|
1801
|
6.3 |
MEDIUM
Adjacent
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.22 contains a service discovery vulnerability where TXT metadata from Bonjour and DNS-SD could influence CLI routing even when actual service resolution failed. Attackers can e…
|
CWE-345
Insufficient Verification of Data Authenticity
|
CVE-2026-35659
|
2026-04-14 04:21 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1802
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebtypelibrary of the file /goform/webtypelibrary. This manipulation of the argument menufacturer/Go cau…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-6200
|
2026-04-14 04:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1803
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. …
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-6199
|
2026-04-14 04:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1804
|
8.8 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-b…
|
CWE-119
CWE-121
Incorrect Access of Indexable Resource ('Range Error')
Stack-based Buffer Overflow
|
CVE-2026-6198
|
2026-04-14 04:16 |
2026-04-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1805
|
7.2 |
HIGH
Network
|
-
|
-
|
Improper handling of Unicode encoding in SonicWall SMA1000 series appliances allows a remote authenticated SSLVPN user to bypass Workplace/Connect Tunnel TOTP authentication.
|
CWE-176
Improper Handling of Unicode Encoding
|
CVE-2026-4116
|
2026-04-14 04:16 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1806
|
7.2 |
HIGH
Network
|
-
|
-
|
An observable response discrepancy vulnerability in the SonicWall SMA1000 series appliances allows a remote attacker to enumerate SSL VPN user credentials.
|
CWE-204
Response Discrepancy Information Exposure
|
CVE-2026-4113
|
2026-04-14 04:16 |
2026-04-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1807
|
5.9 |
MEDIUM
Network
|
-
|
-
|
Axios is a promise based HTTP client for the browser and Node.js. Starting in version 1.13.0 and prior to 1.13.2, Axios HTTP/2 session cleanup logic contains a state corruption bug that allows a mali…
|
CWE-400
CWE-662
Uncontrolled Resource Consumption
Improper Synchronization
|
CVE-2026-39865
|
2026-04-14 04:16 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1808
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in AnyTrack AnyTrack Affiliate Link Manager anytrack-affiliate-link-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affe…
|
CWE-862
Missing Authorization
|
CVE-2026-39715
|
2026-04-14 04:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1809
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Missing Authorization vulnerability in mailercloud Mailercloud – Integrate webforms and synchronize website contacts mailercloud-integrate-webforms-synchronize-contacts allows Exploiting Incorr…
|
CWE-862
Missing Authorization
|
CVE-2026-39713
|
2026-04-14 04:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1810
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Insertion of Sensitive Information Into Sent Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Retrieve Embedded Sensitive Data.This issue affects RT-Theme 18 | Extensions:…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-39711
|
2026-04-14 04:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
