newsThe portal itself — self-promo until real sponsors land
Subscribe, build a custom feed, or pitch a sponsorship at hello@acadenix.com
Latest intel// live feed
25 results//sorted by published//last sync 2026-06-30 15:35Z
Subscribe to news →
CVE-2026-7136 — Executing a manipulation of the argument wanIdx can lead to os command injection.
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-41463 — ProjeQtor: versions 7.0 through 12.4.3 contain a ZipSlip path traversal vulnerability in the plugin
ProjeQtor versions 7.0 through 12.4.3 contain a ZipSlip path traversal vulnerability in the plugin upload functionality that allows authenticated attackers with upload permissions to write files outside the intended extraction directory by crafting ZIP archives with directory traversal sequences. Attackers can exploit unvalidated archive extraction to write a PHP webshell to a web-accessible directory and achieve remote code execution with the privileges of the web server pro CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-41462 — ProjeQtor: versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in the login
ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in the login functionality where the login variable is directly concatenated into a SQL query without parameterization or sanitization. Attackers can inject arbitrary SQL expressions through the username field at the authentication endpoint to create privileged accounts, read sensitive data, and execute operating system commands if the database user has elevated permissions. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-30352 — RCE: A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit
A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-6265 — Cerberusftp Ftp_server: Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This
Insecure preserved inherited permissions vulnerability in Cerberus FTP Server on Windows allows Privilege Escalation.This issue has been resolved in Cerberus FTP Server: 2026.1 CVSSv3.1 8.8 (HIGH) · EPSS 2th percentile
8.8
CVSS v3.1
94
Edit Score
Bypassing Windows authentication reflection mitigations for SYSTEM shells - Part 1
Synacktiv researchers disclose CVE-2026-24294, a local privilege escalation vulnerability that bypasses Microsoft's mitigation for CVE-2025-33073 (authentication reflection). The attack abuses a new Windows 11 24H2/Server 2025 feature allowing SMB connections to arbitrary TCP ports, combined with SMB connection multiplexing, to force privileged services into local NTLM reflection attacks. The vulnerability achieves SYSTEM-level code execution on Windows Server 2025 by default and was patched in March 2026.
82
Edit Score
CVE-2026-7125 — Totolink: The manipulation of the argument merge leads to os command injection.
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-7124 — Totolink: Executing a manipulation of the argument addrPrefixLen can lead to os command injection.
A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument addrPrefixLen can lead to os command injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-7123 — Totolink: Performing a manipulation of the argument setIptvCfg results in os command injection.
A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument setIptvCfg results in os command injection. The attack can be initiated remotely. The exploit has been made public and could be used. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-7122 — Such manipulation of the argument enable leads to os command injection.
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-7121 — This manipulation of the argument wizard causes os command injection.
A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument wizard causes os command injection. It is possible to initiate the attack remotely. The exploit has been published and may be used. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-7119 — Tenda: The manipulation of the argument countrystr results in os command injection.
A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argument countrystr results in os command injection. The attack may be performed from remote. The exploit is now public and may be used. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-33453 — Improperly: Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Apache Camel Camel-Coap component.
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Apache Camel Camel-Coap component. Apache Camel's camel-coap component is vulnerable to Camel message header injection, leading to remote code execution when routes forward CoAP requests to header-sensitive producers (e.g. camel-exec) The camel-coap component maps incoming CoAP request URI query parameters directly into Camel Exchange In message headers without applying any Heade CVSSv3.1 10.0 (CRITICAL)
10.0
CVSS v3.1
100
Edit Score
CVE-2026-27172 — ConsulRegistry: An attacker who can write to the Consul KV store backing a Camel ConsulRegistry
The ConsulRegistry in the camel-consul component (class org.apache.camel.component.consul.ConsulRegistry and its inner ConsulRegistryUtils.deserialize method) read Java-serialized values from the Consul KV store and passed them to ObjectInputStream.readObject() without configuring an ObjectInputFilter. An attacker who can write to the Consul KV store backing a Camel ConsulRegistry instance could inject a malicious serialized Java object that is deserialized the next time Came CVSSv3.1 8.8 (HIGH) · EPSS 24th percentile
8.8
CVSS v3.1
94
Edit Score
CVE-2026-22337 — Incorrect: Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects
Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4. CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-22336 — Neutralization: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before 3.0.2. CVSSv3.1 9.3 (CRITICAL)
9.3
CVSS v3.1
97
Edit Score
CVE-2026-41409 — CVE: The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete.
The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in a class to be read might already have been executed. Affected versions are Apache MINA 2.0.0 <= 2.0.27, 2.1.0 <= 2.1.10, and 2.2.0 <= 2.2.5. The problem is resolved in Apache MINA 2.0.28, 2.1.11, and 2.2.6 by applying the classname allowlist earlier. Affected are app CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score
CVE-2026-40858 — ProtoStream: An attacker who can write to the Infinispan cache used by a Camel application
The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinispan cache used by a Camel application can inject a crafted serialized Java object that, when read during normal aggregation repository operations such as get or recover, results in arbitrary code execution in the context of the appli CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-40022 — When authentication is enabled on the Apache Camel embedded HTTP server or embedded management
When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server (camel-platform-http-main) and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and JWTAuthenticationConfigurer classes derive the authentication path from properties.getPath() when camel.server.authenticationPath / camel.management.authenticationPath is not explicitly set. Combined CVSSv3.1 8.2 (HIGH)
8.2
CVSS v3.1
91
Edit Score
CVE-2026-33454 — Camel: The Camel-Mail component is vulnerable to Camel message header injection.
The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component (MailHeaderFilterStrategy) only filters the 'out' direction via setOutFilterStartsWith, while it does not configure the 'in' direction via setInFilterStartsWith. As a result, when a Camel application consumes mail through camel-mail (for example via from(\"imap://...\") or from(\"pop3://...\")) the inbound filter check is skipped and Camel-prefixed CVSSv3.1 9.4 (CRITICAL)
9.4
CVSS v3.1
97
Edit Score
CVE-2026-7101 — The manipulation leads to buffer overflow.
A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-7100 — Executing a manipulation can lead to buffer overflow.
A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-7099 — Tenda: Performing a manipulation of the argument mit_linktype results in buffer overflow.
A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. Performing a manipulation of the argument mit_linktype results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-7098 — Such manipulation of the argument page leads to buffer overflow.
A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. CVSSv3.1 8.8 (HIGH)
8.8
CVSS v3.1
94
Edit Score
CVE-2026-41635 — Apache: MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static classes or primitive
Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static classes or primitive types) does not check the class at all, bypassing the classname allowlist and allowing arbitrary code to be executed. The fix checks if the class is present in the accepted class filter before calling Class.forName(). Affected versions are Apache MINA 2.0.0 <= 2.0.27, 2.1.0 <= 2.1.10, and 2.2.0 <= 2.2.5. The problem is resolved in Apache MINA 2.0 CVSSv3.1 9.8 (CRITICAL)
9.8
CVSS v3.1
99
Edit Score