Aggregator

CVE-2026-4566 | Belkin F9K1122 1.00.33 /goform/formWISP5G webpage stack-based overflow

VulDB Recent Entries
3 days 17 hours ago
A vulnerability categorized as critical has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formWISP5G of the file /goform/formWISP5G. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. This vulnerability is tracked as CVE-2026-4566. The attack can be launched remotely. Moreover, an exploit is present. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-4565 | Tenda AC21 16.03.08.16 SetNetControlList formSetQosBand list buffer overflow

VulDB Recent Entries
3 days 17 hours ago
A vulnerability was found in Tenda AC21 16.03.08.16. It has been rated as critical. Impacted is the function formSetQosBand of the file /goform/SetNetControlList. Performing a manipulation of the argument list results in buffer overflow. This vulnerability is identified as CVE-2026-4565. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

CVE-2026-4564 | yangzongzhuan RuoYi up to 4.8.2 Quartz Job /monitor/job/ invokeTarget code injection

VulDB Recent Entries
3 days 17 hours ago
A vulnerability was found in yangzongzhuan RuoYi up to 4.8.2. It has been declared as critical. This issue affects some unknown processing of the file /monitor/job/ of the component Quartz Job Handler. Such manipulation of the argument invokeTarget leads to code injection. This vulnerability is referenced as CVE-2026-4564. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com

CVE-2026-4563 | MacCMS up to 2025.1000.4052 Member Order Detail Interface User.php order_info order_id authorization

VulDB Recent Entries
3 days 17 hours ago
A vulnerability was found in MacCMS up to 2025.1000.4052. It has been classified as problematic. This vulnerability affects the function order_info of the file application/index/controller/User.php of the component Member Order Detail Interface. This manipulation of the argument order_id causes authorization bypass. The identification of this vulnerability is CVE-2026-4563. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2026-4562 | MacCMS 2025.1000.4052 Timming API Endpoint Timming.php missing authentication

VulDB Recent Entries
3 days 17 hours ago
A vulnerability was found in MacCMS 2025.1000.4052 and classified as critical. This affects an unknown part of the file application/api/controller/Timming.php of the component Timming API Endpoint. The manipulation results in missing authentication. This vulnerability was named CVE-2026-4562. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

Managed ad