Aggregator

A vulnerability was found in Open5GS up to 2.7.7. It has been declared as problematic. This issue affects the function OpenAPI_list_create of the component SMF. Such manipulation leads to denial of service. This vulnerability is traded as CVE-2026-8268. The attack may be launched remotely. Furthermore, there is an exploit available. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability was found in Open5GS up to 2.7.7. It has been classified as problematic. This vulnerability affects the function smf_nsmf_handle_created_data_in_vsmf of the component SMF. This manipulation causes denial of service. This vulnerability appears as CVE-2026-8267. The attack may be initiated remotely. In addition, an exploit is available. The project was informed of the problem early through an issue report but has not responded yet.

A vulnerability was found in Open5GS up to 2.7.7 and classified as problematic. This affects the function gsm_build_pdu_session_establishment_accept of the file /src/smf/gsm-build.c of the component SMF. The manipulation results in denial of service. This vulnerability is reported as CVE-2026-8266. The attack can be launched remotely. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet.

本文核心为，以色列军方利用人工智能驱动的目标定位系统，发动了针对黎巴嫩真X党的袭击，该系统融合了来自各种来源的

Submit #808488 / VDB-362567

Submit #808486 / VDB-362566

Submit #808485 / VDB-362565

Submit #808484 / VDB-362564

Submit #808483 / VDB-362563

A vulnerability has been found in Tenda AC6 15.03.06.23 and classified as critical. Affected by this issue is the function get_log_file of the file /goform/getLogFile of the component httpd. The manipulation of the argument wans.flag leads to os command injection. This vulnerability is documented as CVE-2026-8265. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability, which was classified as critical, was found in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. This vulnerability is registered as CVE-2026-8264. It is possible to launch the attack remotely. Furthermore, an exploit is available.

A vulnerability, which was classified as critical, has been found in Tenda AC6 15.03.06.49_multi_TDE01. Affected is the function fromSetWirelessRepeat of the file /goform/WifiExtraSet of the component httpd. Performing a manipulation of the argument mac/ssid results in os command injection. This vulnerability is cataloged as CVE-2026-8263. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

Submit #810076 / VDB-362562

Submit #810075 / VDB-362561

Submit #810074 / VDB-362560

A vulnerability classified as problematic was found in Devs Palace ERP Online up to 4.0.0. This impacts an unknown function of the file /accounts/chart-save. Such manipulation leads to cross site scripting. This vulnerability is listed as CVE-2026-8262. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability classified as critical has been found in Squirrel up to 3.2. This affects the function SQFunctionProto::Load of the file squirrel/sqobject.cpp. This manipulation causes heap-based buffer overflow. This vulnerability is tracked as CVE-2026-8261. The attack is restricted to local execution. Moreover, an exploit is present. The project was informed of the problem early through an issue report but has not responded yet.

Submit #809930 / VDB-362559

Submit #809904 / VDB-362558

A vulnerability described as critical has been identified in D-Link DCS-935L up to 1.10.01. The impacted element is the function SetDeviceSettings of the file /web/cgi-bin/hnap/hnap_service of the component HNAP Service. The manipulation of the argument AdminPassword results in buffer overflow. This vulnerability is identified as CVE-2026-8260. The attack can be executed remotely. Additionally, an exploit exists.