Submit #741422: IPTIME A8004T 14.18.2 Authentication Bypass & Arbitrary Password Reset [Accepted]
Submit #741422 / VDB-343639
Aggregator
记一次基于 Host 头的 SSRF+任意文件写入
2 months ago
意想不到的HOST头导致的SSRF
CVE-2026-1739 | Free5GC pcf up to 1.4.1 smpolicy.go HandleCreateSmPolicyRequest null pointer dereference (Issue 803)
2 months ago
A vulnerability was found in Free5GC pcf up to 1.4.1. It has been rated as problematic. This affects the function HandleCreateSmPolicyRequest of the file internal/sbi/processor/smpolicy.go. The manipulation leads to null pointer dereference.
This vulnerability is uniquely identified as CVE-2026-1739. The attack is possible to be carried out remotely. Moreover, an exploit is present.
Applying a patch is the recommended action to fix this issue.
vuldb.com
Submit #741194: free5gc PCF v4.1.0 Denial of Service [Accepted]
2 months ago
Submit #741194 / VDB-343638
ZiyuLin
CVE-2026-1738 | Open5GS up to 2.7.6 SGWC /src/sgwc/context.c sgwc_tunnel_add pdr assertion (Issue 4261)
2 months ago
A vulnerability was found in Open5GS up to 2.7.6. It has been declared as problematic. The impacted element is the function sgwc_tunnel_add of the file /src/sgwc/context.c of the component SGWC. Executing a manipulation of the argument pdr can lead to reachable assertion.
This vulnerability is handled as CVE-2026-1738. The attack can be executed remotely. Additionally, an exploit exists.
It is advisable to implement a patch to correct this issue.
The issue report is flagged as already-fixed.
vuldb.com
CVE-2026-1737 | Open5GS up to 2.7.6 CreateBearerRequest /src/sgwc/s5c-handler.c sgwc_s5c_handle_create_bearer_request assertion (Issue 4271)
2 months ago
A vulnerability was found in Open5GS up to 2.7.6. It has been classified as problematic. The affected element is the function sgwc_s5c_handle_create_bearer_request of the file /src/sgwc/s5c-handler.c of the component CreateBearerRequest Handler. Performing a manipulation results in reachable assertion.
This vulnerability is known as CVE-2026-1737. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
To fix this issue, it is recommended to deploy a patch.
The issue report is flagged as already-fixed.
vuldb.com
CVE-2026-1736 | Open5GS up to 2.7.6 SGWC /src/sgwc/s11-handler.c assertion (Issue 4270)
2 months ago
A vulnerability was found in Open5GS up to 2.7.6 and classified as problematic. Impacted is the function sgwc_s11_handle_create_indirect_data_forwarding_tunnel_request of the file /src/sgwc/s11-handler.c of the component SGWC. Such manipulation leads to reachable assertion.
This vulnerability is traded as CVE-2026-1736. The attack may be launched remotely. Furthermore, there is an exploit available.
A patch should be applied to remediate this issue.
The issue report is flagged as already-fixed.
vuldb.com
Submit #741193: Open5gs SGWC v2.7.6 Denial of Service [Accepted]
2 months ago
Submit #741193 / VDB-343637
ZiyuLin
Submit #741192: Open5GS SGWC v2.7.6 Denial of Service [Accepted]
2 months ago
Submit #741192 / VDB-343636
LinZiyu
专家解读 | 石经海:以法治思维构建网络犯罪防治体系
2 months ago
为预防、遏制和治理网络犯罪活动,维护国家安全、社会稳定和网络秩序,保护公民和组织的合法权益,公安部牵头历时多年起草《网络犯罪防治法(征求意见稿)》,标志着我国网络犯罪治理从“事后打击”向“全程防控”的系统性转型……
国安部提醒:小心网络社群“圈子”变成泄密温床
2 months ago
群组有界,安全无价;圈层虽小,关乎大局。
公告 | 公安部就《网络犯罪防治法(征求意见稿)》公开征求意见
2 months ago
意见反馈截止时间为2026年3月2日。
Submit #741191: Open5GS SGWC v2.7.6 Denial of Service [Accepted]
2 months ago
Submit #741191 / VDB-343635
LinZiyu
CVE-2026-1735 | Yealink MeetingBar A30 133.321.0.3 Diagnostic command injection
2 months ago
A vulnerability has been found in Yealink MeetingBar A30 133.321.0.3 and classified as critical. This issue affects some unknown processing of the component Diagnostic Handler. This manipulation causes command injection.
This vulnerability appears as CVE-2026-1735. It is feasible to perform the attack on the physical device. In addition, an exploit is available.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2026-1734 | Zhong Bang CRMEB up to 5.6.3 crontab Endpoint CrontabController.php authorization
2 months ago
A vulnerability, which was classified as problematic, was found in Zhong Bang CRMEB up to 5.6.3. This vulnerability affects unknown code of the file crmeb/app/api/controller/v1/CrontabController.php of the component crontab Endpoint. The manipulation results in missing authorization.
This vulnerability is reported as CVE-2026-1734. The attack can be launched remotely. Moreover, an exploit is present.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2026-1733 | Zhong Bang CRMEB up to 5.6.3 :uni detail/tidyOrder order_id improper authorization
2 months ago
A vulnerability, which was classified as problematic, has been found in Zhong Bang CRMEB up to 5.6.3. This affects the function detail/tidyOrder of the file /api/store_integral/order/detail/:uni. The manipulation of the argument order_id leads to improper authorization.
This vulnerability is documented as CVE-2026-1733. The attack can be initiated remotely. Additionally, an exploit exists.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
求正方形边长趣题
2 months ago
这是小学五年级学生来问我的题
Submit #736622: Yealink MeetingBar A30 133.321.0.3 Command Injection [Accepted]
2 months ago
Submit #736622 / VDB-343634
cccll
CVE-2026-25069 | SunFounder Pironman Dashboard up to 1.3.13 filename path traversal (EUVD-2026-5083)
2 months ago
A vulnerability classified as critical was found in SunFounder Pironman Dashboard up to 1.3.13. Affected by this issue is some unknown functionality. Executing a manipulation of the argument filename can lead to path traversal.
This vulnerability is registered as CVE-2026-25069. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
Submit #736619: Zhongbang CRMEB v5.6.3 Missing Authorization [Accepted]
2 months ago
Submit #736619 / VDB-343633
Ho Cherry