CWE-121— Stack-based Buffer Overflow
A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).— MITRE CWE catalog
3,270 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-121page 59 of 66
- CVE-2026-10829HIGHCVSS 8.6EG 8.62026-06-16
A stack-based buffer overflow vulnerability has been found in the NPort W2150A-W4/W2250A-W4 Series version 1.5 and earlier. This vulnerability stems from insufficient input validation of user-supplied input in the "Server location" parame…
- CVE-2026-10898HIGHCVSS 8.3EG 8.32026-06-04
Stack buffer overflow in GPU in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)
- CVE-2026-11024HIGHCVSS 8.8EG 8.82026-06-04
Stack buffer overflow in Skia in Google Chrome prior to 149.0.7827.53 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. (Chromium security severity: Medium)
- CVE-2026-11413HIGHCVSS 8.8EG 8.82026-06-06
A security vulnerability has been detected in JingDong JD Cloud Box AX6600 4.5.3.r4546. The impacted element is the function set_macfilter of the file /sbin/jdcweb_rpc. The manipulation leads to stack-based buffer overflow. It is possible …
- CVE-2026-11498HIGHCVSS 8.8EG 8.82026-06-08
A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. Affected by this issue is the function asp_voip_OtherSet of the file /boaform/voip_other_set of the component Web Management Interface. Performing a manipulation of the …
- CVE-2026-11499CRITICALCVSS 9.8EG 9.82026-06-08
A vulnerability was determined in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formDOMAINBLK of the file /boaform/formDOMAINBLK. Executing a manipulation of the argument blkDomain can lead to stack-based buffer overfl…
- CVE-2026-11503HIGHCVSS 8.8EG 8.82026-06-08
A security vulnerability has been detected in Tenda CX12L 16.03.53.12. The affected element is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set of the component Wi-Fi Configuration Endpoint. Such manipulati…
- CVE-2026-11504HIGHCVSS 8.8EG 8.82026-06-08
A vulnerability was detected in Tenda CX12L 16.03.53.12. The impacted element is the function setSchedWifi of the file /goform/openSchedWifi of the component Wi-Fi Schedule Configuration Endpoint. Performing a manipulation of the argument …
- CVE-2026-11522HIGHCVSS 8.8EG 8.82026-06-08
A vulnerability was detected in Tenda W20E 15.11.0.6. This vulnerability affects the function formSetPortMirror of the file /goform/setPortMirror. Performing a manipulation of the argument portMirrorMirroredPorts results in stack-based buf…
- CVE-2026-11523HIGHCVSS 8.8EG 8.82026-06-08
A flaw has been found in Tenda W20E 15.11.0.6. This issue affects the function formPortalAuth of the file /goform/PortalAuth of the component Web Management Interface. Executing a manipulation of the argument gotoUrl can lead to stack-base…
- CVE-2026-11524HIGHCVSS 8.8EG 8.82026-06-08
A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRema…
- CVE-2026-11528HIGHCVSS 8.8EG 8.82026-06-08
A vulnerability was found in Tenda AC18 15.03.05.05. The affected element is the function sub_45304 of the file /goform/getRebootStatus of the component Web Management Interface. The manipulation of the argument callback results in stack-b…
- CVE-2026-11553HIGHCVSS 8.8EG 8.82026-06-08
A vulnerability was found in Tenda HG7HG9 and HG10 300001138_en_xpon. This affects the function formPPPEdit of the file /boaform/formPPPEdit. The manipulation of the argument encodename results in stack-based buffer overflow. The attack ca…
- CVE-2026-11557HIGHCVSS 8.8EG 8.82026-06-08
A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a manipulation of the argument page can lead …
- CVE-2026-11793MEDIUMCVSS 4.9EG 4.92026-06-09
A stack buffer overflow flaw was found in 389 Directory Server. The checkPrefix() function in pw.c copies an attacker-controlled algorithm ID into a 256-byte stack buffer without bounds checking when parsing reversible-encrypted attribute …
