CWE-121— Stack-based Buffer Overflow
3,127 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 58 of 63
- CVE-2026-0792CRITICALCVSS 9.8EG 8.12026-01-23
ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter …
- CVE-2026-0826CRITICALCVSS 9.2EG 9.22026-06-01
In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution on Poly Voice products on the Linux platform.
- CVE-2026-10062HIGHCVSS 8.8EG 8.82026-05-29
A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSetRoute of the file /goform/formSetRoute. This manipulation of the argument ip/mask/gateway causes stack-based buffer overfl…
- CVE-2026-10063HIGHCVSS 8.8EG 8.82026-05-29
A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formWPS of the file /goform/formWPS. Such manipulation of the argument peerPin leads to stack-based buffer overflow. The attack may be pe…
- CVE-2026-10064MEDIUMCVSS 6.3EG 6.32026-05-29
A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetPortTr of the file /goform/formSetPortTr. Performing a manipulation of the argument special_name results in stack-based buffer overflow. I…
- CVE-2026-10065HIGHCVSS 8.8EG 8.82026-05-29
A weakness has been identified in Shibby Tomato 1.28. This vulnerability affects the function get_ups_field of the file tomatodata.cgi. Executing a manipulation of the argument Date can lead to stack-based buffer overflow. It is possible t…
- CVE-2026-10066HIGHCVSS 8.8EG 8.82026-05-29
A security vulnerability has been detected in Shibby Tomato up to 1.28. This issue affects the function sub_9068 of the file tomatoups.cgi of the component UPS Service. The manipulation leads to stack-based buffer overflow. The attack can …
- CVE-2026-10067HIGHCVSS 8.8EG 8.82026-05-29
A vulnerability was detected in Shibby Tomato 1.28. Impacted is the function sub_90F0 of the file multimon.cgi. The manipulation results in stack-based buffer overflow. The attack can be launched remotely. This project is superseded by Fre…
- CVE-2026-10119HIGHCVSS 8.8EG 8.82026-05-30
A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSetMACFilter of the file /goform/formSetMACFilter. The manipulation of the argument filter_name leads to stack-based buffer overflow. R…
- CVE-2026-10120HIGHCVSS 8.8EG 8.82026-05-30
A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSetFirewallRule of the file /goform/formSetFirewallRule. The manipulation of the argument firewall_name results in stack-based buffer ove…
- CVE-2026-10121HIGHCVSS 8.8EG 8.82026-05-30
A flaw has been found in TRENDnet TEW-432BRP 3.10B20. The impacted element is the function formSetUrlFilter of the file /goform/formSetUrlFilter. This manipulation of the argument keyword_list/keyword causes stack-based buffer overflow. Th…
- CVE-2026-10122HIGHCVSS 8.8EG 8.82026-05-30
A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20. This affects the function formSetProtocolFilter of the file /goform/formSetProtocolFilter. Such manipulation of the argument protocol_name leads to stack-based buffer overflow.…
- CVE-2026-10123HIGHCVSS 8.8EG 8.82026-05-30
A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blocked_domain/permitted_domain/blocked_domain_list/…
- CVE-2026-10124HIGHCVSS 8.8EG 8.82026-05-30
A vulnerability was determined in Shibby Tomato up to 1.28. Affected is the function rip_zebra_read_ipv4 of the file /usr/sbin/ripd of the component Zserv Handler. Executing a manipulation can lead to stack-based buffer overflow. It is pos…
- CVE-2026-10125HIGHCVSS 8.8EG 8.82026-05-30
A vulnerability was identified in Edimax BR-6478AC 1.23. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. The manipulation of the argument pppUserName l…
- CVE-2026-10158HIGHCVSS 8.8EG 8.82026-05-31
A security flaw has been discovered in TRENDnet TEW-432BRP 3.10B20. Affected is the function formPortFw of the file /goform/formPortFw. The manipulation of the argument server_name results in stack-based buffer overflow. It is possible to …
- CVE-2026-10159HIGHCVSS 8.8EG 8.82026-05-31
A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument current_page causes stack-based buffer overflow. The…
- CVE-2026-10160HIGHCVSS 8.8EG 8.82026-05-31
A security vulnerability has been detected in TRENDnet TEW-432BRP 3.10B20. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. Such manipulation of the argument start_wizard leads to stack-ba…
- CVE-2026-10161HIGHCVSS 8.8EG 8.82026-05-31
A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument status_statistic results in stack-based buffer over…
- CVE-2026-10162HIGHCVSS 8.8EG 8.82026-05-31
A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This vulnerability affects the function formSetPassword of the file /goform/formSetPassword. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. Th…
- CVE-2026-10165HIGHCVSS 8.8EG 8.82026-05-31
A vulnerability was identified in Edimax BR-6478AC 1.23. The impacted element is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. Such manipulation of the argument pppUserName lead…
- CVE-2026-10179HIGHCVSS 8.8EG 8.82026-05-31
A flaw has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack-based buffer overflow. It is possible t…
- CVE-2026-10181HIGHCVSS 8.8EG 8.82026-05-31
A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The atta…
- CVE-2026-10183HIGHCVSS 8.8EG 8.82026-05-31
A vulnerability was identified in TRENDnet TEW-432BRP 3.10B20. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-based buffer overflow. The attack may be ini…
