A vulnerability was found in Planet ICG-2510 1.0_20250811. It has been declared as critical. The impacted element is the function sub_40C8E4 of the file /usr/sbin/httpd of the component Language Package Configuration Handler. Executing a manipulation of the argument Language can lead to stack-based buffer overflow.
This vulnerability is tracked as CVE-2026-3697. The attack can be launched remotely. Moreover, an exploit is present.
The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability was found in Totolink N300RH 6..1c.1353_B20190305. It has been classified as critical. The affected element is the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation results in os command injection.
This vulnerability is identified as CVE-2026-3696. The attack can be initiated remotely. Additionally, an exploit exists.
A vulnerability was found in SourceCodester Modern Image Gallery App 1.0 and classified as critical. Impacted is an unknown function of the file /delete.php. Such manipulation of the argument filename leads to path traversal.
This vulnerability is referenced as CVE-2026-3695. It is possible to launch the attack remotely. Furthermore, an exploit is available.
A vulnerability has been found in Shy2593666979 AgentChat up to 2.3.0 and classified as critical. This issue affects the function get_user_info/update_user_info of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument user_id causes improper control of resource identifiers.
The identification of this vulnerability is CVE-2026-3693. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
The vendor was contacted early about this disclosure but did not respond in any way.
A vulnerability, which was classified as problematic, was found in Debian dpkg up to 1.23.5. This vulnerability affects unknown code of the component dpkg-deb. The manipulation results in denial of service.
This vulnerability was named CVE-2026-2219. The attack may be performed from remote. There is no available exploit.
You should upgrade the affected component.
A vulnerability, which was classified as critical, has been found in Philips Hue Bridge. This affects an unknown part of the component Zigbee Stack. The manipulation leads to heap-based buffer overflow.
This vulnerability is uniquely identified as CVE-2026-3555. The attack can only be initiated within the local network. No exploit exists.
It is advisable to upgrade the affected component.
A vulnerability classified as critical was found in Tencent WeKnora 0.1.0/0.2.5. Affected by this issue is some unknown functionality of the component MCP Stdio Configuration Handler. Executing a manipulation can lead to command injection.
This vulnerability is handled as CVE-2026-30861. The attack can be executed remotely. There is not any exploit available.
Upgrading the affected component is advised.
A vulnerability classified as critical has been found in caddyserver caddy 2.11.1. Affected by this vulnerability is the function copy_headers of the component forward_auth. Performing a manipulation results in injection.
This vulnerability is known as CVE-2026-30851. Remote exploitation of the attack is possible. No exploit is available.
It is recommended to upgrade the affected component.
A vulnerability described as problematic has been identified in Philips Hue Bridge. Affected is the function hk_hap of the component Ed25519 Signature Handler. Such manipulation leads to improper verification of cryptographic signature.
This vulnerability is traded as CVE-2026-3562. Access to the local network is required for this attack to succeed. There is no exploit available.
Upgrading the affected component is recommended.