Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
13055
Total
867
Critical
3775
High
4128
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2026-6124 | HIGH | 8.8 | A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation … | Apr 12, 2026 |
| CVE-2026-6123 | HIGH | 8.8 | A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of … | Apr 12, 2026 |
| CVE-2026-6122 | HIGH | 8.8 | A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. … | Apr 12, 2026 |
| CVE-2026-6121 | HIGH | 8.8 | A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. … | Apr 12, 2026 |
| CVE-2026-6120 | HIGH | 8.8 | A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the … | Apr 12, 2026 |
| CVE-2026-6119 | MEDIUM | 6.3 | A vulnerability was identified in AstrBotDevs AstrBot up to 4.22.1. The affected element is the function post_data.get of the component API Endpoint. Such manipulation leads … | Apr 12, 2026 |
| CVE-2026-31413 | UNKNOWN | — | In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybe_fork_scalars() for BPF_OR maybe_fork_scalars() is called for both BPF_AND … | Apr 12, 2026 |
| CVE-2026-6118 | MEDIUM | 6.3 | A vulnerability was determined in AstrBotDevs AstrBot up to 4.22.1. Impacted is the function add_mcp_server of the file astrbot/dashboard/routes/tools.py of the component MCP Endpoint. This … | Apr 12, 2026 |
| CVE-2026-6117 | MEDIUM | 6.3 | A vulnerability was found in AstrBotDevs AstrBot up to 4.22.1. This issue affects the function install_plugin_upload of the file astrbot/dashboard/routes/plugin.py of the component install-upload Endpoint. … | Apr 12, 2026 |
| CVE-2026-6116 | CRITICAL | 9.8 | A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The … | Apr 12, 2026 |
| CVE-2026-6115 | CRITICAL | 9.8 | A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a … | Apr 12, 2026 |
| CVE-2026-6114 | CRITICAL | 9.8 | A vulnerability was detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. … | Apr 12, 2026 |
| CVE-2026-6113 | CRITICAL | 9.8 | A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. Affected by this vulnerability is the function setTtyServiceCfg of the file /cgi-bin/cstecgi.cgi of the component … | Apr 12, 2026 |
| CVE-2026-6112 | CRITICAL | 9.8 | A weakness has been identified in Totolink A7100RU 7.4cu.2313_b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation … | Apr 12, 2026 |
| CVE-2026-6111 | MEDIUM | 6.3 | A security flaw has been discovered in FoundationAgents MetaGPT up to 0.8.1. This impacts the function decode_image of the file metagpt/utils/common.py. The manipulation of the … | Apr 12, 2026 |
| CVE-2026-6110 | HIGH | 7.3 | A vulnerability was identified in FoundationAgents MetaGPT up to 0.8.1. This affects the function generate_thoughts of the file metagpt/strategy/tot.py of the component Tree-of-Thought Solver. The … | Apr 12, 2026 |
| CVE-2026-1116 | HIGH | 8.2 | A Cross-site Scripting (XSS) vulnerability was identified in the `from_dict` method of the `AppLollmsMessage` class in parisneo/lollms prior to version 2.2.0. The vulnerability arises from … | Apr 12, 2026 |
| CVE-2026-6109 | MEDIUM | 4.3 | A vulnerability was determined in FoundationAgents MetaGPT up to 0.8.1. The impacted element is the function evaluateCode of the file metagpt/environment/minecraft/mineflayer/index.js of the component Mineflayer … | Apr 12, 2026 |
| CVE-2026-6108 | MEDIUM | 6.3 | A vulnerability was found in 1Panel-dev MaxKB up to 2.6.1. The affected element is the function execute of the file apps/application/flow/step_node/mcp_node/impl/base_mcp_node.py of the component Model … | Apr 12, 2026 |
| CVE-2026-6107 | LOW | 3.5 | A flaw has been found in 1Panel-dev MaxKB up to 2.6.1. This issue affects some unknown processing of the file apps/common/middleware/chat_headers_middleware.py of the component ChatHeadersMiddleware. … | Apr 12, 2026 |
| CVE-2026-6106 | LOW | 3.5 | A vulnerability was detected in 1Panel-dev MaxKB up to 2.2.1. This vulnerability affects the function StaticHeadersMiddleware of the file apps/common/middleware/static_headers_middleware.py of the component Public Chat … | Apr 11, 2026 |
| CVE-2026-6105 | HIGH | 7.3 | A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall … | Apr 11, 2026 |
| CVE-2026-31845 | CRITICAL | 9.3 | A reflected cross-site scripting (XSS) vulnerability exists in Rukovoditel CRM version 3.6.4 and earlier in the Zadarma telephony API endpoint (/api/tel/zadarma.php). The application directly reflects … | Apr 11, 2026 |
| CVE-2026-32146 | UNKNOWN | — | Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows arbitrary file system modification during dependency download. Dependency names from gleam.toml and … | Apr 11, 2026 |
| CVE-2026-23900 | UNKNOWN | — | Various stored XSS vulnerabilities in the maps- and icon rendering logic in Phoca Maps component 5.0.0-6.0.2 have been discovered. | Apr 11, 2026 |