- CVE-2026-11979HIGHCVSS 7.8EG 7.82026-06-29
libxml2 is vulnerable to multiple stack-based buffer overflows in the xmlcatalog utility when running in --shell mode. The usershell() function processes user input using fixed-size stack buffers without proper bounds checking. By supplyin…
- CVE-2026-12200HIGHCVSS 7.3EG 7.32026-06-15
A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1.94 on Win32. This impacts an unknown function in the library libeay32.dll.html of the component Header Handler. The manipulation of the argument Authorization lea…
- CVE-2026-12218HIGHCVSS 8.0EG 8.02026-06-15
A vulnerability was detected in Yealink SIP-T46U 108.87.50.1. The affected element is the function StartReportInformation of the file /api/inner/beforewifitest of the component Web FastCGI Service. The manipulation of the argument port res…
- CVE-2026-12220HIGHCVSS 8.0EG 8.02026-06-15
A vulnerability has been found in Yealink SIP-T46U 108.86.0.118. This affects the function mod_upgrade.SparePartsUpload of the file /api/upgrade/accupgradebychunk of the component Firmware Chunk Upload handler. Such manipulation of the arg…
- CVE-2026-12221HIGHCVSS 8.0EG 8.02026-06-15
A vulnerability was found in Yealink SIP-T46U 108.86.0.118. This impacts the function sprintf of the file /api/upgrade/upgrade of the component Firmware Chunk Upload Handler. Performing a manipulation of the argument uid/start_offset resul…
- CVE-2026-12222HIGHCVSS 8.0EG 8.02026-06-15
A vulnerability was determined in Yealink SIP-T46U 108.86.0.118. Affected is the function mod_webd.BlueToothTest of the file /api/inner/bttest of the component Web FastCGI Service. Executing a manipulation of the argument btMac/pin/reserve…
- CVE-2026-12485CRITICALCVSS 10.0EG 10.02026-06-24
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the ne…
- CVE-2026-12488MEDIUMCVSS 6.2EG 6.22026-06-24
A memory corruption vulnerability exists in the GV-Cloud functionality of GeoVision GV-VMS V20 20.0.2. A specially crafted network request can lead to a denial of service. An attacker can impersonate the legitimate server to trigger th…
- CVE-2026-12846CRITICALCVSS 10.0EG 10.02026-06-24
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the ne…
- CVE-2026-12847CRITICALCVSS 10.0EG 10.02026-06-24
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the ne…
- CVE-2026-12848CRITICALCVSS 10.0EG 10.02026-06-24
GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service running by default on the IOBox listening for UDP messages on port 10001. Any user on the ne…
- CVE-2026-1329HIGHCVSS 8.8EG 8.82026-01-22
A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can l…
- CVE-2026-13515HIGHCVSS 8.8EG 8.82026-06-28
A security vulnerability has been detected in Tenda JD12L 16.03.53.23. Impacted is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. Such manipulation of the argument startIp leads to stack-based buffer overflow. The att…
- CVE-2026-13516HIGHCVSS 8.8EG 8.82026-06-28
A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overfl…
- CVE-2026-13517HIGHCVSS 8.8EG 8.82026-06-29
A flaw has been found in Tenda JD12L 16.03.53.23. The impacted element is the function formWifiBasicSet of the file /goform/WifiBasicSet. Executing a manipulation of the argument security_5g can lead to stack-based buffer overflow. The att…
- CVE-2026-13518HIGHCVSS 8.8EG 8.82026-06-29
A vulnerability has been found in Tenda JD12L 16.03.53.23. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the atta…
- CVE-2026-13519HIGHCVSS 8.8EG 8.82026-06-29
A vulnerability was found in Tenda JD12L 16.03.53.23. This impacts the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow. The attack can be exec…
- CVE-2026-13539HIGHCVSS 8.8EG 8.82026-06-29
A vulnerability was identified in Wavlink WL-NU516U1-A M16U1_V240425. The impacted element is the function sub_407504 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. Such manipulation of the argument Guest_ssid l…
