Use after free in Media in Google Chrome prior to 147
Description
Use after free in Media in Google Chrome prior to 147
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Search and filter 17426 vulnerabilities with AI analyst insights
Use after free in Media in Google Chrome prior to 147
Use after free in Media in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Out of bounds read and write in Angle in Google Chrome prior to 147
Out of bounds read and write in Angle in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Heap buffer overflow in Skia in Google Chrome prior to 147
Heap buffer overflow in Skia in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in Media in Google Chrome on Android prior to 147
Use after free in Media in Google Chrome on Android prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in WebMIDI in Google Chrome prior to 147
Use after free in WebMIDI in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in Cast in Google Chrome prior to 147
Use after free in Cast in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in Codecs in Google Chrome prior to 147
Use after free in Codecs in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in Chromoting in Google Chrome prior to 147
Use after free in Chromoting in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Inappropriate implementation in Tint in Google Chrome prior to 147
Inappropriate implementation in Tint in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147
Insufficient validation of untrusted input in Feedback in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in Accessibility in Google Chrome on Windows prior to 147
Use after free in Accessibility in Google Chrome on Windows prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in WebView in Google Chrome on Android prior to 147
Use after free in WebView in Google Chrome on Android prior to 147
---METADATA---
VENDOR: Google
PRODUCT: Chrome on Android
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A use-after-free vulnerability in the WebView component of Google Chrome on Android may allow for remote code execution.
Executive Summary:
A high-severity use-after-free vulnerability in Chrome on Android's WebView component exposes mobile devices to potential remote exploitation.
Vulnerability Details
CVE-ID: CVE-2026-7342
Affected Software: Google Chrome on Android
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability is a use-after-free error in the WebView component. It allows an unauthenticated attacker to cause memory corruption via a specially crafted webpage on an Android device.
Business Impact
The CVSS score of 8.8 underscores the gravity of this vulnerability for mobile device security. Successful exploitation could lead to unauthorized access to enterprise data stored on mobile devices, potentially compromising the integrity of corporate mobile device management (MDM) environments.
Remediation Plan
Immediate Action: Update the Google Chrome application on all Android devices to version 147 or higher through the Google Play Store.
Proactive Monitoring: Monitor mobile device management (MDM) consoles for devices running outdated versions of Chrome.
Compensating Controls: Enforce strict mobile security policies and restrict the use of non-essential third-party applications that utilize WebView.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Mobile devices are an increasingly common attack vector. Security teams must ensure that Chrome on Android is updated immediately to the latest version to prevent potential exploitation of the WebView component.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in WebRTC in Google Chrome prior to 147
Use after free in WebRTC in Google Chrome prior to 147
---METADATA---
VENDOR: Google
PRODUCT: Chrome
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A use-after-free vulnerability in the WebRTC component of Google Chrome could allow an unauthenticated attacker to trigger memory corruption.
Executive Summary:
A critical use-after-free vulnerability in Google Chrome's WebRTC component could lead to arbitrary code execution.
Vulnerability Details
CVE-ID: CVE-2026-7341
Affected Software: Google Chrome
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This is a use-after-free memory management error in the WebRTC engine. An unauthenticated attacker can exploit this by enticing a user to navigate to a malicious website.
Business Impact
With a CVSS score of 8.8, this vulnerability poses a high threat to business operations. Exploitation can lead to unauthorized code execution, enabling attackers to bypass security controls and access sensitive information stored on the host system.
Remediation Plan
Immediate Action: Update all installations of Google Chrome to version 147 or later as soon as the patch is available.
Proactive Monitoring: Review web proxy logs and browser activity logs for indicators of malicious redirects or unusual traffic patterns.
Compensating Controls: Deploy Web Application Firewalls (WAF) or secure web gateways to filter out known malicious payloads targeting browser vulnerabilities.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Browser-based vulnerabilities that allow for remote code execution are critical priorities. Organizations should ensure that the latest stable channel release of Chrome is enforced across the enterprise to mitigate this high-severity risk.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Heap buffer overflow in WebRTC in Google Chrome prior to 147
Heap buffer overflow in WebRTC in Google Chrome prior to 147
---METADATA---
VENDOR: Google
PRODUCT: Chrome
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A heap buffer overflow vulnerability in the WebRTC component of Google Chrome could allow an attacker to crash the application or execute arbitrary code.
Executive Summary:
A heap buffer overflow in Google Chrome’s WebRTC implementation creates a high-risk vector for remote code execution.
Vulnerability Details
CVE-ID: CVE-2026-7339
Affected Software: Google Chrome
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability is a heap buffer overflow within the WebRTC module. This flaw requires no authentication and can be exploited by an attacker through a malicious web page.
Business Impact
This heap buffer overflow carries a CVSS score of 8.8, indicating a severe risk to corporate environments. Successful exploitation allows for memory corruption, which typically leads to arbitrary code execution, potentially resulting in full system compromise for the affected user.
Remediation Plan
Immediate Action: Apply the latest security updates provided by Google to transition to Chrome version 147 or higher.
Proactive Monitoring: Monitor for anomalous spikes in browser memory usage or frequent unexpected application terminations.
Compensating Controls: Ensure that endpoint protection systems are configured to block execution from suspicious web-based sources.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Memory corruption vulnerabilities in core browser components like WebRTC are frequent targets for threat actors. It is essential that security teams verify that all instances of Chrome are updated to the patched version to prevent potential exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in Cast in Google Chrome prior to 147
Use after free in Cast in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Type Confusion in V8 in Google Chrome prior to 147
Type Confusion in V8 in Google Chrome prior to 147
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in WebRTC in Google Chrome prior to 147
Use after free in WebRTC in Google Chrome prior to 147
---METADATA---
VENDOR: Google
PRODUCT: Chrome
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A use-after-free vulnerability exists within the WebRTC component of Google Chrome, potentially allowing for arbitrary code execution.
