24h | 7d | 30d

Overview

  • Belkin
  • F9K1015

06 Apr 2026
Published
06 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.04%

KEV

Description

A security flaw has been discovered in Belkin F9K1015 1.00.10. Impacted is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post

Last activity: 18 hours ago

Fediverse

Profile picture fallback

🔒 HIGH-severity stack buffer overflow in Belkin F9K1015 (v1.00.10) — CVE-2026-5614. Public exploit, no patch, vendor silent. Disable remote access, restrict device exposure. Stay vigilant! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 18h ago

Overview

  • Belkin
  • F9K1015

06 Apr 2026
Published
06 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.04%

KEV

Description

A vulnerability was detected in Belkin F9K1015 1.00.10. The affected element is the function formSetFirewall of the file /goform/formSetFirewall. The manipulation of the argument webpage results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post

Last activity: 15 hours ago

Fediverse

Profile picture fallback

⚠️ CVE-2026-5629: High-severity stack buffer overflow in Belkin F9K1015 (v1.00.10). Remote exploit possible — public code out, no patch yet. Restrict device access & monitor vendor updates. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 15h ago

Overview

  • Meta
  • react-server-dom-webpack

03 Dec 2025
Published
26 Feb 2026
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
66.27%

Description

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Statistics

  • 1 Post

Last activity: 3 hours ago

Fediverse

Profile picture fallback

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials thehackernews.com/2026/04/hack

  • 0
  • 0
  • 0
  • 3h ago

Overview

  • Tenda
  • CH22

05 Apr 2026
Published
06 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.02%

KEV

Description

A weakness has been identified in Tenda CH22 1.0.0.1. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

Statistics

  • 1 Post

Last activity: 22 hours ago

Fediverse

Profile picture fallback

🚨 HIGH severity: CVE-2026-5605 in Tenda CH22 v1.0.0.1 — stack-based buffer overflow in /goform/WrlExtraSet. No patch yet. Restrict remote access & monitor for threats. Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 22h ago

Overview

  • Pending

03 Apr 2025
Published
29 May 2025
Updated

CVSS
Pending
EPSS
2.73%

KEV

Description

Netwrix Password Secure 9.2.0.32454 allows OS command injection.

Statistics

  • 1 Post

Last activity: 9 hours ago

Bluesky

Profile picture fallback
Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817)
  • 0
  • 0
  • 0
  • 9h ago

Overview

  • Pending

Pending
Published
Pending
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

This candidate has been reserved by a CVE Numbering Authority (CNA). This record will be updated by the assigning CNA once details are available.

Statistics

  • 1 Post

Last activity: 5 hours ago

Fediverse

Profile picture fallback

50,000 WordPress Sites Affected by Arbitrary File Upload Vulnerability in Ninja Forms - File Upload WordPress Plugin

CVE-2026-0740 | CVSS 9.8 (Critical) | Unauthenticated attackers can upload arbitrary files and achieve remote code execution. Update to version 3.3.27.

Discovered by Sélim Lanouar (whattheslime).

Review the report to ensure your site is not affected.

wordfence.com/blog/2026/04/500

#WordPress #WebSecurity #Wordfence

  • 0
  • 0
  • 0
  • 5h ago

Overview

  • Belkin
  • F9K1122

06 Apr 2026
Published
06 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.04%

KEV

Description

A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post

Last activity: 21 hours ago

Fediverse

Profile picture fallback

⚠️ HIGH severity: CVE-2026-5608 in Belkin F9K1122 v1.00.33 enables remote buffer overflow via the /goform/formWlanSetup endpoint. Exploit code is public; no patch from vendor. Restrict remote mgmt access now. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 21h ago

Overview

  • Intel(R) Processors

13 May 2025
Published
03 Nov 2025
Updated

CVSS v4.0
MEDIUM (5.7)
EPSS
0.10%

KEV

Description

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Statistics

  • 1 Post

Last activity: 9 hours ago

Bluesky

Profile picture fallback
CVE-2024-45332 brings back branch target injection attacks on Intel
  • 0
  • 0
  • 0
  • 9h ago

Overview

  • Belkin
  • F9K1015

06 Apr 2026
Published
06 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
0.04%

KEV

Description

A vulnerability was determined in Belkin F9K1015 1.00.10. This vulnerability affects the function formWlEncrypt of the file /goform/formWlEncrypt. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post

Last activity: 12 hours ago

Fediverse

Profile picture fallback

⚠️ HIGH severity: Stack buffer overflow in Belkin F9K1015 v1.00.10 (/goform/formWlEncrypt, CVE-2026-5612). Remote code exec/DoS possible. No vendor patch. Restrict remote access & monitor advisories. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 12h ago

Overview

  • SmarterTools
  • SmarterMail

22 Jan 2026
Published
05 Mar 2026
Updated

CVSS v4.0
CRITICAL (9.3)
EPSS
77.92%

Description

SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An unauthenticated attacker can supply a target administrator username and a new password to reset the account, resulting in full administrative compromise of the SmarterMail instance. NOTE: SmarterMail system administrator privileges grant the ability to execute operating system commands via built-in management functionality, effectively providing administrative (SYSTEM or root) access on the underlying host.

Statistics

  • 1 Post

Last activity: 6 hours ago

Bluesky

Profile picture fallback
~Microsoft~ Storm-1175 rapidly exploits web-facing N-days and zero-days to deploy Medusa ransomware, often within 24 hours. - IOCs: CVE-2026-23760, CVE-2025-10035, Medusa - #MedusaRansomware #Storm1175 #ThreatIntel
  • 0
  • 0
  • 0
  • 6h ago
Showing 11 to 20 of 28 CVEs