## Updated at UTC 2026-07-09T00:00:09.929870

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-43499 7.8 0.12% 3 2 2026-07-08T23:16:54.523000 In the Linux kernel, the following vulnerability has been resolved: rtmutex: Us
CVE-2026-14896 4.2 0.00% 1 0 2026-07-08T21:30:37 HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authori
CVE-2026-14891 8.7 0.00% 1 0 2026-07-08T21:30:37 HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the D
CVE-2026-0288 None 0.00% 2 0 2026-07-08T21:30:37 Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (T
CVE-2026-6896 8.7 0.00% 2 0 2026-07-08T21:16:55.097000 GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 be
CVE-2026-60105 8.6 0.00% 2 0 2026-07-08T21:16:54.813000 Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in
CVE-2026-58525 8.2 0.00% 2 0 2026-07-08T21:16:54.300000 Improper access control in Microsoft Edge (Chromium-based) allows an unauthorize
CVE-2026-58210 7.5 0.00% 1 0 2026-07-08T20:16:53.950000 NATS Server is a high-performance server for NATS.io, the cloud and edge native
CVE-2026-53481 9.8 0.63% 1 0 2026-07-08T19:57:35.883000 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release ver
CVE-2026-33264 9.8 1.09% 1 0 2026-07-08T19:37:10.507000 A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()
CVE-2026-11405 9.8 0.24% 5 1 2026-07-08T15:32:52 The web server binary /bin/httpd contains a hidden backdoor authentication mecha
CVE-2026-58480 9.8 0.00% 1 0 2026-07-08T15:28:15.630000 Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthentic
CVE-2026-58473 9.1 0.37% 1 0 2026-07-08T15:16:31.800000 Cognee before 1.2.0 contains an improper access control vulnerability that allow
CVE-2026-12378 8.1 0.23% 1 0 2026-07-08T14:56:35.950000 The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin
CVE-2026-48908 9.8 1.43% 4 7 2026-07-08T13:57:42.590000 A vulnerability in SP Page Builder for Joomla allows unauthenticated users to up
CVE-2026-9695 9.8 0.33% 1 0 2026-07-08T09:31:48 An Improper Authentication vulnerability affecting DELMIA Apriso from Release 20
CVE-2026-53359 0 0.18% 12 4 2026-07-08T05:16:27.990000 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: F
CVE-2026-60002 7.7 0.25% 2 0 2026-07-08T03:30:33 ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its h
CVE-2026-56843 9.9 0.34% 1 0 2026-07-08T03:30:33 Incorrect authorization in the XML-RPC API of WebPros Plesk before 18.0.78.4 all
CVE-2026-55255 8.4 0.44% 4 1 2026-07-07T22:14:37 ## Summary Insecure Direct Object Reference (IDOR) vulnerability in `/api/v1/re
CVE-2026-40139 9.8 0.65% 1 0 2026-07-07T21:32:34 A critical pre-authentication vulnerability exists in the authentication subsyst
CVE-2026-48282 10.0 3.20% 11 2 template 2026-07-07T21:32:33 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limi
CVE-2026-56290 9.8 0.74% 4 3 2026-07-07T21:32:33 The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitra
CVE-2026-40140 7.5 0.56% 1 0 2026-07-07T21:32:33 BeyondTrust Remote Support and Privileged Remote Access contain a high-severity
CVE-2026-40138 8.1 0.42% 2 0 2026-07-07T16:16:38.780000 A critical pre-authentication vulnerability exists in the authentication subsyst
CVE-2026-12375 9.8 0.30% 1 0 2026-07-07T15:33:58 The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with m
CVE-2026-4375 9.0 0.25% 1 0 2026-07-07T15:33:58 The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin t
CVE-2026-53913 9.8 0.57% 1 0 2026-07-07T15:33:54 Improper Authentication, Missing Authentication for Critical Function, Not Faili
CVE-2026-42143 8.8 0.43% 1 0 2026-07-07T15:16:46.463000 Coolify is an open-source and self-hostable tool for managing servers, applicati
CVE-2026-34048 9.9 0.40% 1 0 2026-07-07T15:16:43.953000 Coolify is an open-source and self-hostable tool for managing servers, applicati
CVE-2026-57981 8.8 0.56% 1 0 2026-07-07T15:12:44.373000 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-58299 7.5 0.27% 1 0 2026-07-07T14:42:37.003000 Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android
CVE-2026-57974 8.8 0.56% 1 0 2026-07-07T13:43:32.083000 Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unau
CVE-2026-57986 7.5 0.43% 1 0 2026-07-07T12:50:49.980000 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-58289 9.0 0.44% 1 0 2026-07-07T12:40:04.297000 Access of resource using incompatible type ('type confusion') in Microsoft Edge
CVE-2026-58292 7.5 0.28% 1 0 2026-07-07T12:37:27.530000 Improper input validation in Microsoft Edge (Chromium-based) allows an unauthori
CVE-2026-14345 9.8 0.74% 1 0 2026-07-07T06:31:27 The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell
CVE-2026-58286 8.1 0.31% 1 0 2026-07-07T04:17:55.037000 Improper access control in Microsoft Edge (Chromium-based) allows an unauthorize
CVE-2026-43865 8.1 0.80% 1 0 2026-07-06T21:30:36 Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast compon
CVE-2026-22555 8.1 0.30% 1 0 2026-07-06T21:16:54.240000 Gitea versions before 1.26.0 allow API users to fork a repository into an organi
CVE-2025-71347 8.1 0.45% 1 0 2026-07-06T21:16:52.797000 picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py
CVE-2026-55075 7.4 0.48% 1 0 2026-07-06T20:52:16 ### Summary Two flaws in Coder's OIDC login chained into account takeover: emai
CVE-2026-14637 8.2 0.60% 1 0 2026-07-06T20:16:30.450000 A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-
CVE-2026-4967 7.5 0.40% 1 0 2026-07-06T19:46:08.807000 In IMS, there is a possible out of bounds read due to a missing bounds check. Th
CVE-2026-58282 8.1 0.31% 1 0 2026-07-06T19:17:59.803000 Improper access control in Microsoft Edge (Chromium-based) allows an unauthorize
CVE-2026-14803 6.5 0.33% 1 0 2026-07-06T19:16:59.597000 Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded r
CVE-2026-14535 8.8 0.30% 1 0 2026-07-06T18:55:20.287000 In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImports
CVE-2026-12686 0 0.31% 1 0 2026-07-06T18:41:46.210000 An authenticated user could manipulate a company ID parameter in a POST request
CVE-2026-4321 9.8 0.27% 1 0 2026-07-06T18:16:46.247000 Improper neutralization of special elements used in an SQL command ('SQL injecti
CVE-2026-12250 7.9 0.11% 1 0 2026-07-06T18:16:45.163000 Invocation of process using visible sensitive information vulnerability in TUBIT
CVE-2026-14570 7.5 0.51% 1 0 2026-07-06T18:16:45.163000 Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private
CVE-2026-14327 7.5 0.46% 1 0 2026-07-06T18:02:49.450000 The AR for WordPress plugin for WordPress is vulnerable to Directory Traversal i
CVE-2026-14807 9.8 0.46% 1 0 2026-07-06T09:30:37 ERP App developed by PROG MIS has a Use of Hard-coded Credentials vulnerability,
CVE-2026-14808 9.8 0.51% 1 0 2026-07-06T09:30:37 Prog Management System developed by PROG MIS has a Exposure of Sensitive Inf
CVE-2026-59510 None 0.37% 1 0 2026-07-05T18:30:56 AIL Framework contains a path traversal vulnerability in its PDF object handling
CVE-2026-9085 8.8 0.10% 1 0 2026-07-05T15:30:34 Incorrect Permission Assignment for Critical Resource, Improper Access Control v
CVE-2026-6509 7.8 0.10% 1 0 2026-07-05T15:30:34 Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Rese
CVE-2026-59509 None 0.35% 1 0 2026-07-05T15:30:33 An unauthenticated improper input validation vulnerability in the POST /fetch_cv
CVE-2026-14751 6.3 0.20% 1 0 2026-07-05T15:30:33 A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef
CVE-2026-14738 3.7 0.21% 1 0 2026-07-05T12:30:30 A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is
CVE-2026-14721 8.8 0.45% 2 0 2026-07-05T09:30:24 A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Th
CVE-2026-14781 4.8 0.20% 1 0 2026-07-05T09:30:23 A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker inco
CVE-2026-14703 6.3 0.20% 1 0 2026-07-05T06:30:33 A vulnerability has been found in itsourcecode Hospital Management System 1.0. A
CVE-2026-14691 6.3 0.24% 1 0 2026-07-05T03:32:41 A security vulnerability has been detected in SourceCodester Multi-Vendor Online
CVE-2026-14534 8.8 0.33% 1 0 2026-07-04T15:30:24 Trail of Bits fickling versions up to and including 0.1.10 do not include the Py
CVE-2026-53360 0 0.27% 1 1 2026-07-04T12:17:01.880000 In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: R
CVE-2026-46242 7.8 0.12% 11 2 2026-07-04T12:16:57.160000 In the Linux kernel, the following vulnerability has been resolved: eventpoll:
CVE-2025-71343 8.1 0.30% 1 0 2026-07-04T03:31:09 picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib
CVE-2026-54424 8.4 0.24% 1 1 2026-07-04T03:31:08 An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hos
CVE-2025-71353 8.1 0.30% 1 0 2026-07-04T03:31:08 picklescan before 0.0.28 fails to detect malicious pickle files that exploit tor
CVE-2025-71345 8.1 0.43% 1 0 2026-07-04T03:31:08 picklescan before 0.0.30 fails to detect malicious pickle files that invoke torc
CVE-2026-56645 8.8 0.56% 1 0 2026-07-03T21:31:47 Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthor
CVE-2026-57985 7.6 0.48% 1 0 2026-07-03T21:31:47 Improper input validation in Microsoft Edge (Chromium-based) allows an unauthori
CVE-2026-58283 8.1 0.33% 1 0 2026-07-03T21:31:47 Access of resource using incompatible type ('type confusion') in Microsoft Edge
CVE-2026-58276 7.5 0.43% 1 0 2026-07-03T21:31:47 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-58290 7.5 0.25% 1 0 2026-07-03T21:31:47 Access of resource using incompatible type ('type confusion') in Microsoft Edge
CVE-2026-58288 8.3 0.44% 1 0 2026-07-03T21:31:47 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-58287 8.3 0.44% 1 0 2026-07-03T21:31:47 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-58285 8.3 0.44% 1 0 2026-07-03T21:31:47 Access of resource using incompatible type ('type confusion') in Microsoft Edge
CVE-2026-58284 8.3 0.40% 1 0 2026-07-03T21:31:47 Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized
CVE-2026-58294 7.5 0.34% 1 0 2026-07-03T21:31:47 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-58293 8.1 0.44% 1 0 2026-07-03T21:31:47 External control of file name or path in Microsoft Edge (Chromium-based) allows
CVE-2026-57975 7.5 0.43% 1 0 2026-07-03T21:31:46 Access of resource using incompatible type ('type confusion') in Microsoft Edge
CVE-2026-58295 8.3 0.37% 1 0 2026-07-03T21:31:41 Access of resource using incompatible type ('type confusion') in Microsoft Edge
CVE-2026-12481 8.8 0.40% 1 0 2026-07-03T21:31:40 A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code exe
CVE-2026-57992 7.5 0.43% 1 0 2026-07-03T21:31:40 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-57984 7.5 0.43% 1 0 2026-07-03T21:31:39 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-57983 8.7 0.46% 1 0 2026-07-03T21:31:39 Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized
CVE-2026-14544 9.8 0.51% 1 0 2026-07-03T09:31:35 A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnera
CVE-2026-14352 7.5 0.47% 1 0 2026-07-03T06:32:11 The AR for WooCommerce plugin for WordPress is vulnerable to Directory Traversal
CVE-2026-9725 9.1 0.74% 1 0 2026-07-03T06:32:11 The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress
CVE-2026-13768 10.0 0.56% 1 1 2026-07-03T00:32:02 Gardyn devices expose a privileged iothubowner key. Access to this key will allo
CVE-2026-13368 None 0.65% 1 0 2026-07-03T00:31:57 WatchGuard Fireware OS contains a race condition leading to a use-after-free vul
CVE-2026-41106 9.3 0.53% 1 0 2026-07-03T00:31:53 Url redirection to untrusted site ('open redirect') in M365 Copilot allows an un
CVE-2026-57517 9.8 0.59% 1 1 2026-07-02T20:17:04.450000 Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability
CVE-2026-13773 6.0 3.42% 1 0 2026-07-02T18:26:29.023000 IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 Approximately 50 generated C
CVE-2026-50746 10.0 0.83% 3 0 2026-07-02T15:32:12 A malicious actor with access to the network could exploit an Improper Access Co
CVE-2026-10104 4.4 0.26% 1 1 2026-07-02T12:31:02 The Product Video Gallery for Woocommerce plugin for WordPress is vulnerable to
CVE-2026-43503 8.8 0.14% 1 8 2026-07-02T12:17:20.070000 In the Linux kernel, the following vulnerability has been resolved: net: skbuff
CVE-2026-45659 8.8 3.22% 2 4 2026-07-02T12:16:47.143000 Deserialization of untrusted data in Microsoft Office SharePoint allows an autho
CVE-2026-58457 9.8 1.67% 1 0 2026-07-01T21:36:26 Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) contains an unauthenti
CVE-2026-10539 9.0 0.24% 1 0 2026-07-01T19:59:44.537000 A Control-M/Server communication command does not sufficiently filter or sanitiz
CVE-2026-58452 8.8 2.42% 1 0 2026-07-01T18:32:05 JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an
CVE-2026-58453 9.8 1.69% 1 0 2026-07-01T18:32:04 JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a h
CVE-2026-20191 7.5 0.76% 1 0 2026-07-01T18:31:59 A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote
CVE-2026-56413 10.0 3.08% 1 0 2026-07-01T18:17:31.553000 Storage Concentrator (SC & SCVM) contains a command injection vulnerability in t
CVE-2026-8451 7.5 0.50% 3 5 2026-07-01T15:52:58.800000 Insufficient input validation inΒ NetScaler ADC and NetScaler GatewayΒ leading to
CVE-2026-6688 7.6 0.21% 1 0 2026-07-01T15:35:28 FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern assoc
CVE-2026-13602 None 0.24% 1 0 2026-07-01T15:35:27 We found a chain of combining multiple weaknesses in the product that could allo
CVE-2026-6682 7.6 0.21% 1 0 2026-07-01T15:35:27 In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume
CVE-2026-56415 10.0 3.07% 1 0 2026-07-01T00:34:43 Storage Concentrator (SC & SCVM) contains a command injection vulnerability with
CVE-2026-56700 9.8 1.68% 1 0 2026-07-01T00:34:43 Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. T
CVE-2026-11712 9.3 0.22% 1 0 2026-06-30T21:31:52 IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site script
CVE-2026-8037 9.6 29.64% 1 1 template 2026-06-30T15:30:32 OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC
CVE-2026-8631 9.8 1.33% 1 0 2026-06-30T03:36:46 A potential security vulnerability has been identified in the HP Linux Imaging a
CVE-2026-23111 7.8 0.34% 1 8 2026-06-30T03:36:36 In the Linux kernel, the following vulnerability has been resolved: netfilter:
CVE-2026-56782 9.8 3.02% 1 2 template 2026-06-29T20:17:39.907000 Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/
CVE-2026-13545 8.8 2.71% 1 0 2026-06-29T09:30:32 A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the func
CVE-2026-50548 9.8 0.64% 1 0 2026-06-26T16:51:25.290000 Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs
CVE-2026-57589 7.4 0.12% 13 0 2026-06-26T05:16:31.673000 sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local p
CVE-2026-53111 None 0.18% 1 0 2026-06-24T18:32:50 In the Linux kernel, the following vulnerability has been resolved: bpf: test_r
CVE-2026-39999 9.1 0.39% 1 0 2026-06-23T15:32:31 Authentication Bypass by Spoofing vulnerability in Apache APISIX. The attacker
CVE-2026-20181 9.1 0.75% 1 0 2026-06-17T18:36:07 A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote at
CVE-2026-20190 7.5 0.41% 1 0 2026-06-17T18:36:07 A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote
CVE-2026-28737 8.7 0.34% 1 0 2026-06-17T18:10:20 ## Summary Me again. Gitea's built-in 3D file viewer (powered by Online3DViewe
CVE-2026-26128 7.8 0.45% 1 2 2026-06-17T10:25:46.367000 Improper authentication in Windows SMB Server allows an authorized attacker to e
CVE-2024-30326 7.8 0.91% 2 0 2026-06-17T07:26:44.557000 Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability.
CVE-2024-26582 7.8 0.25% 1 0 2026-06-17T07:17:49.183000 In the Linux kernel, the following vulnerability has been resolved: net: tls: f
CVE-2026-26231 8.5 0.29% 1 0 2026-06-16T23:41:03 ## Summary Any authenticated low-privilege user with read access to a repositor
CVE-2026-28699 8.1 0.57% 1 1 2026-06-16T23:40:35 ### Summary Gitea fails to enforce OAuth2 access token scopes when the token is
CVE-2026-28744 8.1 0.34% 1 0 2026-06-16T23:38:13 ### Summary Gitea v1.26.1 enforces repository-scoped access-token permissions on
CVE-2026-48062 9.8 0.00% 1 0 2026-06-11T17:16:09 ### Impact The `ext_in` upload validation rule checked the MIME-derived guessed
CVE-2026-43456 7.8 0.16% 2 0 2026-05-20T18:32:38 In the Linux kernel, the following vulnerability has been resolved: bonding: fi
CVE-2026-33112 8.8 2.11% 1 0 2026-05-12T18:30:49 Deserialization of untrusted data in Microsoft Office SharePoint allows an autho
CVE-2025-3248 None 99.97% 4 27 template 2025-11-05T20:12:46 Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v
CVE-2026-45367 0 0.00% 1 0 N/A
CVE-2026-45309 0 0.00% 1 0 N/A
CVE-2026-33697 0 0.06% 1 0 N/A
CVE-2026-54161 0 0.00% 1 1 N/A
CVE-2026-20896 0 0.78% 4 3 N/A
CVE-2026-14380 0 0.24% 1 0 N/A
CVE-2026-54234 0 0.34% 1 0 N/A
CVE-2026-57155 0 0.00% 1 0 N/A
CVE-2026-12943 0 0.00% 1 0 N/A
CVE-2026-34168 0 0.40% 1 0 N/A
CVE-2026-34152 0 0.37% 1 0 N/A
CVE-2026-42200 0 0.54% 1 0 N/A
CVE-2026-34158 0 0.36% 1 0 N/A
CVE-2026-54060 0 0.36% 1 0 N/A
CVE-2026-34037 0 0.25% 1 0 N/A
CVE-2026-12184 0 0.00% 1 0 N/A
CVE-2026-14355 0 0.28% 1 0 N/A
CVE-2026-49429 0 0.00% 1 0 N/A
CVE-2026-49422 0 0.00% 1 0 N/A
CVE-2026-49420 0 0.00% 1 0 N/A
CVE-2026-52747 0 0.00% 1 0 N/A
CVE-2026-27771 0 40.74% 2 2 template N/A
CVE-2026-10054 0 0.16% 1 0 N/A
CVE-2026-22874 0 0.46% 1 2 N/A
CVE-2026-58426 0 0.18% 1 0 N/A
CVE-2026-58424 0 0.20% 1 0 N/A
CVE-2026-58423 0 0.31% 1 0 N/A

