5.6
CVE-2026-34867 - DoubleโFree Vulnerability in HarmonyOS MultiโMode Input System
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability.
4.1
CVE-2026-34860 - Access Control Weakness in HarmonyOS Memo Module
Access control vulnerability in the memo module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
6.1
CVE-2026-34852 - Stack Overflow in HarmonyOS Media Platform Causes Denial of Service
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability.
8.7
CVE-2026-6157 - Totolink A800R app.so setAppEasyWizardConfig buffer overflow
A vulnerability was detected in Totolink A800R 4.1.2cu.5137_B20200730. This impacts the function setAppEasyWizardConfig in the library /lib/cste_modules/app.so. The manipulation of the argument apcliSsid results in buffer overflow. The attack can be executed remotely. The exploit is now public and โฆ
2.2
CVE-2026-34851 - Race Condition in HarmonyOS Event Notification Module Leading to Availability Issues
Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability.
1.9
CVE-2026-34850 - Race Condition in HarmonyOS Notification Service Causes Service Instability
Race condition vulnerability in the notification service. Impact: Successful exploitation of this vulnerability may affect availability.
9.3
CVE-2026-6156 - Totolink A7100RU CGI cstecgi.cgi setIpQosRules os command injection
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function setIpQosRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument Comment leads to os command injection. Remote exploitation of the attack is poโฆ
9.3
CVE-2026-6155 - Totolink A7100RU CGI cstecgi.cgi setWanCfg os command injection
A weakness has been identified in Totolink A7100RU 7.4cu.2313. The impacted element is the function setWanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument pppoeServiceName can lead to os command injection. The attack may be launched remotelโฆ
9.3
CVE-2026-6154 - Totolink A7100RU CGI cstecgi.cgi setWizardCfg os command injection
A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiateโฆ
6.9
CVE-2026-6153 - code-projects Vehicle Showroom Management System StaffDetailsFunction.php sql injection
A vulnerability was identified in code-projects Vehicle Showroom Management System 1.0. Impacted is an unknown function of the file /util/StaffDetailsFunction.php. Such manipulation of the argument STAFF_ID leads to sql injection. The attack can be launched remotely. The exploit is publicly availabโฆ