FediSecfeeds

🔗 https://hackmag.com/news/undefend-redsun-patch?utm_source=mastodon&utm_medium=social&utm_campaign=repost_hackmag_to_socials

##

hackmag@infosec.exchange at 2026-05-27T18:30:03.000Z ##

⚪️ Microsoft patches UnDefend and RedSun 0‑day vulnerabilities

🗨️ Microsoft developers have released out-of-band updates to fix two 0‑day vulnerabilities in Microsoft Defender that are already being used in real-world attacks. These are the bugs CVE-2026-41091 and CVE-2026-45498, known as RedSun and UnDefend. The first issue (7.8 on the…

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260527 #cisa20260527 #cve_2026_45321 #cve_2026_48027 #cve_2026_8398 #cve202645321 #cve202648027 #cve20268398

##

CVE-2026-44483
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-27T20:16:37.180000

2 posts

RVF (formerly Remix Validated Form) provides easy form validation and state management for React. From 6.0.0 to before 6.0.4 and 7.0.2, setPath in @rvf/set-get (used by @rvf/core to flatten incoming form data into a nested object) does not block the keys __proto__, constructor, or prototype when walking a path. Because field names in submitted form data are passed directly to setPath via preproces

thehackerwire@mastodon.social at 2026-05-27T18:00:43.000Z ##

🟠 CVE-2026-44483 - High (8.2)

RVF (formerly Remix Validated Form) provides easy form validation and state management for React. From 6.0.0 to before 6.0.4 and 7.0.2, setPath in @Rvf/set-get (used by @Rvf/core to flatten incoming form data into a nested object) does not block t...

updated 2026-05-27T19:55:21.553000

4 posts

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the compromised version was available from 12:33 UTC to 13:09 UTC (~36 minutes). Version 18.100.0 of Nx C

secdb at 2026-05-27T20:00:15.931Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0527)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-45321)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx ; https://nvd.nist.gov/vuln/detail/CVE-2026-45321

⚠️ CVE-2026-48027 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-48027)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w ; https://nvd.nist.gov/vuln/detail/CVE-2026-48027

⚠️ CVE-2026-8398 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-8398)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: https://blog.daemon-tools.cc/post/security-incident ; https://nvd.nist.gov/vuln/detail/CVE-2026-8398

##

cisakevtracker@mastodon.social at 2026-05-27T18:00:49.000Z ##

CVE ID: CVE-2026-48027
Vendor: Nx
Product: Nx Console
Date Added: 2026-05-27
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-48027

##

secdb@infosec.exchange at 2026-05-27T20:00:15.000Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0527)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-45321)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx ; https://nvd.nist.gov/vuln/detail/CVE-2026-45321

⚠️ CVE-2026-48027 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-48027)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w ; https://nvd.nist.gov/vuln/detail/CVE-2026-48027

⚠️ CVE-2026-8398 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-8398)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: https://blog.daemon-tools.cc/post/security-incident ; https://nvd.nist.gov/vuln/detail/CVE-2026-8398

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260527 #cisa20260527 #cve_2026_45321 #cve_2026_48027 #cve_2026_8398 #cve202645321 #cve202648027 #cve20268398

##

cisakevtracker@mastodon.social at 2026-05-27T18:00:49.000Z ##

CVE ID: CVE-2026-48027
Vendor: Nx
Product: Nx Console
Date Added: 2026-05-27
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-48027

##

CVE-2026-44327
(10.0 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T19:51:27.110000

2 posts

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route with no Authorization header at all and the handler returns 200 OK. The current OAM handler is a stub that returns null, but the structural defect is ro

thehackerwire@mastodon.social at 2026-05-27T18:01:01.000Z ##

🔴 CVE-2026-44327 - Critical (10)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44327/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T18:01:01.000Z ##

🔴 CVE-2026-44327 - Critical (10)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44327/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-46425
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T19:44:35.987000

2 posts

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM (checks the Enterprise feature flag and SCIM config) and doInScimContext (sets the SCIM request context). There is no role check. Any authenticated user who reaches the worker (BASIC role, workspace-scoped builder, anyone) can ca

thehackerwire@mastodon.social at 2026-05-27T19:01:42.000Z ##

🔴 CVE-2026-46425 - Critical (9.9)

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM (checks the Enterprise feature flag and SCIM config) and doInScimContext (se...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-46425/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T19:01:42.000Z ##

🔴 CVE-2026-46425 - Critical (9.9)

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM (checks the Enterprise feature flag and SCIM config) and doInScimContext (se...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-46425/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48153
(8.5 HIGH)

EPSS: 0.00%

updated 2026-05-27T19:44:35.987000

2 posts

Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check that every other outbound fetch path in the codebase uses. The Joi schema for the OAuth2 URL has no scheme or host restriction. This vulnerability is fixed in 3.39.0.

thehackerwire@mastodon.social at 2026-05-27T19:01:32.000Z ##

🟠 CVE-2026-48153 - High (8.5)

Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check that every other outbound fetch path in the codeba...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48153/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T19:01:32.000Z ##

🟠 CVE-2026-48153 - High (8.5)

Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check that every other outbound fetch path in the codeba...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48153/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48151
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-27T19:44:35.987000

2 posts

Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for all paths matching /api/webhooks/schema. As a result, an unauthenticated caller can update the body schema for a known webhook and mutate the corresponding automation trigger output schema. This vulne

thehackerwire@mastodon.social at 2026-05-27T19:00:31.000Z ##

🟠 CVE-2026-48151 - High (7.5)

Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for all paths matching /api/webhooks/schema. As a r...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48151/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T19:00:31.000Z ##

🟠 CVE-2026-48151 - High (7.5)

Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for all paths matching /api/webhooks/schema. As a r...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48151/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48150
(9.0 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T19:44:35.987000

2 posts

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both global builders and workspace-scoped builders (builder.apps set but builder.global unset). The controller then spreads the request body into the SDK call,

thehackerwire@mastodon.social at 2026-05-27T19:00:20.000Z ##

🔴 CVE-2026-48150 - Critical (9)

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both g...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48150/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T19:00:20.000Z ##

🔴 CVE-2026-48150 - Critical (9)

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both g...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48150/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48149
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-27T19:44:35.987000

2 posts

Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/src/Markdown/MarkdownViewer.svelte:22). Any column a builder binds to a Text component in Markdown mode is a stored-XSS sink writable by every BASIC app user with WRITE on the underlying table. This vu

thehackerwire@mastodon.social at 2026-05-27T19:00:10.000Z ##

🟠 CVE-2026-48149 - High (8.1)

Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/src/Markdown/MarkdownViewer.svelte:22). Any colu...

updated 2026-05-27T19:38:33.270000

1 posts

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open(). The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, '> path' and '>> path' open the path for write or append. Untrusted input passed to send_file() can run OS commands at the daemon process UID. The read-pipe

offseq@infosec.exchange at 2026-05-27T06:00:26.000Z ##

🚨 CVE-2026-8450 (CRITICAL): OALDERS HTTP::Daemon <6.17 has OS command injection via send_file(). Attackers can run commands, leak data, & manipulate files. Avoid untrusted input and monitor for patches. https://radar.offseq.com/threat/cve-2026-8450-cwe-78-improper-neutralization-of-sp-75c93cb2 #OffSeq #CVE20268450 #infosec

##

CVE-2026-8398
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-05-27T19:16:24.940000

4 posts

A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the vendor's (AVB Disc Soft) build or distribution infrastructure and trojanized three binaries: DTHelper.ex

secdb at 2026-05-27T20:00:15.931Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0527)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-45321)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx ; https://nvd.nist.gov/vuln/detail/CVE-2026-45321

⚠️ CVE-2026-48027 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-48027)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w ; https://nvd.nist.gov/vuln/detail/CVE-2026-48027

⚠️ CVE-2026-8398 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-8398)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: https://blog.daemon-tools.cc/post/security-incident ; https://nvd.nist.gov/vuln/detail/CVE-2026-8398

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260527 #cisa20260527 #cve_2026_45321 #cve_2026_48027 #cve_2026_8398 #cve202645321 #cve202648027 #cve20268398

##

cisakevtracker@mastodon.social at 2026-05-27T18:01:22.000Z ##

CVE ID: CVE-2026-8398
Vendor: Daemon
Product: Daemon Tools Lite
Date Added: 2026-05-27
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-8398