Executive Summary:
A critical use-after-free vulnerability in Google Chrome's WebRTC component poses a significant risk of remote code execution.
Vulnerability Details
CVE-ID: CVE-2026-7336
Affected Software: Google Chrome
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This vulnerability is a use-after-free flaw located in the WebRTC engine. It can be triggered by an unauthenticated remote attacker via a specially crafted web page.
Business Impact
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code within the context of the browser, potentially leading to unauthorized system access or data exfiltration. With a CVSS score of 8.8, this flaw represents a high-severity risk that could compromise the integrity and confidentiality of user workstations.
Remediation Plan
Immediate Action: Update Google Chrome to version 147 or later immediately to resolve the vulnerable WebRTC component.
Proactive Monitoring: Review endpoint security logs for unusual browser process behavior or unexpected crashes that may indicate exploitation attempts.
Compensating Controls: Utilize browser-based security policies or enterprise-grade endpoint protection software to restrict malicious script execution.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the high CVSS score and the prevalence of Chrome in enterprise environments, organizations must prioritize patching. Administrators should deploy the latest Chrome update across all managed endpoints to mitigate the risk of remote exploitation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in media in Google Chrome prior to 147
Use after free in media in Google Chrome prior to 147
---METADATA---
VENDOR: Google
PRODUCT: Chrome
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A use-after-free vulnerability in the media component of Google Chrome allows for potential arbitrary code execution.
Executive Summary:
A high-severity use-after-free vulnerability in Google Chrome’s media component allows for potential memory corruption and arbitrary code execution.
Vulnerability Details
CVE-ID: CVE-2026-7335
Affected Software: Google Chrome
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This use-after-free vulnerability occurs within the media handling logic of the browser, which can be triggered by processing specifically crafted media files.
Business Impact
The CVSS score of 8.8 reflects the high risk associated with memory corruption vulnerabilities in widely used browsers. Exploitation can allow attackers to execute arbitrary code with the privileges of the browser process, leading to system-wide compromise.
Remediation Plan
Immediate Action: Apply the latest security updates provided by Google for the Chrome browser.
Proactive Monitoring: Monitor for browser instability or unusual process behavior when rendering media content.
Compensating Controls: Use the browser in a restricted environment or with enhanced sandboxing features to limit the impact of potential exploitation.
Exploitation Status
Public Exploit Available: False
Analyst Notes: As of April 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Users should prioritize updating their browsers immediately to mitigate this vulnerability. Given the ubiquity of media processing in web content, this flaw represents a significant attack vector that must be closed.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Use after free in Views in Google Chrome on Mac prior to 147
Use after free in Views in Google Chrome on Mac prior to 147
---METADATA---
VENDOR: Google
PRODUCT: Chrome
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A use-after-free vulnerability in the Views component of Google Chrome on Mac allows for potential arbitrary code execution.
Executive Summary:
A high-severity use-after-free vulnerability in Google Chrome on Mac allows for potential memory corruption and arbitrary code execution.
Vulnerability Details
CVE-ID: CVE-2026-7334
Affected Software: Google Chrome on Mac
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: This is a use-after-free vulnerability within the Views UI component, which can be triggered when the browser incorrectly handles memory operations.
Business Impact
Rated at 8.8 on the CVSS scale, this vulnerability poses a significant risk as it can be exploited by web content to compromise the underlying system. Successful exploitation could lead to unauthorized code execution, data theft, or browser instability.
Remediation Plan
Immediate Action: Update Google Chrome on all affected Mac devices to the latest available version.
Proactive Monitoring: Monitor for unexpected browser crashes or unusual memory usage patterns that could indicate exploitation attempts.
Compensating Controls: Ensure that browser security features like site isolation are fully enabled and avoid browsing untrusted websites until the update is applied.
Exploitation Status
Public Exploit Available: False
Analyst Notes: As of April 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
As this is a browser-based vulnerability, all users should update their Chrome installations immediately. High-severity memory corruption bugs are frequent targets for browser-based attacks.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'booking...
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'booking_form_page_url' parameter in all versions up to, and including, 5
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
A sandbox escape vulnerability in the WebRTC networking component allows attackers to bypass security boundaries.
A sandbox escape vulnerability in the WebRTC networking component allows attackers to bypass security boundaries.
---METADATA---
VENDOR: Mozilla
PRODUCT: Firefox, Thunderbird
AFFECTED_VERSIONS: Firefox < 150, Thunderbird < 150, Firefox ESR < 140.10.1
---END_METADATA---
Description Summary:
A sandbox escape vulnerability in the WebRTC networking component allows attackers to bypass security boundaries.
Executive Summary:
A critical sandbox escape vulnerability in Mozilla Firefox and Thunderbird allows for potential system-level compromise by bypassing security sandboxing.
Vulnerability Details
CVE-ID: CVE-2026-7321
Affected Software: Mozilla Firefox and Thunderbird
Affected Versions: Firefox < 150, Thunderbird < 150, Firefox ESR < 140.10.1
Vulnerability: This vulnerability is caused by incorrect boundary conditions within the WebRTC networking component, allowing an unauthenticated attacker to escape the browser sandbox.
Business Impact
With a CVSS score of 9.6, this vulnerability poses a severe risk to organizational security. Successful exploitation could allow an attacker to execute arbitrary code outside the browser's sandbox, leading to full system compromise, data exfiltration, and lateral movement within the network.
Remediation Plan
Immediate Action: Upgrade all instances of Firefox, Thunderbird, and Firefox ESR to the versions specified in the vendor advisory immediately.
Proactive Monitoring: Monitor endpoint detection logs for abnormal process execution or unexpected network traffic originating from browser-related processes.
Compensating Controls: Ensure endpoint protection software is updated to detect and block malicious code execution patterns associated with browser-based exploits.
Exploitation Status
Public Exploit Available: False
Analyst Notes: As of Apr 28, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The severity of this flaw necessitates immediate patching across all workstation and server environments. Organizations should prioritize updating their browser installations to prevent potential remote code execution and sandbox breakout scenarios.
Update Sandbox Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
Information disclosure due to incorrect boundary conditions in the Audio/Video component
Information disclosure due to incorrect boundary conditions in the Audio/Video component
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8
CWE‑522: Insufficiently Protected Credentials in web services in Progress Sitefinity version from 8
---METADATA---
VENDOR: Progress
PRODUCT: Sitefinity
AFFECTED_VERSIONS: Progress Sitefinity version from 8.0.5700 to 13.3.7652
---END_METADATA---
Description Summary:
Progress Sitefinity versions 8.0.5700 through 13.3.7652 contain a vulnerability allowing remote authenticated attackers to obtain plain-text credentials for the Sitefinity Insight service.
Executive Summary:
A high-severity credential exposure vulnerability in Progress Sitefinity allows authenticated attackers to access sensitive credentials used for integration with the Sitefinity Insight service.
Vulnerability Details
CVE-ID: CVE-2026-7313
Affected Software: Progress Sitefinity
Affected Versions: Progress Sitefinity version from 8.0.5700 to 13.3.7652
Vulnerability: This is an "Insufficiently Protected Credentials" (CWE-522) vulnerability within web services. Exploitation requires a remote authenticated attacker with valid back-end authorization, non-default site configuration, and an active integration with the Sitefinity Insight service.
Business Impact
With a CVSS score of 8.7, this flaw poses a severe risk of data compromise. By obtaining plain-text credentials for the Sitefinity Insight service, an attacker could gain unauthorized access to secondary systems, potentially leading to further data breaches or service manipulation.
Remediation Plan
Immediate Action: Update Progress Sitefinity to a patched version beyond 13.3.7652 immediately.
Proactive Monitoring: Monitor access logs for unusual administrative activity and audit all integrations configured with the Sitefinity Insight service.
Compensating Controls: Rotate all credentials associated with the Sitefinity Insight service after applying the patch to ensure any previously exposed secrets are invalidated.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 4, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Organizations running affected versions of Sitefinity should treat this as a high-priority update. Because the vulnerability involves credential exposure, simply patching is insufficient; administrators must also rotate credentials to ensure full remediation.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
Progress Sitefinity web services contain a vulnerability that allows unauthenticated remote attackers to retrieve plain-text credentials for the Sitef...
Progress Sitefinity web services contain a vulnerability that allows unauthenticated remote attackers to retrieve plain-text credentials for the Sitefinity Insight service.
---METADATA---
VENDOR: Progress
PRODUCT: Sitefinity
AFFECTED_VERSIONS: 14.0.7700 to 14.4.8152, 15.0.8200 to 15.0.8234, 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, 15.4.8600 to 15.4.8630
---END_METADATA---
Description Summary:
Progress Sitefinity web services contain a vulnerability that allows unauthenticated remote attackers to retrieve plain-text credentials for the Sitefinity Insight service.
Executive Summary:
A critical credential disclosure vulnerability in Progress Sitefinity allows unauthenticated remote attackers to obtain sensitive plain-text credentials for integrated services.
Vulnerability Details
CVE-ID: CVE-2026-7312
Affected Software: Progress Sitefinity
Affected Versions: 14.0.7700 to 14.4.8152, 15.0.8200 to 15.0.8234, 15.1.8300 to 15.1.8335, 15.2.8400 to 15.2.8441, 15.3.8500 to 15.3.8531, 15.4.8600 to 15.4.8630
Vulnerability: The web services component fails to protect credentials, allowing an unauthenticated attacker to access plain-text credentials used for the Sitefinity Insight service, provided the installation has active integration and non-default configurations.
Business Impact
The exposure of plain-text credentials poses a significant risk of unauthorized access to the Sitefinity Insight service, potentially resulting in data exfiltration or manipulation of business analytics. Although the CVSS score is 10.0, the requirement for non-default site configurations acts as a limiting factor, though the impact remains severe for affected enterprise environments.
Remediation Plan
Immediate Action: Apply the vendor-provided patch corresponding to your specific version (e.g., 14.4.8152, 15.0.8234, etc.) immediately.
Proactive Monitoring: Review access logs for anomalous requests to web services and perform a credential rotation for all services integrated with Sitefinity Insight following the patch.
Compensating Controls: Ensure the Sitefinity instance is behind a robust WAF and restrict external access to web service endpoints that are not required for public operation.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of Jun 2, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the perfect CVSS score, this vulnerability demands immediate attention. Administrators must identify their current version and apply the specified patch to prevent the exposure of sensitive service credentials.
Update Progress Sitefinity version to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
The TinyPNG – JPEG, PNG & WebP image compression plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validatio...
The TinyPNG – JPEG, PNG & WebP image compression plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the delete_converted_image_size function in all versions up to, and including, 3
---METADATA---
VENDOR: TinyPNG
PRODUCT: JPEG, PNG & WebP image compression plugin
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
The TinyPNG plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient input validation within the delete_converted_image_size function.
Executive Summary:
A critical arbitrary file deletion vulnerability in the TinyPNG WordPress plugin exposes the underlying server filesystem to unauthorized modification and potential service disruption.
Vulnerability Details
CVE-ID: CVE-2026-7311
Affected Software: TinyPNG JPEG, PNG & WebP image compression plugin
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The plugin fails to adequately sanitize user-supplied input within the delete_converted_image_size function. This allows an authenticated attacker with sufficient privileges to delete arbitrary files on the web server.
Business Impact
The ability for an attacker to delete arbitrary files poses a severe risk to system integrity and availability. An attacker could remove critical configuration files, core WordPress files, or security-related logs, potentially leading to a complete denial-of-service or facilitating further system compromise. With a CVSS score of 8.1, this high-severity flaw requires immediate attention to prevent operational downtime.
Remediation Plan
Immediate Action: Update the TinyPNG plugin to the latest available version provided by the vendor to implement proper path validation.
Proactive Monitoring: Monitor server file system activity logs for unauthorized deletion attempts or access patterns targeting sensitive directories.
Compensating Controls: Implement file integrity monitoring (FIM) and ensure the web server service account operates with the principle of least privilege regarding filesystem permissions.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of July 3, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The severity of this vulnerability necessitates prompt remediation. Administrators should verify their current plugin version and apply updates immediately. If a patch is not yet available, consider disabling the plugin until a secure version is released to mitigate the risk of filesystem manipulation.
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
A flaw was found in Keycloak
A flaw was found in Keycloak
---METADATA---
VENDOR: Keycloak
PRODUCT: Keycloak
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
CONFIDENCE: low
MISSING: versions, patch, technical_details
---END_METADATA---
Description Summary:
A security flaw has been identified in Keycloak that requires immediate investigation and remediation by administrators.
Executive Summary:
Keycloak is affected by an unspecified security vulnerability that poses a significant risk to identity and access management infrastructure.
Vulnerability Details
CVE-ID: CVE-2026-7307
Affected Software: Keycloak
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The provided data identifies a generic flaw within Keycloak; however, specific technical details regarding the vulnerability type or authentication requirements are currently missing.
Business Impact
With a CVSS score of 7.5, this vulnerability represents a high risk to the confidentiality and integrity of authentication services managed by Keycloak. Successful exploitation could lead to unauthorized access to sensitive identity data or the compromise of downstream applications relying on Keycloak for SSO and identity management.
Remediation Plan
Immediate Action: Monitor the official Keycloak security advisory page for patch releases and apply updates immediately upon availability.
Proactive Monitoring: Review application access logs for anomalous authentication patterns or unexpected administrative configuration changes.
Compensating Controls: Ensure Keycloak instances are isolated from public network exposure and utilize strict network access control lists (ACLs).
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 20, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Due to the critical role Keycloak plays in enterprise security, administrators should treat this alert with high urgency. We recommend subscribing to vendor security notifications to ensure the patch is applied as soon as it is released.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when custom logit processing is enabled, due to unsaf...
The SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when custom logit processing is enabled, due to unsafe Python object deserialization.
---METADATA---
VENDOR: SGLangs
PRODUCT: Multimodal Generation Runtime
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
The SGLangs multimodal generation runtime is vulnerable to unauthenticated remote code execution when custom logit processing is enabled, due to unsafe Python object deserialization.
Executive Summary:
Unsafe deserialization in SGLangs allows unauthenticated attackers to execute arbitrary code remotely, posing a critical threat to server integrity.
Vulnerability Details
CVE-ID: CVE-2026-7304
Affected Software: SGLangs Multimodal Generation Runtime
Affected Versions: See vendor advisory
Vulnerability: The application utilizes dill.loads() to deserialize Python objects without validation when the --enable-custom-logit-processor option is active, allowing an unauthenticated remote attacker to inject malicious payloads.
Business Impact
This vulnerability carries a CVSS score of 9.8, reflecting the ability for an attacker to achieve full remote code execution. This could lead to a complete compromise of the host system, theft of sensitive AI models, and potential lateral movement within the environment.
Remediation Plan
Immediate Action: Disable the --enable-custom-logit-processor option immediately if not strictly required, and update to the latest patched version.
Proactive Monitoring: Monitor server processes for unexpected child spawns or outbound connections originating from the runtime environment.
Compensating Controls: Deploy a Web Application Firewall (WAF) or Network Intrusion Detection System (NIDS) to inspect and block malicious serialized object payloads.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
The SGLangs runtime is vulnerable to an unauthenticated path traversal attack, allowing remote attackers to write arbitrary files to the server's file...
The SGLangs runtime is vulnerable to an unauthenticated path traversal attack, allowing remote attackers to write arbitrary files to the server's filesystem.
---METADATA---
VENDOR: SGLangs
PRODUCT: Multimodal Generation Runtime
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
The SGLangs runtime is vulnerable to an unauthenticated path traversal attack, allowing remote attackers to write arbitrary files to the server's filesystem.
Executive Summary:
Unauthenticated path traversal in the SGLangs runtime allows attackers to overwrite critical files, potentially leading to full system compromise.
Vulnerability Details
CVE-ID: CVE-2026-7302
Affected Software: SGLangs Multimodal Generation Runtime
Affected Versions: See vendor advisory
Vulnerability: The application fails to validate filenames provided during upload, allowing the use of ../ sequences to traverse outside of intended directories and overwrite arbitrary system files.
Business Impact
With a CVSS score of 9.1, this vulnerability allows an attacker to achieve code execution or denial of service by overwriting application binaries or configuration files. This represents a critical risk to the availability and integrity of the hosting server.
Remediation Plan
Immediate Action: Update to the latest version of SGLangs and implement strict path validation for file uploads.
Proactive Monitoring: Monitor filesystem integrity and alert on unauthorized write attempts to sensitive system directories.
Compensating Controls: Run the SGLangs service with the least privilege necessary, restricting its write access to specific, isolated directories.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
The SGLangs scheduler binds its ROUTER socket to 0.0.0.0 and performs unsafe pickle deserialization on incoming messages, enabling unauthenticated rem...
The SGLangs scheduler binds its ROUTER socket to 0.0.0.0 and performs unsafe pickle deserialization on incoming messages, enabling unauthenticated remote code execution.
---METADATA---
VENDOR: SGLangs
PRODUCT: Multimodal Generation Runtime
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
The SGLangs scheduler binds its ROUTER socket to 0.0.0.0 and performs unsafe pickle deserialization on incoming messages, enabling unauthenticated remote code execution.
Executive Summary:
A critical vulnerability in the SGLangs runtime scheduler allows unauthenticated attackers to execute arbitrary code by sending malicious packets to the exposed ROUTER socket.
Vulnerability Details
CVE-ID: CVE-2026-7301
Affected Software: SGLangs Multimodal Generation Runtime
Affected Versions: See vendor advisory
Vulnerability: By binding to all interfaces and using pickle.loads() on untrusted input, the scheduler creates an exploitable attack surface for any remote actor capable of reaching the socket.
Business Impact
The CVSS score of 9.8 underscores the severity of this remote code execution flaw. If the service is exposed to the internet, it provides an immediate vector for full system compromise, data theft, and persistent unauthorized access.
Remediation Plan
Immediate Action: Bind the ROUTER socket to 'localhost' (127.0.0.1) and update to the latest patched version.
Proactive Monitoring: Use network monitoring tools to ensure the ROUTER socket is not accessible from external, untrusted networks.
Compensating Controls: Place the service behind a restrictive firewall or VPN, ensuring it is not reachable from the public internet.
Exploitation Status
Public Exploit Available: No
Analyst Notes: As of May 18, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
A vulnerability was found in D-Link DIR-825M 1
A vulnerability was found in D-Link DIR-825M 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability has been found in D-Link DIR-825M 1
A vulnerability has been found in D-Link DIR-825M 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert(...
** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions of the “webs” binary in Zyxel NWA1100-N customized firmware version 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The Easy Elements for Elementor plugin is vulnerable to privilege escalation, allowing unauthenticated users to register as administrators.
The Easy Elements for Elementor plugin is vulnerable to privilege escalation, allowing unauthenticated users to register as administrators.
---METADATA---
VENDOR: Easy Elements
PRODUCT: Easy Elements for Elementor
AFFECTED_VERSIONS: Up to and including 1.4.4
---END_METADATA---
Description Summary:
The Easy Elements for Elementor plugin is vulnerable to privilege escalation, allowing unauthenticated users to register as administrators.
Executive Summary:
A critical privilege escalation vulnerability in the Easy Elements for Elementor WordPress plugin allows unauthenticated attackers to gain administrative access to the site.
Vulnerability Details
CVE-ID: CVE-2026-7284
Affected Software: Easy Elements for Elementor
Affected Versions: Up to and including 1.4.4
Vulnerability: The easyel_handle_register function fails to restrict user roles during registration. An unauthenticated attacker can supply the 'administrator' role during the registration process to gain full control.
Business Impact
A CVSS score of 9.8 highlights the severity of this access control flaw. An attacker can register an administrative account, effectively taking over the entire WordPress site, which can lead to total data loss, site defacement, or the installation of backdoors.
Remediation Plan
Immediate Action: Update the Easy Elements for Elementor plugin to the latest version. Check the vendor advisory for specific patch details.
Proactive Monitoring: Review the user list for any unauthorized administrator accounts created recently and check registration logs.
Compensating Controls: Disable site registration if not strictly required, or implement an approval process for new user accounts.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 19, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Administrative privilege escalation is one of the most critical vulnerabilities an application can face. Administrators must act immediately to update the plugin and perform a thorough audit of all existing user accounts to ensure no unauthorized administrators have been created.
Update WordPress is vulnerable to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specifi...
AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads the DLL
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2
A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2
---METADATA---
VENDOR: Zyxel
PRODUCT: GS1900-48HPv2
AFFECTED_VERSIONS: firmware versions through 2.90(ABTQ.1)C0
---END_METADATA---
Description Summary:
A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware allows potential remote command execution.
Executive Summary:
A critical stack-based buffer overflow in Zyxel GS1900-48HPv2 switches could allow unauthenticated attackers to execute arbitrary OS commands.
Vulnerability Details
CVE-ID: CVE-2026-7273
Affected Software: Zyxel GS1900-48HPv2
Affected Versions: firmware versions through 2.90(ABTQ.1)C0
Vulnerability: This is a stack-based buffer overflow vulnerability within the switch's CGI program. An unauthenticated, LAN-based attacker can send a specially crafted HTTP request to trigger the overflow, potentially leading to the execution of arbitrary operating system commands with elevated privileges.
Business Impact
With a CVSS score of 8.8, this vulnerability represents a critical risk to network infrastructure. Since the device is a network switch, successful exploitation could grant an attacker a persistent foothold within the internal network, leading to lateral movement, traffic interception, or total control over network traffic.
Remediation Plan
Immediate Action: Check the Zyxel support portal for the latest firmware release and apply it to all affected GS1900-48HPv2 units.
Proactive Monitoring: Monitor internal network traffic for anomalous HTTP requests directed at switch management interfaces.
Compensating Controls: Restrict access to the switch management interface to a dedicated, isolated management VLAN or via physical port security.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of June 16, 2026, there is no public information indicating active exploitation. However, the nature of buffer overflows in networking gear makes this a highly dangerous vector that should be addressed immediately.
Analyst Recommendation
Networking hardware is a prime target for attackers seeking persistence. Given the severity of this vulnerability, administrators should prioritize firmware updates for all deployed GS1900-48HPv2 switches to mitigate the risk of unauthorized remote command execution.
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2)...
An operator precedence bug in the kernel results in a scenario where a buffer overflow causes attacker-controlled data to overwrite adjacent execve(2) argument buffers
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary fi...
The WP-Optimize – Cache, Compress images, Minify & Clean database to boost page speed & performance plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the unscheduled_original_file_deletion function in all versions up to, and including, 4
Update WordPress plugin/theme to the latest version. Review WordPress security settings and remove if no longer needed.
Eppendorf BioFlo 320 is vulnerable to unauthorized access via a hard-coded password in the VNC server.
Eppendorf BioFlo 320 is vulnerable to unauthorized access via a hard-coded password in the VNC server.
---METADATA---
VENDOR: Eppendorf
PRODUCT: BioFlo 320
AFFECTED_VERSIONS: See vendor advisory
---END_METADATA---
Description Summary:
Eppendorf BioFlo 320 is vulnerable to unauthorized access via a hard-coded password in the VNC server.
Executive Summary:
The Eppendorf BioFlo 320 bioreactor controller is vulnerable to unauthorized full control due to the use of a hard-coded password in its VNC server.
Vulnerability Details
CVE-ID: CVE-2026-7251
Affected Software: Eppendorf, BioFlo 320
Affected Versions: See vendor advisory
Vulnerability: The device uses a hard-coded password for its VNC remote access feature. Furthermore, VNC traffic is transmitted unencrypted, allowing a remote attacker to gain full control of the user interface if they have network access to the device.
Business Impact
This vulnerability poses a significant physical and operational risk. A CVSS score of 9.8 reflects the ability of an attacker to take full control of laboratory equipment, potentially causing damage to experiments, loss of research data, or physical safety hazards in a laboratory setting.
Remediation Plan
Immediate Action: Contact the vendor for firmware updates and immediately disable VNC access on all exposed BioFlo 320 devices.
Proactive Monitoring: Inspect network traffic for unauthorized VNC connections to laboratory equipment.
Compensating Controls: Isolate BioFlo 320 units on a dedicated, non-routable network or behind a VPN to prevent external access.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of May 26, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
The use of hard-coded credentials in industrial or scientific equipment is a severe security failure. Organizations must immediately isolate these devices from public-facing networks and work with the vendor to apply necessary security updates or configuration changes.
Update Eppendorf Multiple Products to the latest version. Check vendor security advisory for specific patch details. Monitor for exploitation attempts and review access logs.
A remote buffer overflow vulnerability in the D-Link DI-8100 CGI endpoint allows for arbitrary code execution.
A remote buffer overflow vulnerability in the D-Link DI-8100 CGI endpoint allows for arbitrary code execution.
---METADATA---
VENDOR: D-Link
PRODUCT: DI-8100
AFFECTED_VERSIONS: 16.07.26A1
---END_METADATA---
Description Summary:
A remote buffer overflow vulnerability in the D-Link DI-8100 CGI endpoint allows for arbitrary code execution.
Executive Summary:
A critical remote buffer overflow vulnerability in D-Link DI-8100 firmware allows unauthenticated attackers to execute arbitrary code via the CGI interface.
Vulnerability Details
CVE-ID: CVE-2026-7248
Affected Software: D-Link DI-8100
Affected Versions: 16.07.26A1
Vulnerability: The tgfile_htm function within the CGI component fails to properly validate the fn argument, resulting in a buffer overflow that can be triggered remotely by an unauthenticated attacker.
Business Impact
With a CVSS score of 9.8, this vulnerability allows for complete remote compromise of the affected D-Link device. Attackers can leverage this access to establish persistence, pivot into the internal network, or intercept traffic, creating a high-severity risk to network integrity.
Remediation Plan
Immediate Action: Apply the latest firmware update provided by D-Link to patch the buffer overflow vulnerability.
Proactive Monitoring: Inspect network logs for unusual requests targeting CGI endpoints and monitor for unexpected outbound traffic from the device.
Compensating Controls: Disable remote management of the device and restrict access to the web interface to trusted internal IP addresses using an ACL or firewall.
Exploitation Status
Public Exploit Available: True
Analyst Notes: As of Apr 28, 2026, a public exploit is available for this vulnerability. Given the ease of remote exploitation, the risk to unpatched devices is extreme.
Analyst Recommendation
Immediate remediation is required as an exploit is publicly available and the device is susceptible to remote code execution. If a patch cannot be immediately applied, the device must be removed from internet-facing segments to prevent compromise.
Update D-Link DI to the latest version. Monitor for exploitation attempts and review access logs.
Pallets Click, versions 8
Pallets Click, versions 8
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A remote OS command injection vulnerability in the Totolink A8000RU CGI handler is reachable via the setWiFiEasyGuestCfg function's merge argument.
A remote OS command injection vulnerability in the Totolink A8000RU CGI handler is reachable via the setWiFiEasyGuestCfg function's merge argument.
---METADATA---
VENDOR: Totolink
PRODUCT: A8000RU
AFFECTED_VERSIONS: 7.1cu.643_b20200521
---END_METADATA---
Description Summary:
A remote OS command injection vulnerability in the Totolink A8000RU CGI handler is reachable via the setWiFiEasyGuestCfg function's merge argument.
