6.9
CVE-2026-6635 - rowboatlabs rowboat tools_webhook app.py tool_call improper authentication
A security vulnerability has been detected in rowboatlabs rowboat up to 0.1.67. This impacts the function tool_call of the file apps/experimental/tools_webhook/app.py of the component tools_webhook. Such manipulation of the argument X-Tools-JWE leads to improper authentication. The attack may be pe…
5.3
CVE-2026-6634 - usememos UpdateInstanceSetting App.tsx memos_access_token improper authorization
A weakness has been identified in usememos memos up to 0.22.1. This affects the function memos_access_token of the file src/App.tsx of the component UpdateInstanceSetting. This manipulation of the argument additionalStyle/additionalScript causes improper authorization. The attack is possible to be …
5.1
CVE-2026-6633 - Yifang CMS Extended Management L_rbac_admin.php store cross site scripting
A security flaw has been discovered in Yifang CMS up to 2.0.5. The impacted element is the function store of the file plugins/yifang_backend_account/logic/admin/L_rbac_admin.php of the component Extended Management Module. The manipulation of the argument Account results in cross site scripting. Th…
8.7
CVE-2026-6632 - Tenda F451 httpd SafeClientFilter fromSafeClientFilter buffer overflow
A vulnerability was identified in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. Remote exploitation of the attack is pos…
8.7
CVE-2026-6631 - Tenda F451 httpd webExcptypemanFilter fromwebExcptypemanFilter buffer overflow
A vulnerability was determined in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. Executing a manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exp…