##

secdb@infosec.exchange at 2026-05-27T20:00:15.000Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0527)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-45321)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/TanStack/router/security/advisories/GHSA-g7cv-rxg3-hmpx ; https://nvd.nist.gov/vuln/detail/CVE-2026-45321

⚠️ CVE-2026-48027 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-48027)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: https://github.com/nrwl/nx-console/security/advisories/GHSA-c9j4-9m59-847w ; https://nvd.nist.gov/vuln/detail/CVE-2026-48027

⚠️ CVE-2026-8398 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-8398)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: https://blog.daemon-tools.cc/post/security-incident ; https://nvd.nist.gov/vuln/detail/CVE-2026-8398

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260527 #cisa20260527 #cve_2026_45321 #cve_2026_48027 #cve_2026_8398 #cve202645321 #cve202648027 #cve20268398

##

cisakevtracker@mastodon.social at 2026-05-27T18:01:22.000Z ##

CVE ID: CVE-2026-8398
Vendor: Daemon
Product: Daemon Tools Lite
Date Added: 2026-05-27
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-8398

##

CVE-2026-45659
(8.8 HIGH)

EPSS: 0.50%

updated 2026-05-27T18:32:54.337000

3 posts

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

2 repos

https://github.com/mistbarbarianspot/CVE-2026-45659-SharePoint-RCE

https://github.com/HORKimhab/CVE-2026-45659

youranonnewsirc@nerdculture.de at 2026-05-27T11:34:02.000Z ##

Global tensions escalate with US strikes on Iran and Israeli actions in Lebanon (May 27). Tech sees an AI boom boosting chip stocks, with China restricting AI talent travel. Cybersecurity highlights: FBI warns on "First VPN Service" enabling ransomware (May 27), and Microsoft patched a critical SharePoint RCE vulnerability (CVE-2026-45659).

#AnonNews_irc #Cybersecurity #News

##

beyondmachines1@infosec.exchange at 2026-05-27T08:01:06.000Z ##

Microsoft Patches High-Severity SharePoint RCE Vulnerability CVE-2026-45659

Microsoft patched a high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint that allows authenticated attackers with low-level permissions to execute arbitrary code via untrusted data deserialization.

**If you run SharePoint on-premise (Subscription Edition, 2019, or 2016), apply Microsoft's patch for CVE-2026-45659 asap, since even low-level Site Member accounts can trigger remote code execution.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/microsoft-patches-high-severity-sharepoint-rce-vulnerability-cve-2026-45659-i-3-f-p-1/gD2P6Ple2L

##

benzogaga33@mamot.fr at 2026-05-26T15:40:04.000Z ##

Faille RCE dans SharePoint : Microsoft publie un patch pour la CVE-2026-45659 https://www.it-connect.fr/faille-rce-sharepoint-patch-cve-2026-45659/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #SharePoint #Microsoft

##

CVE-2026-48962
(7.3 HIGH)

EPSS: 0.03%

updated 2026-05-27T18:31:37

1 posts

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. _parseOutputGlob() wraps the caller-supplied output glob string in double quotes and stores it in the parser state; _getFiles() then runs the stored expression through eval STRING. A literal double quote in the output glob closes the dquote wrapper, and the characters

offseq@infosec.exchange at 2026-05-27T04:30:27.000Z ##

⚠️ HIGH severity: CVE-2026-48962 in PMQS IO::Compress (Perl <2.220) enables eval injection via crafted glob strings. Arbitrary Perl code may execute with process privileges. Restrict untrusted input & monitor for patches. https://radar.offseq.com/threat/cve-2026-48962-cwe-95-improper-neutralization-of-d-a4f0eb17 #OffSeq #Vuln #Perl #Infosec

##

CVE-2015-2808
(10.0 CRITICAL)

EPSS: 37.49%

updated 2026-05-27T18:16:19.687000

2 posts

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force appro

TomSellers at 2026-05-27T18:22:44.829Z ##

RE: https://infosec.exchange/@perfect10_bot/116647910574183905

So CVE-2015-2808 (RC4 weaknesses in TLS) got bumped to 10.0 today due to CISA enrichment...

#Security

##

TomSellers@infosec.exchange at 2026-05-27T18:22:44.000Z ##

RE: https://infosec.exchange/@perfect10_bot/116647910574183905

So CVE-2015-2808 (RC4 weaknesses in TLS) got bumped to 10.0 today due to CISA enrichment...

#Security

##

CVE-2026-9170
(7.5 HIGH)

EPSS: 0.06%

updated 2026-05-27T15:34:08

1 posts

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to denial of service and a potential remote code execution due to improper input validation.

thehackerwire@mastodon.social at 2026-05-26T19:02:49.000Z ##

🟠 CVE-2026-9170 - High (7.5)

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to denial of service and a potential remote code execution due to impr...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9170/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-6957
(8.0 HIGH)

EPSS: 0.00%

updated 2026-05-27T15:33:36

2 posts

Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitrary locations within the target server's filestore via a malicious filename delivered through the shared-channel attachment sync protocol. Mattermost Adviso

thehackerwire@mastodon.social at 2026-05-27T17:00:20.000Z ##

🟠 CVE-2026-6957 - High (8)

Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitr...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6957/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T17:00:20.000Z ##

🟠 CVE-2026-6957 - High (8)

Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitr...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6957/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-7524
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T15:33:32

2 posts

IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.

thehackerwire@mastodon.social at 2026-05-27T15:01:15.000Z ##

🔴 CVE-2026-7524 - Critical (9.8)

IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7524/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T15:01:15.000Z ##

🔴 CVE-2026-7524 - Critical (9.8)

IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7524/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-7365
(8.4 HIGH)

EPSS: 0.00%

updated 2026-05-27T15:33:32

1 posts

IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.

thehackerwire@mastodon.social at 2026-05-27T15:00:35.000Z ##

🟠 CVE-2026-7365 - High (8.4)

IBM Operations Analytics - Log Analysis and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authenti...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7365/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8175
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T15:33:31

2 posts

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could be exploited to cause a denial of service and potentially lead to authentication bypass or remote code execution.

thehackerwire@mastodon.social at 2026-05-27T15:01:24.000Z ##

🔴 CVE-2026-8175 - Critical (9.8)

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd compon...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8175/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T15:01:24.000Z ##

🔴 CVE-2026-8175 - Critical (9.8)

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd compon...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8175/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70103(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-05-27T15:33:31

1 posts

Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc.

sigdevel@infosec.exchange at 2026-05-26T18:14:03.000Z ##

Security Advisory: CVE-2025-70103 - Heap-Based Buffer Overflow in libjxl / cjxl

A heap-based buffer overflow vulnerability was identified in JPEG XL libjxl when processing crafted PBM/PNM images.

Summary:
The vulnerability exists in `jxl::extras::DecodeImagePNM()` in `lib/extras/dec/pnm.cc`. When processing a specially crafted PBM/PNM image, insufficient validation of buffer sizes before memory copy operations may cause `memcpy()` to write past the end of an allocated heap buffer.

The issue was observed as a WRITE of 24 bytes at the end of a 16-byte heap region.

CWE:
CWE-122 - Heap-based Buffer Overflow
CWE-787 - Out-of-bounds Write

Affected product:
JPEG XL / libjxl

Affected component:
`lib/extras/dec/pnm.cc`
Function: `jxl::extras::DecodeImagePNM()`
Affected line: `pnm.cc:554`

Affected version:
The issue was reproduced in `cjxl v0.12.0` at commit `24357f189c233c03fb46368a142a0b2c1a949f9d`.

Attack conditions:
Exploitation requires the vulnerable application or library consumer to process a crafted PBM/PNM image. This can be triggered locally via `cjxl` or through software that exposes the `DecodeImagePNM` decoding path to attacker-controlled input.

Example reproduction command:
`./cjxl ./2_PBM_lib_extras_dec_pnm_cc_554 --disable_output`

Impact:
Successful exploitation may cause memory corruption and process termination. The confirmed impact is denial of service (DoS) due to a crash during image processing. No evidence of reliable arbitrary code execution has been identified.

Fix / mitigation status:
The upstream issue is closed. A mitigation/fix proposal was provided in PR `#4338`, adding additional buffer-size, row-boundary, pixel-size, offset, and extra-channel checks. Users are advised to update to a libjxl build that contains the relevant fix once available, or review and apply the mitigation from PR `#4338` where appropriate.

