8.7
CVE-2026-7101 - Tenda F456 httpd WrlclientSet fromWrlclientSet buffer overflow
A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may beβ¦
0.0
CVE-2026-40048 - Apache Camel PQC: Unsafe Deserialization from FileBasedKeyLifecycleManager
The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of `<keyId>.key` files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to `java.security.KeyPair` is evaluated only after `readObβ¦
0.0
CVE-2026-40473 - Apache Camel Mina: Unsafe Deserialization in MinaConverter.toObjectInput() via TCP/UDP
The camel-mina component's MinaConverter.toObjectInput(IoBuffer) type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or UDP consumer and requests conversion to ObjectInput (β¦
8.7
CVE-2026-7100 - Tenda F456 httpd Natlimit fromNatlimitof buffer overflow
A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.
8.7
CVE-2026-7099 - Tenda F456 httpd QuickIndex formQuickIndex buffer overflow
A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. Performing a manipulation of the argument mit_linktype results in buffer overflow. The attack may be initiated remotely. The exploit is now β¦
8.7
CVE-2026-7098 - Tenda F456 httpd DhcpListClient fromDhcpListClient buffer overflow
A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosβ¦
8.7
CVE-2026-7097 - Tenda F456 httpd webExcptypemanFilter fromwebExcptypemanFilter buffer overflow
A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. This manipulation of the argument page causes buffer overflow. The attack can be initiated remotely. The exploit has been mβ¦
8.7
CVE-2026-7096 - Tenda HG3 formgponConf os command injection
A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerability affects the function formgponConf of the file /boaform/admin/formgponConf. The manipulation of the argument fmgpon_loid results in os command injection. It is possible to launch the attack remotely. The exploit has bβ¦
5.6
CVE-2026-22077 - Sensitive Information Disclosure Vulnerability Caused by Trusted Domain Bypass in OPPO Wallet
OPPO Wallet APP contains a trusted domain validation flaw that allows attackers to bypass protected interface access restrictions, which may lead to account token hijacking and sensitive information disclosure.
5.3
CVE-2026-7095 - code-projects Employee Management System edit.php cross site scripting
A vulnerability was identified in code-projects Employee Management System 1.0. This affects an unknown part of the file 370project/edit.php. The manipulation of the argument ID leads to cross site scripting. It is possible to initiate the attack remotely. The exploit is publicly available and mighβ¦