Common Vulnerabilities and Exposures (CVE)
CVE-2026-5996
A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument tt...
CVE-2026-5993
A vulnerability was identified in Totolink A7100RU 7.4cu.2313_b20191024. This vulnerability affects the function setWiFiGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument wifiOff leads ...
CVE-2026-5991
A vulnerability was found in Tenda F451 1.0.0.7. Affected by this issue is the function formWrlExtraSet of the file /goform/WrlExtraSet. The manipulation of the argument GO results in stack-based buffer overflow. The attack may be launched ...
CVE-2026-26133
AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network.
CVE-2026-0385
Microsoft Edge (Chromium-based) for Android Spoofing Vulnerability
CVE-2026-32187
Microsoft Edge (Chromium-based) Defense in Depth Vulnerability
CVE-2026-26144
Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.
CVE-2026-26141
Improper authentication in Azure Arc allows an authorized attacker to elevate privileges locally.
CVE-2026-26130
Allocation of resources without limits or throttling in ASP.NET Core allows an unauthorized attacker to deny service over a network.
CVE-2026-26123
Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.
CVE-2026-26118
Server-side request forgery (ssrf) in Azure MCP Server allows an authorized attacker to elevate privileges over a network.
CVE-2026-26117
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.
CVE-2026-26110
Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
CVE-2026-26109
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
CVE-2026-26108
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.