|
1
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in Wavlink NU516U1 M16U1_V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument ppp_username/ppp_passwd/rwa…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-8190
|
2026-05-10 03:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Wavlink NU516U1 M16U1_V240425. Affected by this vulnerability is the function wzdrepeater of the file /cgi-bin/adm.cgi. The manipulation of the argument wlan_bssid/sel_Au…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-8189
|
2026-05-10 02:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in Wavlink NU516U1 M16U1_V240425. Affected is the function change_wifi_password of the file /cgi-bin/adm.cgi. The manipulation of the argument wl_channel/wl_Pass/Encryp…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-8188
|
2026-05-10 01:16 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including…
New
|
CWE-200
Information Exposure
|
CVE-2026-8198
|
2026-05-9 22:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
5
|
- |
|
-
|
-
|
Allocation of Resources Without Limits or Throttling vulnerability in absinthe-graphql absinthe allows unauthenticated denial of service via atom table exhaustion when parsing attacker-controlled Gra…
New
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-42793
|
2026-05-9 22:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
6
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in Open5GS up to 2.7.7. This affects the function ogs_sbi_client_send_via_scp_or_sepp in the library lib/sbi/client.c of the component NF. Performing a manipulation resul…
New
|
CWE-119
CWE-125
Incorrect Access of Indexable Resource ('Range Error')
Out-of-bounds Read
|
CVE-2026-8186
|
2026-05-9 21:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
7
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in Open5GS up to 2.7.7. This impacts the function _gtpv1_u_recv_cb of the file src/upf/gtp-path.c of the component UPF. Executing a manipulation can lead to resource consumption…
New
|
CWE-400
CWE-404
Uncontrolled Resource Consumption
Improper Resource Shutdown or Release
|
CVE-2026-8187
|
2026-05-9 20:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
8
|
6.3 |
MEDIUM
Adjacent
|
-
|
-
|
A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such manipulation leads to missing authe…
New
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-8185
|
2026-05-9 20:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
9
|
7.2 |
HIGH
Network
|
-
|
-
|
Some Hikvision switch products (discontinued since December 2023) are vulnerable to authenticated remote command execution due to insufficient input validation. Attackers with valid credentials can e…
New
|
-
|
CVE-2026-3828
|
2026-05-9 18:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
10
|
5.3 |
MEDIUM
Adjacent
|
-
|
-
|
Some EZVIZ products utilize older versions of cloud feature modules with legacy API interfaces, which pose a data transmission risk. Attackers can exploit this by eavesdropping on network requests to…
New
|
-
|
CVE-2026-32683
|
2026-05-9 18:16 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
