Stack-Based Buffer Overflow

A stack-based buffer overflow vulnerability (CVE-2026-9429) exists in Tenda F1202 version 1.2.0.20(408) within the formWrlExtraSet function of the /goform/WrlExtraSet file, allowing a remote attacker to execute arbitrary code by manipulating the delno argument; a public exploit is available.

Adobe After Effects versions 26.0, 25.6.4 and earlier are affected by a stack-based buffer overflow vulnerability (CVE-2026-34690) that could lead to arbitrary code execution when a user opens a malicious file.

A stack-based buffer overflow vulnerability exists in EFM ipTIME NAS1dual 1.5.24, affecting the get_csrf_whites function in /cgi/advanced/misc_main.cgi, exploitable remotely, and leading to potential arbitrary code execution.

A stack-based buffer overflow vulnerability (CVE-2026-5686) exists in the Tenda CX12L router version 16.03.53.12, allowing remote attackers to potentially execute arbitrary code by manipulating the 'page' argument in the `/goform/RouteStatic` endpoint.

CVE-2025-47391 is a memory corruption vulnerability due to a stack-based buffer overflow (CWE-121) while processing a frame request, as detailed in the Qualcomm security bulletin for April 2026, potentially leading to arbitrary code execution.

V-SFT versions 6.2.10.0 and prior are vulnerable to a stack-based buffer overflow (CVE-2026-32925) in the VS6ComFile!CV7BaseMap::WriteV7DataToRom function, potentially leading to arbitrary code execution when processing a crafted V7 file.

A stack-based buffer overflow vulnerability (CVE-2026-4567) exists in the UploadCfg function of the /cgi-bin/UploadCfg file in Tenda A15 firmware version 15.13.07.13, allowing remote attackers to execute arbitrary code by manipulating the File argument.