Export limit exceeded: 359527 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 359527 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (359527 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-11410 | 2026-06-18 | N/A | ||
| An authenticated OS command injection vulnerability exists in the BigPond Cable (BPA) WAN configuration module in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges. | ||||
| CVE-2026-11409 | 2026-06-18 | N/A | ||
| An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of user input. An attacker with administrative access may exploit this issue to execute arbitrary system commands with elevated privileges. | ||||
| CVE-2026-53866 | 1 Openclaw | 1 Openclaw | 2026-06-18 | 8.1 High |
| OpenClaw before 2026.5.12 contains an allowlist bypass vulnerability in shell inline-command parsing that allows authenticated operators to execute unapproved commands. A command request using shell inline-command forms could route through a parser case missing the expected allowlist decision, enabling shell content execution without intended approval prompts. | ||||
| CVE-2026-0063 | 1 Google | 1 Android | 2026-06-18 | N/A |
| In setAllowedCarriers of PhoneInterfaceManager.java, there is a possible way to disable carrier restrictions due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-53861 | 1 Openclaw | 1 Openclaw | 2026-06-18 | 6.6 Medium |
| OpenClaw before 2026.5.6 contains an allowlist bypass vulnerability in the macOS Swift exec feature that misses combined POSIX inline-command flags. Attackers can execute shell content outside the intended allowlist check by using combined flag forms, potentially allowing unauthorized command execution depending on operator configuration. | ||||
| CVE-2026-0081 | 1 Google | 1 Android | 2026-06-18 | N/A |
| In NFC, there is a possible way to spoof an NFC event due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | ||||
| CVE-2026-53855 | 1 Openclaw | 1 Openclaw | 2026-06-18 | 8.1 High |
| OpenClaw before 2026.4.2 contains an inline-eval bypass vulnerability allowing authenticated operators to weaken strict allowlist checks via shell positional parameters. Attackers can combine allowlisted tools with shell positional arguments to place inline-eval content in shell carriers outside intended allowlist rules, enabling execution of unapproved shell-provided content. | ||||
| CVE-2026-53849 | 1 Openclaw | 1 Openclaw | 2026-06-18 | 8.1 High |
| OpenClaw before 2026.5.7 contains a privilege escalation vulnerability where the allowFrom feature improperly validates Discord account identity using mutable display names instead of immutable user IDs. Attackers with Discord accounts can change their display name to match a policy entry and gain unauthorized agent access intended for another Discord identity. | ||||
| CVE-2026-53843 | 1 Openclaw | 1 Openclaw | 2026-06-18 | 8.8 High |
| OpenClaw before 2026.5.26 contains an authorization bypass vulnerability where a surviving pairing-scoped device session can re-establish node token authority after revocation. Attackers with a paired device can regain WebSocket node-level access without renewed approval, weakening revocation controls and maintaining unauthorized access longer than intended. | ||||
| CVE-2026-9261 | 2026-06-18 | 6.8 Medium | ||
| Use of weak SSH cryptographic algorithms in Canon EOS Network Setting Tool Version 1.5.0 or earlier | ||||
| CVE-2026-7273 | 1 Zyxel | 10 Gs1900-10hp Firmware, Gs1900-16 Firmware, Gs1900-24 Firmware and 7 more | 2026-06-18 | 8.8 High |
| A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allow a LAN-based, unauthenticated attacker to exploit the flaw and potentially execute OS commands via a crafted HTTP request. | ||||
| CVE-2026-53842 | 1 Openclaw | 1 Openclaw | 2026-06-18 | 7.1 High |
| OpenClaw before 2026.5.2 contains an environment variable injection vulnerability allowing workspace .env files to influence Python runtime selection through CLOUDSDK_PYTHON during Gmail setup gcloud execution. Attackers with repository access can manipulate the CLOUDSDK_PYTHON variable to execute setup through unintended local Python paths, potentially enabling arbitrary code execution. | ||||
| CVE-2026-6893 | 1 Redhat | 6 Dracut, Enterprise Linux, Hardened Images and 3 more | 2026-06-18 | 7.5 High |
| A flaw was found in dracut. A remote attacker on the adjacent network can exploit this vulnerability by providing specially crafted DHCP (Dynamic Host Configuration Protocol) options, such as a malicious hostname, to a system using dracut's legacy DHCP path. These options are improperly handled and written into temporary shell scripts without proper escaping, leading to command injection. This allows the attacker to achieve root code execution within the initramfs, potentially compromising the system's boot and network behavior. | ||||
| CVE-2025-55645 | 1 Gpac | 2 Gpac, Mp4box | 2026-06-18 | 5.5 Medium |
| A heap buffer overflow in the gf_cenc_set_pssh function (isomedia/drm_sample.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2025-55644 | 1 Gpac | 2 Gpac, Mp4box | 2026-06-18 | 5.5 Medium |
| A heap use-after-free in the gf_node_get_tag function (scenegraph/base_scenegraph.c) of GPAC MP4Box v2.4 allows attackers to cause a Denial of Service (DoS) via supplying a crafted MP4 file. | ||||
| CVE-2026-39006 | 2026-06-18 | 9.8 Critical | ||
| An issue in SNMP4J-Agent 3.8.3 allows a remote attacker to execute arbitrary code via the snmp4jCfgStoragePath component. | ||||
| CVE-2026-50875 | 2026-06-18 | 8.1 High | ||
| Incorrect access control in the /{form}/webhooks/{webhook} endpoint of Deck9 Input v2.0.1 allows authenticated attackers to arbitrarily modify or delete another tenant's webhook via a crafted request. | ||||
| CVE-2025-24104 | 1 Apple | 2 Ipados, Iphone Os | 2026-06-18 | 5.5 Medium |
| This issue was addressed with improved handling of symlinks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4. Restoring a maliciously crafted backup file may lead to modification of protected system files. | ||||
| CVE-2025-24118 | 1 Apple | 2 Ipados, Macos | 2026-06-18 | 9.8 Critical |
| The issue was addressed with improved memory handling. This issue is fixed in iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3. An app may be able to cause unexpected system termination or write kernel memory. | ||||
| CVE-2025-24160 | 1 Apple | 6 Ipados, Iphone Os, Macos and 3 more | 2026-06-18 | 4.3 Medium |
| The issue was addressed with improved checks. This issue is fixed in iOS 18.3 and iPadOS 18.3, iPadOS 17.7.4, macOS Sequoia 15.3, macOS Sonoma 14.7.3, tvOS 18.3, visionOS 2.3, watchOS 11.3. Parsing a file may lead to an unexpected app termination. | ||||