Aggregator

CVE-2026-34621

CVE Trends
2 months 1 week ago
Currently trending CVE - Hype Score: 1 - Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. ...

Qilin

Dark Feed IO
2 months 1 week ago

You must login to view this content

cohenido

CVE-2026-6564 | EMQ EMQX Enterprise up to 6.1.0 Session Handling improper authorization (EUVD-2026-23692)

VulDB Recent Entries
2 months 1 week ago
A vulnerability labeled as critical has been found in EMQ EMQX Enterprise up to 6.1.0. The impacted element is an unknown function of the component Session Handling. The manipulation results in improper authorization. This vulnerability is known as CVE-2026-6564. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-6563 | H3C Magic B1 up to 100R004 /goform/aspForm SetAPWifiorLedInfoById param buffer overflow (EUVD-2026-23690)

VulDB Recent Entries
2 months 1 week ago
A vulnerability identified as critical has been detected in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. This vulnerability is traded as CVE-2026-6563. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-6562 | dameng100 muucmf 1.9.5.20260309 /index/Search/index.html getListByPage keyword sql injection (EUVD-2026-23688)

VulDB Recent Entries
2 months 1 week ago
A vulnerability categorized as critical has been discovered in dameng100 muucmf 1.9.5.20260309. Impacted is the function getListByPage of the file /index/Search/index.html. Executing a manipulation of the argument keyword can lead to sql injection. This vulnerability appears as CVE-2026-6562. The attack may be performed from remote. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-6561 | EyouCMS up to 1.7.1 Index.php edit_adminlogo filename unrestricted upload (EUVD-2026-23686)

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in EyouCMS up to 1.7.1. It has been rated as critical. This issue affects the function edit_adminlogo of the file application/admin/controller/Index.php. Performing a manipulation of the argument filename results in unrestricted upload. This vulnerability is reported as CVE-2026-6561. The attack is possible to be carried out remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-6560 | H3C Magic B0 up to 100R002 /goform/aspForm Edit_BasicSSID param buffer overflow (EUVD-2026-23684)

VulDB Recent Entries
2 months 1 week ago
A vulnerability was found in H3C Magic B0 up to 100R002. It has been declared as critical. This vulnerability affects the function Edit_BasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. This vulnerability is documented as CVE-2026-6560. The attack can be executed remotely. Additionally, an exploit exists. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

Managed ad