- CVE-2026-13563HIGHCVSS 8.8EG 8.82026-06-29
A vulnerability has been found in Edimax EW-7478APC 1.04. This impacts the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to stack-based …
- CVE-2026-13564HIGHCVSS 8.8EG 8.82026-06-29
A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-b…
- CVE-2026-13573LOWCVSS 3.3EG 3.32026-06-29
A vulnerability was found in llvm llvm-project up to 22.1.6. This affects the function llvm::StringMap::insert in the library /lib/IR/ValueSymbolTable.cpp of the component ValueSymbolTable Module. The manipulation results in stack-based bu…
- CVE-2026-1361HIGHCVSS 7.8EG 7.82026-01-27
ASDA-Soft Stack-based Buffer Overflow Vulnerability
- CVE-2026-1425MEDIUMCVSS 5.6EG 5.62026-01-26
A security flaw has been discovered in pymumu SmartDNS up to 47.1. This vulnerability affects the function _dns_decode_rr_head/_dns_decode_SVCB_HTTPS of the file src/dns.c of the component SVBC Record Parser. The manipulation results in st…
- CVE-2026-1457HIGHCVSS 8.8EG 8.82026-01-29
An authenticated buffer handling flaw in TP-Link VIGI C385 V1 Web API lacking input sanitization, may allow memory corruption leading to remote code execution. Authenticated attackers may trigger buffer overflow and potentially execute ar…
- CVE-2026-14605HIGHCVSS 7.8EG 7.82026-07-03
A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1c_can.h of the component ls1c CAN Handler. Such manipulation leads to stack-ba…
- CVE-2026-14606HIGHCVSS 7.8EG 7.82026-07-03
A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CAN_Receive in the library bsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a …
- CVE-2026-14721HIGHCVSS 8.8EG 8.82026-07-05
A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase_5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-ba…
- CVE-2026-14789HIGHCVSS 7.8EG 3.32026-07-06
A vulnerability was detected in radareorg radare2 up to 6.1.6. Affected by this issue is some unknown functionality of the file libr/bin/format/mdmp/mdmp.c of the component Memory64ListStream Parser. Performing a manipulation results in st…
- CVE-2026-15166MEDIUMCVSS 5.5EG 5.52026-07-08
IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
- CVE-2026-15167MEDIUMCVSS 5.5EG 7.52026-07-08
DBS Etherwatch file parser crash in Wireshark 4.6.0 to 4.6.6 and 4.4.0 to 4.4.16 allows denial of service
- CVE-2026-15480HIGHCVSS 8.8EG 8.82026-07-12
A vulnerability was identified in Trendnet TEW-635BRM up to 1.00.03. This affects the function start_httpd of the file /sbin/rc of the component Web Service. Such manipulation of the argument device_name leads to stack-based buffer overflo…
- CVE-2026-15544HIGHCVSS 8.8EG 8.82026-07-13
A vulnerability was determined in Shibby Tomato up to 1.28.0000. Affected is the function getupsvar of the file www/apcupsd/tomatodata.cgi of the component apcupsd. This manipulation of the argument Field causes stack-based buffer overflow…
- CVE-2026-15548HIGHCVSS 8.8EG 8.82026-07-13
A security vulnerability has been detected in Shibby Tomato up to 1.28.0000. This vulnerability affects the function sub_407220 of the file /usr/sbin/httpd of the component DNS List Rendering. The manipulation leads to stack-based buffer o…
- CVE-2026-15691HIGHCVSS 8.8EG 8.82026-07-14
A security flaw has been discovered in Tenda BE12 Pro 16.03.66.23. This affects the function fromSafeClientFilter of the file /goform/SafeClientFilter. Performing a manipulation of the argument page results in stack-based buffer overflow. …
- CVE-2026-15692HIGHCVSS 8.8EG 8.82026-07-14
A weakness has been identified in Tenda BE12 Pro 16.03.66.23. This vulnerability affects the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflo…
Map vulnerabilities like CWE-121 to your infrastructure
EchelonGraph correlates every CVE — across CWE-121 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →