Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
5.5 MEDIUM
CVE-2018-25280 — Infiltrator Network Security Scanner 4.6 Denial of Service

Infiltrator Network Security Scanner 4.6 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized input string. Attackers can paste a 60…

| Denial of Service
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.2 MEDIUM
CVE-2018-25279 — jiNa OCR Image to Text 1.0 Denial of Service via PNG

jiNa OCR Image to Text 1.0 contains a denial of service vulnerability that allows local attackers to crash the application by processing a malformed PNG file. Attackers can create a specially crafted…

| Denial of Service
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.2 MEDIUM
CVE-2018-25278 — PicaJet FX 2.6.5 Denial of Service via Registration Fields

PicaJet FX 2.6.5 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-byte …

| Denial of Service
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.2 MEDIUM
CVE-2018-25277 — PixGPS 1.1.8 Buffer Overflow Denial of Service

PixGPS 1.1.8 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying an oversized string to the folder path input field. Attackers can craft a paylo…

| Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
5.5 MEDIUM
CVE-2018-25276 — RoboImport 1.2.0.72 Denial of Service via Registration Fields

RoboImport 1.2.0.72 contains a denial of service vulnerability that allows local attackers to crash the application by submitting oversized input to registration fields. Attackers can paste a 6000-by…

| Denial of Service
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.2 MEDIUM
CVE-2018-25275 — Faleemi Plus 1.0.2 Denial of Service via Buffer Overflow

Faleemi Plus 1.0.2 contains a buffer overflow vulnerability that allows local attackers to crash the application by supplying oversized input strings. Attackers can paste a 2000-byte payload into the…

| Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.2 MEDIUM
CVE-2018-25274 — InfraRecorder 0.53 Denial of Service via txt File Import

InfraRecorder 0.53 contains a denial of service vulnerability that allows local attackers to crash the application by importing a maliciously crafted text file. Attackers can create a text file conta…

| Denial of Service
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.2 MEDIUM
CVE-2018-25273 — CrossFont 7.5 Denial of Service via License Key Field

CrossFont 7.5 contains a buffer overflow vulnerability that allows local attackers to crash the application by submitting an oversized payload in the License Key field. Attackers can generate a malic…

| Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.2 MEDIUM
CVE-2018-25264 — TransMac 12.2 Denial of Service via License Key Field

TransMac 12.2 contains a buffer overflow vulnerability in the license key input field that allows local attackers to crash the application by submitting an oversized string. Attackers can generate a …

| Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
8.4 HIGH
CVE-2018-25263 — Faleemi Desktop Software 1.8.2 Local Buffer Overflow SEH

Faleemi Desktop Software 1.8.2 contains a local buffer overflow vulnerability in the Device alias field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attacker…

| Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
6.3 MEDIUM
CVE-2026-7041 — 666ghj MiroFish Werkzeug Debugger PIN console information disclosure

A vulnerability was detected in 666ghj MiroFish up to 0.1.2. The impacted element is an unknown function of the file /console of the component Werkzeug Debugger PIN Handler. Performing a manipulation…

Remote | Information Disclosure
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
8.5 HIGH
CVE-2026-7039 — tufantunc ssh-mcp index.ts shell.write command injection

A security vulnerability has been detected in tufantunc ssh-mcp up to 1.5.0. The affected element is the function shell.write of the file src/index.ts. Such manipulation of the argument Description l…

| Injection
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
0.0 NA
CVE-2026-7043 — GreenCMS index.php pluginAddLocal unrestricted upload

A vulnerability has been found in GreenCMS up to 2.3. This impacts the function pluginAddLocal of the file /index.php?m=admin&c=custom&a=pluginadd. The manipulation leads to unrestricted upload. The …

| Misconfiguration
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
0.0 NA
CVE-2026-7042 — 666ghj MiroFish REST API Endpoint __init__.py create_app missing authentication

A flaw has been found in 666ghj MiroFish up to 0.1.2. This affects the function create_app of the file backend/app/__init__.py of the component REST API Endpoint. Executing a manipulation can lead to…

| Authentication
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
3.3 LOW
CVE-2026-7038 — tufantunc ssh-mcp Command Line index.ts insufficiently protected credentials

A weakness has been identified in tufantunc ssh-mcp up to 1.5.0. Impacted is an unknown function of the file src/index.ts of the component Command Line Handler. This manipulation causes insufficientl…

| Information Disclosure
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
10.0 HIGH
CVE-2026-7037 — Totolink A8000RU CGI cstecgi.cgi setVpnPassCfg os command injection

A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulat…

Remote | Injection
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
7.5 HIGH
CVE-2026-7036 — Tenda i9 HTTP R7WebsSecurityHandlerfunction path traversal

A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. The manipulation leads to path traversal…

Remote | Path Traversal
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
9.0 HIGH
CVE-2026-7035 — Tenda FH1202 httpd WrlclientSet fromWrlclientSet stack-based overflow

A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument G…

Remote | Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
9.0 HIGH
CVE-2026-7034 — Tenda FH1202 httpd WrlExtraSet stack-based overflow

A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Performing a manipulation of the ar…

Remote | Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
9.0 HIGH
CVE-2026-7033 — Tenda F456 SafeClientFilter fromSafeClientFilter buffer overflow

A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menuf…

Remote | Memory Corruption
Apr 26, 2026 Apr 26, 2026
Apr 26, 2026
Apr 26, 2026
Showing 20 of 5726 Results