- CVE-2026-10187CRITICALCVSS 9.8EG 9.82026-05-31
A vulnerability was detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument Key…
- CVE-2026-10188HIGHCVSS 8.8EG 8.82026-05-31
A flaw has been found in Tenda W12 3.0.0.7(4763). This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac can lead to stack-based buffer overflow. The attack may be performed from rem…
- CVE-2026-10189HIGHCVSS 8.8EG 8.82026-05-31
A vulnerability has been found in Tenda W12 3.0.0.7(4763). This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based buffer overflow. It is possible to initi…
- CVE-2026-10191HIGHCVSS 8.8EG 8.82026-05-31
A vulnerability was determined in Tenda W12 3.0.0.7(4763). Impacted is the function cgiWifiMacFilterSet of the file /bin/httpd. This manipulation of the argument wifiMacFilterSet.macList.mac causes stack-based buffer overflow. The attack c…
- CVE-2026-10192HIGHCVSS 8.8EG 8.82026-05-31
A vulnerability was identified in Tenda W12 3.0.0.7(4763). The affected element is the function set_local_time_0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based buffer overflow. The attack can be launche…
- CVE-2026-10206HIGHCVSS 8.8EG 8.82026-06-01
A vulnerability was detected in D-Link DI-8400 up to 16.07.26A1. This affects an unknown function of the file /dbsrv.asp. Performing a manipulation of the argument str results in stack-based buffer overflow. Remote exploitation of the atta…
- CVE-2026-10259HIGHCVSS 8.8EG 8.82026-06-01
A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param leads to stack-based buffer overflow. T…
- CVE-2026-10270HIGHCVSS 8.8EG 8.82026-06-01
A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpd_debug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The att…
- CVE-2026-10292HIGHCVSS 8.8EG 8.82026-06-01
A vulnerability was detected in UTT HiPER 1200GW up to 2.5.3-170306. This affects the function strcpy of the file /goform/formTaskEdit. The manipulation results in stack-based buffer overflow. The attack may be launched remotely. The explo…
- CVE-2026-10293HIGHCVSS 8.8EG 8.82026-06-01
A flaw has been found in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/formFireWall. This manipulation of the argument Profile causes stack-based buffer overflow. Remote exploitation of the attac…
- CVE-2026-10528LOWCVSS 3.3EG 3.32026-06-02
A security flaw has been discovered in Orthanc DICOM Server up to 1.12.11. This issue affects the function DcmItem::read of the file OrthancFramework/Sources/DicomParsing/FromDcmtkBridge.cpp of the component DCMTK Parser. Performing a mani…
- CVE-2026-10898HIGHCVSS 8.3EG 0.02026-06-04
Stack buffer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
- CVE-2026-11024NONECVSS 0.0EG 0.02026-06-04
Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2026-11413HIGHCVSS 8.8EG 8.82026-06-06
A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function set_macfilter of the file /sbin/jdcweb_rpc. The manipulation leads to stack-based buffer overflow. It is possible …
- CVE-2026-1329HIGHCVSS 8.8EG 8.82026-01-22
A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can l…
- CVE-2026-1361HIGHCVSS 7.8EG 7.82026-01-27
ASDA-Soft Stack-based Buffer Overflow Vulnerability
- CVE-2026-1425MEDIUMCVSS 5.6EG 5.62026-01-26
A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function _dns_decode_rr_head/_dns_decode_SVCB_HTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in st…
- CVE-2026-1457HIGHCVSS 8.8EG 8.82026-01-29
An authenticated buffer handling flaw in TP-Link VIGI C385 V1 Web API lacking input sanitization, may allow memory corruption leading to remote code execution. Authenticated attackers may trigger buffer overflow and potentially execute ar…
- CVE-2026-1637HIGHCVSS 8.8EG 8.82026-01-29
A vulnerability was identified in Tenda AC21 16.03.08.16. The affected element is the function fromAdvSetMacMtuWan of the file /goform/AdvSetMacMtuWan. The manipulation leads to stack-based buffer overflow. Remote exploitation of the attac…
- CVE-2026-1761HIGHCVSS 8.6EG 8.62026-02-02
A flaw was found in libsoup. This stack-based buffer overflow vulnerability occurs during the parsing of multipart HTTP responses due to an incorrect length calculation. A remote attacker can exploit this by sending a specially crafted mul…
- CVE-2026-1871MEDIUMCVSS 6.5EG 6.52026-06-02
TP-Link Tapo C200 v5 contains a stack-based buffer overflow flaw in RTSP authentication handling due to improper validation of Authorization header field lengths, which can be triggered by a crafted authentication request. Successful expl…
- CVE-2026-1950CRITICALCVSS 9.8EG 9.82026-04-24
Delta Electronics AS320T has No checking of the length of the buffer with the file name vulnerability.
- CVE-2026-1951CRITICALCVSS 9.8EG 9.82026-04-24
Delta Electronics AS320T has no checking of the length of the buffer with the directory name vulnerability.
- CVE-2026-2016MEDIUMCVSS 5.3EG 5.32026-02-06
A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local acce…
- CVE-2026-2017CRITICALCVSS 9.8EG 9.82026-02-06
A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data result…
- CVE-2026-2069LOWCVSS 3.3EG 3.32026-02-06
A flaw has been found in ggml-org llama.cpp up to 55abc39. Impacted is the function llama_grammar_advance_stack of the file llama.cpp/src/llama-grammar.cpp of the component GBNF Grammar Handler. This manipulation causes stack-based buffer …
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →