CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
W jądrze systemu Linux zidentyfikowano podatność związana z odczytem poza granicami (OOB) w dentry_hashtable, gdy użytkownik ustawia 'dhash_entries=1'. Problem ten prowadzi do błędu strony w trybie jądra, co może skutkować nieprzewidzianym dostępem do pamięci.
A vulnerability in the Linux kernel related to the ext4 filesystem has been resolved, concerning the handling of wraparound when searching for blocks for indirect mapped files. A code change restricts block allocation to numbers fitting within 32-bit block numbers.
A vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24 affecting the function get_csrf_whites in the file /cgi/advanced/misc_main.cgi. Manipulation of this function leads to stack-based buffer overflow.
An unauthenticated OS command injection vulnerability exists in the GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1). The attack is possible via the /action/SetRemoteAccessCfg endpoint.
An issue was discovered in Gambio version 4.9.2.0 that allows the password reset function to be bypassed, enabling arbitrary passwords to be set for arbitrary accounts if the account ID is known.
OpenClaw versions 2026.4.7 before 2026.4.14 contain a privilege escalation vulnerability where heartbeat owner downgrade logic skips webhook wake events carrying untrusted content. Attackers can exploit this by sending untrusted webhook wake events to preserve owner-like execution context when the run should have been downgraded.
OpenClaw before version 2026.4.10 contains an input validation vulnerability that allows external hook metadata to be enqueued as trusted system events. Attackers can supply malicious hook names to escalate untrusted input into higher-trust agent context.
Eclipse Equinox OSGi version 3.7.2 and earlier contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands by sending payloads to the console interface. Attackers can connect to the OSGi console port and send base64-encoded bash commands wrapped in fork directives to achieve code execution and establish reverse shell connections.
Eclipse Equinox OSGi versions 3.8 through 3.18 contain a remote code execution vulnerability in the console interface that allows unauthenticated attackers to execute arbitrary code by exploiting the fork command functionality. Attackers can establish a telnet connection to the OSGi console, perform a telnet handshake, and send fork commands to download and execute malicious Java code, establishing a reverse shell connection.
CVE-2026-40797 describes an improper neutralization of special elements used in an SQL command, leading to the possibility of a Blind SQL Injection attack in the WebinarIgnition application.
A security flaw has been discovered in Totolink A8000RU version 7.1cu.643_b20200521. The function setAppFilterCfg in the file /cgi-bin/cstecgi.cgi is vulnerable to OS command injection through manipulation of the argument enable.
The Geeky Bot plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 1.2.2. This is due to a nopriv AJAX route allowing attacker-controlled model/function dispatch and reaching a plugin installer helper that downloads and unzips attacker-supplied ZIP files.
The Mentoring plugin for WordPress is vulnerable to privilege escalation in all versions up to and including 1.2.8. This is due to the plugin not properly restricting the roles that users can register with in the mentoring_process_registration() function.
The MoreConvert Pro plugin for WordPress is vulnerable to Authentication Bypass in all versions up to and including 1.9.14. The issue arises from the guest waitlist verification flow not invalidating or regenerating verification tokens when the customer email address is changed.
Nginx UI, a web user interface for the Nginx web server, prior to version 2.3.8, exposed a backup restore endpoint (POST /api/restore) that was completely unauthenticated during the first 10 minutes after process startup on any fresh installation. An unauthenticated remote attacker could upload a crafted backup archive that overwrote the application's configuration file and SQLite database.
The WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the firewall.cgi binary due to insufficient input validation. Attackers can inject arbitrary shell commands through vulnerable parameters, leading to persistent payloads stored in NVRAM.
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the reboot_time function of the adm.cgi binary. This allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the reboot_time POST parameter.
The WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the makeRequest.cgi binary. This allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the set_time or StartSniffer functions.
The WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the internet.cgi binary, allowing unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the gateway POST parameter.
WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerability in the wireless.cgi binary that allows unauthenticated remote attackers to execute arbitrary shell commands by injecting malicious input into the sz11gChannel or PIN POST parameters. Attackers can exploit unsanitized parameter handling in the set_wifi_basic and set_wifi_do_wps functions to achieve remote code execution without authentication.

