CVE-2026-25268
Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.
CVSS
8.8
Alto
EPSS
0.1%
p0
KEV
—
Exploit Today
0
0-100
Publicado: 6 jul 2026 · Última mod.: 7 jul 2026 · CWE-121
0.1%EPSS · 30 días0.1%
2026-07-072026-07-16
Memory Corruption when processing invalid HT40 channel layouts during dynamic channel switching operations.
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2025-510878.6 ALT94.0%
——28Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/saveParentControlInfo. The manipulation of the argument time leads to stack-based buffer overflow.12dCVE-2025-510885.3 MED92.6%
——28Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/WifiGuestSet. The manipulation of the argument `shareSpeed` leads to stack-based buffer overflow.12dCVE-2025-510855.3 MED92.6%
——28Tenda AC8V4 V16.03.34.06` was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument `timeZone` and `timeType` leads to stack-based buffer overflow.12dCVE-2025-606908.8 ALT89.1%
——27A stack-based buffer overflow exists in the get_merge_ipaddr function of the httpd binary on Linksys E1200 v2 routers (Firmware E1200_v2.0.11.001_us.tar.gz). The function concatenates up to four user-supplied CGI parameters matching <parameter>_0~3 into a fixed-size buffer (a2) without bounds checking. Remote attackers can exploit this vulnerability via specially crafted HTTP requests to execute arbitrary code or cause denial of service without authentication.12dCVE-2026-248818.1 ALT75.2%
——23In GnuPG before 2.5.17, a crafted CMS (S/MIME) EnvelopedData message carrying an oversized wrapped session key can cause a stack-based buffer overflow in gpg-agent during PKDECRYPT--kem=CMS handling. This can easily be leveraged for denial of service; however, there is also memory corruption that could lead to remote code execution.2dCVE-2026-503877.8 ALT75.0%
——22Stack-based buffer overflow in Windows GDI allows an authorized attacker to elevate privileges locally.21h