Latest Vulnerabilities
Latest Found
The latest vulnerability announcements
- CVE-2026-1548 - Totolink A7000R cstecgi.cgi CloudACMunualUpdateUserdata command injection
- CVE-2026-24897 - Authenticated Remote Code Execution via Arbitrary File Upload
- CVE-2026-24857 - bulk_extractor has Heap-based Buffer Overflow vulnerability
- CVE-2026-24888 - Maker.js Vulnerable to Unsafe Property Copying in makerjs.extendObject
- CVE-2026-24889 - soroban-sdk has overflow in Bytes::slice, Vec::slice, GenRange::gen_range for u64
- CVE-2026-1544 - D-Link DIR-823X set_mode sub_41E2A0 os command injection
- CVE-2026-1545 - itsourcecode School Management System index.php sql injection
- CVE-2026-1546 - jishenghua jshERP com.jsh.erp.datasource.mappers.DepotItemMapperEx importItemExcel getBillItemByParam sql injection
- CVE-2026-1547 - Totolink A7000R cstecgi.cgi setUnloadUserData command injection
- CVE-2026-24856 - iccDEV has UB runtime error in <icTagTypeSignature>
CISA Advisories
The latest advisories from CISA
- Fortinet Releases Guidance to Address Ongoing Exploitation of Authentication Bypass Vulnerability CVE-2026-24858
- Schneider Electric Zigbee Products
- iba Systems ibaPDA
- Festo Didactic SE MES PC
- CISA Adds One Known Exploited Vulnerability to Catalog
- Johnson Controls Products
- CISA Adds Five Known Exploited Vulnerabilities to Catalog
- CISA Adds One Known Exploited Vulnerability to Catalog
- Product Categories for Technologies That Use Post-Quantum Cryptography Standards
- Hubitat Elevation Hubs
