Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
0.0 NA
CVE-2026-10191 — Tenda W12 httpd cgiWifiMacFilterSet stack-based overflow

A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function cgiWifiMacFilterSet of the file /bin/httpd. This manipulation of the argument wifiMacFilterSet.macList.mac causes s…

| Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
0.0 NA
CVE-2026-10190 — Tenda W12 Web Management httpd cgiSysWebTimeoutSet denial of service

A vulnerability was found in Tenda W12 3.0.0.7(4763). This issue affects the function cgiSysWebTimeoutSet of the file /bin/httpd of the component Web Management Interface. The manipulation of the arg…

| Denial of Service
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10188 — Tenda W12 httpd cgistaKickOff stack-based overflow

A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac can lead to stack-based buffer overfl…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
10.0 HIGH
CVE-2026-10187 — Totolink N300RH Web Management wireless.so setWiFiBasicConfig stack-based overflow

A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Perfo…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
0.0 NA
CVE-2026-10189 — Tenda W12 httpd cgiSysTimeInfoSet stack-based overflow

A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based …

| Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
7.5 HIGH
CVE-2026-10186 — code-projects Online Hospital Management System patient.php sql injection

A security vulnerability has been detected in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulati…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
7.5 HIGH
CVE-2026-10185 — SourceCodester Hospitals Patient Records Management System Users.php save sql injection

A weakness has been identified in SourceCodester Hospitals Patient Records Management System 1.0. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argum…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
7.5 HIGH
CVE-2026-10184 — SourceCodester Hospitals Patient Records Management System Users.php delete sql injection

A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of th…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10183 — TRENDnet TEW-432BRP formWlanSetup stack-based overflow

A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-base…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10182 — TRENDnet TEW-432BRP formWlanSetup command injection

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee …

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
8.6 HIGH
CVE-2026-49490 — OpenCATS - SQL Injection in DataGrid Filter Handling for Tags Column

OpenCATS from version 0.9.1a contains an SQL injection vulnerability in DataGrid filter handling that allows authenticated attackers to inject SQL through crafted filters targeting the non-filterable…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
8.5 HIGH
CVE-2026-49489 — OpenCATS - SQL Injection in DataGrid sortDirection Parameter

OpenCATS through 0.9.7.4 contains a sql injection vulnerability in the sortDirection parameter of the DataGrid component that allows authenticated users to extract database contents. Attackers can in…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10181 — TRENDnet TEW-432BRP formSysCmd stack-based overflow

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results …

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10180 — TRENDnet TEW-432BRP formSysCmd command injection

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection.…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
9.0 HIGH
CVE-2026-10179 — TRENDnet TEW-432BRP formSetWlanEncrypt stack-based overflow

A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack…

Remote | Memory Corruption
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
7.5 HIGH
CVE-2026-10178 — code-projects Online Music Site AdminEditAlbum.php sql injection

A vulnerability was detected in code-projects Online Music Site 1.0. This vulnerability affects unknown code of the file /Administrator/PHP/AdminEditAlbum.php. The manipulation of the argument ID res…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10177 — Aider-AI Aider AWS EC2 Metadata Endpoint api_docs.py requests.get server-side request for…

A security vulnerability has been detected in Aider-AI Aider 0.86.3. This affects the function requests.get of the file api_docs.py of the component AWS EC2 Metadata Endpoint. The manipulation leads …

Remote | Server-Side Request Forgery
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10176 — Aider-AI Aider Code Generation Workflow sql injection

A weakness has been identified in Aider-AI Aider 0.86.3. Affected by this issue is some unknown functionality of the component Code Generation Workflow. Executing a manipulation can lead to sql injec…

Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10175 — Aider-AI Aider Architect Mode auth.py editor_coder.run code injection

A security flaw has been discovered in Aider-AI Aider 0.86.3. Affected by this vulnerability is the function editor_coder.run of the file auth.py of the component Architect Mode. Performing a manipul…

aider | Remote | Injection
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
6.5 MEDIUM
CVE-2026-10174 — Aider-AI Aider Pre-commit Hook args.py protection mechanism

A vulnerability was identified in Aider-AI Aider 0.86.3. Affected is an unknown function of the file aider/args.py of the component Pre-commit Hook Handler. Such manipulation of the argument git-comm…

aider | Remote | Misconfiguration
May 31, 2026 May 31, 2026
May 31, 2026
May 31, 2026
Showing 20 of 6743 Results