References:
Issue:
https://github.com/libjxl/libjxl/issues/4337

Fix / mitigation PR:
https://github.com/libjxl/libjxl/pull/4338
https://github.com/libjxl/libjxl/commit/49fb89f23473e57fa1dac416adce7c7679e5d051

PoC:
https://github.com/sigdevel/pocs/blob/main/res/libjxl/2025/2/2_PBM_lib_extras_dec_pnm_cc_554

Credit:
@sigdevel

https://www.cve.org/CVERecord?id=CVE-2025-70103

#fuzzing #infosec #security #afl #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory

##

CVE-2026-48972
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-27T15:33:28

2 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SeedProd LLC SeedProd Pro allows PHP Local File Inclusion. This issue affects SeedProd Pro: from n/a before 6.19.5.

thehackerwire@mastodon.social at 2026-05-27T15:01:33.000Z ##

🟠 CVE-2026-48972 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SeedProd LLC SeedProd Pro allows PHP Local File Inclusion.

This issue affects SeedProd Pro: from n/a before 6.19.5.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48972/

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40825
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

3 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

offseq@infosec.exchange at 2026-05-27T09:00:27.000Z ##

⚠️ HIGH severity: CVE-2026-40825 in MB connect line mbCONNECT24. SQL Injection via accountstatus view devices param enables DB read/modify. No patch yet — restrict access & monitor vendor advisories. https://radar.offseq.com/threat/cve-2026-40825-cwe-89-improper-neutralization-of-s-0b1fbf64 #OffSeq #SQLInjection #Vuln #MBconnect

##

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40838
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDeviceScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40831
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the Easy View due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40835
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the saveObjectFromData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40844
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashboard view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40846
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40812
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T14:53:22.863000

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions sn parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40810
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T14:53:22.863000

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the userinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40815
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T14:53:22.863000

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _mb24api_getUserAccount function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40824
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40847
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system_tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40826
(4.9 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dsgvo_contracts view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40840
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the VerifyCreateLicences function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40833
(7.1 HIGH)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40832
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDevicegroups function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40823
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40816
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T14:53:22.863000

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24alarm.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-42761
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-05-27T14:50:47.627000

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through <= 1.0.9.

thehackerwire@mastodon.social at 2026-05-27T12:01:28.000Z ##

🔴 CVE-2026-42761 - Critical (9.3)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Pro...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42761/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8760
(9.8 CRITICAL)

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate a

thehackerwire@mastodon.social at 2026-05-27T17:02:14.000Z ##

🟠 CVE-2026-3012 - High (8)

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3012/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T17:02:14.000Z ##

🟠 CVE-2026-3012 - High (8)

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3012/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40849
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:29

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the user_alarmprofile view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40851
(8.4 HIGH)

EPSS: 0.02%

updated 2026-05-27T09:31:28

3 posts

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability.

thehackerwire@mastodon.social at 2026-05-27T10:00:21.000Z ##

🟠 CVE-2026-40851 - High (8.4)

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40851/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

certvde@infosec.exchange at 2026-05-27T08:13:15.000Z ##

#OT #Advisory VDE-2026-059
Helmholz: Multiple vulnerabilities in REX100/REX200/REX250

Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
#CVE CVE-2026-40851, CVE-2026-40852

https://certvde.com/en/advisories/vde-2026-059/

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-059.json

##

certvde@infosec.exchange at 2026-05-27T08:12:46.000Z ##

#OT #Advisory VDE-2026-054
MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.mini

Two command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
#CVE CVE-2026-40851, CVE-2026-40852

https://certvde.com/en/advisories/vde-2026-054/

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-054.json

##

CVE-2026-49002
(9.1 CRITICAL)

EPSS: 0.03%

updated 2026-05-27T09:31:28

1 posts

Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and modifying configuration information.

thehackerwire@mastodon.social at 2026-05-27T10:00:01.000Z ##

🔴 CVE-2026-49002 - Critical (9.1)

Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and modifying configuration information.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-49002/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40852
(7.2 HIGH)

EPSS: 0.07%

updated 2026-05-27T09:31:28

2 posts

A highly authenticated attacker can alter the config generator injecting a payload into future created configurations. The device is not correctly checking this configuration value before passing it to an system execute leading to code execution. This can result in a total loss of confidentiality, integrity and availability.

certvde@infosec.exchange at 2026-05-27T08:13:15.000Z ##

#OT #Advisory VDE-2026-059
Helmholz: Multiple vulnerabilities in REX100/REX200/REX250

Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
#CVE CVE-2026-40851, CVE-2026-40852

https://certvde.com/en/advisories/vde-2026-059/

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-059.json

##

certvde@infosec.exchange at 2026-05-27T08:12:46.000Z ##

#OT #Advisory VDE-2026-054
MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.mini

Two command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
#CVE CVE-2026-40851, CVE-2026-40852

https://certvde.com/en/advisories/vde-2026-054/

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-054.json

##

CVE-2026-40830
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the admin.mbnetj.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40837
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40843
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the alarming view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40841
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40834
(7.1 HIGH)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash_layout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40839
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getComponentScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40836
(7.1 HIGH)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the inmessage model due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40845
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the devices_configuration view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40842
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40848
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2025-14713
(7.5 HIGH)

EPSS: 0.03%

updated 2026-05-27T09:31:24

2 posts

An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server.

thehackerwire@mastodon.social at 2026-05-27T17:02:25.000Z ##

🟠 CVE-2025-14713 - High (7.5)

An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14713/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T17:02:25.000Z ##

🟠 CVE-2025-14713 - High (7.5)

An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-14713/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-13392
(8.1 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:24

1 posts

Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowledge of the distinguished name (DN).

thehackerwire@mastodon.social at 2026-05-27T10:01:30.000Z ##

🟠 CVE-2025-13392 - High (8.1)

Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowle...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-13392/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40829
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:24

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40828
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:24

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DeleteSysLogEntry function due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40827
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:24

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _RemoveRequest function due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2025-12686
(9.8 CRITICAL)

EPSS: 0.17%

updated 2026-05-27T09:31:23

1 posts

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation Manager (BSM) before 1.3.2-65648 and Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors.

thehackerwire@mastodon.social at 2026-05-27T10:01:21.000Z ##

🔴 CVE-2025-12686 - Critical (9.8)

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation Manager (BSM) before 1.3.2-65648 and Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-12686/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40822
(4.9 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:23

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40821
(4.9 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:23

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountByID function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40813
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:23

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions tagid parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40817
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:23

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAlarmProfiles function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40819
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:23

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the sync_data24 task due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40818
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:23

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _mb24confi_getDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40811
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:22

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ssoabstractservice due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://helmholz.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-058.json

##

certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

#CSAF https://mbconnectline.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-044.json

##

CVE-2026-40814
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:22

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dataapi.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

2 repos

https://github.com/HORKimhab/CVE-2026-48172

https://github.com/retmakarunia/CVE-2026-48172

sayzard@mastodon.sayzard.org at 2026-05-27T19:43:01.000Z ##

LiteSpeed CPanel Plugin with Root Privilege Escalation Under Active Exploitation

LiteSpeed User-End cPanel Plugin의 CVE-2026-48172 취약점은 lsws.redisAble JSON API 함수의 권한 검증 오류로 인해 낮은 권한의 cPanel 사용자가 루트 권한으로 임의 스크립트를 실행할 수 있는 심각한 권한 상승 문제입니다. 이 취약점은 2.3부터 2.4.6 버전까지 영향을 미치며, 2.4.7 버전 이상으로 업데이트해야 해결됩니다. CISA KEV에 등재되어 실제 공격이 확인되었으며, 공격 탐지용 Python 스크립트도 공개되어 있어 서버 로그...

https://haltingproblems.com/analysis/litespeed-cpanel-plugin-cve-2026-48172/

##

offseq@infosec.exchange at 2026-05-27T10:30:30.000Z ##

⚠️ CRITICAL: Actively exploited privilege escalation in LiteSpeed cPanel plugin (CVE-2026-48172) enables remote root access via lsws.redisAble. Patch plugin v2.3 – v2.4.4 now! CISA mandates 4-day deadline for U.S. agencies. https://radar.offseq.com/threat/cisa-gives-feds-4-days-to-patch-actively-exploited-ebc57663 #OffSeq #vuln #patchnow

