Shodan
Vulnerabilities
Vulnerable Software
Security Vulnerabilities
CVE-2026-25101
Bludit allows user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behavior enables an attacker to fix a session ID for a victim and later hijack the authenticated session. This issue was fixed in version 3.17.2.
CVSS Score
4.8
EPSS Score
0.001
Published
2026-03-27
CVE-2026-4309
Missing Authorization vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to get a specific device information and change the settings via network.
CVSS Score
6.3
EPSS Score
0.0
Published
2026-03-27
CVE-2026-4619
Path Traversal vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to wtite over any file via network.
CVSS Score
6.0
EPSS Score
0.001
Published
2026-03-27
CVE-2026-4620
OS Command Injection vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to execute arbitrary OS commands via network.
CVSS Score
7.1
EPSS Score
0.001
Published
2026-03-27
CVE-2026-4621
Hidden Functionality vulnerability in NEC Platforms, Ltd. Aterm Series allows a attacker to enable telnet via network.
CVSS Score
6.3
EPSS Score
0.001
Published
2026-03-27
CVE-2026-25099
Bludit’s API plugin allows an authenticated attacker with a valid API token to upload files of any type and extension without restriction, which can then be executed, leading to Remote Code Execution. This issue was fixed in 3.18.4.
CVSS Score
8.7
EPSS Score
0.003
Published
2026-03-27
CVE-2026-34353
In OCaml through 4.14.3, Bigarray.reshape allows an integer overflow, and resultant reading of arbitrary memory, when untrusted data is processed.
CVSS Score
5.9
EPSS Score
0.0
Published
2026-03-27
CVE-2026-22744
In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for a TAG field, stringValue() inserts the value directly into the @field:{VALUE} RediSearch TAG block without escaping characters.This issue affects Spring AI: from 1.0.0 before 1.0.5, from 1.1.0 before 1.1.4.
CVSS Score
7.5
EPSS Score
0.001
Published
2026-03-27
CVE-2026-27650
OS Command Injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary OS command may be executed on the products.
CVSS Score
8.6
EPSS Score
0.001
Published
2026-03-27
CVE-2026-32669
Code injection vulnerability exists in BUFFALO Wi-Fi router products. If this vulnerability is exploited, an arbitrary code may be executed on the products.
CVSS Score
8.7
EPSS Score
0.0
Published
2026-03-27


Products
Pricing
Contact Us

Shodan ® - All rights reserved