6.9
CVE-2026-32958 - HardโCoded Cryptographic Key Enables Fake Firmware Updates
SD-330AC and AMC Manager provided by silex technology, Inc. use a hard-coded cryptographic key. An administrative user may be directed to apply a fake firmware update.
8.2
CVE-2026-32959 - Weak Cryptographic Algorithm Enables ManโinโtheโMiddle Data Retrieval
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a use of a broken or risky cryptographic algorithm. Information in the traffic may be retrieved via man-in-the-middle attack.
7.1
CVE-2026-32960 - Authentication Bypass via Sensitive Resource Reuse in Silex AMC Manager and SD-330AC
SD-330AC and AMC Manager provided by silex technology, Inc. contain an issue with a sensitive information in resource not removed before reuse. An attacker may login to the device without knowing the password by sending a crafted packet.
6.9
CVE-2026-32961 - HeapโBased Buffer Overflow in Silex AMC Manager and SDโ330AC Causing Temporary Denial of Service
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in packet data processing of sx_smpd. Processing a crafted packet may cause a temporary denial-of-service (DoS) condition.
6.9
CVE-2026-32962 - Missing Authentication Allows Device Configuration Changes
SD-330AC and AMC Manager provided by silex technology, Inc. contain a missing authentication for critical function issue. The device configuration may be altered without authentication.
5.1
CVE-2026-32963 - Reflected CrossโSite Scripting via Crafted Web Pages
SD-330AC and AMC Manager provided by silex technology, Inc. contain a reflected cross-site scripting vulnerability. When a user logs in to the affected device and access some crafted web page, arbitrary script may be executed on the user's browser.
6.9
CVE-2026-32964 - Improper CRLF Neutralization Leading to Configuration Injection in Silex AMC Manager and SDโ330AC
SD-330AC and AMC Manager provided by silex technology, Inc. contain an improper neutralization of CRLF sequences ('CRLF Injection') vulnerability. Processing some crafted configuration data may lead to arbitrary entries injected to the system configuration.
8.7
CVE-2026-32965 - Insecure Default Password Allows Unauthenticated Access on Silex SDโ330AC and AMC Manager
Initialization of a resource with an insecure default vulnerability exists in SD-330AC and AMC Manager provided by silex technology, Inc. When the affected device is connected to the network with the initial (factory-default) configuration, the device can be configured with the null string password.
5.1
CVE-2026-6600 - langflow-ai langflow Frontend React Component Rendering edit-message.tsx cross site scripting
A flaw has been found in langflow-ai langflow up to 1.8.3. This affects an unknown function of the file src/frontend/src/modals/IOModal/components/chatView/chatMessage/components/edit-message.tsx of the component Frontend React Component Rendering. Executing a manipulation can lead to cross site scโฆ
5.3
CVE-2026-6599 - langflow-ai langflow Model Context Protocol Configuration API mcp_projects.py install_mcp_config inโฆ
A vulnerability was detected in langflow-ai langflow up to 1.8.3. The impacted element is the function get_client_ip/install_mcp_config of the file src/backend/base/langflow/api/v1/mcp_projects.py of the component Model Context Protocol Configuration API. Performing a manipulation of the argument Xโฆ