Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities - CVEs Published In April 2026
CVE-2026-34867
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
5.6
EPSS Score
0.0
Published
2026-04-13
CVE-2026-34853
Permission bypass vulnerability in the LBS module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
7.7
EPSS Score
0.0
Published
2026-04-13
CVE-2026-34856
UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
7.3
EPSS Score
0.0
Published
2026-04-13
CVE-2026-34860
Access control vulnerability in the memo module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
CVSS Score
4.1
EPSS Score
0.0
Published
2026-04-13
CVE-2026-34851
Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
2.2
EPSS Score
0.0
Published
2026-04-13
CVE-2026-34852
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
6.1
EPSS Score
0.0
Published
2026-04-13
CVE-2026-34850
Race condition vulnerability in the notification service. Impact: Successful exploitation of this vulnerability may affect availability.
CVSS Score
1.9
EPSS Score
0.0
Published
2026-04-13
CVE-2026-28553
Vulnerability of improper permission control in the theme setting module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
CVSS Score
6.9
EPSS Score
0.0
Published
2026-04-13
CVE-2026-6136
A security vulnerability has been detected in Tenda F451 1.0.0.7_cn_svn7958. Impacted is the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be used.
CVSS Score
7.4
EPSS Score
0.001
Published
2026-04-13
CVE-2026-6137
A vulnerability was detected in Tenda F451 1.0.0.7_cn_svn7958. The affected element is the function fromAdvSetWan of the file /goform/AdvSetWan. The manipulation of the argument wanmode/PPPOEPassword results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit is now public and may be used.
CVSS Score
7.4
EPSS Score
0.001
Published
2026-04-13


Products
Pricing
Contact Us

Shodan ® - All rights reserved