MITRE ATT&CK CVE list for this attack path. Use risk scores and timeline to decide what to patch first and what to track next.
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-12806 | A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | 7.4 | 0.46% | 2026-06-21 | 2026-06-23 |
| CVE-2026-12805 | A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. This patch is called 1d4b3815c0987840a983160bfc671fef63a3105b. It is best practice to apply a patch to resolve this issue. The vendor was contacted early, responded in a very professional manner and qui | 2.1 | 0.28% | 2026-06-21 | 2026-06-23 |
| CVE-2026-42488 | Some shadow paging errors paths will switch the page-tables without updating the currently running vCPU reference. This causes a mismatch between the loaded page-tables and the mapcache metadata which can lead to corruption of the mapcache. | 8.1 | 0.35% | 2026-06-18 | 2026-06-22 |
| CVE-2026-0152 | In OSMMapPMRGeneric of pmr_os.c, there is a possible way to leverage a system call to system call to maliciously expand the VMA out of bounds due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. | 7.8 | 0.07% | 2026-06-16 | 2026-06-17 |
| CVE-2026-0139 | In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation. | 8.8 | 0.27% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12330 | Incorrect boundary conditions in the Internationalization component. This vulnerability was fixed in Firefox ESR 140.12, Firefox ESR 115.37, and Thunderbird 140.12. | 5.4 | 0.16% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12329 | Memory safety bug fixed in Thunderbird ESR 140.12. This vulnerability was fixed in Firefox ESR 140.12 and Thunderbird 140.12. | 5.3 | 0.25% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12327 | Memory safety bugs present in Firefox ESR 140.11, Thunderbird ESR 140.11, Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 8.1 | 0.41% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12326 | Memory safety bugs present in Firefox 151 and Thunderbird 151. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | 8.1 | 0.29% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12318 | Incorrect boundary conditions in the Libraries component in NSS. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | 7.3 | 0.22% | 2026-06-16 | 2026-06-17 |
| CVE-2026-12317 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | 7.5 | 0.31% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12314 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 7.5 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12312 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 7.5 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12310 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 7.5 | 0.27% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12309 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 6.5 | 0.24% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12308 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 5.3 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12307 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 5.3 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12306 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 5.3 | 0.28% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12305 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, Thunderbird 152, and Thunderbird 140.12. | 7.5 | 0.40% | 2026-06-16 | 2026-06-18 |
| CVE-2026-12301 | Memory safety bug fixed in Firefox 152. This vulnerability was fixed in Firefox 152 and Thunderbird 152. | 5.3 | 0.27% | 2026-06-16 | 2026-06-18 |