By weakness (CWE)

CWE-119: related vulnerabilities

CVEs classified under CWE-119. Understanding the weakness class helps prioritize systemic fixes over one-off patches.

48 published vulnerabilities

  • CVE-2026-10062HIGH 8.8

    A stack-based buffer overflow vulnerability was discovered in the TRENDnet TEW-432BRP router (firmware version 3.10B20) affecting the route configuration function. An authenticated attacker can send specially crafted requests containing oversized IP, netmask, or gateway parameters to the /goform/formSetRoute endpoint, causing a buffer overflow that enables complete compromise of the device. The vulnerability requires valid login credentials but has been publicly disclosed. Critically, this device reached end-of-life in 2009—over 15 years ago—and the vendor has confirmed no patches or fixes will be developed.

  • CVE-2026-10063HIGH 8.8

    A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router (firmware version 3.10B20) that allows authenticated attackers to remotely crash the device or potentially execute arbitrary code. The flaw is in the WPS (Wi-Fi Protected Setup) configuration function and can be triggered by sending a specially crafted request with an oversized PIN parameter. Critically, this router model reached end-of-life in 2009—over 15 years ago—and TRENDnet has confirmed they will not be providing patches or fixes.

  • CVE-2026-10065HIGH 8.8

    Shibby Tomato 1.28 contains a stack-based buffer overflow vulnerability in the UPS data retrieval function of its web interface. An authenticated attacker can manipulate the Date parameter to overflow a buffer on the stack, potentially executing arbitrary code on the affected device. Since Shibby Tomato is no longer maintained and has been superseded by FreshTomato, this vulnerability affects legacy installations that have not migrated to the actively supported successor.

  • CVE-2026-10066HIGH 8.8

    A stack-based buffer overflow vulnerability exists in Shibby Tomato firmware versions up to 1.28, specifically in the UPS Service component (tomatoups.cgi). An authenticated attacker with remote network access can trigger this flaw to potentially execute arbitrary code, compromise confidentiality and integrity, or cause denial of service. Notably, Shibby Tomato is no longer maintained; the project has been superseded by FreshTomato. Organizations still running unsupported Shibby Tomato instances face ongoing risk from this flaw without vendor patching.

  • CVE-2026-10067HIGH 8.8

    Shibby Tomato version 1.28 contains a stack-based buffer overflow vulnerability in the multimon.cgi component that allows authenticated attackers to execute arbitrary code remotely. The vulnerability exists in the sub_90F0 function and can be triggered through network requests without user interaction. Since Shibby Tomato is no longer maintained and has been superseded by FreshTomato, patches are not available from the original maintainers.

  • CVE-2026-10119HIGH 8.8

    A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP router (firmware version 3.10B20) in the MAC filter configuration function. An authenticated attacker can send a specially crafted request to overflow the stack via the filter_name parameter, potentially allowing code execution on the device. This affects only legacy hardware that has been end-of-life since 2009—the vendor has explicitly stated no patches will be released due to the product's age and lack of ongoing support.

  • CVE-2026-10120HIGH 8.8

    A stack-based buffer overflow exists in the TRENDnet TEW-432BRP wireless router running firmware version 3.10B20. An attacker with network access and valid credentials can send a specially crafted request to the firewall configuration function, causing a buffer overflow that crashes the device or potentially executes arbitrary code. The vendor has confirmed the product reached end-of-life in 2009 and will not issue patches. Public exploit code is available.

  • CVE-2026-10121HIGH 8.8

    A stack-based buffer overflow vulnerability has been discovered in the TRENDnet TEW-432BRP wireless router running firmware version 3.10B20. The flaw exists in the URL filter configuration function and can be triggered by sending a specially crafted request containing an oversized keyword list parameter. An attacker with network access and valid credentials can exploit this remotely to crash the device or potentially execute arbitrary code. TRENDnet has confirmed the product reached end-of-life in 2009 and will not be issuing patches.

  • CVE-2026-10122HIGH 8.8

    A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router (firmware version 3.10B20) within the protocol filter configuration function. An attacker with network access and valid login credentials can send a specially crafted request to overflow a buffer on the router's stack, potentially executing arbitrary code. TRENDnet has confirmed this product reached end-of-life 15 years ago and will not provide patches. While the exploit details are publicly available, this vulnerability poses limited enterprise risk due to the device's age and likely scarcity in production environments.

