NVD HIGH: CVE-2026-8138 — A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the fun...

Friday, May 8, 2026 at 05:16 AM UTC·Source: NIST NVD

Updated: Wednesday, May 13, 2026 at 09:00 PM UTC

Executive Summary

A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg”. The manipulation results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.

Analysis

Indicators of Compromise (2)

CVE (1)

CVE-2026-8138

NVD MITRE CVE

IPv4 (1)

16.03.53.12

VirusTotal Shodan AbuseIPDB

Source Attribution

Originally published by NIST NVD on May 8, 2026. Verified by: NIST.

Related Threats

MEDIUMVulnerability

Fragnesia Local Privilege Escalation report via ESP-in-TCP in the Linux Kernel

Bulletin ID: 2026-029-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/13/2026 18:45 PM PDT This is an ongoing issue. Information is subject to change. Please refer to our Security Bulletin (ID: 2026-030-AWS) for the most updated patching information. Description: Amazon is aware of CVE-20

CVE-2026-46300CVE-2026-43284

3h agoAWS Security Bulletins

LOWVulnerability

Ongoing updates on Copy.fail and variants

Bulletin ID: 2026-030-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 05/13/2026 10:00 PM PDT This is an ongoing issue. This bulletin will be updated as more information becomes available. Description: AWS is aware of the copy.fail or DirtyFrag class of issues - a set of privilege escalation

3h agoAWS Security Bulletins

MEDIUMVulnerability

Bunq applies for Mexican banking license

Bunq, the European neobank for "global citizens", has applied for a Mexican banking license.

5h agoFinextra