##

bugxhunter@infosec.exchange at 2026-05-27T02:00:53.000Z ##

🏛️ CISA Adds LiteSpeed cPanel Plugin Privilege Escalation Vulnerability

📝 CISA adds CVE-2026-48172 to KEV Catalog, affecting federal agencies.

https://www.cisa.gov/news-events/alerts/2026/05/26/cisa-adds-one-known-exploited-vulnerability-catalog

📰 Alerts

#GovSec #CVE

##

secdb@infosec.exchange at 2026-05-26T20:00:14.000Z ##

🚨 [CISA-2026:0526] CISA Adds One Known Exploited Vulnerability to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0526)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-48172 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-48172)
- Name: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: LiteSpeed
- Product: cPanel Plugin
- Notes: https://blog.litespeedtech.com/2026/05/21/security-update-for-litespeed-cpanel-plugin/ ; https://nvd.nist.gov/vuln/detail/CVE-2026-48172

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260526 #cisa20260526 #cve_2026_48172 #cve202648172

##

cisakevtracker@mastodon.social at 2026-05-26T18:01:10.000Z ##

CVE ID: CVE-2026-48172
Vendor: LiteSpeed
Product: cPanel Plugin
Date Added: 2026-05-26
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-48172

##

CVE-2026-25104
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T20:16:40.787000

2 posts

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability

thehackerwire@mastodon.social at 2026-05-26T14:00:09.000Z ##

🟠 CVE-2026-25104 - High (7.8)

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25104/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-05-26T09:00:29.000Z ##

🚨 HIGH severity: CVE-2026-25104 impacts MediaArea MediaInfoLib 26.01. Integer underflow in LXF parsing can trigger heap-based buffer overflow. No patch yet — restrict untrusted LXF file parsing and monitor for updates. https://radar.offseq.com/threat/cve-2026-25104-cwe-191-integer-underflow-wrap-or-w-860fcfcf #OffSeq #Vulnerability #Infosec

##

CVE-2026-9496
(7.5 HIGH)

Szafir SDK returns a success status code from the cryptographic digital signature verification process (i.e. /VerifyingTaskItem/Signature/VerificationResult/Result/@code == 0, "Positively verified") even when the trust status of the signer's certificate could not be established (i.e. /VerifyingTaskItem/Signature/VerificationResult/SigningCertificate/@certificateType == "nondetermined"). This cause

avolha@infosec.exchange at 2026-05-25T13:53:46.000Z ##

Na CONFidence 2026 Michał kończy właśnie opowieść o krytycznych lukach, które umożliwiały zalogowanie się na konto dowolnego obywatela w wielu kluczowych systemach administracji publicznej, a @zaufanatrzeciastrona opublikowała przed chwilą cykl artykułów jego autorstwa, dokładnie wyjaśniający problem. Zdecydowanie polecam (zarwałam noc, żeby je na czas skorygować ;-))

👉 Zdalne wykonanie kodu w SzafirHost – [CVE-2026-26928] [Badanie e-podpisów, cz. 1] – https://zaufanatrzeciastrona.pl/post/zdalne-wykonanie-kodu-w-szafirhost-cve-2026-26928-badanie-e-podpisow-cz-1/
👉 Hakowanie e-Sądu YubiKeyem – [Badanie e-podpisów, cz. 2] – https://zaufanatrzeciastrona.pl/post/hakowanie-e-sadu-yubikeyem-badanie-e-podpisow-cz-2/
👉 Ominięcie uwierzytelniania w ZUS-ie i systemach e-Zdrowia, czyli o krok od cyberchaosu – [CVE-2026-9058] [Badanie e-podpisów, cz. 3] – https://zaufanatrzeciastrona.pl/post/ominiecie-uwierzytelniania-w-zus-ie-i-systemach-e-zdrowia-czyli-o-krok-od-cyberchaosu-cve-2026-9058-badanie-e-podpisow-cz-3/
👉 Podsumowanie: Krytyczna podatność umożliwiająca całkowite ominięcie logowania w ZUS-ie, e-Sądzie i systemach e-Zdrowia – https://zaufanatrzeciastrona.pl/post/podsumowanie-krytyczna-podatnosc-umozliwiajaca-calkowite-ominiecie-logowania-w-zus-ie-e-sadzie-i-systemach-e-zdrowia/

#cyberbezpieczenstwo #cybersecurity #confidence

##

zaufanatrzeciastrona@infosec.exchange at 2026-05-25T13:34:30.000Z ##

Michał odkrył sposób na logowanie jako dowolny użytkownik do eZUS-u, E-Sądu, eZdrowia i innych rządowych systemów. Poczytajcie, bo to najgrubsze odkrycie tego roku w PL
1. https://zaufanatrzeciastrona.pl/post/zdalne-wykonanie-kodu-w-szafirhost-cve-2026-26928-badanie-e-podpisow-cz-1/
2. https://zaufanatrzeciastrona.pl/post/hakowanie-e-sadu-yubikeyem-badanie-e-podpisow-cz-2/
3. https://zaufanatrzeciastrona.pl/post/ominiecie-uwierzytelniania-w-zus-ie-i-systemach-e-zdrowia-czyli-o-krok-od-cyberchaosu-cve-2026-9058-badanie-e-podpisow-cz-3/
4. https://zaufanatrzeciastrona.pl/post/podsumowanie-krytyczna-podatnosc-umozliwiajaca-calkowite-ominiecie-logowania-w-zus-ie-e-sadzie-i-systemach-e-zdrowia/

##

CVE-2026-9478
(9.8 CRITICAL)

Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks

1 repos

https://github.com/HORKimhab/CVE-2026-5426

beyondmachines1 at 2026-05-27T20:01:06.869Z ##

KnowledgeDeliver Zero-Day Flaw Exploited to Deploy Web Shells

KnowledgeDeliver LMS installations are being targeted by a zero-day deserialization vulnerability (CVE-2026-5426) caused by hardcoded machine keys, allowing attackers to deploy web shells and Cobalt Strike backdoors.

**If you run Digital Knowledge's KnowledgeDeliver LMS, immediately replace the default ASP.NET machine keys in your web.config with unique, cryptographically strong ones to block these attacks. If possible, restrict portal access to trusted IP ranges, and monitor Windows Application logs for Event ID 1316 (ViewState verification failures).**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/knowledgedeliver-zero-day-flaw-exploited-to-deploy-web-shells-5-x-f-c-n/gD2P6Ple2L

##

beyondmachines1@infosec.exchange at 2026-05-27T20:01:06.000Z ##

KnowledgeDeliver Zero-Day Flaw Exploited to Deploy Web Shells

KnowledgeDeliver LMS installations are being targeted by a zero-day deserialization vulnerability (CVE-2026-5426) caused by hardcoded machine keys, allowing attackers to deploy web shells and Cobalt Strike backdoors.

**If you run Digital Knowledge's KnowledgeDeliver LMS, immediately replace the default ASP.NET machine keys in your web.config with unique, cryptographically strong ones to block these attacks. If possible, restrict portal access to trusted IP ranges, and monitor Windows Application logs for Event ID 1316 (ViewState verification failures).**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/knowledgedeliver-zero-day-flaw-exploited-to-deploy-web-shells-5-x-f-c-n/gD2P6Ple2L

##

Mozilla@activitypub.awakari.com at 2026-05-27T18:59:43.000Z ## 🚩 Critical KnowledgeDeliver RCE (CVE-2026-5426) abused via shared ASP.NET machine keys to deliver web shells and Cobalt Strike KnowledgeDeliver exploit (CVE-2026-5426) enables RCE via ViewState ...

#TIGR #malware #vulnerability

Origin | Interest | Match ##

blog@insicurezzadigitale.com at 2026-05-27T07:47:40.000Z ##

CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON

Mandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise tra tutte le installazioni. L'attacco ha portato al deployment della web shell in-memory BLUEBEAM e, tramite social engineering degli utenti, alla distribuzione di Cobalt Strike BEACON personalizzato per organizzazione.

https://insicurezzadigitale.com/cve-2026-5426-zero-day-in-knowledgedeliver-lms-sfruttato-per-distribuire-bluebeam-e-cobalt-strike-beacon/

##

CVE-2026-5222
(0 None)

EPSS: 0.04%

updated 2026-05-26T19:08:15.080000

2 posts

updated 2026-05-26T15:16:24.310000

2 posts

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

Nuclei template

4 repos

https://github.com/vognik/CVE-2026-26980

https://github.com/EQSTLab/CVE-2026-26980

https://github.com/Kulik-Labs-Development/Ghost-CMS-Code-Injection-Audit-CVE-2026-26980

https://github.com/dinosn/ghost-cve-2026-26980

tomshw@mastodon.social at 2026-05-26T11:05:09.000Z ##

⚠️ Un CMS molto usato finisce nel mirino: siti legittimi possono diventare trappole invisibili. Aggiornare, monitorare, verificare. #Cybersecurity #CMS

🔗 https://www.tomshw.it/hardware/ghost-cms-clickfix-falla-sql-cve-2026-26980

##

oversecurity@mastodon.social at 2026-05-26T10:40:33.000Z ##

Critical Ghost CMS Vulnerability Exploited to Hack 700+ Websites

A critical Ghost CMS vulnerability identified as CVE-2026-26980 has been exploited in a widespread cyber campaign that compromised more than 700...

🔗️ [Thecyberexpress] https://link.is.it/FdS8KE

##

CVE-2026-8046
(8.1 HIGH)

EPSS: 0.10%

updated 2026-05-26T13:31:02

1 posts

The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.

certvde@infosec.exchange at 2026-05-26T07:14:28.000Z ##

#OT #Advisory VDE-2026-056
CODESYS Control - Incorrect Authorization

The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups including the visualization administrators group, which is intended solely to manage visualization users.
#CVE CVE-2026-8046

https://certvde.com/en/advisories/vde-2026-056/

#CSAF https://codesys.csaf-tp.certvde.com/.well-known/csaf/white/2026/advisory2026-08_vde-2026-056.json

##

CVE-2026-42773
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-05-26T13:30:58

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection. This issue affects eMagicOne Store Manager: from n/a through 1.3.2.

offseq@infosec.exchange at 2026-05-26T00:00:35.000Z ##

🚨 CRITICAL: CVE-2026-42773 in eMagicOne Store Manager (≤1.3.2) enables unauthenticated Blind SQL Injection (CVSS 9.3). No patch yet. Restrict app access & monitor databases. Details: https://radar.offseq.com/threat/cve-2026-42773-cwe-89-improper-neutralization-of-s-18afe907 #OffSeq #SQLInjection #Vuln #eMagicOne

##

CVE-2026-39661
(7.5 HIGH)

EPSS: 0.11%

updated 2026-05-26T13:30:57

1 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magentech SW Core allows PHP Local File Inclusion. This issue affects SW Core: from n/a through 1.7.18.

thehackerwire@mastodon.social at 2026-05-26T14:00:00.000Z ##

🟠 CVE-2026-39661 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magentech SW Core allows PHP Local File Inclusion.

This issue affects SW Core: from n/a through 1.7.18.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-39661/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25713
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T13:30:56

1 posts

MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability

updated 2026-05-26T07:16:15.487000

1 posts

A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE.

1 repos

https://github.com/minanagehsalalma/cve-2021-21735-zte-zxhn-h168n-admin-compromise

_r_netsec@infosec.exchange at 2026-05-25T14:58:05.000Z ##

CVE-2021-21735: ZTE H168N wizard whitelist exposed PPPoE and WLAN secrets pre-auth https://minanagehsalalma.github.io/cve-2021-21735-zte-zxhn-h168n-admin-compromise/

##

CVE-2026-45250
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-22T03:30:26

1 posts

The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capacity of that buffer, a stack buffer overflow occurs. Because the bounds check on the supplementary g

1 repos

https://github.com/venglin/setcred

emaste@mastodon.social at 2026-05-26T18:07:06.000Z ##

@lattera How is autoloading zfs.ko related to CVE-2026-45250?

##

CVE-2026-42945
(8.1 HIGH)

EPSS: 1.04%

updated 2026-05-21T19:16:53.100000

1 posts

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond it

34 repos

https://github.com/DepthFirstDisclosures/Nginx-Rift

https://github.com/ChamsBouzaiene/ai-vuln-rediscovery-nginx-cve-2026-42945

https://github.com/hnytgl/cve-2026-42945

https://github.com/sibersan/web-server-audit_CVE-2026-42945

https://github.com/oseasfr/Scanner_CVE_2026-42945

https://github.com/yusufdalbudak/CVE-2026-42945

https://github.com/realityone/cve-2026-42945-scan

https://github.com/dinosn/cve-2026-42945-nginx32-lab

https://github.com/F2u0a0d3/CVE-2026-42945-nginx-rift-poc

https://github.com/imSre9/CVE-2026-42945

https://github.com/webdev75950-ux/nginx-rce-cve-2026-42945

https://github.com/cipherspy/CVE-2026-42945-POC

https://github.com/fkj-src/fix_nginx_cve_2026_42945

https://github.com/gagaltotal/CVE-2026-42945-NGINX-Rift-Toolkit

https://github.com/BarAppTeam/nginx-cve-fix

https://github.com/friparia/NGINX_RIFT_SCAN_CVE_2026_42945

https://github.com/chenqin231/CVE-2026-42945

https://github.com/soksofos/wazuh-nginx-cve-2026-42945-sca-lab

https://github.com/RedCrazyGhost/CVE-2026-42945

https://github.com/jelasin/CVE-2026-42945

https://github.com/bamov970/CVE-2026-42945-Nginx-RCE-bypass-ASLR

https://github.com/nanwinata/nginxrift-CVE-2026-42945

https://github.com/MateusVerass/nGixshell

https://github.com/nu0l/NGINX-Rift

https://github.com/niekaicheng/CVE-2026-42945_NGINX_Rift

https://github.com/byezero/nginx-cve-2026-42945-check

https://github.com/0xBlackash/CVE-2026-42945

https://github.com/karakapaku43/CVE-2026-42945

https://github.com/Renison-Gohel/CVE-2026-42945-NGINX-Rift

https://github.com/iammerrida-source/nginx-rift-detect

https://github.com/p3Nt3st3r-sTAr/CVE-2026-42945-POC

https://github.com/forxiucn/nginx-cve-2026-42945-poc

https://github.com/rheodev/CVE-2026-42945

https://github.com/tal7aouy/nginx-cve-2026-42945

nemo@mas.to at 2026-05-27T11:30:17.000Z ##

Researchers report "NGINX Rift" (CVE-2026-42945) is being probed and exploited days after disclosure — attackers are scanning exposed servers for the 18‑year bug. Patches released; teams urged to remediate. 🔍⚠️🛡️ #NGINX #infosec #CVE2026-42945 https://www.theregister.com/security/2026/05/18/nginx-rift-attackers-waste-no-time-targeting-exposed-servers/5241851

##

CVE-2010-0249
(8.8 HIGH)

EPSS: 88.68%

updated 2026-05-21T12:57:01.463000

1 posts

Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper ha

nyanbinary@infosec.exchange at 2026-05-26T21:36:21.000Z ##

Ok, CISA adding CVE-2010-0249 (Use-After-Free in checks notes Internet Explorer 6, 6 SP1, 7, and 8 for Server up to 2008 & Win7 to their KEV list... last week... has me giggle.

Yeah, I guess there may be EITW exploitation? But putting a "you got 2 weeks to fix your Server 2008 Internet Explorer NOW in 2 weeks!!!" is, like, seriously funny.

https://db.gcve.eu/known-exploited-vulnerabilities-catalog/378dd17e-1682-4b50-ad24-e7d16fbfb2fd

##

CVE-2026-9082
(6.5 MEDIUM)

EPSS: 34.17%

updated 2026-05-20T21:32:36

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

Nuclei template

9 repos

https://github.com/thinhap/CVE-2026-9082-PoC

https://github.com/lysophavin18/cve-2026-9082

https://github.com/HORKimhab/CVE-2026-9082

https://github.com/ridhinva/CVE-2026-9082

https://github.com/strobelpierre/CVE-2026-9082

https://github.com/7h30th3r0n3/CVE-2026-9082-Drupal-PoC

https://github.com/N45HT/drupal-cve-2026-9082-checker

https://github.com/0xBlackash/CVE-2026-9082

https://github.com/ywh-jfellus/CVE-2026-9082

maniabel@mastodon.de at 2026-05-26T19:55:39.000Z ##

Drupal: kritische Sicherheitslücke (CVE-2026-9082). Der Patch steht zur Verfügung. Aktuell sind in Deutschland 61 Instanzen ungepatcht.
Interessiert das irgendjemenschen? Braucht es weitere Informationen? Oder ist der Beitrag flüssiger als Wasser?

https://dashboard.shadowserver.org/statistics/iot-devices/time-series/?date_range=other_range&d1=2026-05-22&d2=2026-05-25&vendor=drupal&type=cms&model=drupal&tag=cve-2026-9082%2B&geo=DE&dataset=count&limit=100&group_by=geo&stacking=stacked

#Drupal #infosec

##

hackmag@infosec.exchange at 2026-05-25T18:00:02.000Z ##

⚪️ Critical Drupal bug could lead to remote code execution

🗨️ The Drupal developers have released emergency patches for a “highly critical” vulnerability in Drupal Core that affects sites using PostgreSQL. The issue has been assigned the identifier CVE-2026-9082 and is related to an SQL injection, which in some scenarios may…

🔗 https://hackmag.com/news/drupal-injection?utm_source=mastodon&utm_medium=social&utm_campaign=repost_hackmag_to_socials

https://github.com/0xBlackash/CVE-2026-41091

##

CVE-2026-41091
(7.8 HIGH)

EPSS: 5.94%

updated 2026-05-20T19:06:36.850000

4 posts

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

2 repos

https://github.com/ridhinva/defender-vulnerability-scanner

hackmag at 2026-05-27T18:30:03.431Z ##

⚪️ Microsoft patches UnDefend and RedSun 0‑day vulnerabilities

🗨️ Microsoft developers have released out-of-band updates to fix two 0‑day vulnerabilities in Microsoft Defender that are already being used in real-world attacks. These are the bugs CVE-2026-41091 and CVE-2026-45498, known as RedSun and UnDefend. The first issue (7.8 on the…

🔗 https://hackmag.com/news/undefend-redsun-patch?utm_source=mastodon&utm_medium=social&utm_campaign=repost_hackmag_to_socials

🔗 https://hackmag.com/news/undefend-redsun-patch?utm_source=mastodon&utm_medium=social&utm_campaign=repost_hackmag_to_socials

##

hackmag@infosec.exchange at 2026-05-27T18:30:03.000Z ##

⚪️ Microsoft patches UnDefend and RedSun 0‑day vulnerabilities

🗨️ Microsoft developers have released out-of-band updates to fix two 0‑day vulnerabilities in Microsoft Defender that are already being used in real-world attacks. These are the bugs CVE-2026-41091 and CVE-2026-45498, known as RedSun and UnDefend. The first issue (7.8 on the…

https://github.com/br0xpl/sparx_hack

##

christopherkunz@chaos.social at 2026-05-26T10:31:47.000Z ##

The RedSun vulnerability was "officially fixed" on May 19, with the fix being "let's break the PoC by quarantining the affected .exe". The fix is just part of a Defender definition update. So, I guess the Red Sun no longer prevails.
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41091

##

christopherkunz@chaos.social at 2026-05-26T06:57:56.000Z ##

@jhr77 @Hal_9000 Turns out my hunch was right: CVE-2026-41091 is RedSun.

##

CVE-2026-42096
(0 None)

EPSS: 0.04%

updated 2026-05-19T14:45:59.807000

1 posts

Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below we

1 repos

campuscodi@mastodon.social at 2026-05-26T17:43:45.000Z ##

Sparx Systems has failed to patch five security issues in its Pro Cloud Server even after being contacted by CERT Poland

https://cert.pl/en/posts/2026/05/CVE-2026-42096/

##

CVE-2026-45736
(4.4 MEDIUM)

EPSS: 0.01%

updated 2026-05-19T14:39:20.353000

1 posts

ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close() implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1.

lambdawatchdog@techhub.social at 2026-05-27T12:01:02.000Z ##

🔍 Lambda Watchdog detected that CVE-2026-45736 is no longer present in latest AWS Lambda base image scans. https://github.com/aws/aws-lambda-base-images/issues/530 #AWS #Lambda #Security #CVE #DevOps #SecOps

##

CVE-2026-45829(CVSS UNKNOWN)

EPSS: 0.17%

updated 2026-05-18T18:31:30

1 posts

A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in the /api/v2/tenants/{tenant}/databases/{db}/collections endpoint.

2 repos

https://github.com/0xBlackash/CVE-2026-45829

https://github.com/fevar54/FULL-ANALYSIS---CVE-2026-45829-ChromaDB-

nicfab@fosstodon.org at 2026-05-26T08:12:31.000Z ##

NicFab Newsletter #22 is out.

→ Garante fines Ambrosetti €85k for late breach notification (Art. 34 GDPR)
→ Verizon DBIR 2026: vuln exploitation overtakes credentials as #1 vector
→ Commission opens first Article 112(1) AI Act review
→ Colorado CADMA replaces the 2024 AI Act
→ Unpatched RCE in ChromaDB (CVE-2026-45829)

Read: https://www.nicfab.eu/en/newsletter-issues/2026-05-26-issue-22/
Subscribe: https://www.nicfab.eu/en/pages/newsletter/#subscribe-now

#Privacy #AIAct #AI #GDPR #Cybersecurity

##

CVE-2026-45298
(8.6 HIGH)

EPSS: 0.02%

updated 2026-05-18T16:41:41

1 posts

## Summary In a default dozzle deploy (the documented quickstart, no `DOZZLE_AUTH_PROVIDER` set), `POST /api/notifications/test-webhook` is reachable without authentication and forwards an attacker-controlled URL into a `WebhookDispatcher` that: - Sends an HTTP POST to the supplied URL with attacker-controlled request headers, and - Returns the response status code AND up to 1MB of the response

thehackerwire@mastodon.social at 2026-05-26T23:01:25.000Z ##

🟠 CVE-2026-45298 - High (8.6)

Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is reachable without authentication and forwards an a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45298/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42897
(8.1 HIGH)

EPSS: 7.49%

updated 2026-05-15T19:35:52.963000

1 posts

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

1 repos

https://github.com/atiilla/CVE-2026-42897

wordfence@mastodon.social at 2026-05-27T18:31:08.000Z ##

Microsoft Exchange Zero-Day Under Active Exploit | Wordfence Security News Clip | May 18, 2026

A cross-site scripting zero-day in Exchange Server OWA is under active exploitation, affecting Exchange 2016, 2019, and Subscription Edition.

CISA added CVE-2026-42897 to its KEV catalog on May 15th with a federal remediation deadline of May 29th.

Verify the Emergency Mitigation Service is running and URL rewrite rule M2.1.x is applied.

Watch The Clip: https://youtu.be/raqyE2KkUjA

##

CVE-2026-41613
(8.8 HIGH)

EPSS: 0.07%

updated 2026-05-15T14:23:50.983000

1 posts

Session fixation in Visual Studio Code allows an unauthorized attacker to elevate privileges over a network.

euroinfosec@infosec.exchange at 2026-05-27T12:07:01.000Z ##

Vulnerability alert: Developers using Microsoft's code editor could hand an attacker full control of their machine by clicking a single install link, with nothing in the confirmation screen to warn them. Microsoft patched the flaw (CVE-2026-41613). https://www.databreachtoday.com/microsoft-code-editor-flaw-lets-attackers-hijack-developer-pcs-a-31775

##

CVE-2026-0265(CVSS UNKNOWN)

EPSS: 0.03%

updated 2026-05-13T18:31:07

1 posts

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used. The risk of this issue is greatly reduced if you secure acc

2 repos

https://github.com/tstephens1080/palo-alto-cve-2026-0265-checker

https://github.com/BishopFox/CVE-2026-0265-check

hrbrmstr@mastodon.social at 2026-05-25T15:08:44.000Z ##

I thought Palo was part of the Mythos seekrit cabal platform and also had their own advanced AI BS that protected enterprises from everything.

Given that, how does CVE-2026-0265 — an at-scale PAN-OS CAS Authentication Bypass — happen now?

Seems like Mythos isn't all its cracked up to be?

##

CVE-2026-41089
(9.8 CRITICAL)

EPSS: 0.13%

updated 2026-05-12T18:30:54

1 posts

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.

threatcodex@infosec.exchange at 2026-05-26T17:43:22.000Z ##

Micropatches released for Windows Netlogon Remote Code Execution Vulnerability (CVE-2026-41089)
#CVE_2026_41089
https://blog.0patch.com/2026/05/micropatches-released-for-windows_0304568783.html

##

CVE-2026-28952
(7.5 HIGH)

EPSS: 0.02%

updated 2026-05-12T18:30:36

6 posts

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination.

hackersnews@mastodon.cesium.pw at 2026-05-26T05:30:08.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude
https://news.ycombinator.com/item?id=48273169

#hackernews #tech

##

hn100@social.lansky.name at 2026-05-26T04:45:09.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

Link: https://support.apple.com/en-us/127115
Discussion: https://news.ycombinator.com/item?id=48273169

##

hn50@social.lansky.name at 2026-05-26T01:15:06.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

Link: https://support.apple.com/en-us/127115
Discussion: https://news.ycombinator.com/item?id=48273169

##

hnbot@chrispelli.fun at 2026-05-26T00:13:26.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude - https://support.apple.com/en-us/127115

#hackernews

##

h4ckernews@mastodon.social at 2026-05-26T00:12:12.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

https://support.apple.com/en-us/127115

#HackerNews #CVE202628952 #Apple #macOS #Kernel #Vulnerability #CyberSecurity #Claude

##

CuratedHackerNews@mastodon.social at 2026-05-26T00:12:03.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

https://support.apple.com/en-us/127115

#apple #macos

##

CVE-2026-0300
(9.8 CRITICAL)

EPSS: 4.54%

updated 2026-05-12T15:31:19

2 posts

A buffer overflow vulnerability in the User-ID™ Authentication Portal (aka Captive Portal) service of Palo Alto Networks PAN-OS software allows an unauthenticated attacker to execute arbitrary code with root privileges on the PA-Series and VM-Series firewalls by sending specially crafted packets. The risk of this issue is greatly reduced if you secure access to the User-ID™ Authentication Portal

10 repos

https://github.com/shizuku198411/CVE-2026-0300

https://github.com/bannned-bit/CVE-2026-0300-PANOS

https://github.com/qassam-315/PAN-OS-User-ID-Buffer-Overflow-PoC

https://github.com/TailwindRG/cve-2026-0300-audit

https://github.com/ByteWraith1/CVE-2026-0300

https://github.com/p3Nt3st3r-sTAr/CVE-2026-0300-POC

https://github.com/mr-r3b00t/CVE-2026-0300

https://github.com/0xBlackash/CVE-2026-0300

https://github.com/lu4m575/CVE-2026-0300

https://github.com/ridhinva/CVE-2026-0300-PANOS-RCE

wordfence@mastodon.social at 2026-05-27T17:17:30.000Z ##

Palo Alto PAN-OS Zero-Day Exploited | Wordfence Security News Clip | May 11, 2026

CVE-2026-0300 is a buffer overflow in the PAN-OS User ID Authentication Portal affecting PA series and VM series firewalls.

Unit 42 attributed in-the-wild attacks to a likely state-sponsored cluster; the attacker achieved root, injected shellcode, and pivoted via a SAML flood to exploit the HA standby firewall.

Watch The Clip: https://www.youtube.com/shorts/lx146R9y8z8

##

wordfence@mastodon.social at 2026-05-27T17:16:46.000Z ##

Palo Alto PAN-OS Zero-Day Exploited in Wild | Wordfence Security News Clip | May 11, 2026

CVE-2026-0300 is a buffer overflow in the PAN-OS User ID Authentication Portal affecting PA series and VM series firewalls.

Unit 42 attributed in-the-wild attacks to a likely state-sponsored cluster; the attacker gained root, injected shellcode into an NGINX worker, and pivoted via a SAML flood to exploit the HA standby firewall.

Watch The Clip: https://www.youtube.com/watch?v=c-iGUdDsIYY

##

CVE-2026-44971
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-11T14:45:09

2 posts

# Summary The programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credentials with the resulting request. This allows an attacker who can influence the scanned repository URL to trigger SSRF and capture the `GH_TOKEN` used by GuardDog. # Description `ProjectScanner.scan_remote()` takes a `url`,

thehackerwire@mastodon.social at 2026-05-27T17:01:11.000Z ##

🟠 CVE-2026-44971 - High (8.2)

GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 to 2.9.0, the programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credent...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44971/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-27T17:01:11.000Z ##

🟠 CVE-2026-44971 - High (8.2)

GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 to 2.9.0, the programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credent...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44971/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44966
(8.3 HIGH)

EPSS: 0.08%

updated 2026-05-09T00:40:17

1 posts

### Summary A prototype pollution vulnerability was discovered in Velocity.js <= 2.1.5. This issue occurs during the processing of #set directives in Velocity templates. If an application renders a template controlled by an attacker, it is possible to modify Object.prototype, potentially leading to Denial of Service (DoS) or Remote Code Execution (RCE) depending on the server environment. ### Det

thehackerwire@mastodon.social at 2026-05-26T23:00:27.000Z ##

🟠 CVE-2026-44966 - High (8.3)

Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of #set directives in Velocity templ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44966/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44895(CVSS UNKNOWN)

EPSS: 0.02%

updated 2026-05-09T00:10:30

1 posts

## SSE Transport Has No Authentication and Wildcard CORS, Exposing All 86 GitLab Tools Including Destructive Operations A review of `mcp-gitlab-server` at commit `80a7b4cf3fba6b55389c0ef491a48190f7c8996a` uncovered that the SSE HTTP transport — advertised in the README and comparison table as a differentiating feature — runs with no authentication and wildcard CORS on every endpoint. The maintain

offseq@infosec.exchange at 2026-05-27T00:00:35.000Z ##

🚨 CRITICAL: CVE-2026-44895 in yoda-digital mcp-gitlab-server (<0.6.0) allows unauthenticated access to a mutation-capable RPC endpoint, risking full GitLab resource compromise. Upgrade to 0.6.0+ ASAP. https://radar.offseq.com/threat/cve-2026-44895-cwe-306-missing-authentication-for--bc836ac6 #OffSeq #Vuln #GitLab #CVE202644895

##

CVE-2026-44326
(9.4 CRITICAL)

EPSS: 0.00%

updated 2026-05-08T22:59:00

2 posts

### Summary free5GC's NEF mounts the `3gpp-traffic-influence` API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, patch, and delete traffic-influence subscriptions either with no `Authorization` header at all, or with a forged bearer token (e.g. `Authorization: Bearer not-a-real-token`). This includes creating `AnyUeInd=true` sub

thehackerwire@mastodon.social at 2026-05-27T18:00:52.000Z ##

EPSS: 0.19%

updated 2026-04-02T21:32:39

1 posts

A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key.

neverpanic@chaos.social at 2026-05-27T05:36:19.000Z ##

@campuscodi As far I know, that code has always been available for download, the only change is that it's now a lot less hidden and on GitHub. It used to be an unversioned download link well hidden somewhere on their website.

Source: read it a while ago to report CVE-2024-23218.

##

CVE-2025-15284
(3.7 LOW)

EPSS: 0.04%

updated 2026-03-02T22:05:33

1 posts

### Summary The `arrayLimit` option in qs did not enforce limits for bracket notation (`a[]=1&a[]=2`), only for indexed notation (`a[0]=1`). This is a consistency bug; `arrayLimit` should apply uniformly across all array notations. **Note:** The default `parameterLimit` of 1000 effectively mitigates the DoS scenario originally described. With default options, bracket notation cannot produce arra

certvde@infosec.exchange at 2026-05-26T07:15:09.000Z ##

#OT #Advisory VDE-2026-009
JUMO: Multiple products affected by nodejs vulnerability

A vulnerability in the REST API of the JUMO device allows an attacker to trigger a denial‑of‑service (DoS) condition. Due to an incorrect implementation of the arrayLimit option in the Node.js qs module, limits for incoming request parameters are not properly enforced. As a result, an attacker can send specially crafted requests containing excessively large or deeply nested arrays, causing the web server to become unresponsive. This condition leads to a crash of the web server, followed by an automatic restart of the device.
#CVE CVE-2025-15284

https://certvde.com/en/advisories/vde-2026-009/

#CSAF https://jumo.csaf-tp.certvde.com/.well-known/csaf/white/2026/vde-2026-009.json

##

CVE-2026-3172
(8.1 HIGH)

EPSS: 0.06%

updated 2026-02-25T21:31:25

1 posts

Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server.

mastokukei@social.josko.org at 2026-05-27T18:02:00.000Z ##

Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #programmingAtKukei https://masto.kukei.eu/browse/programming category:
- **AI coding tools & workflows**: GitHub Copilot, Claude Code, Cursor, DeepSeek Reasonix, and debates on AI’s impact (security risks, token efficiency, maintenance burdens).
- **PostgreSQL updates**: Security patches (CVE-2026-3172), pgvector parallel HNSW index fixes, pgBackRest funding, and PostgreSQL 14 end-of-life (Nov 2026).
- **Open-source [1/3]

##

CVE-2025-64328
(7.2 HIGH)

EPSS: 77.26%

updated 2026-02-24T19:30:59.130000

1 posts

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore module within the Administrative interface is vulnerable to a post-authentication command injection by an authenticated known user via the testconnection -> check_ssh_connect() function. An attacker can leverage this vulnerability to obtain remote a

Nuclei template

1 repos

https://github.com/mcorybillington/CVE-2025-64328_FreePBX-framework-Command-Injection

sayzard@mastodon.sayzard.org at 2026-05-27T18:41:13.000Z ##

Jomangy: INJ3CTOR3's Self-Healing FreePBX Toll Fraud Campaign

INJ3CTOR3 그룹이 FreePBX VoIP 인프라를 대상으로 한 JOMANGY 캠페인을 통해 PHP 웹쉘을 배포하고, 6중의 자가 복구 persistence 메커니즘으로 감염 제거를 어렵게 만듭니다. 이 웹쉘은 피해자의 SIP 트렁크를 이용한 통화 사기 코드를 포함하며, 18개의 백도어 계정을 생성해 루트 권한을 확보합니다. 캠페인은 CVE-2025-64328 등 FreePBX 취약점을 악용하며, 전 세계 수천 대의 시스템이 감염되어 있어 실무 보안 대응에 큰 위협이 됩니다. 이 공격은 2019년부터 지속된 INJ3...

https://cyble.com/blog/jomangy-inj3ctor3s-self-healing-freepbx-toll-fraud-campaign/

##

CVE-2025-62582
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-01-16T03:30:27

1 posts

Delta Electronics DIAView has multiple vulnerabilities.

updated 2024-11-21T06:37:11.567000

2 posts

A vulnerability was found in ua-parser-js 0.7.29/0.8.0/1.0.0. It has been rated as critical. This issue affects the crypto mining component which introduces a backdoor. Upgrading to version 0.7.30, 0.8.1 and 1.0.1 is able to address this issue. It is recommended to upgrade the affected component.

1 repos

https://github.com/corelight/CVE-2021-42292

caspicat at 2026-05-27T18:18:57.374Z ##

@GossiTheDog Yes, since 2017ish, for example

##

caspicat@infosec.exchange at 2026-05-27T18:18:57.000Z ##

@GossiTheDog Yes, since 2017ish, for example

##

CVE-2017-16054
(7.5 HIGH)

EPSS: 0.26%

updated 2024-11-21T03:15:44.050000

2 posts

`nodefabric` was a malicious module published with the intent to hijack environment variables. It has been unpublished by npm.

caspicat at 2026-05-27T18:18:57.374Z ##

@GossiTheDog Yes, since 2017ish, for example

##

caspicat@infosec.exchange at 2026-05-27T18:18:57.000Z ##

@GossiTheDog Yes, since 2017ish, for example

https://github.com/xtremebeing/starlette-host-header-lab

##

CVE-2026-48710
(0 None)

EPSS: 0.03%

10 posts

N/A

2 repos

https://github.com/eris-ths/supply-chain-guard

LLMs@activitypub.awakari.com at 2026-05-27T15:22:51.000Z ## Attackers Can Exploit BadHost to Access Sensitive AI Agent Server Endpoints A newly disclosed critical vulnerability, tracked as CVE-2026-48710 and dubbed “BadHost,” is putting thousands of AI-...

#AI #Cyber #Security #News #Vulnerability #cyber #security #cyber #security #news

Origin | Interest | Match ##

hn100@social.lansky.name at 2026-05-27T14:45:09.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass

Link: https://badhost.org/
Discussion: https://news.ycombinator.com/item?id=48277107

##

hn50@social.lansky.name at 2026-05-27T10:05:07.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass

Link: https://badhost.org/
Discussion: https://news.ycombinator.com/item?id=48277107

##

beyondmachines1@infosec.exchange at 2026-05-27T09:01:07.000Z ##

BadHost Vulnerability in Starlette Framework Threatens AI Infrastructure

Starlette patched a path-poisoning vulnerability (CVE-2026-48710) that allows attackers to bypass security middleware in AI agents and Python-based servers. The flaw enables unauthorized access to sensitive credentials and internal endpoints by manipulating the HTTP Host header.

**If you're running applications built on Starlette, FastAPI, or LLM tools like vLLM, LiteLLM, or MCP servers, update Starlette to version 1.0.1 ASAP. While updating, put a reverse proxy (Nginx or Cloudflare) in front of your application to block malformed Host headers, and test your endpoints with the free scanner at BadHost.org.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/badhost-vulnerability-in-starlette-framework-threatens-ai-infrastructure-o-g-u-6-8/gD2P6Ple2L

##

newsycombinator@framapiaf.org at 2026-05-27T09:00:49.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass
Link: https://badhost.org/
Comments: https://news.ycombinator.com/item?id=48277107

##

lobsters@mastodon.social at 2026-05-27T07:55:10.000Z ##

CVE-2026-48710 Starlette Host-Header Auth Bypass https://lobste.rs/s/cmsgwo #python #web
https://badhost.org

##

hnbot@chrispelli.fun at 2026-05-27T07:15:19.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass - https://badhost.org/

#hackernews

##

h4ckernews@mastodon.social at 2026-05-27T07:14:19.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass

https://badhost.org/

#HackerNews #BadHost #CVE-2026-48710 #Starlette #Security #Vulnerability #Auth #Bypass

##

sayzard@mastodon.sayzard.org at 2026-05-27T06:39:32.000Z ##

BadHost: One Char Bypasses Host-Based Security Across the Python AI Stack

Python AI 생태계에서 FastAPI의 핵심 라이브러리인 Starlette의 호스트 헤더 처리 취약점(CVE-2026-48710, BadHost)이 발견됐다. 단일 문자 삽입만으로 경로 기반 인증 우회, SSRF, 원격 코드 실행 등이 가능해 LLM 인프라와 AI 서비스에 심각한 보안 위협을 준다. 취약점은 Starlette 1.0.1 버전에서 패치되었으나, CVSS 점수는 실제 영향보다 낮게 평가되어 생태계 전반에 경고가 부족했다. 운영자는 즉시 패치 적용과 함께 request.url 대신 request.scope["path"] 사용, 역방향 프록시 배치 등 방어 조치를 권고한다.

https://www.secwest.net/starlette

#security #python #fastapi #starlette #llm

##

sayzard@mastodon.sayzard.org at 2026-05-27T06:39:19.000Z ##

Disclosing the Badhost Vulnerability in Starlette

Starlette의 BadHost 취약점(CVE-2026-48710)은 HTTP Host 헤더의 입력 검증 부족으로 인해 FastAPI, LiteLLM, vLLM 등 주요 Python LLM 인프라에서 인증 우회, SSRF, RCE 공격이 가능하다. 이 취약점은 Starlette 1.0.1 버전으로 업데이트하거나 request.url.path 대신 request.scope["path"]를 사용하는 방식으로 완화할 수 있다. BadHost.org와 X41 D-Sec에서 제공하는 도구로 취약점 점검이 가능하며, HTTP/1.1 준수 리버스 프록시 배치도 권장된다.

https://ostif.org/disclosing-the-badhost-vulnerability-in-starlette/

#starlette #security #vulnerability #llm #fastapi

##

CVE-2026-40820
(0 None)

EPSS: 0.00%

2 posts

N/A

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820