CVE-2026-43499
(7.8 HIGH)

EPSS: 0.12%

updated 2026-07-08T23:16:54.523000

3 posts

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in remove_waiter() remove_waiter() is used by the slowlock paths, but it is also used for proxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from futex_requeue(). In the latter case waiter::task is not current, but remove_waiter() operates on current for the dequeue oper

2 repos

https://github.com/MobiusM/CVE-2026-43499

https://github.com/HORKimhab/CVE-2026-43499

jschauma@mstdn.social at 2026-07-08T20:49:14.000Z ##

Here's your weekly batch of Linux local privilege escalation vulnerabilities:

CVE-2026-43499 "GhostLock"
nebusec.ai/research/ionstack-p

CVE-2026-46242 "Bad Epoll"
github.com/J-jaeyoung/bad-epoll

Enjoy! ✌️

##

jschauma@mstdn.social at 2026-07-08T20:49:14.000Z ##

Here's your weekly batch of Linux local privilege escalation vulnerabilities:

CVE-2026-43499 "GhostLock"
nebusec.ai/research/ionstack-p

CVE-2026-46242 "Bad Epoll"
github.com/J-jaeyoung/bad-epoll

Enjoy! ✌️

##

DailyCyberSecurity@infosec.exchange at 2026-07-08T02:15:10.000Z ##

Researchers disclosed GhostLock (CVE-2026-43499) with public PoC code. The 15-year Linux kernel bug enables privilege escalation and container escape.

#GhostLock #CVE202643499 #LinuxKernel #PrivilegeEscalation #ContainerEscape #InfoSec

securityonline.info/ghostlock-

##

CVE-2026-14896
(4.2 MEDIUM)

EPSS: 0.00%

updated 2026-07-08T21:30:37

1 posts

HashiCorp Nomad and Nomad Enterprise are vulnerable to a cross-namespace authorization bypass in the dynamic host volumes feature that may allow an operator holding the host volume delete permission in one namespace to delete a sticky volume claim belonging to a job in another namespace. This vulnerability, CVE-2026-14896, is fixed in Nomad Community Edition 2.0.4 and Nomad Enterprise 2.0.4, 1.11.

selfhost_discovery@mastodon.social at 2026-07-08T19:40:00.000Z ##

πŸš€ New release Β· Nomad ent-changelog-1.11.8

SECURITY:
β€’ docker: Enforce allowed_modes or allow_privileged requirement to set host namespace modes in task. This is CVE-2026-14891. [GH-28190]
β€’ docker: Fixed a bug where docker tasks could use a symlink to bypass the plugin configuration for volumes.enabled=false. This is CVE-2026-14896. [GH-28177]
β€’ dynamic host volumes: Fixed a bug where users with ho...

Check and self-host it β†’ selfhost.directory/project/nom

##

CVE-2026-14891
(8.7 HIGH)

EPSS: 0.00%

updated 2026-07-08T21:30:37

1 posts

HashiCorp Nomad and Nomad Enterprise are vulnerable to a sandbox escape in the Docker task driver that may allow a job submitter to bind-mount a host path into a container even when volume bind mounts are disabled, potentially leading to reading and writing files on the host. This vulnerability, CVE-2026-14891, is fixed in Nomad Community Edition 2.0.4 and Nomad Enterprise 2.0.4, 1.11.8, and 1.10.

selfhost_discovery@mastodon.social at 2026-07-08T19:40:00.000Z ##

πŸš€ New release Β· Nomad ent-changelog-1.11.8

SECURITY:
β€’ docker: Enforce allowed_modes or allow_privileged requirement to set host namespace modes in task. This is CVE-2026-14891. [GH-28190]
β€’ docker: Fixed a bug where docker tasks could use a symlink to bypass the plugin configuration for volumes.enabled=false. This is CVE-2026-14896. [GH-28177]
β€’ dynamic host volumes: Fixed a bug where users with ho...

Check and self-host it β†’ selfhost.directory/project/nom

##

CVE-2026-0288(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-07-08T21:30:37

2 posts

Multiple buffer overflow vulnerabilities in the User-ID Terminal Server Agent (TSA) component of Palo Alto Networks PAN-OS software allow an unauthenticated attacker with network access to cause a denial of service (DoS) condition or potentially execute arbitrary code by sending specially crafted network traffic. The security risk posed by this issue is minimized when the User-ID Terminal Server

AAKL at 2026-07-08T16:15:21.222Z ##

Broadcom has a long list of advisories today, addressing at least two critical vulnerabilities support.broadcom.com/web/ecx/s

Palo Alto:

CRITICAL: CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent security.paloaltonetworks.com/

Dell: Security Update for Dell Networking Products for Multiple Vulnerabilities dell.com/support/kbdoc/en-us/0

##

AAKL@infosec.exchange at 2026-07-08T16:15:21.000Z ##

Broadcom has a long list of advisories today, addressing at least two critical vulnerabilities support.broadcom.com/web/ecx/s

Palo Alto:

CRITICAL: CVE-2026-0288 PAN-OS: Buffer Overflow Vulnerabilities in User-ID Terminal Server Agent security.paloaltonetworks.com/

Dell: Security Update for Dell Networking Products for Multiple Vulnerabilities dell.com/support/kbdoc/en-us/0 #Broascom #infosec #vulnerability #Dell #Intel

##

CVE-2026-6896
(8.7 HIGH)

EPSS: 0.00%

updated 2026-07-08T21:16:55.097000

2 posts

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to execute arbitrary scripts in another user's browser session due to improper sanitization of user-supplied input.

thehackerwire@mastodon.social at 2026-07-08T22:00:32.000Z ##

🟠 CVE-2026-6896 - High (8.7)

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to exec...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-08T22:00:32.000Z ##

🟠 CVE-2026-6896 - High (8.7)

GitLab has remediated an issue in GitLab EE affecting all versions from 13.11 before 18.11.7, 19.0 before 19.0.4, and 19.1 before 19.1.2 that under certain conditions could have allowed an authenticated user with developer-role permissions to exec...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-60105
(8.6 HIGH)

EPSS: 0.00%

updated 2026-07-08T21:16:54.813000

2 posts

Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in the fetchRemoteFile action caused by an incomplete IP blocklist check in the isBlockedIP() function, which fails to detect embedded IPv4 addresses within IPv4-mapped IPv6 addresses. An unauthenticated attacker can obtain a CSRF token from the public getSystemVars endpoint and submit a fetchRemoteFile request with a so

thehackerwire@mastodon.social at 2026-07-08T22:00:53.000Z ##

🟠 CVE-2026-60105 - High (8.6)

Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in the fetchRemoteFile action caused by an incomplete IP blocklist check in the isBlockedIP() function, which fails to detect embedded IPv4 addresses within IPv4-mapped ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-08T22:00:53.000Z ##

🟠 CVE-2026-60105 - High (8.6)

Monsta FTP before 2.14.5 contains a server-side request forgery vulnerability in the fetchRemoteFile action caused by an incomplete IP blocklist check in the isBlockedIP() function, which fails to detect embedded IPv4 addresses within IPv4-mapped ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58525
(8.2 HIGH)

EPSS: 0.00%

updated 2026-07-08T21:16:54.300000

2 posts

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

thehackerwire@mastodon.social at 2026-07-08T22:00:43.000Z ##

🟠 CVE-2026-58525 - High (8.2)

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-08T22:00:43.000Z ##

🟠 CVE-2026-58525 - High (8.2)

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58210
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-08T20:16:53.950000

1 posts

NATS Server is a high-performance server for NATS.io, the cloud and edge native messaging system. Prior to 2.14.3 and 2.12.12, an unauthenticated MQTT client could cause the server to retain large incomplete MQTT CONNECT packets before authentication completed, consuming server memory while the parser waited for the advertised MQTT packet length. This issue is fixed in versions 2.14.3 and 2.12.12.

hugovalters@mastodon.social at 2026-07-08T23:10:30.000Z ##

CVE-2026-58210 - High severity supply chain risk in Nats Server. Unauthenticated MQTT clients can exhaust memory via incomplete CONNECT packets. CVSS 7.5. Update to 2.14.3 or 2.12.12 immediately. #CVE #Nats #infosec

valtersit.com/cve/CVE-2026-582

##

CVE-2026-53481
(9.8 CRITICAL)

EPSS: 0.63%

updated 2026-07-08T19:57:35.883000

1 posts

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vuln

offseq@infosec.exchange at 2026-07-07T13:30:28.000Z ##

Dell PowerProtect Data Domain is affected by CRITICAL path traversal (CVE-2026-53481, CVSS 9.8). Remote, unauthenticated attackers can gain full system control. No patch yet β€” monitor Dell advisories. radar.offseq.com/threat/cve-20 #OffSeq #Dell #CVE202653481 #infosec

##

CVE-2026-33264
(9.8 CRITICAL)

EPSS: 1.09%

updated 2026-07-08T19:37:10.507000

1 posts

A bug in `BaseSerialization.deserialize()` allowed unrestricted `import_string()` of attacker-controlled class paths when the Scheduler / API Server loaded a serialized DAG: a DAG author could embed a malicious trigger into a DAG to gain remote code execution on the API Server / Scheduler process, crossing the Airflow security boundary that DAG-author code must never execute in those processes. Us

offseq@infosec.exchange at 2026-07-07T10:30:25.000Z ##

CVE-2026-33264: Apache Airflow <3.3.0 has a CRITICAL deserialization flaw. DAG authors can trigger remote code execution on Scheduler/API Server. Upgrade to 3.3.0+ and restrict allowed_deserialization_classes. Details: radar.offseq.com/threat/cve-20 #OffSeq #Airflow #Infosec #CVE202633264

##

CVE-2026-11405
(9.8 CRITICAL)

EPSS: 0.24%

updated 2026-07-08T15:32:52

5 posts

The web server binary /bin/httpd contains a hidden backdoor authentication mechanism in the login() function at 004c88b8. - The function contains a normal authentication path using MD5/hash-based password verification (prod_encode64/PasswordToMd5/check_rand_key). - After normal authentication fails, it calls GetValue("sys.rzadmin.password") to read a backdoor password from the device configuratio

1 repos

https://github.com/HORKimhab/CVE-2026-11405

tomshardware@mastodon.online at 2026-07-08T15:49:05.000Z ##

Hidden backdoor in Tenda routers goes unpatched as company ignores warnings from cybersecurity researchers β€” Chinese company's firmware allows admin access without a password

CERT/CC has disclosed a critical authentication backdoor affecting multiple Tenda router firmware versions. Tracked as CVE-2026-11405, the flaw grants full administrator access without valid credentials, and no vendor patch is currently available after CERT failed to reach Tenda.
#hardware
tomshardware.com/tech-industry

##

tomshardware@mastodon.online at 2026-07-08T15:49:05.000Z ##

Hidden backdoor in Tenda routers goes unpatched as company ignores warnings from cybersecurity researchers β€” Chinese company's firmware allows admin access without a password

CERT/CC has disclosed a critical authentication backdoor affecting multiple Tenda router firmware versions. Tracked as CVE-2026-11405, the flaw grants full administrator access without valid credentials, and no vendor patch is currently available after CERT failed to reach Tenda.
#hardware
tomshardware.com/tech-industry

##

jt_rebelo@ciberlandia.pt at 2026-07-07T19:52:06.000Z ##

@tugatech Γ© preciso avisar as pessoas disto: discourse.ifin.network/t/cve-2

##

DarkWebInformer@infosec.exchange at 2026-07-07T15:04:21.000Z ##

‼️ New Dark Web Informer Blog Post!

Title: When the Password Check Fails, You're In: The Hidden Admin Backdoor in Tenda Router Firmware (CVE-2026-11405)

Link: darkwebinformer.com/when-the-p

##

DailyCyberSecurity@infosec.exchange at 2026-07-07T04:32:10.000Z ##

CVE-2026-11405 is a Tenda authentication backdoor. It allows full administrative access without valid credentials. Protect your network with these steps.

#CVE202611405 #Tenda #AuthenticationBackdoor #CyberSecurity #RouterSecurity

securityonline.info/cve-2026-1

##

CVE-2026-58480
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-07-08T15:28:15.630000

1 posts

Blocksy Companion Pro plugin for WordPress before 2.1.47 contains an unauthenticated arbitrary file upload vulnerability that allows attackers to upload executable files by bypassing extension validation in the save_attachments function exposed through the Advanced Reviews feature. Attackers can exploit the Custom Fonts extension's flawed strpos() substring check by uploading double-extension file

offseq@infosec.exchange at 2026-07-08T13:30:31.000Z ##

Blocksy Companion Pro <2.1.47 has a CRITICAL unauthenticated file upload flaw (CVE-2026-58480). Attackers can bypass extension checks and achieve remote code execution via crafted filenames. Patch ASAP. radar.offseq.com/threat/cve-20 #OffSeq #CVE202658480 #WordPress #Vuln

##

CVE-2026-58473
(9.1 CRITICAL)

