8.7
CVE-2026-2910 - Tenda HG9 formPing6 stack-based overflow
A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used.
8.7
CVE-2026-2909 - Tenda HG9 Diagnostic Ping Endpoint formPing stack-based overflow
A vulnerability was detected in Tenda HG9 300001138. This affects an unknown part of the file /boaform/formPing of the component Diagnostic Ping Endpoint. Performing a manipulation of the argument pingAddr results in stack-based buffer overflow. The attack is possible to be carried out remotely. Thβ¦
8.7
CVE-2026-2908 - Tenda HG9 Loopback Detection Configuration Endpoint formLoopBack stack-based overflow
A security vulnerability has been detected in Tenda HG9 300001138. Affected by this issue is some unknown functionality of the file /boaform/formLoopBack of the component Loopback Detection Configuration Endpoint. Such manipulation of the argument Ethtype leads to stack-based buffer overflow. The aβ¦
8.7
CVE-2026-2907 - Tenda HG9 GPON Configuration Endpoint formgponConf stack-based overflow
A weakness has been identified in Tenda HG9 300001138. Affected by this vulnerability is an unknown functionality of the file /boaform/formgponConf of the component GPON Configuration Endpoint. This manipulation of the argument fmgpon_loid/fmgpon_loid_password causes stack-based buffer overflow. Reβ¦
8.7
CVE-2026-2906 - Tenda HG9 Samba Configuration Endpoint formSamba stack-based overflow
A security flaw has been discovered in Tenda HG9 300001138. Affected is an unknown function of the file /boaform/formSamba of the component Samba Configuration Endpoint. The manipulation of the argument sambaCap results in stack-based buffer overflow. The attack may be launched remotely. The exploiβ¦
8.7
CVE-2026-2905 - Tenda HG9 Wireless Configuration Endpoint formWlanSetup stack-based overflow
A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit β¦
8.7
CVE-2026-2904 - UTT HiPER 810G ConfigExceptAli strcpy buffer overflow
A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the function strcpy of the file /goform/ConfigExceptAli. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.
4.8
CVE-2026-2903 - skvadrik re2c ast.cc check_and_merge_special_rules null pointer dereference
A flaw has been found in skvadrik re2c up to 4.4. Impacted is the function check_and_merge_special_rules of the file src/parse/ast.cc. This manipulation causes null pointer dereference. The attack can only be executed locally. The exploit has been published and may be used. Patch name: febeb977936fβ¦
5.1
CVE-2026-2898 - funadmin Backend Endpoint AuthCloudService.php getMember deserialization
A vulnerability was detected in funadmin up to 7.1.0-rc4. This issue affects the function getMember of the file app/common/service/AuthCloudService.php of the component Backend Endpoint. The manipulation of the argument cloud_account results in deserialization. The attack may be performed from remoβ¦
4.8
CVE-2026-2897 - funadmin Backend index.html cross site scripting
A security vulnerability has been detected in funadmin up to 7.1.0-rc4. This vulnerability affects unknown code of the file app/backend/view/index/index.html of the component Backend Interface. The manipulation of the argument Value leads to cross site scripting. The attack is possible to be carrieβ¦