9.8
CVE-2026-0610 - Remote SQL Injection in Devolutions Server Remote Sessions
SQL Injection vulnerability in remote-sessions in Devolutions Server.This issue affects Devolutions Server 2025.3.1 through 2025.3.12
8.5
CVE-2026-21618 - Cross-site scripting (XSS) in OAuth Device Authorization screen
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in hexpm hexpm/hexpm ('Elixir.HexpmWeb.SharedAuthorizationView' modules) allows Cross-Site Scripting (XSS). This vulnerability is associated with program files lib/hexpm_web/views/shared_authorβ¦
8.7
CVE-2026-1157 - Totolink LR350 cstecgi.cgi setWiFiEasyCfg buffer overflow
A vulnerability was identified in Totolink LR350 9.3.5u.6369_B20220309. This affects the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi. Such manipulation of the argument ssid leads to buffer overflow. It is possible to launch the attack remotely. The exploit is publicly available and migβ¦
8.7
CVE-2026-1156 - Totolink LR350 cstecgi.cgi setWiFiBasicCfg buffer overflow
A vulnerability was determined in Totolink LR350 9.3.5u.6369_B20220309. Affected by this issue is the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been publicβ¦
8.7
CVE-2026-1155 - Totolink LR350 cstecgi.cgi setWiFiEasyGuestCfg buffer overflow
A vulnerability was found in Totolink LR350 9.3.5u.6369_B20220309. Affected by this vulnerability is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ssid results in buffer overflow. The attack may be performed from remote. The exploit has been madβ¦
0.0
CVE-2026-23912 -
Not used
0.0
CVE-2026-23915 -
Not used
0.0
CVE-2026-23917 -
Not used
0.0
CVE-2026-23909 -
Not used
0.0
CVE-2026-23911 -
Not used