7.5
CVE-2026-32605 - Nimiq: Remote crash via off-by-one signer bounds check in proposal buffer
nimiq/core-rs-albatross is a Rust implementation of the Nimiq Proof-of-Stake protocol based on the Albatross consensus algorithm. Prior to version 1.3.0, an untrusted peer could crash a validator by publishing a signed tendermint proposal message where signer == validators.num_validators(). Proposaβ¦
8.7
CVE-2026-6200 - Tenda F456 webtypelibrary formwebtypelibrary stack-based overflow
A vulnerability was determined in Tenda F456 1.0.0.5. The affected element is the function formwebtypelibrary of the file /goform/webtypelibrary. This manipulation of the argument menufacturer/Go causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been publiclyβ¦
8.7
CVE-2026-6199 - Tenda F456 qossetting fromqossetting stack-based overflow
A vulnerability was found in Tenda F456 1.0.0.5. Impacted is the function fromqossetting of the file /goform/qossetting. The manipulation of the argument page results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used.
8.7
CVE-2026-6198 - Tenda F456 NatStaticSetting fromNatStaticSetting stack-based overflow
A vulnerability has been found in Tenda F456 1.0.0.5. This issue affects the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosedβ¦
9.3
CVE-2026-40044 - Pachno 1.0.6 FileCache Deserialization Remote Code Execution
Pachno 1.0.6 contains a deserialization vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting malicious serialized objects into cache files. Attackers can write PHP object payloads to world-writable cache files with predictable names in the cache directory, whicβ¦
7.1
CVE-2026-40043 - Pachno 1.0.6 Authentication Bypass via runSwitchUser()
Pachno 1.0.6 contains an authentication bypass vulnerability in the runSwitchUser() action that allows authenticated low-privilege users to escalate privileges by manipulating the original_username cookie. Attackers can set the client-controlled original_username cookie to any value and request a sβ¦
9.3
CVE-2026-40042 - Pachno 1.0.6 Wiki TextParser XML External Entity Injection
Pachno 1.0.6 contains an XML external entity injection vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting unsafe XML parsing in the TextParser helper. Attackers can inject malicious XML entities through wiki table syntax and inline tags in issue descriptions, β¦
5.3
CVE-2026-40041 - Pachno 1.0.6 Cross-Site Request Forgery via State-Changing Endpoints
Pachno 1.0.6 contains a cross-site request forgery vulnerability that allows attackers to perform arbitrary actions in authenticated user context by exploiting missing CSRF protections on state-changing endpoints. Attackers can craft malicious requests targeting login, registration, file upload, miβ¦
8.7
CVE-2026-40040 - Pachno 1.0.6 Unrestricted File Upload Remote Code Execution
Pachno 1.0.6 contains an unrestricted file upload vulnerability that allows authenticated users to upload arbitrary file types by bypassing ineffective extension filtering to the /uploadfile endpoint. Attackers can upload executable files .php5 scripts to web-accessible directories and execute themβ¦
7.1
CVE-2026-40039 - Pachno 1.0.6 Open Redirection via return_to Parameter
Pachno 1.0.6 contains an open redirection vulnerability that allows attackers to redirect users to arbitrary external websites by manipulating the return_to parameter. Attackers can craft malicious login URLs with unvalidated return_to values to conduct phishing attacks and steal user credentials.