  • CVE-2026-10123HIGH 8.8

    A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router (firmware version 3.10B20) affecting the domain filtering function. An authenticated attacker can exploit this by manipulating domain filter parameters to overflow the stack, potentially gaining control of the device. Notably, this product reached end-of-life in 2009 and is no longer supported by the vendor, meaning no patches will be issued.

  • CVE-2026-10124HIGH 8.8

    A stack-based buffer overflow has been discovered in Shibby Tomato, a Linux router distribution, affecting versions up to 1.28. The vulnerability exists in the RIP (Routing Information Protocol) daemon's IPv4 handling function and allows authenticated attackers to overflow memory on the system stack, potentially leading to code execution. The flaw has been publicly disclosed, and exploit code is available. Critically, Shibby Tomato is no longer maintained by its original developers, having been superseded by FreshTomato. This means no security patches will be released for affected installations.

  • CVE-2026-10125HIGH 8.8

    A stack-based buffer overflow exists in Edimax BR-6478AC version 1.23 routers when processing PPPoE setup requests. An authenticated attacker can send a crafted request with an oversized username parameter to the formPPPoESetup endpoint, causing the router to crash or potentially execute arbitrary code. The vulnerability requires login credentials but poses significant risk since routers are often accessible from the internet and public exploit code is available.

  • CVE-2026-10126HIGH 8.8

    A buffer overflow vulnerability exists in Edimax BR-6478AC version 1.23 that allows authenticated users to crash the device or potentially execute arbitrary code. The flaw is in the QoS settings handler and can be triggered by sending a specially crafted request with an oversized value in the selSSID parameter. An attacker with valid router credentials can exploit this remotely without user interaction. Public exploit code is available, elevating the practical risk.

  • CVE-2026-10158HIGH 8.8

    A stack-based buffer overflow has been discovered in the TRENDnet TEW-432BRP wireless router (firmware version 3.10B20). An authenticated attacker can send a specially crafted request to the port forwarding configuration interface, exploiting improper input validation on the server_name parameter. This can lead to remote code execution on the device. The vulnerability is particularly concerning because exploit code has already been released publicly. However, the affected product reached end-of-life in 2009 and the vendor has stated they cannot provide patches.

  • CVE-2026-10159HIGH 8.8

    A stack-based buffer overflow vulnerability has been discovered in the TRENDnet TEW-432BRP wireless router (version 3.10B20), specifically in the system log configuration function. An attacker with network access and valid credentials can send a specially crafted request to trigger a memory overflow, potentially executing arbitrary code on the device. The vendor has confirmed the product reached end-of-life in 2009 and will not be patching this issue.

  • CVE-2026-10160HIGH 8.8

    A stack-based buffer overflow vulnerability exists in the TRENDnet TEW-432BRP wireless router (firmware version 3.10B20). An authenticated attacker can exploit this flaw by manipulating the 'start_wizard' parameter sent to the router's web interface, potentially allowing remote code execution. The vendor has confirmed this product reached end-of-life in 2009 and will not issue patches.

  • CVE-2026-10161HIGH 8.8

    A stack-based buffer overflow exists in the TRENDnet TEW-432BRP wireless router (firmware version 3.10B20) in a network-accessible configuration function. An authenticated attacker can send a specially crafted request to the `/goform/formResetStatistic` endpoint with a malicious `status_statistic` parameter that overflows memory and corrupts the stack, potentially leading to code execution or denial of service. The device has been out of support since 2009, and the vendor has explicitly stated they cannot patch this issue.

  • CVE-2026-10162HIGH 8.8

    TRENDnet's TEW-432BRP wireless router (version 3.10B20) contains a stack-based buffer overflow vulnerability in its password-setting function. An authenticated attacker can send specially crafted input to the formSetPassword endpoint to overflow memory and potentially execute code on the device. The device has been end-of-life since 2009, and the vendor explicitly will not release patches. While the attack requires login credentials, the high CVSS score reflects the severity of potential compromise.

