{"@context":{"@vocab":"https://schema.org/","dcterms":"http://purl.org/dc/terms/","prov":"http://www.w3.org/ns/prov#"},"@type":"ItemList","@id":"https://api.ai-analytics.org/api/v1/nvd/recent","_source":{"data_provider":"AI Analytics","data_provider_url":"https://api.ai-analytics.org","license":"https://creativecommons.org/publicdomain/zero/1.0/","dcterms:license":"https://creativecommons.org/publicdomain/zero/1.0/","generated_at":"2026-05-16T06:16:50.000Z","primary_source":"https://nvd.nist.gov/"},"filter":{"severity":"CRITICAL","min_score":null,"q":null},"count":50,"items":[{"cve_id":"CVE-2026-42994","published":"2026-05-01T05:16:01.510","last_modified":"2026-05-04T18:23:38.433","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Bitwarden CLI 2026.4.0 from 2026-04-22T21:57Z to 2026-04-22T23:30Z, when obtained from npm, had embedded malicious code. This is related to a Checkmarx supply chain incident.","cwes_json":"[\"CWE-78\",\"CWE-94\"]","affected_products":"[\"bitwarden:cli\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42994"},{"cve_id":"CVE-2026-7546","published":"2026-05-01T03:16:01.270","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A security vulnerability has been detected in Totolink NR1800X 9.1.0u.6279_B20210910. The impacted element is the function find_host_ip of the component lighttpd. Such manipulation of the argument Host leads to stack-based buffer overflow. The attack can be executed remotely. The","cwes_json":"[\"CWE-119\",\"CWE-121\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7546"},{"cve_id":"CVE-2026-7538","published":"2026-05-01T02:16:04.533","last_modified":"2026-05-01T15:26:24.553","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function Vulnerability of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument proto leads to os command injection. The attack may be initiated r","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7538"},{"cve_id":"CVE-2026-39858","published":"2026-04-30T21:16:32.313","last_modified":"2026-05-01T17:44:36.067","vuln_status":"Analyzed","cvss_base_score":10,"cvss_severity":"CRITICAL","description_excerpt":"Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is a high severity authentication bypass vulnerability in Traefik's ForwardAuth and snippet-based authentication middleware. Traefik's forwarded-header sanitization logic ","cwes_json":"[\"CWE-290\",\"CWE-306\"]","affected_products":"[\"traefik:traefik\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-39858"},{"cve_id":"CVE-2026-35051","published":"2026-04-30T21:16:32.047","last_modified":"2026-05-01T17:45:41.300","vuln_status":"Analyzed","cvss_base_score":10,"cvss_severity":"CRITICAL","description_excerpt":"Traefik is an HTTP reverse proxy and load balancer. Prior to versions 2.11.43, 3.6.14, and 3.7.0-rc.2, there is an authentication bypass vulnerability in Traefik's ForwardAuth middleware when trustForwardHeader=false is configured and Traefik is deployed behind a trusted upstream","cwes_json":"[\"CWE-345\"]","affected_products":"[\"traefik:traefik\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35051"},{"cve_id":"CVE-2026-33447","published":"2026-04-30T20:16:23.957","last_modified":"2026-05-05T02:26:55.637","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"CVE-2026-33447 is a buffer overflow in a message parsing function of the\n Secure Access client prior to 14.50. Attackers with control of a \nmodified server can send a special packet that can overwrite a small \nportion of memory conceivably leading to memory corruption or denial o","cwes_json":"[\"CWE-121\"]","affected_products":"[\"absolute:secure_access\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33447"},{"cve_id":"CVE-2026-33446","published":"2026-04-30T20:16:23.813","last_modified":"2026-05-05T02:19:56.023","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"CVE-2026-33446 is a buffer overflow in the authentication sub-system of \nthe Secure Access client prior to 14.50. Attackers with control of a \nmodified server can send a special packet that can overwrite a small \nportion of memory conceivably leading to memory corruption or a den","cwes_json":"[\"CWE-120\"]","affected_products":"[\"absolute:secure_access\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-33446"},{"cve_id":"CVE-2026-36767","published":"2026-04-30T17:16:26.267","last_modified":"2026-04-30T18:16:29.947","vuln_status":"Deferred","cvss_base_score":10,"cvss_severity":"CRITICAL","description_excerpt":"A path traversal vulnerability in the /content/images/add endpoint of shopizer v3.2.5 allows attackers