EPSS: 0.37%

updated 2026-07-08T15:16:31.800000

1 posts

Cognee before 1.2.0 contains an improper access control vulnerability that allows unauthenticated attackers to overwrite the global LLM provider configuration by self-registering an account and calling the settings endpoint, which performs no admin or superuser check. Attackers can redirect all LLM operations instance-wide to an attacker-controlled endpoint by exploiting the process-wide singleton

offseq@infosec.exchange at 2026-07-08T03:00:25.000Z ##

topoteretes cognee (<1.2.0) is affected by CVE-2026-58473 (CRITICAL, CVSS 9.3): improper access control lets unauth attackers overwrite LLM provider config & exfiltrate sensitive data. Restrict endpoint, monitor configs. radar.offseq.com/threat/cve-20 #OffSeq #CVE #Infosec

##

CVE-2026-12378
(8.1 HIGH)

EPSS: 0.23%

updated 2026-07-08T14:56:35.950000

1 posts

The Appointment Booking Calendar Plugin and Scheduling Plugin WordPress plugin through 1.1.28 does not validate data before passing it to a PHP deserialization function, allowing unauthenticated attackers to inject arbitrary PHP objects; where a suitable gadget chain is present on the site this can be leveraged to achieve remote code execution.

offseq@infosec.exchange at 2026-07-08T07:30:31.000Z ##

CRITICAL: CVE-2026-12378 β€” Deserialization of untrusted data in Appointment Booking Calendar & Scheduling Plugins (<=1.1.28) for WordPress. Unauthenticated attackers may achieve RCE. Restrict plugin use & monitor for patches. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Vuln #RCE

##

CVE-2026-48908
(9.8 CRITICAL)

EPSS: 1.43%

updated 2026-07-08T13:57:42.590000

4 posts

A vulnerability in SP Page Builder for Joomla allows unauthenticated users to upload arbitrary files, ultimately resulting in the upload and execution of PHP code.

7 repos

https://github.com/bayu06802/CVE-2026-48908

https://github.com/Jenderal92/CVE-2026-48908

https://github.com/ayiezola/CVE-2026-48908

https://github.com/papageo75/CVE-2026-48908-PoC

https://github.com/gagaltotal/CVE-2026-48908-SP-Page-Builder-Joomla

https://github.com/webshellseo8/CVE-2026-48908-POC

https://github.com/0xBlackash/CVE-2026-48908

offseq@infosec.exchange at 2026-07-08T12:00:26.000Z ##

CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), & Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution & backdoors. Patch ASAP! radar.offseq.com/threat/cisa-u #OffSeq #CyberSec #CVE

##

secdb@infosec.exchange at 2026-07-07T19:00:12.000Z ##

🚨 [CISA-2026:0707] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-48908 (secdb.nttzen.cloud/cve/detail/)
- Name: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s β€œForensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: JoomShaper
- Product: SP Page Builder
- Notes: extensions.joomla.org/extensio ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-55255 (secdb.nttzen.cloud/cve/detail/)
- Name: Langflow Authorization Bypass Through User-Controlled Key Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s β€œForensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: github.com/langflow-ai/langflo ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-56290 (secdb.nttzen.cloud/cve/detail/)
- Name: Joomlack Page Builder Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s β€œForensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Joomlack
- Product: Page Builder
- Notes: joomlack.fr/en/joomla-extensio ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260707 #cisa20260707 #cve_2026_48908 #cve_2026_55255 #cve_2026_56290 #cve202648908 #cve202655255 #cve202656290

##

cisakevtracker@mastodon.social at 2026-07-07T18:00:49.000Z ##

CVE ID: CVE-2026-48908
Vendor: JoomShaper
Product: SP Page Builder
Date Added: 2026-07-07
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

AAKL@infosec.exchange at 2026-07-07T17:33:09.000Z ##

CISA has updated the KEV catalogue.

- CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability cve.org/CVERecord?id=CVE-2026-

Several industrial vulnerabilities: cisa.gov/ #infosec #vulnerability #CISA

##

CVE-2026-9695
(9.8 CRITICAL)

EPSS: 0.33%

updated 2026-07-08T09:31:48

1 posts

An Improper Authentication vulnerability affecting DELMIA Apriso from Release 2020 through Release 2026 could allow an attacker to gain privileged access to the server.

offseq@infosec.exchange at 2026-07-08T10:30:27.000Z ##

CVE-2026-9695: CRITICAL improper authentication vuln in DELMIA Apriso (2020 – 2026). Allows unauthenticated privileged access β€” no patch yet. Restrict server access & monitor for anomalies. Details: radar.offseq.com/threat/cve-20 #OffSeq #CVE20269695 #SCADA #Infosec

##

CVE-2026-53359
(0 None)

EPSS: 0.18%

updated 2026-07-08T05:16:27.990000

12 posts

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad ("KVM: x86: Fix shadow paging use-after-free due to unexpected GFN") fixed a shadow paging mismatch between stored and computed GFNs; the bug could be triggered by changing a PDE mapping from outside the guest, and then deleting a memslot. Th

4 repos

https://github.com/HORKimhab/CVE-2026-53359

https://github.com/chuzhongyun/CVE-2026-53359-Kernel-Fix

https://github.com/0xBlackash/CVE-2026-53359

https://github.com/Aoripus-LTD/Januscape-Hotfix

DailyCyberSecurity@infosec.exchange at 2026-07-08T13:01:00.000Z ##

Januscape CVE-2026-53359 KVM Vulnerability

meterpreter.org/januscape-cve-

##

oversecurity@mastodon.social at 2026-07-08T07:21:41.000Z ##

Januscape Flaw in Linux KVM’s MMU Code Enables VM Escape on Intel and AMD

A newly disclosed Linux kernel vulnerability, CVE-2026-53359, dubbed Januscape, has exposed a critical weakness in the Linux Kernel-based Virtual...

πŸ”—οΈ [Thecyberexpress] link.is.it/a1LDMj

##

obivan@infosec.exchange at 2026-07-07T13:21:38.000Z ##

Januscape (CVE-2026-53359) Guest-to-Host Escape in KVM/x86 github.com/V4bel/Januscape

##

hn100@social.lansky.name at 2026-07-07T07:30:09.000Z ##

Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359]

Link: github.com/V4bel/Januscape
Discussion: news.ycombinator.com/item?id=4

##

threatnoir@infosec.exchange at 2026-07-07T00:05:46.000Z ##

⚠️ CRITICAL: 16-Year-Old Linux KVM Flaw Lets Guest VMs Escape to Host on Intel and AMD x86 Systems

A 16-year-old use-after-free vulnerability in Linux KVM (CVE-2026-53359) allows guest VMs to escape to the host kernel and potentially achieve full code execution on Intel and AMD x86 systems. Exploitation requires root inside the guest and nested virtualization enabled. An unreleased exploit repor…

threatnoir.com/focus

#infosec #cybersecurity

##

hn50@social.lansky.name at 2026-07-06T20:55:07.000Z ##

Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359]

Link: github.com/V4bel/Januscape
Discussion: news.ycombinator.com/item?id=4

##

hnbot@chrispelli.fun at 2026-07-06T19:19:38.000Z ##

Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359] - github.com/V4bel/Januscape

#hackernews

##

h4ckernews@mastodon.social at 2026-07-06T19:18:18.000Z ##

Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359]

github.com/V4bel/Januscape

Comments: news.ycombinator.com/item?id=4

#HackerNews #Januscape #KVM #CVE-2026-53359 #virtualization #security #exploits

##

CuratedHackerNews@mastodon.social at 2026-07-06T18:31:06.000Z ##

Januscape: Guest-to-Host Escape in KVM/x86 [CVE-2026-53359]

github.com/V4bel/Januscape

#github

##

DarkWebInformer@infosec.exchange at 2026-07-06T17:32:17.000Z ##

‼️ New Dark Web Informer Blog Post!

Title: A Long-Lived KVM Bug Resurfaces: Shadow Paging Use-After-Free in the Linux Kernel (CVE-2026-53359)

Link: darkwebinformer.com/a-long-liv

##

DailyCyberSecurity@infosec.exchange at 2026-07-06T17:06:28.000Z ##

Researchers disclosed a PoC for the Januscape KVM escape (CVE-2026-53359). This use-after-free KVM bug impacts public clouds, allowing host panics and LPE.

#Januscape #KVMEscape #CVE202653359 #CyberSecurity #0day

securityonline.info/januscape-

##

jschauma@mstdn.social at 2026-07-06T16:40:17.000Z ##

Oh, goodie. KVM Guest-to-Host escape

"Januscape (CVE-2026-53359)" -- github.com/V4bel/Januscape

openwall.com/lists/oss-securit

##

CVE-2026-60002
(7.7 HIGH)

EPSS: 0.25%

updated 2026-07-08T03:30:33

2 posts

ssh in OpenSSH before 10.4 can have a use-after-free when a server changes its host key during a key re-exchange. (This outcome occurs only on the client side.)

DailyCyberSecurity at 2026-07-08T15:17:01.082Z ##

OpenSSH 10.4 ships eight security fixes, including a client use-after-free (CVE-2026-60002) plus SFTP and SCP path bugs. Update now.

securityonline.info/openssh-10

##

DailyCyberSecurity@infosec.exchange at 2026-07-08T15:17:01.000Z ##

OpenSSH 10.4 ships eight security fixes, including a client use-after-free (CVE-2026-60002) plus SFTP and SCP path bugs. Update now.

#OpenSSH #SSH #UseAfterFree #CVE #InfoSec #CyberSecurity

securityonline.info/openssh-10

##

CVE-2026-56843
(9.9 CRITICAL)

EPSS: 0.34%

updated 2026-07-08T03:30:33

1 posts

Incorrect authorization in the XML-RPC API of WebPros Plesk before 18.0.78.4 allows a low-privileged authenticated customer to look up domains they do not own, because ownership is enforced only for certain lookup filters and schema validation is bypassed for legacy protocol versions. This results in cross-tenant disclosure of other tenants' FTP credentials stored in cleartext, which can be levera

offseq@infosec.exchange at 2026-07-08T01:30:26.000Z ##

CVE-2026-56843 (CRITICAL, CVSS 9.9): WebPros Plesk <18.0.78.4 has insufficient auth in XML-RPC API, letting low-privileged users access other tenants’ cleartext FTP creds & run code as them. Restrict API access & monitor. radar.offseq.com/threat/cve-20 #OffSeq #Infosec #Plesk

##

CVE-2026-55255
(8.4 HIGH)

EPSS: 0.44%

updated 2026-07-07T22:14:37

4 posts

## Summary Insecure Direct Object Reference (IDOR) vulnerability in `/api/v1/responses` endpoint allows an authenticated attacker to execute any flow belonging to another user by specifying the victim's flow ID in the request. ## Details The vulnerability exists in the `get_flow_by_id_or_endpoint_name` helper function in [`src/backend/base/langflow/helpers/flow.py` (lines 399-414)](https://gith

1 repos

https://github.com/rootdirective-sec/CVE-2026-55255-Lab

offseq@infosec.exchange at 2026-07-08T12:00:26.000Z ##

CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), & Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution & backdoors. Patch ASAP! radar.offseq.com/threat/cisa-u #OffSeq #CyberSec #CVE

##

secdb@infosec.exchange at 2026-07-07T19:00:12.000Z ##

🚨 [CISA-2026:0707] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-48908 (secdb.nttzen.cloud/cve/detail/)
- Name: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s β€œForensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: JoomShaper
- Product: SP Page Builder
- Notes: extensions.joomla.org/extensio ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-55255 (secdb.nttzen.cloud/cve/detail/)
- Name: Langflow Authorization Bypass Through User-Controlled Key Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s β€œForensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: github.com/langflow-ai/langflo ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-56290 (secdb.nttzen.cloud/cve/detail/)
- Name: Joomlack Page Builder Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s β€œForensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Joomlack
- Product: Page Builder
- Notes: joomlack.fr/en/joomla-extensio ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260707 #cisa20260707 #cve_2026_48908 #cve_2026_55255 #cve_2026_56290 #cve202648908 #cve202655255 #cve202656290

##

cisakevtracker@mastodon.social at 2026-07-07T18:01:04.000Z ##

CVE ID: CVE-2026-55255
Vendor: Langflow
Product: Langflow
Date Added: 2026-07-07
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

AAKL@infosec.exchange at 2026-07-07T17:33:09.000Z ##

CISA has updated the KEV catalogue.

- CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability cve.org/CVERecord?id=CVE-2026-

Several industrial vulnerabilities: cisa.gov/ #infosec #vulnerability #CISA

##

CVE-2026-40139
(9.8 CRITICAL)

EPSS: 0.65%

updated 2026-07-07T21:32:34

1 posts

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support.Β Improper processing of authentication requests may allow an unauthenticated remote attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configuration to be enabled.

