I will add the following:

US was looking at this before Trump took office (Dec 2024)

https://www.itpro.com/security/the-us-could-be-set-to-ban-tp-link-routers

TP Link’s sloppy security lead to the creation of a Chinese botnet.

https://cybernews.com/security/chinese-hackers-hijacked-thousands-of-tp-link-wifi-routers/

Here are two new vulnerabilities from this month.

Here are some more exploits from 2023

Here are all the TPLink vulnerablies known publicly

Am I really at risk, and anymore than I would be with something from Linksys or Netgear?

As always, depends on your threat model. I have cheap TPLink switch in my home network because its cheap and kept behind a pfsense firewall. The TPLink switch is not allowed to talk to the internet. This is good enough for me as I don’t have a threat model where something attacks the switch from inside my network.

For completeness here are Cisco’s and Netgear’s vulnerabilities. Infosec security is a journey, not a destination.

Good. TPLink makes cartoonishly insecure consumer grade equipment. A better solution is that the US establishes some minimum infosec standards for this equipment, but that would require time and thought.