write arbitrary files to any writeable path via a crafted POST request.","cwes_json":"[\"CWE-22\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-36767"},{"cve_id":"CVE-2026-36760","published":"2026-04-30T17:16:26.050","last_modified":"2026-04-30T18:16:28.927","vuln_status":"Deferred","cvss_base_score":9.6,"cvss_severity":"CRITICAL","description_excerpt":"An issue in the fileMd5 parameter in the /a/file/upload endpoint of JeeSite v5.15.1 allows authenticated attackers with file upload permissions to execute a path traversal and write arbitrary files with whitelisted suffixes to arbitrary filesystem locations while chunked upload i","cwes_json":"[\"CWE-22\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-36760"},{"cve_id":"CVE-2025-71284","published":"2026-04-30T17:16:25.630","last_modified":"2026-05-05T18:09:10.380","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Synway SMG Gateway Management Software contains an OS command injection vulnerability in the RADIUS configuration endpoint at /en/9-2radius.php where the radius_address POST parameter is split and interpolated directly into a sed command without sanitization. An unauthenticated r","cwes_json":"[\"CWE-78\"]","affected_products":"[\"synway:smg_gateway_management_software\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-71284"},{"cve_id":"CVE-2022-50993","published":"2026-04-30T17:16:24.800","last_modified":"2026-04-30T17:19:57.853","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Weaver (Fanwei) E-office versions prior to 10.0_20221201 contain an unauthenticated arbitrary file upload vulnerability in the OfficeServer.php endpoint that allows remote attackers to upload malicious files by sending multipart POST requests with arbitrary filenames and disguise","cwes_json":"[\"CWE-434\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2022-50993"},{"cve_id":"CVE-2026-4670","published":"2026-04-30T16:16:44.167","last_modified":"2026-05-04T18:20:39.803","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Authentication bypass by primary weakness vulnerability in Progress Software MOVEit Automation allows Authentication Bypass.\n\nThis issue affects MOVEit Automation: from 2025.0.0 before 2025.0.9, from 2024.0.0 before 2024.1.8, versions prior to 2024.0.0.","cwes_json":"[\"CWE-305\"]","affected_products":"[\"progress:moveit_automation\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-4670"},{"cve_id":"CVE-2025-14543","published":"2026-04-30T16:16:40.420","last_modified":"2026-05-04T13:02:38.027","vuln_status":"Analyzed","cvss_base_score":9.1,"cvss_severity":"CRITICAL","description_excerpt":"Improper Restriction of XML External Entity Reference vulnerability in Connext Professional (Core Libraries) allows Serialized Data External Linking.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.1, from 6.1.0 before 6.1.*, from 6.0.0 be","cwes_json":"[\"CWE-611\"]","affected_products":"[\"rti:connext_professional\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-14543"},{"cve_id":"CVE-2026-7381","published":"2026-04-29T23:16:19.897","last_modified":"2026-05-07T02:10:11.107","vuln_status":"Analyzed","cvss_base_score":9.1,"cvss_severity":"CRITICAL","description_excerpt":"Plack::Middleware::XSendfile versions through 1.0053 for Perl can allow client-controlled path rewriting.\n\nPlack::Middleware::XSendfile allows the variation setting (sendfile type) to be set by the client via the X-Sendfile-Type header, if it is not considered in the middleware c","cwes_json":"[\"CWE-200\",\"CWE-441\",\"CWE-913\"]","affected_products":"[\"miyagawa:plack\\\\\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7381"},{"cve_id":"CVE-2018-25318","published":"2026-04-29T20:16:27.800","last_modified":"2026-05-04T18:40:04.290","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Tenda FH303/A300 firmware V5.07.68_EN contains a session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient cookie validation. Attackers can send GET requests to the /goform/AdvSetDns endpoint with a crafted admin cookie","cwes_json":"[\"CWE-290\"]","affected_products":"[\"tenda:fh303_firmware\",\"tenda:fh303\",\"tenda:a300_firmware\",\"tenda:a300\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25318"},{"cve_id":"CVE-2018-25317","published":"2026-04-29T20:16:27.663","last_modified":"2026-05-05T02:46:59.470","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Tenda W3002R/A302/W309R wireless routers version V5.07.64_en contain a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the /goform/AdvSetDns