8.5
CVE-2026-22226 - Command Injection Vulnerability on TP-Link Archer BE230 v1.2
A command injection vulnerability may be exploited after the admin's authentication in the VPN server configuration module on the TP-Link Archer BE230 v1.2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configura…
8.5
CVE-2026-22225 - Command Injection Vulnerability on TP-Link Archer BE230 v1.2 and AXE75 v1.0
A command injection vulnerability may be exploited after the admin's authentication in the VPN Connection Service on the Archer BE230 v1.2 and Archer AXE75 v1.0. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of con…
8.5
CVE-2026-22224 - Command Injection Vulnerability on TP-Link Archer BE230 v1.2
A command injection vulnerability may be exploited after the admin's authentication in the cloud communication interface on the TP-Link Archer BE230 v1.2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configurati…
8.5
CVE-2026-22223 - Command Injection Vulnerability on TP-Link Archer BE230 v1.2
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration int…
8.5
CVE-2026-22222 - Command Injection Vulnerability on TP-Link Archer BE230 v1.2
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration in…
8.5
CVE-2026-0631 - Command Injection Vulnerability on TP-Link Archer BE230 v1.2
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows an adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration…
8.5
CVE-2026-0630 - Command Injection Vulnerability on TP-Link Archer BE230 v1.2 and AXE75 v1.0
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) and Archer AXE75 v1.0 allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromi…
8.5
CVE-2026-22221 - Command Injection Vulnerability on TP-Link Archer BE230 v1.2
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration int…
6.8
CVE-2026-1232 - Anti-Tamper Bypass in BeyondTrust Privilege Management for Windows
A medium-severity vulnerability has been identified in BeyondTrust Privilege Management for Windows versions <=25.7. Under certain conditions, a local authenticated user with elevated privileges may be able to bypass the product’s anti-tamper protections, which could allow access to protected appli…
4.5
CVE-2026-1770 - Improper Control of Dynamically-Managed Code Resources in Crafter Studio
Improper Control of Dynamically-Managed Code Resources vulnerability in Crafter Studio of Crafter CMS allows authenticated developers to execute OS commands via Groovy Sandbox Bypass. By inserting malicious Groovy elements, an attacker may bypass sandbox restrictions and obtain RCE (Remote Code Exe…