Tp-link Deco Be25 Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Tp-link Deco Be25 Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2026-0654 — CVSS 8.0 (high): Improper input handling in the administration web interface on TP-Link Deco BE25 v1.0 allows crafted input to be executed as part of an OS…
CVE-2026-0655 — CVSS 8.0 (high): Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in TP-Link Deco BE25 v1.0 (web modules) allows…