endpoi","cwes_json":"[\"CWE-290\"]","affected_products":"[\"tenda:w3002r_firmware\",\"tenda:w3002r\",\"tenda:a302_firmware\",\"tenda:a302\",\"tenda:w309r_firmware\",\"tenda:w309r\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25317"},{"cve_id":"CVE-2018-25316","published":"2026-04-29T20:16:27.503","last_modified":"2026-05-04T18:42:37.520","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Tenda W308R v2 V5.07.48 contains a cookie session weakness vulnerability that allows unauthenticated attackers to modify DNS settings by exploiting insufficient session validation. Attackers can send GET requests to the goform/AdvSetDns endpoint with a crafted admin language cook","cwes_json":"[\"CWE-290\"]","affected_products":"[\"tenda:w308r_firmware\",\"tenda:w308r\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2018-25316"},{"cve_id":"CVE-2026-30893","published":"2026-04-29T19:16:23.200","last_modified":"2026-04-30T20:30:05.967","vuln_status":"Analyzed","cvss_base_score":9,"cvss_severity":"CRITICAL","description_excerpt":"Wazuh is a free and open source platform used for threat prevention, detection, and response. From version 4.4.0 to before version 4.14.4, a path traversal vulnerability in Wazuh's cluster synchronization extraction routine allows an authenticated cluster peer to write arbitrary ","cwes_json":"[\"CWE-22\",\"CWE-73\"]","affected_products":"[\"wazuh:wazuh\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-30893"},{"cve_id":"CVE-2026-26015","published":"2026-04-29T18:16:03.817","last_modified":"2026-05-06T20:16:31.237","vuln_status":"Modified","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"DocsGPT is a GPT-powered chat for documentation. From version 0.15.0 to before version 0.16.0, an attacker accessing both the official DocsGPT website or any local and public deployment, can craft a malicious payload bypassing the \"MCP test\" behavior to achieve arbitrary remote c","cwes_json":"[\"CWE-77\"]","affected_products":"[\"arc53:docsgpt\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-26015"},{"cve_id":"CVE-2026-5166","published":"2026-04-29T16:16:26.673","last_modified":"2026-05-04T14:16:35.430","vuln_status":"Deferred","cvss_base_score":9.6,"cvss_severity":"CRITICAL","description_excerpt":"Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Software Center allows Path Traversal.\n\nThis issue affects Pardus Software Center: before 0.6.4.","cwes_json":"[\"CWE-22\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-5166"},{"cve_id":"CVE-2026-41940","published":"2026-04-29T16:16:25.037","last_modified":"2026-05-04T18:09:42.300","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.","cwes_json":"[\"CWE-306\"]","affected_products":"[\"cpanel:cpanel\",\"cpanel:whm\",\"cpanel:wp_squared\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41940"},{"cve_id":"CVE-2026-38992","published":"2026-04-29T15:16:05.750","last_modified":"2026-04-30T16:16:43.683","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Cockpit v2.13.5 and earlier is vulnerable to arbitrary code execution via the filter parameter within multiple endpoints. This vulnerability allows an attacker to run system commands on the underlying infrastructure via the MongoLite $func operator.","cwes_json":"[\"CWE-94\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-38992"},{"cve_id":"CVE-2026-36841","published":"2026-04-29T15:16:05.643","last_modified":"2026-04-29T21:22:20.120","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"TOTOLINK N200RE V5 was discovered to contain a command injection vulnerability via the macstr and bandstr parameters in the formMapDelDevice function.","cwes_json":"[\"CWE-77\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-36841"},{"cve_id":"CVE-2026-42523","published":"2026-04-29T14:16:19.360","last_modified":"2026-05-05T18:06:19.247","vuln_status":"Analyzed","cvss_base_score":9,"cvss_severity":"CRITICAL","description_excerpt":"Jenkins GitHub Plugin 1.46.0 and earlier improperly processes the current job URL as part of JavaScript implementing validation of the feature \"GitHub hook trigger for GITScm polling\", resulting in a stored cross-site scripting (XSS) vulnerability exploitable by non-anonymous att","cwes_json":"[\"CWE-79\"]","affected_products":"[\"jenkins:github\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-42523"},{"cve_id":"CVE-2026-7333","published":"2026-04-28T23:16:20.843","last_modified":"2026-04-30T18:30:10.083","vuln_status":"Analyzed","cvss_base_score":9.6,"cvss_severity":"CRITICAL","description_excerpt":"Use after free in GPU in Google Chrome prior to 147.0.7727.138 