NVD Vulnerabilities

Severity Distribution

Publication Trend

Vulnerability Database

CVE ID	Description	Published	Base Score	Attack Vector	Severity	Actions
CVE-2026-25196	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code executi...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-25105	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code ex...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-25037	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execut...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-24498	Exposure of Sensitive Information to an Unauthorized Actor vulnerability in EFM-Networks, Inc. IpTIME T5008, EFM-Networks, Inc. IpTIME AX2004M, EFM-Ne...	2026-02-27	6.0	ADJACENT	MEDIUM	NVD
CVE-2026-24497	Stack-based Buffer Overflow vulnerability in SimTech Systems, Inc. ThinkWise allows Remote Code Inclusion.This issue affects ThinkWise: from 7 through...	2026-02-27	8.4	LOCAL	HIGH	NVD
CVE-2026-24452	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execut...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-23702	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code executi...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-22877	An arbitrary file-read vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to read arbitrary files on the ...	2026-02-27	3.7	NETWORK	LOW	NVD
CVE-2026-20797	A stack based buffer overflow exists in an API route of XWEB Pro version 1.12.1 and prior, enabling unauthenticated attackers to cause stack corrupt...	2026-02-27	4.3	ADJACENT_NETWORK	MEDIUM	NVD
CVE-2026-20764	An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code executi...	2026-02-27	8.0	NETWORK	HIGH	NVD
CVE-2026-3273	A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function formWrlsafeset of the file /goform/AdvSetWrlsafes...	2026-02-27	8.8	NETWORK	HIGH	NVD
CVE-2026-27647	The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same sessi...	2026-02-27	7.3	NETWORK	HIGH	NVD
CVE-2026-27028	WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent...	2026-02-27	9.4	NETWORK	CRITICAL	NVD
CVE-2026-26305	The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow...	2026-02-27	7.5	NETWORK	HIGH	NVD
CVE-2026-26290	The WebSocket backend uses charging station identifiers to uniquely associate sessions but allows multiple endpoints to connect using the same sessi...	2026-02-27	7.3	NETWORK	HIGH	NVD

Loading vulnerability details...

Description

EPSS Score

N/A

Exploit Prediction Scoring System

Dates

Published:

Last Modified:

CVSS v3.1 metrics not available for this vulnerability.

CVSS v4.0 metrics not available for this vulnerability.

CVSS v2.0 metrics not available for this vulnerability.

Weakness Information (CWE)

No CWE information available for this vulnerability.

Affected Products

No affected product information available for this vulnerability.

References

No references available for this vulnerability.