5.3
CVE-2026-1144 - quickjs-ng quickjs Atomics Ops quickjs.c use after free
A vulnerability was detected in quickjs-ng quickjs up to 0.11.0. Affected is an unknown function of the file quickjs.c of the component Atomics Ops Handler. The manipulation results in use after free. The attack can be executed remotely. The exploit is now public and may be used. The patch is identβ¦
8.7
CVE-2026-1143 - TOTOLINK A3700R cstecgi.cgi setWiFiEasyGuestCfg buffer overflow
A weakness has been identified in TOTOLINK A3700R 9.1.2u.5822_B20200513. This affects the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument ssid can lead to buffer overflow. The attack may be launched remotely. The exploit has been made availablβ¦
5.3
CVE-2026-1142 - PHPGurukul News Portal cross-site request forgery
A security flaw has been discovered in PHPGurukul News Portal 1.0. The impacted element is an unknown function. Performing a manipulation results in cross-site request forgery. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.
5.3
CVE-2026-1141 - PHPGurukul News Portal Add Sub-Admin add-subadmins.php improper authorization
A vulnerability was identified in PHPGurukul News Portal 1.0. The affected element is an unknown function of the file /admin/add-subadmins.php of the component Add Sub-Admin Page. Such manipulation leads to improper authorization. The attack can be launched remotely. The exploit is publicly availabβ¦
8.7
CVE-2026-1140 - UTT θΏε 520W ConfigExceptAli strcpy buffer overflow
A vulnerability was found in UTT θΏε 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/ConfigExceptAli. The manipulation results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted β¦
8.7
CVE-2026-1139 - UTT θΏε 520W ConfigExceptMSN strcpy buffer overflow
A vulnerability has been found in UTT θΏε 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/ConfigExceptMSN. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. Thβ¦
8.7
CVE-2026-1138 - UTT θΏε 520W ConfigExceptQQ strcpy buffer overflow
A flaw has been found in UTT θΏε 520W 1.7.7-180627. This affects the function strcpy of the file /goform/ConfigExceptQQ. Executing a manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early aboutβ¦
8.7
CVE-2026-1137 - UTT θΏε 520W formWebAuthGlobalConfig strcpy buffer overflow
A vulnerability was detected in UTT θΏε 520W 1.7.7-180627. Affected by this issue is the function strcpy of the file /goform/formWebAuthGlobalConfig. Performing a manipulation results in buffer overflow. The attack is possible to be carried out remotely. The exploit is now public and may be used. Thβ¦
5.1
CVE-2026-1136 - lcg0124 BootDo ContentController save cross site scripting
A weakness has been identified in lcg0124 BootDo up to e93dd428ef6f5c881aa74d49a2099ab0cf1e0fcb. Affected is the function Save of the file /blog/bContent/save of the component ContentController. This manipulation of the argument content/author/title causes cross site scripting. Remote exploitation β¦
5.3
CVE-2026-1135 - itsourcecode Society Management System activity.php cross site scripting
A security flaw has been discovered in itsourcecode Society Management System 1.0. This impacts an unknown function of the file /admin/activity.php. The manipulation of the argument Title results in cross site scripting. The attack may be launched remotely. The exploit has been released to the publβ¦