  • CVE-2026-10163HIGH 8.8

    A buffer overflow vulnerability exists in Edimax BR-6478AC version 1.23 that allows authenticated users to crash the router or potentially execute code by sending specially crafted requests to the USB account configuration endpoint. An attacker with login credentials can exploit this flaw remotely without further user interaction. The vulnerability has already been publicly disclosed, increasing the likelihood of active exploitation.

  • CVE-2026-10164HIGH 8.8

    A buffer overflow vulnerability exists in Edimax BR-6478AC router firmware version 1.23 that allows authenticated users to execute arbitrary code on the device. The flaw resides in the USB folder sharing feature and can be triggered by sending a specially crafted request with an oversized ShareName or SelectName parameter. Because the vulnerability requires valid credentials and the exploit has already been disclosed publicly, the risk of active exploitation is elevated.

  • CVE-2026-10165HIGH 8.8

    Edimax BR-6478AC wireless routers running firmware version 1.23 contain a critical flaw in their network configuration interface. An authenticated attacker can send a specially crafted network request to overflow the device's memory, potentially gaining complete control over the router. The vulnerability requires an existing user account but no additional interaction from administrators, making it a practical concern for organizations deploying these devices.

  • CVE-2026-10179HIGH 8.8

    A stack-based buffer overflow vulnerability affects the TRENDnet TEW-432BRP wireless router running firmware version 3.10B20. An authenticated attacker can send a specially crafted request to the wireless encryption settings function, causing a memory overflow that could lead to remote code execution. The router has been end-of-life since 2009, and the vendor has stated they cannot fix the issue due to the product's age.

  • CVE-2026-10181HIGH 8.8

    A stack-based buffer overflow vulnerability affects the TRENDnet TEW-432BRP wireless router (firmware version 3.10B20). An authenticated remote attacker can exploit this by manipulating the 'submit-url' parameter in the /goform/formSysCmd endpoint, potentially leading to code execution or system crash. However, this device has been end-of-life since 2009, and the vendor has stated it will not be patching the issue due to the product's age.

  • CVE-2026-10183HIGH 8.8

    A stack-based buffer overflow exists in the TRENDnet TEW-432BRP wireless router (firmware version 3.10B20) in the WLAN configuration handler. An authenticated attacker can send a specially crafted request to the `/goform/formWlanSetup` endpoint with an oversized 'enrollee' parameter, causing the application to crash or potentially execute arbitrary code on the device. The vendor confirms this product reached end-of-life in 2009 and will not issue patches.

  • CVE-2026-10188HIGH 8.8

    A stack-based buffer overflow vulnerability exists in Tenda W12 firmware version 3.0.0.7(4763). An authenticated remote attacker can exploit this flaw by manipulating the staMac parameter passed to the cgistaKickOff function in the HTTP daemon (/bin/httpd), potentially executing arbitrary code with elevated privileges. Public exploit code is available, elevating the practical risk of this vulnerability.

  • CVE-2026-10189HIGH 8.8

    A stack-based buffer overflow vulnerability exists in Tenda W12 firmware version 3.0.0.7(4763). The flaw is in the web server's time configuration function, which fails to properly validate user input in the 'sec' parameter. An authenticated attacker can exploit this over the network to crash the device or execute arbitrary code with the privileges of the web server process. Public exploit code is available, increasing practical risk.

  • CVE-2026-10191HIGH 8.8

    A stack-based buffer overflow exists in Tenda W12 firmware version 3.0.0.7(4763) within the Wi-Fi MAC filter configuration function. An authenticated attacker can exploit this by sending a specially crafted MAC address list parameter to the web interface, causing memory corruption that may lead to code execution, information disclosure, or service disruption. The vulnerability is reachable over the network and exploit code has been made publicly available.

  • CVE-2026-10192HIGH 8.8

    A stack-based buffer overflow vulnerability exists in Tenda W12 firmware version 3.0.0.7(4763). An authenticated attacker can send a specially crafted time-setting request to the web interface that causes a memory corruption condition, potentially allowing arbitrary code execution on the affected device. Public exploit code is available, increasing the practical risk.