Executive Summary:
A critical remote command injection vulnerability in the Totolink A8000RU router allows unauthenticated attackers to execute arbitrary system commands.
Vulnerability Details
CVE-ID: CVE-2026-7244
Affected Software: Totolink A8000RU
Affected Versions: 7.1cu.643_b20200521
Vulnerability: The setWiFiEasyGuestCfg function within /cgi-bin/cstecgi.cgi is vulnerable to OS command injection. An unauthenticated remote attacker can inject commands by manipulating the merge argument.
Business Impact
The CVSS score of 9.8 identifies this as a critical issue. Successful exploitation allows an attacker to gain full control over the router, compromising the security of both the primary and guest wireless networks.
Remediation Plan
Immediate Action: Apply the latest firmware update provided by Totolink to remediate the vulnerability.
Proactive Monitoring: Monitor for unauthorized changes to guest Wi-Fi configurations and unusual system activity.
Compensating Controls: Restrict administrative access to the router to trusted internal management subnets.
Exploitation Status
Public Exploit Available: Yes
Analyst Notes: As of Apr 28, 2026, public exploits are available for this vulnerability. Immediate action is required to protect the network.
Analyst Recommendation
This vulnerability is highly severe and requires immediate patching. Administrators should verify the current firmware version and ensure it is updated to the latest release to prevent exploitation.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
The Totolink A8000RU is susceptible to remote OS command injection in the setRadvdCfg function, reachable via the maxRtrAdvInterval argument.
The Totolink A8000RU is susceptible to remote OS command injection in the setRadvdCfg function, reachable via the maxRtrAdvInterval argument.
---METADATA---
VENDOR: Totolink
PRODUCT: A8000RU
AFFECTED_VERSIONS: 7.1cu.643_b20200521
---END_METADATA---
Description Summary:
The Totolink A8000RU is susceptible to remote OS command injection in the setRadvdCfg function, reachable via the maxRtrAdvInterval argument.
Executive Summary:
A critical remote command injection vulnerability in the Totolink A8000RU router allows unauthenticated attackers to execute arbitrary system commands.
Vulnerability Details
CVE-ID: CVE-2026-7243
Affected Software: Totolink A8000RU
Affected Versions: 7.1cu.643_b20200521
Vulnerability: This vulnerability is located in the setRadvdCfg function of the /cgi-bin/cstecgi.cgi file. An unauthenticated attacker can leverage the maxRtrAdvInterval argument to perform OS command injection.
Business Impact
With a CVSS score of 9.8, this vulnerability poses a significant risk to the security of the network. Successful exploitation allows for complete device control, potentially leading to widespread network compromise and data theft.
Remediation Plan
Immediate Action: Update the affected Totolink A8000RU unit to the latest firmware version.
Proactive Monitoring: Monitor for suspicious network traffic and verify the integrity of router configuration settings.
Compensating Controls: Block access to the CGI handler from untrusted sources using firewall or access control lists.
Exploitation Status
Public Exploit Available: Yes
Analyst Notes: As of Apr 28, 2026, this vulnerability is publicly documented with available exploit code. It should be treated as an urgent patching priority.
Analyst Recommendation
Administrators must prioritize the firmware update to mitigate this high-risk vulnerability. Given the ease of exploitation, ensure that the device management interface is not exposed to the public internet.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
A remote OS command injection vulnerability in the Totolink A8000RU CGI handler is accessible via the setOpenVpnClientCfg function's enabled argument.
A remote OS command injection vulnerability in the Totolink A8000RU CGI handler is accessible via the setOpenVpnClientCfg function's enabled argument.
---METADATA---
VENDOR: Totolink
PRODUCT: A8000RU
AFFECTED_VERSIONS: 7.1cu.643_b20200521
---END_METADATA---
Description Summary:
A remote OS command injection vulnerability in the Totolink A8000RU CGI handler is accessible via the setOpenVpnClientCfg function's enabled argument.
Executive Summary:
A critical remote command injection vulnerability in the Totolink A8000RU router allows unauthenticated attackers to execute arbitrary system commands.
Vulnerability Details
CVE-ID: CVE-2026-7242
Affected Software: Totolink A8000RU
Affected Versions: 7.1cu.643_b20200521
Vulnerability: The setOpenVpnClientCfg function in the /cgi-bin/cstecgi.cgi file contains an OS command injection vulnerability. An unauthenticated attacker can exploit this by sending a crafted request to the enabled argument.
Business Impact
The CVSS score of 9.8 reflects the high risk of this vulnerability. Exploitation can lead to complete takeover of the router, allowing attackers to compromise VPN connections and gain unauthorized access to the internal network.
Remediation Plan
Immediate Action: Update the router to the latest available firmware version to patch this security flaw.
Proactive Monitoring: Monitor for unexpected VPN configuration changes and anomalous outbound traffic from the device.
Compensating Controls: Restrict access to the router's web interface to trusted internal IP addresses only.
Exploitation Status
Public Exploit Available: Yes
Analyst Notes: As of Apr 28, 2026, public exploit code exists, making this a high-priority threat for any organization using the affected equipment.
Analyst Recommendation
Immediate patching is required to address this vulnerability. Organizations should also conduct a review of their VPN configuration to ensure that no unauthorized changes have been made.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
The Totolink A8000RU is vulnerable to remote OS command injection via the setWiFiBasicCfg function, triggered by the wifiOff argument.
The Totolink A8000RU is vulnerable to remote OS command injection via the setWiFiBasicCfg function, triggered by the wifiOff argument.
