CVE ID :CVE-2026-5156 Published : March 31, 2026, 12:16 a.m. | 20 minutes ago Description :A vulnerability was determined in Tenda CH22 1.0.0.1. This impacts the function formQuickIndex of the file /goform/QuickIndex of…
CVE-2026-5155 – Tenda CH22 Parameter AdvSetWan fromAdvSetWan stack-based overflow
CVE ID :CVE-2026-5155 Published : March 30, 2026, 11:17 p.m. | 1 hour, 19 minutes ago Description :A vulnerability was found in Tenda CH22 1.0.0.1. This affects the function fromAdvSetWan of the file /goform/AdvSetWan…
CVE-2026-5154 – Tenda CH22 Parameter setcfm fromSetCfm stack-based overflow
CVE ID :CVE-2026-5154 Published : March 30, 2026, 11:17 p.m. | 1 hour, 19 minutes ago Description :A vulnerability has been found in Tenda CH22 1.0.0.1/1.If. The impacted element is the function fromSetCfm of…
CVE-2026-5130 – Debugger & Troubleshooter <= 1.3.2 – Unauthenticated Privilege Escalation to Administrator via Cookie Manipulation
CVE ID :CVE-2026-5130 Published : March 30, 2026, 11:17 p.m. | 1 hour, 19 minutes ago Description :The Debugger & Troubleshooter plugin for WordPress was vulnerable to Unauthenticated Privilege Escalation in versions up to…
CVE-2026-4257 – Contact Form by Supsystic <= 1.7.36 – Unauthenticated Server-Side Template Injection via Prefill Functionality
CVE ID :CVE-2026-4257 Published : March 30, 2026, 10:16 p.m. | 2 hours, 20 minutes ago Description :The Contact Form by Supsystic plugin for WordPress is vulnerable to Server-Side Template Injection (SSTI) leading to…
CVE-2026-2370 – Improper Handling of Parameters in GitLab
CVE ID :CVE-2026-2370 Published : March 30, 2026, 12:16 a.m. | 20 minutes ago Description :GitLab has remediated an issue in GitLab CE/EE affecting all versions from 14.3 before 18.8.7, 18.9 before 18.9.3,…
CVE-2026-4946 – NSA Ghidra Auto-Analysis Annotation Command Execution
CVE ID :CVE-2026-4946 Published : March 29, 2026, 8:16 p.m. | 4 hours, 19 minutes ago Description :Ghidra versions prior to 12.0.3 improperly process annotation directives embedded in automatically extracted binary data, resulting in…
CVE-2026-0562 – Insecure Direct Object Reference (IDOR) in parisneo/lollms
CVE ID :CVE-2026-0562 Published : March 29, 2026, 6:16 p.m. | 6 hours, 19 minutes ago Description :A critical security vulnerability in parisneo/lollms versions up to 2.2.0 allows any authenticated user to accept or…
CVE-2026-34005 – Xiongmai DVR/NVR Command Injection Vulnerability
CVE ID :CVE-2026-34005 Published : March 29, 2026, 5:16 p.m. | 7 hours, 19 minutes ago Description :In Sofia on Xiongmai DVR/NVR (AHB7008T-MH-V2 and NBD7024H-P) 4.03.R11 devices, root OS command injection can occur via…
CVE-2026-5046 – Tenda FH1201 Parameter WrlExtraSet formWrlExtraSet stack-based overflow
CVE ID :CVE-2026-5046 Published : March 29, 2026, 3:16 p.m. | 9 hours, 19 minutes ago Description :A flaw has been found in Tenda FH1201 1.2.0.14(408). Affected is the function formWrlExtraSet of the file…