CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST — in English

CISA KEV catalog updated: (v2026.07.07)

CVE-2026-42375
Critical

D-Link DIR-600L Hardware Revision A1 contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot with the default username 'Alphanetworks' and static password 'wrgn35_dlwbr_dir600l'.

CVE-2026-42374
Critical

D-Link DIR-600L Hardware Revision B1 contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot with the username 'Alphanetworks' and the static password 'wrgn61_dlwbr_dir600L'.

CVE-2026-42373
Critical

D-Link DIR-605L Hardware Revision B2 contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot with the username 'Alphanetworks' and the static password 'wrgn76_dlwbr_dir605L'.

CVE-2026-42090
Critical

Notesnook has a stored XSS vulnerability that can lead to remote code execution in the desktop app. The issue arises from exported note fields being inserted into the HTML template without proper escaping.

CVE-2026-42076
Critical

Evolver is an AI self-evolving engine that prior to version 1.69.3 had a command injection vulnerability in the _extractLLM() function. This allows attackers to execute arbitrary shell commands on the server due to improper handling of parameters.

CVE-2026-42027
Critical

In Apache OpenNLP before versions 1.9.5, 2.5.9, and 3.0.0-M3, the ExtensionLoader.instantiateExtension() method loads a class by name from a model's manifest.properties, executing its static initializer before type checking. An attacker can supply a crafted model to trigger arbitrary class initialization, potentially leading to remote code execution.

CVE-2026-40682
Critical

An XML External Entity (XXE) vulnerability was found in Apache OpenNLP's DictionaryEntryPersistor class. The class initializes a SAX parser without enabling FEATURE_SECURE_PROCESSING or disabling DTD processing, allowing an attacker to inject a malicious DOCTYPE declaration in a dictionary file. This can lead to local file disclosure (file://) or server-side request forgery (SSRF) during parsing.

CVE-2026-26956
CriticalEPSS 56%

vm2 version 3.10.4 contains a vulnerability allowing full sandbox escape and arbitrary code execution on the host. An attacker can obtain the host process object and run commands without any host cooperation.

CVE-2026-26332
Critical

A vulnerability in the vm2 library for Node.js allows attackers to escape the sandbox and execute arbitrary code via the SuppressedError mechanism. The issue is fixed in version 3.11.0.

CVE-2026-25293
Critical

Buffer overflow due to incorrect authorization in PLC firmware.

CVE-2026-24781
CriticalEPSS 63%

A vulnerability in the vm2 library for Node.js allows sandbox escape via the inspect function. Attackers can execute arbitrary commands on the host system.

CVE-2026-24120
CriticalEPSS 55%

A vulnerability in the vm2 library for Node.js allows bypassing the fix for CVE-2023-37466. Attackers can write code that escapes the VM2 sandbox and executes arbitrary commands on the host system.

CVE-2026-24118
CriticalEPSS 56%

A vulnerability in the vm2 library for Node.js allows sandbox escape and arbitrary command execution on the host system. The issue is fixed in version 3.11.0.

CVE-2025-13605
Critical

The 3onedata modbus gateway device model GW1101-1D(RS-485)-TB-P (hardware version V2.2.0) allows authenticated users to execute arbitrary shell commands in the context of the root user by providing payload in the 'IP address' field of the diagnosis test tools.

CVE-2025-70067
Critical

A buffer overflow vulnerability was found in the Assimp library up to version 6.0.2 in the FBX Importer. The issue occurs in aiMaterial::AddBinaryProperty, where a property key string from a crafted FBX file is copied into a fixed-size heap buffer using strcpy() without runtime length validation.

CVE-2026-7482
Critical

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file where the declared tensor offset and size exceed the file's actual length, leading to reading memory past the allocated buffer.

CVE-2026-7747
Critical

A security flaw has been discovered in Totolink N300RH version 3.2.4-B20220812 in the loginauth function of the /cgi-bin/cstecgi.cgi file, affecting the Parameter Handler component. Manipulating the Password argument results in a buffer overflow, which can be exploited in remote attacks.

CVE-2025-14320
Critical

W aplikacji wsparcia online firmy Tegsoft Management and Information Services Trade Limited Company występuje podatność na atak typu 'cross-site scripting' (XSS) z powodu niewłaściwego neutralizowania danych wejściowych podczas generowania stron internetowych. Problem ten dotyczy wersji aplikacji od V3 do 31122025.

CVE-2026-29200
Critical

A critical IDOR vulnerability has been discovered in Comet Backup affecting all versions from 20.11.0 to 26.1.1 and 26.2.1. The vulnerability allows a tenant administrator to impersonate any end-user account of other tenants on the same server via a vulnerable API call.

CVE-2026-7719
Critical

A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227 in the loginauth function of the /cgi-bin/cstecgi.cgi file, affecting the POST Request Handler component. Manipulation of the http_host argument results in buffer overflow.

PreviousPage 86 of 547Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS