Aggregator

Submit #792640 / VDB-252400

Submit #792639 / VDB-252400

Submit #792638 / VDB-250462

Submit #792637 / VDB-250463

A vulnerability classified as critical was found in Totolink A8000R 5.9c.681_B20180413. This issue affects the function setLanguageCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument langType leads to missing authentication. This vulnerability is uniquely identified as CVE-2026-5676. The attack can be launched remotely. Moreover, an exploit is present. Restrictive firewalling should be applied.

Submit #792636 / VDB-250459

Submit #792635 / VDB-250461

Submit #792634 / VDB-250461

Submit #792633 / VDB-250463

Submit #792632 / VDB-250461

Submit #792631 / VDB-250459

Submit #792608 / VDB-355505

Submit #792606 / VDB-355504

A vulnerability classified as problematic has been found in Keycloak on Red Hat. This vulnerability affects unknown code of the component JWT Handler. This manipulation of the argument azp causes origin validation error. This vulnerability is handled as CVE-2026-37977. The attack can be initiated remotely. There is not any exploit available.

A vulnerability described as critical has been identified in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowed_tool.php of the component Parameter Handler. The manipulation of the argument emp results in sql injection. This vulnerability is known as CVE-2026-5675. It is possible to launch the attack remotely. Furthermore, an exploit is available.

Submit #792433 / VDB-355503

Submit #792392 / VDB-355501

Второе дело о финансировании терроризма через звёзды Telegram.

A vulnerability was found in mbed TLS up to 2.19.0/3.6.5/4.0.0. It has been rated as critical. Affected by this issue is some unknown functionality. This manipulation causes memory corruption. The identification of this vulnerability is CVE-2026-34877. It is possible to initiate the attack remotely. There is no exploit available.