Aggregator

Qilin

Dark Feed IO
2 days 19 hours ago

You must login to view this content

cohenido

CVE-2026-6564 | EMQ EMQX Enterprise up to 6.1.0 Session Handling improper authorization (EUVD-2026-23692)

VulDB Recent Entries
2 days 21 hours ago
A vulnerability labeled as critical has been found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. This vulnerability is known as CVE-2026-6564. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-6563 | H3C Magic B1 up to 100R004 /goform/aspForm SetAPWifiorLedInfoById param buffer overflow (EUVD-2026-23690)

VulDB Recent Entries
2 days 21 hours ago
A vulnerability identified as critical has been detected in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. This vulnerability is traded as CVE-2026-6563. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-6562 | dameng100 muucmf 1.9.5.20260309 /index/Search/index.html getListByPage keyword sql injection (EUVD-2026-23688)

VulDB Recent Entries
2 days 21 hours ago
A vulnerability categorized as critical has been discovered in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. This vulnerability appears as CVE-2026-6562. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-6561 | EyouCMS up to 1.7.1 Index.php edit_adminlogo filename unrestricted upload (EUVD-2026-23686)

VulDB Recent Entries
2 days 21 hours ago
A vulnerability was found in EyouCMS up to 1.7.1. It has been rated as critical. This issue affects the function edit_adminlogo of the file application/admin/controller/Index.php. Performing a manipulation of the argument filename results in unrestricted upload. This vulnerability is reported as CVE-2026-6561. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-6560 | H3C Magic B0 up to 100R002 /goform/aspForm Edit_BasicSSID param buffer overflow (EUVD-2026-23684)

VulDB Recent Entries
2 days 21 hours ago
A vulnerability was found in H3C Magic B0 up to 100R002. It has been declared as critical. This vulnerability affects the function Edit_BasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. This vulnerability is documented as CVE-2026-6560. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-6559 | Wavlink WL-WN579A3 220323 /cgi-bin/login.cgi sub_401F80 Hostname cross site scripting (EUVD-2026-23682)

VulDB Recent Entries
2 days 21 hours ago
A vulnerability was found in Wavlink WL-WN579A3 220323. It has been classified as problematic. This affects the function sub_401F80 of the file /cgi-bin/login.cgi. This manipulation of the argument Hostname causes cross site scripting. This vulnerability is registered as CVE-2026-6559. Remote exploitation of the attack is possible. No exploit is available. Upgrading the affected component is recommended. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.
vuldb.com

Managed ad