Total CVEs

143,208

Critical Severity

4,054

High Severity

14,598

Last 7 Days

1,297
Quick preset (or use dates below)
Clear Filters
Showing 41 - 60 of 143,208 CVEs
CVE-2026-51602 HIGH - 7.5

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 (firmware V31.1.9.91) allows an unauthenticated remote attacker to cause a denial of service via a crafted SETUP request. The RTSP service's second-stage URL routing parser fails to validate the length of the URL ...

Published: Jul 09, 2026
Source: NVD

Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handshake ...

Published: Jul 09, 2026
Source: NVD
CVE-2026-51600 HIGH - 7.5

Tenda CP3 V3.0 firmware V31.1.9.91 does not validate the Content-Length header field in RTSP requests (including DESCRIBE, SETUP, and PLAY methods). When a request carrying a Content-Length header is received without a corresponding message body, the RTSP parser enters a persistent body-awaiting sta...

Published: Jul 09, 2026
Source: NVD

An insufficient input validation vulnerability in the RTSP service of MERCURY MIPC252W v1.0.5 Build 230306 Rel.79931n allows an unauthenticated remote attacker to render an individual TCP connection temporarily unusable via sending an RTSP request with a Content-Length header but no corresponding me...

Published: Jul 09, 2026
Source: NVD
CVE-2026-51598 MEDIUM - 6.5

An input validation vulnerability in the RTSP service of MERCURY MIPC252W IP Camera v1.0.5 Build 230306 Rel.79931n) allows an unauthenticated, network-adjacent attacker to cause a denial of service via a crafted DESCRIBE request with a malformed URL in the request line.

Published: Jul 09, 2026
Source: NVD

MERCURY MIPC252W IP camera v1.0.5 Build 230306 Rel.79931n does not implement nonce expiration in RTSP Digest authentication. An adjacent network attacker can capture a legitimate authentication exchange and replay the nonce and response values in a new connection to bypass authentication without kno...

Published: Jul 09, 2026
Source: NVD

The incremental HTML parser (html.parser.HTMLParser) allows for CPU denial-of-service through repeated unterminated markup declarations when processing uncontrolled data.

Vendor: Python Software Foundation
Product: CPython
Published: Jul 09, 2026
Source: NVD

A security flaw has been discovered in Open5GS 2.7.7. This affects the function amf_context_final of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and ma...

Product: Open5GS
Published: Jul 09, 2026
Source: NVD
CVE-2026-15193 MEDIUM - 5.3

A vulnerability was determined in AidanPark openclaw-android up to 0.4.0. The affected element is an unknown function of the file android/app/src/main/java/com/openclaw/android/JsBridge.kt of the component Android WebView Bridge. This manipulation causes os command injection. The attack can only be ...

Vendor: AidanPark
Product: openclaw-android
Published: Jul 09, 2026
Source: NVD
CVE-2026-15192 MEDIUM - 6.5

A vulnerability has been found in mettle sendportal up to 3.0.1. This issue affects the function sendgrid/postmark/postal/mailjet of the component APIv1 Webhooks. The manipulation leads to missing authentication. The attack is possible to be carried out remotely. The exploit has been disclosed to th...

Vendor: mettle
Product: sendportal
Published: Jul 09, 2026
Source: NVD
CVE-2026-15191 MEDIUM - 6.3

A flaw has been found in mettle sendportal up to 3.0.1. This vulnerability affects unknown code of the file vendor/mettle/sendportal-core/src/Http/Requests/CampaignStoreRequest.php of the component Campaign Creation Endpoint. Executing a manipulation can lead to authorization bypass. The attack can ...

Vendor: mettle
Product: sendportal
Published: Jul 09, 2026
Source: NVD
CVE-2026-15190 HIGH - 7.3

A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown part of the file /login.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may ...

Vendor: SourceCodester
Product: Simple and Nice Shopping Cart Script
Published: Jul 09, 2026
Source: NVD

PayRange Android app, version 7.0.7 and below, contains an SSL bypass vulnerability that allows invalid certificates to be accepted in application webviews. A remote and unauthenticated attacker can steal information that the user sends.

Vendor: PayRange
Product: PayRange
Published: Jul 09, 2026
Source: NVD

When coupled with the SSL bypass vulnerability, JavaScript can be injected into a WebView in the PayRange version 7.0.7 app. The injection of specific JavaScript function calls allows the attacker to escape the WebView sandbox and perform a number of dangerous actions on the user's device.

Vendor: PayRange
Product: PayRange
Published: Jul 09, 2026
Source: NVD

An improper authorization check in MISP’s attribute creation endpoint allowed an authenticated user with permission to add attributes to submit a sharing_group_id without triggering the corresponding sharing group authorization check, as long as the attribute distribution value was not explicitly se...

Vendor: misp
Product: misp
Published: Jul 09, 2026
Source: NVD

n8n is an open source workflow automation platform. Prior to 2.27.4 and from 2.28.0 prior to 2.28.1, n8n instances configured with more than one trusted token-exchange issuer resolved external identities to local accounts using only the JWT sub claim and ignored the iss claim, allowing an attacker w...

Vendor: n8n-io
Product: n8n
Published: Jul 09, 2026
Source: NVD

n8n is an open source workflow automation platform. Prior to 2.27.4 and 2.28.1, the AI Agents feature did not enforce the Allowed HTTP Request Domains restriction configured on credentials when an MCP tool was pointed at an arbitrary URL, allowing a member-level user with use-only access to a shared...

Vendor: n8n-io
Product: n8n
Published: Jul 09, 2026
Source: NVD

n8n is an open source workflow automation platform. Prior to 1.123.61, 2.27.4, and, 2.28.1, an authenticated user with the default workflow:create permission could pollute Object.prototype through a crafted workflow saved, updated, or imported via the workflow API, allowing unauthenticated requests ...

Vendor: n8n-io
Product: n8n
Published: Jul 09, 2026
Source: NVD

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Published: Jul 09, 2026
Source: NVD

[This CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] XAPI can configure different users with different roles, using Role Based Access Control. For more details, see: https://docs.xenserver.com/en-us/xencenter/current-rel...

Vendor: Xen
Product: XAPI
Published: Jul 09, 2026
Source: NVD