fromaddressNat of the file /goform/addressNat. Executing a manipulation of the argument menufacturer/Go can …

Remote | Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
5.8 MEDIUM
CVE-2026-7028 — CodeAstro Online Job Portal All Jobs delete-jobs.php sql injection

A security flaw has been discovered in CodeAstro Online Job Portal 1.0. The affected element is an unknown function of the file /admin/jobs-admins/delete-jobs.php of the component All Jobs Page. Perf…

Remote | Injection
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
4.8 MEDIUM
CVE-2026-7027 — D-Link DSL-2740R Wireless Setup Section cross site scripting

A vulnerability was identified in D-Link DSL-2740R EU_01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to …

Remote | Cross-Site Scripting
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.1 MEDIUM
CVE-2026-7026 — D-Link DGS-3420 System Information Settings cross site scripting

A vulnerability was determined in D-Link DGS-3420 1.50.018. This issue affects some unknown processing of the component System Information Settings Page. This manipulation of the argument System Name…

Remote | Cross-Site Scripting
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
7.5 HIGH
CVE-2026-7025 — Typecho Ping Back Service Endpoint Service.php sendPingHandle server-side request forgery

A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The m…

Remote | Server-Side Request Forgery
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
5.5 MEDIUM
CVE-2026-7024 — rawchen sims deleteFileServlet Endpoint DeleteFileServlet.java path traversal

A flaw has been found in rawchen sims up to 004f783b1db5ecdfad81c8fdc3b34171211112de. Affected by this issue is some unknown functionality of the file sims-master/src/web/servlet/file/DeleteFileServl…

Remote | Path Traversal
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.5 MEDIUM
CVE-2026-7023 — ByteDance coze-studio databaseTool database_impl.go ExecuteSQL sql injection

A vulnerability was detected in ByteDance coze-studio up to 0.5.1. Affected by this vulnerability is the function ExecuteSQL of the file backend/domain/memory/database/service/database_impl.go of the…

Remote | Injection
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
7.5 HIGH
CVE-2026-7022 — SmythOS sre HTTP Header AgentRuntime.class.ts AgentRuntime improper authentication

A security vulnerability has been detected in SmythOS sre up to 0.0.15. Affected is the function AgentRuntime of the file packages/core/src/subsystems/AgentManager/AgentRuntime.class.ts of the compon…

Remote | Authentication
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
5.1 MEDIUM
CVE-2026-7021 — SmythOS sre Connector Service utils.ts information disclosure

A weakness has been identified in SmythOS sre up to 0.0.15. This impacts an unknown function of the file packages/sdk/src/LLM/utils.ts of the component Connector Service. This manipulation of the arg…

Remote | Information Disclosure
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.3 MEDIUM
CVE-2026-7020 — Ollama Tensor Model Transfer transfer.go digestToPath path traversal

A security flaw has been discovered in Ollama up to 0.20.2. This affects the function digestToPath of the file x/imagegen/transfer/transfer.go of the component Tensor Model Transfer Handler. The mani…

Remote | Path Traversal
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
9.0 HIGH
CVE-2026-7019 — Tenda F456 P2pListFilter fromP2pListFilter buffer overflow

A vulnerability was identified in Tenda F456 1.0.0.5. The impacted element is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument menufacturer/Go leads …

Remote | Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
Showing 20 of 5750 Results