CVE-2026-49494 - Comodo Internet Security's firewall driver Inspect.sys contains an integer underflow in its IPv6 pac

CVE-2026-8438 - The All-In-One Security (AIOS) – Security and Firewall plugin for WordPress is vulnerable to Stored

CVE-2026-25624 - An administrative cross-site scripting (XSS) vulnerability exists in the web user interface dashboar

CVE-2026-25623 - An input validation command execution vulnerability exists in the browser management pipeline of Ari

CVE-2026-25622 - A Captive Portal Custom Handler command injection vulnerability exists in Arista Edge Threat Managem

CVE-2026-25621 - A Reports application infrastructure vulnerability exists in Arista Edge Threat Management - Arista

CVE-2026-25620 - An encrypted password command injection vulnerability exists in the Captive Portal application frame

CVE-2026-50224 - The web administration panel binds broadly to the public IPv6 address space on port [::]:8080 withou

CVE-2026-46244 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_inner: Fix IPv6

CVE-2026-10293 - A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of th

CVE-2026-10120 - A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function fo

CVE-2026-8903 - The Two-factor authentication (formerly IP Vault) plugin for WordPress is vulnerable to Cross-Site R

CVE-2026-48694 - FastNetMon Community Edition through 1.2.9 contains a configuration injection vulnerability in the J

CVE-2026-9407 - A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. Affected by this

CVE-2021-47977 - WordPress Plugin Anti-Malware Security and Bruteforce Firewall 4.20.59 contains a directory traversa

CVE-2026-45158 - OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, unsanitized user input i

CVE-2026-44195 - OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, a logic flaw in the OPNs

CVE-2026-44194 - OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.8, an authenticated Remote

CVE-2026-44193 - OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.7, the XMLRPC method opnsen

CVE-2026-0261 - Multiple command injection vulnerabilities in Palo Alto Networks PAN-OS® software enable an authenti

CVE-2026-0258 - A server-side request forgery (SSRF) vulnerability in the IKEv2 implementation of Palo Alto Networks

CVE-2026-0256 - A stored cross-site scripting (XSS) vulnerability in Palo Alto Networks PAN-OS® software enables a m

CVE-2026-0265 - An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthentic

CVE-2026-0263 - A buffer overflow vulnerability in the IKEv2 processing of Palo Alto Networks PAN-OS® software allow

CVE-2026-42268 - ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS

CVE-2026-43916 - pam_authnft is a PAM session module binding nftables firewall rules to authenticated sessions via cg

CVE-2026-41484 - OpenTelemetry.Exporter.OneCollector is a .NET exporter that sends telemetry to a OneCollector back-e

CVE-2026-41483 - OpenTelemetry.Resources.Azure is the .NET resource detector for Azure environments. In versions 1.15

CVE-2026-0300 - A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service o

CVE-2026-43233 - In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: f

CVE-2026-30923 - ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS

CVE-2026-41927 - WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains a stack-based buffer overflow vulner

CVE-2026-41926 - WDR201A WiFi Extender (HW V2.1, FW LFMZX28040922V1.02) contains an OS command injection vulnerabilit

CVE-2026-0206 - A post-authentication Stack-based Buffer Overflow vulnerabilities in SonicOS allows a remote attacke

CVE-2026-41200 - STIG Manager is an API and web client for managing Security Technical Implementation Guides (STIG)

CVE-2026-5981 - A vulnerability has been found in D-Link DIR-605L 2.13B01. This affects the function formAdvFirewall

CVE-2026-33774 - An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engin

CVE-2026-34578 - OPNsense is a FreeBSD based firewall and routing platform. Prior to 26.1.6, OPNsense's LDAP authenti

CVE-2026-5691 - A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function s

CVE-2026-5629 - A vulnerability was detected in Belkin F9K1015 1.00.10. The affected element is the function formSet

CVE-2021-4477 - Hirschmann HiLCOS OpenBAT and BAT450 products contain a firewall bypass vulnerability in IPv6 IPsec

CVE-2017-20233 - Hirschmann HiLCOS products OpenBAT, BAT450, WLC, BAT867 contains a firewall filtering vulnerability

CVE-2026-33691 - The OWASP core rule set (CRS) is a set of generic attack detection rules for use with compatible web

CVE-2026-34823 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34822 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the new_cert_na

CVE-2026-34821 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34820 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34819 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the REMARK para

CVE-2026-34818 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34817 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the ADDRESS BCC

CVE-2026-34816 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the domain para

CVE-2026-34815 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the DOMAIN para

CVE-2026-34814 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the group param

CVE-2026-34813 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the user parame

CVE-2026-34812 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the mimetypes p

CVE-2026-34811 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34810 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34809 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34808 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34807 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34806 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34805 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34804 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the dscp parame

CVE-2026-34803 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the name parame

CVE-2026-34802 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark user

CVE-2026-34801 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34800 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the NAME parame

CVE-2026-34799 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34798 - Endian Firewall version 3.3.25 and prior allow stored cross-site scripting (XSS) via the remark para

CVE-2026-34797 - Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands

CVE-2026-34796 - Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands

CVE-2026-34795 - Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands

CVE-2026-34794 - Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands

CVE-2026-34793 - Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands

CVE-2026-34792 - Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands

CVE-2026-34791 - Endian Firewall version 3.3.25 and prior allow authenticated users to execute arbitrary OS commands

CVE-2026-34790 - Endian Firewall version 3.3.25 and prior allow authenticated users to delete arbitrary files via dir

CVE-2026-5332 - A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the

CVE-2026-5004 - A vulnerability was determined in Wavlink WL-WN579X3-C 231124. This impacts the function sub_4019FC

CVE-2026-4948 - A flaw was found in firewalld. A local unprivileged user can exploit this vulnerability by mis-autho

CVE-2026-25341 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i

CVE-2026-20012 - A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco

CVE-2026-33768 - Astro is a web framework. Prior to version 10.0.2, the @astrojs/vercel serverless entrypoint reads t

CVE-2026-33250 - Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1

CVE-2026-4543 - A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is an unknown function

CVE-2019-25588 - BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address fie