  • CVE-2026-10206HIGH 8.8

    D-Link DI-8400 routers contain a stack-based buffer overflow vulnerability in the /dbsrv.asp file that can be exploited by authenticated attackers to gain complete control of the device. By manipulating a specific parameter, an attacker with valid credentials can overflow memory on the router and execute arbitrary code remotely. This vulnerability affects firmware versions up to 16.07.26A1, and proof-of-concept code is publicly available, raising the risk of active exploitation.

  • CVE-2026-10259HIGH 8.8

    H3C Magic B0 devices running firmware up to version 100R002 contain a remotely exploitable vulnerability in their web interface. An authenticated attacker can send a specially crafted request to the SetMobileAPInfoById function that causes a stack-based buffer overflow, potentially allowing them to execute arbitrary code on the affected device. Public exploit details are already available, elevating the practical risk.

  • CVE-2026-10270HIGH 8.8

    D-Link DI-7001 MINI routers running firmware version 19.09.19A1 and earlier contain a stack-based buffer overflow in the web API debug interface. An attacker with valid login credentials can send a specially crafted request to the /httpd_debug.asp endpoint that overflows a buffer, potentially allowing arbitrary code execution on the device. Exploit code has been publicly disclosed, elevating near-term risk.

  • CVE-2026-10292HIGH 8.8

    A stack-based buffer overflow exists in UTT HiPER 1200GW network devices running firmware version 2.5.3-170306 and earlier. The vulnerability resides in the task editing form handler and is exploitable by authenticated remote attackers. An attacker with valid credentials can send a specially crafted request that overflows a buffer, potentially allowing arbitrary code execution on the device. Public exploit code is available, increasing the risk of active exploitation.

  • CVE-2026-10293HIGH 8.8

    A stack-based buffer overflow vulnerability exists in UTT HiPER 1200GW networking devices (versions up to 2.5.3-170306). An attacker with valid login credentials can send a specially crafted request to the firewall configuration endpoint that causes the device to overflow its memory, potentially leading to code execution, data theft, or denial of service. Public exploit code is available, elevating the practical risk.

  • CVE-2026-10904HIGH 8.8

    Google Chrome versions prior to 149.0.7827.53 contain a flaw in the V8 JavaScript engine that allows attackers to break out of the browser sandbox and run malicious code with full privileges. An attacker can exploit this by tricking a user into visiting a specially crafted website. Once triggered, the vulnerability bypasses Chrome's security boundary—the sandbox that normally isolates web content from the rest of the system—giving an attacker direct access to execute arbitrary code on the victim's machine.

  • CVE-2026-10701HIGH 7.5

    Firefox's text rendering engine contains a flaw in how it validates memory boundaries when processing text data. An attacker on the network can exploit this without requiring user interaction or special permissions, allowing them to read sensitive information from the browser's memory. The vulnerability affects Firefox versions prior to 151.0.3.

  • CVE-2026-10064MEDIUM 6.3

    TRENDnet has disclosed a remote stack-based buffer overflow vulnerability in the TEW-432BRP wireless router (firmware version 3.10B20 and earlier). An authenticated attacker can exploit this flaw by sending a specially crafted request to the port forwarding configuration endpoint, potentially allowing code execution or denial of service. The vendor has confirmed this product reached end-of-life in 2009 and will not issue patches. Public exploit code is available, elevating the practical risk despite the device's age.

  • CVE-2026-10194MEDIUM 6.3

    A heap-based buffer overflow exists in OFFIS DCMTK 3.7.0 within the query/retrieve service component (dcmqrscp). An authenticated attacker can trigger this flaw remotely by sending specially crafted requests to the image deletion function, potentially causing memory corruption, data loss, or service disruption. The vulnerability requires valid credentials to exploit but poses moderate risk in networked medical imaging environments where DCMTK is deployed.

  • CVE-2026-10703MEDIUM 6.3

    A use-after-free memory safety flaw exists in EIPStackGroup OpENer versions up to 2.3.0 within the SendRRData request handler. An authenticated attacker can remotely trigger memory corruption by crafting malicious messages, potentially leading to information disclosure or service disruption. The vulnerability has been publicly disclosed but the vendor has not yet acknowledged or released a patch.

  • CVE-2026-10200MEDIUM 5.3

    Assimp, a popular open-source 3D model import library, contains a heap-based buffer overflow vulnerability in its glTF file format parser. An attacker with local access to a system can craft a malicious glTF file with a specially crafted 4x4 matrix to overflow memory and trigger a crash, information disclosure, or potential code execution. The vulnerability affects Assimp versions up to 6.0.4 and has been publicly disclosed.

  • CVE-2026-10229MEDIUM 5.3

    Assimp, a widely-used 3D model import library, contains a heap-based buffer overflow in its Half-Life 1 MDL file loader. An attacker with local system access can craft a malicious .MDL file that, when processed by an application using vulnerable Assimp versions up to 6.0.4, triggers memory corruption. This could lead to information disclosure, data corruption, or process crash. The vulnerability requires local execution and has been publicly disclosed.

  • CVE-2026-10230MEDIUM 5.3

    Assimp, a popular open-source 3D model import library, contains a heap buffer overflow vulnerability in its Half-Life 1 MDL file loader. The vulnerability exists in the animation-reading function and can be triggered by a malicious or crafted MDL file. An attacker with local access can exploit this to read sensitive memory, modify data, or crash the application. The vulnerability affects Assimp versions up to 6.0.4.

  • CVE-2026-10231MEDIUM 5.3

    Assimp, a popular open-source 3D model importing library, contains a heap buffer overflow vulnerability in its Half-Life 1 MDL file loader. By crafting a malicious MDL file that manipulates the animation value counter, an attacker with local system access can trigger memory corruption. This flaw requires the attacker to be already present on the system and execute code that processes a specially crafted model file, making it a local-origin threat rather than a remote network attack.

  • CVE-2026-10232MEDIUM 5.3

    CVE-2026-10232 is a use-after-free vulnerability in Assimp, an open-source 3D model import library, affecting versions up to 6.0.4. The flaw exists in the ASE file parser component and can be triggered by a local attacker with user-level privileges when processing specially crafted ASE (ASCII Scene Export) files. Exploitation could allow an attacker to read sensitive data, modify application state, or crash the process. Because exploitation requires local access and user permissions, the risk is primarily relevant in multi-user systems or scenarios where untrusted ASE files are processed by privileged applications.

  • CVE-2026-10275MEDIUM 5.0

    A buffer overflow vulnerability exists in OpenSC versions up to 0.26.1 within the pkcs11-tool component's key generation functionality. The flaw allows an attacker to overflow a buffer during certificate writing operations, potentially enabling remote code execution or data corruption. Exploitation requires user interaction and specific conditions, making it moderately difficult to weaponize, though a proof-of-concept has already been disclosed.

  • CVE-2026-10114MEDIUM 4.3

    Open5GS versions up to 2.7.7 contain a flaw in how they parse shared NF profile information. When processing certain malformed input, the application writes data beyond the intended memory boundary, potentially crashing the service. While an attacker must have valid network credentials to exploit this, the vulnerability has been publicly disclosed, increasing the likelihood it will be weaponized.

  • CVE-2026-10233LOW 3.3

    Assimp, a popular open-source 3D model importing library, contains an out-of-bounds read vulnerability in its Half-Life 1 MDL file loader. When processing specially crafted MDL files, the vulnerability allows an attacker with local access to read memory outside intended boundaries. While the issue has been publicly disclosed, the impact is limited to information disclosure with no ability to modify or crash systems. This vulnerability requires local file system access and authenticated user privileges to trigger.

  • CVE-2026-10267LOW 3.3

    A flaw in the Janet programming language (version 1.41.0 and earlier) allows a local user to read memory beyond intended boundaries in the debug frame handling code. The vulnerability requires local system access and valid user credentials to exploit, but poses a confidentiality risk by enabling unauthorized disclosure of sensitive data in memory.

  • CVE-2026-10528LOW 3.3

    Orthanc DICOM Server versions up to 1.12.11 contain a stack-based buffer overflow vulnerability in the DCMTK parser component. The flaw exists in the DcmItem::read function and can be triggered through malicious DICOM file manipulation. An attacker with local system access can exploit this to cause a denial of service condition. The vulnerability has been publicly disclosed with working exploit code available.