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)","cwes_json":"[\"CWE-416\"]","affected_products":"[\"google:chrome\",\"apple:macos\",\"linux:linux_kernel\",\"microsoft:windows\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7333"},{"cve_id":"CVE-2026-41446","published":"2026-04-28T22:16:49.623","last_modified":"2026-04-30T15:48:26.580","vuln_status":"Awaiting Analysis","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Snap One WattBox 800 and 820 series firmware versions prior to 2.10.0.0 contain undisclosed diagnostic HTTP endpoints that require only the device MAC address and service tag for authentication, both of which are printed in plaintext on the physical device label. Attackers with a","cwes_json":"[\"CWE-798\",\"CWE-912\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41446"},{"cve_id":"CVE-2026-41386","published":"2026-04-28T19:37:41.770","last_modified":"2026-05-01T15:52:35.320","vuln_status":"Analyzed","cvss_base_score":9.1,"cvss_severity":"CRITICAL","description_excerpt":"OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges beyond their intended role and s","cwes_json":"[\"CWE-648\"]","affected_products":"[\"openclaw:openclaw\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41386"},{"cve_id":"CVE-2026-3893","published":"2026-04-28T19:37:39.647","last_modified":"2026-04-28T20:10:23.367","vuln_status":"Awaiting Analysis","cvss_base_score":9.4,"cvss_severity":"CRITICAL","description_excerpt":"The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, \nallowing an attacker with network access to directly access and modify \nits configuration and operational functions without needing credentials.","cwes_json":"[\"CWE-306\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-3893"},{"cve_id":"CVE-2026-24178","published":"2026-04-28T19:36:45.127","last_modified":"2026-05-04T14:34:01.557","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to privilege escalation, data tampe","cwes_json":"[\"CWE-639\"]","affected_products":"[\"nvidia:nvflare\",\"apple:macos\",\"linux:linux_kernel\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-24178"},{"cve_id":"CVE-2026-41873","published":"2026-04-28T16:16:13.670","last_modified":"2026-04-29T13:16:51.850","vuln_status":"Modified","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Pony Mail leading to admin account takeover.\n\nThis issue affects all versions of the Lua implementation of Pony Mail. There is a Python implementation","cwes_json":"[\"CWE-444\"]","affected_products":"[\"apache:pony_mail\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-41873"},{"cve_id":"CVE-2025-60889","published":"2026-04-28T16:16:05.763","last_modified":"2026-04-30T16:16:40.843","vuln_status":"Undergoing Analysis","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Insecure deserialization of untrusted input in StellarGroup HPX 1.11.0 under certain conditions may allow attackers to execute arbitrary code or other unspecified impacts.","cwes_json":"[\"CWE-502\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-60889"},{"cve_id":"CVE-2026-7321","published":"2026-04-28T15:16:37.550","last_modified":"2026-05-01T17:54:04.827","vuln_status":"Analyzed","cvss_base_score":9.6,"cvss_severity":"CRITICAL","description_excerpt":"Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox 150, Thunderbird 150, Firefox ESR 140.10.1, and Thunderbird 140.10.1.","cwes_json":"[\"CWE-120\"]","affected_products":"[\"mozilla:firefox\",\"mozilla:thunderbird\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7321"},{"cve_id":"CVE-2026-7248","published":"2026-04-28T09:16:18.280","last_modified":"2026-04-30T13:18:11.797","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public","cwes_json":"[\"CWE-119\",\"CWE-120\"]","affected_products":"[\"dlink:di-8100_firmware\",\"dlink:di-8100\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7248"},{"cve_id":"CVE-2026-7244","published":"2026-04-28T09:16:17.950","last_modified":"2026-04-28T20:24:20.377","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge results in os command injection. It is possi","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7244"},{"cve_id":"CVE-2026-7243","published":"2026-04-28T09:16:17.787","last_modified":"2026-04-28T20:24:20.377","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument maxRtrAdvInterval leads to os command injection. It is possible","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7243"},{"cve_id":"CVE-2026-7242","published":"2026-04-28T09:16:17.627","last_modified":"2026-04-28T20:24:20.377","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enabled can lead to os command injection. The