---METADATA---
VENDOR: Totolink
PRODUCT: A8000RU
AFFECTED_VERSIONS: 7.1cu.643_b20200521
---END_METADATA---
Description Summary:
The Totolink A8000RU is vulnerable to remote OS command injection via the setWiFiBasicCfg function, triggered by the wifiOff argument.
Executive Summary:
A critical remote command injection vulnerability in the Totolink A8000RU router allows unauthenticated attackers to execute arbitrary system commands.
Vulnerability Details
CVE-ID: CVE-2026-7241
Affected Software: Totolink A8000RU
Affected Versions: 7.1cu.643_b20200521
Vulnerability: This vulnerability is found in the setWiFiBasicCfg function of the /cgi-bin/cstecgi.cgi component. Unauthenticated attackers can inject OS commands by manipulating the wifiOff argument.
Business Impact
The CVSS score of 9.8 indicates a critical security risk. An attacker can execute arbitrary commands with high privileges, leading to full device compromise and potential disruption of wireless network services.
Remediation Plan
Immediate Action: Apply the latest firmware update released by the vendor to resolve this vulnerability.
Proactive Monitoring: Inspect system logs for unusual behavior and monitor for unauthorized changes to Wi-Fi settings.
Compensating Controls: If a patch is unavailable, block all external access to the device management interface using firewall rules.
Exploitation Status
Public Exploit Available: Yes
Analyst Notes: As of Apr 28, 2026, the vulnerability is publicly known and exploitable. The potential for widespread impact is high.
Analyst Recommendation
Patching is the only reliable way to fix this vulnerability. Administrators should ensure that all Totolink devices are updated to the latest version and verify that remote management is disabled to reduce the attack surface.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/...
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument User leads to os command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.
---METADATA---
VENDOR: Totolink
PRODUCT: A8000RU
AFFECTED_VERSIONS: 7.1cu.643_b20200521
---END_METADATA---
Description Summary:
A remote OS command injection vulnerability in the Totolink A8000RU CGI handler is reachable through the setVpnAccountCfg function's User argument.
Executive Summary:
A critical remote command injection vulnerability in the Totolink A8000RU router allows unauthenticated attackers to achieve full system control.
Vulnerability Details
CVE-ID: CVE-2026-7240
Affected Software: Totolink A8000RU
Affected Versions: 7.1cu.643_b20200521
Vulnerability: The setVpnAccountCfg function in the /cgi-bin/cstecgi.cgi file fails to sanitize the User argument. This oversight enables an unauthenticated attacker to inject arbitrary OS commands remotely.
Business Impact
With a CVSS score of 9.8, this is a high-impact vulnerability. Successful exploitation grants the attacker administrative access to the router, which can be used to compromise the entire network, intercept traffic, or facilitate lateral movement.
Remediation Plan
Immediate Action: Update the affected device to the most recent firmware version provided by the manufacturer.
Proactive Monitoring: Monitor logs for suspicious input characters in web requests and watch for unauthorized VPN account modifications.
Compensating Controls: Disable remote management of the router and limit access to the internal network side only.
Exploitation Status
Public Exploit Available: Yes
Analyst Notes: As of Apr 28, 2026, the vulnerability is public and exploitable. Immediate remediation is necessary to mitigate the risk of remote takeover.
Analyst Recommendation
Organizations should prioritize updating the vulnerable firmware. Given that this is a command injection vulnerability, it is essential to assume that any exposed device may have been compromised and to perform a security audit of the network environment post-patching.
Update Unknown Multiple Products to the latest version. Monitor for exploitation attempts and review access logs.
A vulnerability was detected in AgiFlow scaffold-mcp up to 1
A vulnerability was detected in AgiFlow scaffold-mcp up to 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A weakness has been identified in BrowserOperator browser-operator-core up to 0
A weakness has been identified in BrowserOperator browser-operator-core up to 0
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1
A vulnerability was detected in SourceCodester Pizzafy Ecommerce System 1
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: Google
PRODUCT: Chrome on Windows
AFFECTED_VERSIONS: See vendor advisory for specific affected versions
---END_METADATA---
Description Summary:
A use-after-free vulnerability in the Accessibility component of Google Chrome on Windows could allow for arbitrary code execution.
Executive Summary:
A critical use-after-free vulnerability in Google Chrome’s Accessibility component on Windows presents a significant risk of remote code execution.
Vulnerability Details
CVE-ID: CVE-2026-7344
Affected Software: Google Chrome on Windows
Affected Versions: See vendor advisory for specific affected versions
Vulnerability: The vulnerability involves a use-after-free error in the Accessibility feature of Chrome. An unauthenticated attacker can trigger this flaw by enticing a user to visit a malicious website.
Business Impact
With a CVSS score of 8.8, this flaw represents a high risk to Windows-based enterprise workstations. If exploited, an attacker could gain control over the browser process, potentially leading to privilege escalation or further lateral movement within the corporate network.
Remediation Plan
Immediate Action: Update Google Chrome on all Windows workstations to version 147 or later immediately.
Proactive Monitoring: Monitor system logs for unexpected application crashes or unauthorized process executions originating from the Chrome browser.
Compensating Controls: Use Group Policy to enforce browser updates and limit the execution of high-risk browser extensions.
Exploitation Status
Public Exploit Available: false
Analyst Notes: As of April 30, 2026, there is no public information indicating active exploitation of this vulnerability. However, due to the nature of the flaw, the potential for exploitation is high.
Analyst Recommendation
Given the widespread use of Chrome on Windows, this vulnerability should be treated with high urgency. IT administrators must ensure that all Windows clients are updated to the latest version to protect against potential exploitation.