NVD HIGH: CVE-2026-8137 — A vulnerability has been found in Totolink X5000R 9.1.0u.6369_B20230113. This vu...

Friday, May 8, 2026 at 05:16 AM UTC·Source: NIST NVD

Updated: Wednesday, May 13, 2026 at 09:00 PM UTC

Executive Summary

A vulnerability has been found in Totolink X5000R 9.1.0u.6369_B20230113. This vulnerability affects the function sub_458E40 of the file /boafrm/formDdns. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the public and may be used.

Analysis

Indicators of Compromise (1)

CVE (1)

CVE-2026-8137

NVD MITRE CVE

Source Attribution

Originally published by NIST NVD on May 8, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Fragnesia Local Privilege Escalation report via ESP-in-TCP in the Linux Kernel

Bulletin ID: 2026-029-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/13/2026 18:45 PM PDT This is an ongoing issue. Information is subject to change. Please refer to our Security Bulletin (ID: 2026-030-AWS) for the most updated patching information. Description: Amazon is aware of CVE-20

CVE-2026-46300CVE-2026-43284

3h agoAWS Security Bulletins

LOWVulnerability

Ongoing updates on Copy.fail and variants

Bulletin ID: 2026-030-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/13/2026 10:00 PM PDT This is an ongoing issue. This bulletin will be updated as more information becomes available. Description: AWS is aware of the copy.fail or DirtyFrag class of issues - a set of privilege escalation

3h agoAWS Security Bulletins

MEDIUMVulnerability

Bunq applies for Mexican banking license

Bunq, the European neobank for "global citizens", has applied for a Mexican banking license.

5h agoFinextra