attack may be","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7242"},{"cve_id":"CVE-2026-7241","published":"2026-04-28T09:16:17.457","last_modified":"2026-04-28T20:24:20.377","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wifiOff results in os command injection. The attack is possi","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7241"},{"cve_id":"CVE-2026-7240","published":"2026-04-28T08:16:02.990","last_modified":"2026-04-28T20:24:20.377","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument User leads to os command injection. The attack can be ","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7240"},{"cve_id":"CVE-2026-7204","published":"2026-04-28T01:16:01.780","last_modified":"2026-04-28T20:24:58.820","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. The attack may be initiate","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7204"},{"cve_id":"CVE-2026-7203","published":"2026-04-28T01:16:01.600","last_modified":"2026-04-28T20:24:58.820","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os command injection. The attack can be l","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7203"},{"cve_id":"CVE-2026-7202","published":"2026-04-28T01:16:01.423","last_modified":"2026-04-28T20:24:58.820","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument wscDisabled leads to os command injection. The attack can be initiated","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7202"},{"cve_id":"CVE-2026-32644","published":"2026-04-28T01:16:00.600","last_modified":"2026-04-28T20:11:56.713","vuln_status":"Awaiting Analysis","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.","cwes_json":"[\"CWE-321\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-32644"},{"cve_id":"CVE-2026-40976","published":"2026-04-28T00:16:24.803","last_modified":"2026-04-30T13:54:12.847","vuln_status":"Analyzed","cvss_base_score":9.1,"cvss_severity":"CRITICAL","description_excerpt":"In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of its own and rely on the default we","cwes_json":"[\"CWE-862\"]","affected_products":"[\"vmware:spring_boot\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-40976"},{"cve_id":"CVE-2026-7156","published":"2026-04-27T21:16:44.000","last_modified":"2026-04-28T20:24:58.820","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7156"},{"cve_id":"CVE-2026-7155","published":"2026-04-27T21:16:43.833","last_modified":"2026-04-28T20:24:58.820","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass leads to os command injection. The attack may ","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7155"},{"cve_id":"CVE-2026-7154","published":"2026-04-27T21:16:43.660","last_modified":"2026-04-28T20:24:58.820","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument tty_server can lead to os command injection. The attack ca","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7154"},{"cve_id":"CVE-2024-46636","published":"2026-04-27T21:16:21.320","last_modified":"2026-04-28T20:12:42.653","vuln_status":"Awaiting Analysis","cvss_base_score":9.4,"cvss_severity":"CRITICAL","description_excerpt":"NASA Earth Observing System Data and Information System (EOSDIS) MODAPS v8.1 was discovered to contain a SQL injection vulnerability in the category parameter","cwes_json":"[\"CWE-89\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2024-46636"},{"cve_id":"CVE-2026-7153","published":"2026-04-27T20:16:29.230","last_modified":"2026-04-27T20:21:52.070","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sys_info results in os command injectio","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7153"},{"cve_id":"CVE-2026-7152","published":"2026-04-27T20:16:29.063","last_modified":"2026-04-27T20:21:52.070","vuln_status":"Deferred","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument telnet_enabled leads to os command injection. It is possible ","cwes_json":"[\"CWE-77\",\"CWE-78\"]","affected_products":"[]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-7152"},{"cve_id":"CVE-2026-35903","published":"2026-04-27T19:16:52.817","last_modified":"2026-05-05T13:39:47.200","vuln_status":"Analyzed","cvss_base_score":9.8,"cvss_severity":"CRITICAL","description_excerpt":"MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After successful Digest authentication in an initial DESCRIBE request, the device does not verify the Digest response parameter in subsequent RTSP reque","cwes_json":"[\"CWE-287\"]","affected_products":"[\"mercurycom:mipc252w_firmware\",\"mercurycom:mipc252w\"]","nvd_url":"https://nvd.nist.gov/vuln/detail/CVE-2026-35903"}]}