CVE Vulnerabilities - 5 April 2026

A security flaw in the Tenda M3 router can allow hackers to execute malicious code remotely, potentially taking control of the router. This could lead to unauthorized access to your network and sensit...

The UTT HiPER 1250GW router's NatBind function allows an attacker to potentially overflow a buffer, leading to remote exploitation. This vulnerability has been publicly disclosed, so it's essential to...

A bug in the Tenda AC10's password change feature on certain routers can be exploited remotely, potentially causing the device to crash. This affects multiple devices. To fix this, update to a newer v...

A security issue in the Tenda AC10 router's password change feature allows an attacker to potentially hijack the device. The issue affects the password change process, which can be exploited remotely....

A security issue in UTT HiPER 1250GW firmware (up to version 3.2.7) could allow an attacker to execute malicious code remotely. This means an attacker could potentially take control of the device with...

An attacker can inject malicious SQL code through the login form, potentially allowing unauthorized access to the system. This affects the SourceCodester/jkev Record Management System version 1.0. We ...

A security weakness in the Technostrobe HI-LED-WR120-G2 software allows attackers to upload files to the device without permission. This could be done from anywhere on the internet. To protect your de...

A security weakness was found in Technostrobe HI-LED-WR120-G2 version 5.5.0.1R6.03.30. This weakness allows an attacker to bypass authentication from a remote location, potentially allowing unauthoriz...

A security issue in Technostrobe HI-LED-WR120-G2 software could allow an attacker to access parts of the system they shouldn't be able to. This could happen remotely, and it's possible that many devic...

A user with access to manage user accounts in one world can delete accounts in other worlds. This means that a malicious user could accidentally or intentionally delete accounts outside of their inten...

A security weakness in Simple Laundry System 1.0 allows hackers to execute unauthorized database queries, potentially exposing sensitive data. This issue affects the /delmemberinfo.php file in the Par...

The Simple Laundry System 1.0 has a security weakness that allows hackers to inject malicious code into the system. This could allow them to access sensitive data or take control of the system. Update...

A security flaw in Provectus Kafka-UI versions up to 0.7.2 allows an attacker to run malicious code on the system without needing a username or password. This could lead to unauthorized access and dat...

The Concert Ticket Reservation System 1.0 has a security weakness in its login feature. If an attacker knows how to manipulate the login email field, they could potentially access sensitive data or ta...

A vulnerability in the Concert Ticket Reservation System 1.0 allows attackers to inject malicious code into the system, potentially allowing them to access sensitive information or disrupt the system....

The login page of itsourcecode Free Hotel Reservation System 1.0 may be vulnerable to hacking attempts. This could allow an attacker to access sensitive information. Update the software to the latest ...

A weakness in Simple Laundry System 1.0 allows attackers to manipulate user data, potentially accessing sensitive information. This could happen if an attacker sends malicious input to the system. To ...

FedML-AI FedML versions 0.8.9 and below have a security risk where a remote attacker could potentially execute malicious code on the server. This is a serious issue because it could allow an attacker ...

The itsourcecode Online Enrollment System has a security flaw that allows an attacker to manipulate user data through a maliciously crafted user ID. This could lead to unauthorized access to sensitive...

A vulnerability in the Technostrobe HI-LED-WR120-G2 software allows an attacker to delete files without needing permission. This could lead to unauthorized changes to the system, potentially causing d...

The Apache HTTP Server may crash if it receives a SYN packet while processing a connection teardown. This can happen when the server is under heavy traffic. To fix this issue, update to the latest ver...

A security flaw in AutohomeCorp frostmourne version 1.0 allows attackers to inject malicious SQL code, potentially stealing sensitive data or taking control of the system. This vulnerability can be ex...

The Campcodes Complete POS Management and Inventory System is vulnerable to an environment variable injection attack. This means that an attacker could potentially inject malicious data into the syste...

An attacker can inject malicious SQL code into the payment processing system of PHPGurukul Online Shopping Portal, potentially allowing them to access sensitive data or take control of the system. Thi...

A security issue has been found in the template engine of PyBlade, a Python library used for creating web pages. If exploited, hackers could inject malicious code into web pages, potentially leading t...