CVE-2026-48282
(10.0 CRITICAL)

EPSS: 3.20%

updated 2026-07-07T21:32:33

11 posts

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

Nuclei template

2 repos

https://github.com/imbas007/CVE-2026-48282

https://github.com/g0thamRabb1t/cve-2026-48282-coldfusion-rds-detection

Matchbook3469@mastodon.social at 2026-07-08T17:39:34.000Z ##

πŸ”΅ THREAT INTELLIGENCE

CISA Adds 4 Actively Exploited Adobe, Joomla, and Langflow Flaws to KEV

Vulnerability | CRITICAL
CVEs: CVE-2026-48282

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added four security flaws to its Known Exploited Vulnerabilities (KEV)...

Full analysis:
yazoul.net/news/article/cisa-a

#CyberSecurity #CVE #ThreatHunting

##

offseq@infosec.exchange at 2026-07-08T12:00:26.000Z ##

CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), & Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution & backdoors. Patch ASAP! radar.offseq.com/threat/cisa-u #OffSeq #CyberSec #CVE

##

youranonnewsirc@nerdculture.de at 2026-07-08T10:07:56.000Z ##

Recent events include heightened geopolitical tensions as the U.S. launched strikes on Iran following attacks in the Strait of Hormuz, pushing oil prices higher. In cybersecurity, Sysdig reported the first end-to-end AI agent ransomware attack, dubbed "JADEPUFFER." Additionally, CISA issued a warning regarding active exploitation of a critical Adobe ColdFusion vulnerability (CVE-2026-48282).

#AnonNews_irc #Cybersecurity #News

##

obivan@infosec.exchange at 2026-07-08T09:16:35.000Z ##

Poc for CVE-2026-48282, a path traversal vulnerability in Adobe ColdFusion's Remote Development Service (RDS) github.com/imbas007/CVE-2026-4

##

DarkWebInformer@infosec.exchange at 2026-07-07T22:50:22.000Z ##

🚨 CVE-2026-48282: PoC Path traversal vulnerability in Adobe ColdFusion's Remote Development Service (RDS) with a CVSS score of 10.0

GitHub: github.com/imbas007/CVE-2026-4

##

cisakevtracker@mastodon.social at 2026-07-07T20:00:45.000Z ##

CVE ID: CVE-2026-48282
Vendor: Adobe
Product: ColdFusion
Date Added: 2026-07-07
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

youranonnewsirc@nerdculture.de at 2026-07-07T16:05:23.000Z ##

Geopolitical: The NATO Summit commenced in Ankara on July 7, addressing defense spending and new air power deals. Ukraine executed long-range drone strikes on Russia's Omsk refinery on July 7. Cybersecurity: A critical Adobe ColdFusion vulnerability (CVE-2026-48282) is being actively exploited. A Linux 'Bad Epoll' root exploit (CVE-2026-46242) has also been publicly released. Technology: The UN Global Dialogue on AI Governance started July 6 in Geneva. Microsoft announced 4,800 job cuts, notably affecting its Xbox division, on July 6.

#AnonNews_irc #Cybersecurity #News

##

teezeh@ieji.de at 2026-07-07T05:19:39.000Z ##

"Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, according to vulnerability intelligence company KEVIntel.β€œ

bleepingcomputer.com/news/secu

##

DarkWebInformer@infosec.exchange at 2026-07-06T20:23:35.000Z ##

‼️ New Dark Web Informer Blog Post!

Title: Adobe ColdFusion flaw CVE-2026-48282 is now being Exploited in the Wild

Link: darkwebinformer.com/adobe-cold

##

tugatech@masto.pt at 2026-07-06T17:15:25.000Z ##

Adobe ColdFusion estΓ‘ sob ataque informΓ‘tico devido a uma vulnerabilidade classificada com o grau mΓ‘ximo de severidade, identificada como CVE-2026-48282. A plataforma de desenvolvimento web estΓ‘ a ser explorada ativamente por agentes maliciosos.

πŸ”— tugatech.com.pt/t86863-adobe-c

#adobe #ataque 

##

oversecurity@mastodon.social at 2026-07-06T14:00:54.000Z ##

Max severity Adobe ColdFusion flaw now exploited in attacks

Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, the Canadian Center for Cyber Security...

πŸ”—οΈ [Bleepingcomputer] link.is.it/dtvaMC

##

CVE-2026-56290
(9.8 CRITICAL)

EPSS: 0.74%

updated 2026-07-07T21:32:33

4 posts

The Joomla extension Page Builder CK is vulnerable to an unauthenticated arbitrary file upload that allows uploading executable files and leads to full RCE.

3 repos

https://github.com/sagsooz/PageBuilderCK-CVE-2026-56290-Exploit

https://github.com/Jenderal92/CVE-2026-56290

https://github.com/shinthink/pbck-exploit

offseq@infosec.exchange at 2026-07-08T12:00:26.000Z ##

CRITICAL vulnerabilities in Adobe ColdFusion (CVE-2026-48282), Langflow (CVE-2026-55255), Joomla SP Page Builder (CVE-2026-48908), & Page Builder CK (CVE-2026-56290) are being actively exploited for remote code execution & backdoors. Patch ASAP! radar.offseq.com/threat/cisa-u #OffSeq #CyberSec #CVE

##

secdb@infosec.exchange at 2026-07-07T19:00:12.000Z ##

🚨 [CISA-2026:0707] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-48908 (secdb.nttzen.cloud/cve/detail/)
- Name: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s β€œForensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: JoomShaper
- Product: SP Page Builder
- Notes: extensions.joomla.org/extensio ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-55255 (secdb.nttzen.cloud/cve/detail/)
- Name: Langflow Authorization Bypass Through User-Controlled Key Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s β€œForensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: github.com/langflow-ai/langflo ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-56290 (secdb.nttzen.cloud/cve/detail/)
- Name: Joomlack Page Builder Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s β€œForensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Joomlack
- Product: Page Builder
- Notes: joomlack.fr/en/joomla-extensio ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260707 #cisa20260707 #cve_2026_48908 #cve_2026_55255 #cve_2026_56290 #cve202648908 #cve202655255 #cve202656290

##

cisakevtracker@mastodon.social at 2026-07-07T18:01:20.000Z ##

CVE ID: CVE-2026-56290
Vendor: Joomlack
Product: Page Builder
Date Added: 2026-07-07
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

AAKL@infosec.exchange at 2026-07-07T17:33:09.000Z ##

CISA has updated the KEV catalogue.

- CVE-2026-56290: Joomlack Page Builder Improper Access Control Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-55255: Langflow Authorization Bypass Through User-Controlled Key Vulnerability cve.org/CVERecord?id=CVE-2026-

- CVE-2026-48908: JoomShaper SP Page Builder Unrestricted Upload of File with Dangerous Type Vulnerability cve.org/CVERecord?id=CVE-2026-

Several industrial vulnerabilities: cisa.gov/ #infosec #vulnerability #CISA

##

CVE-2026-40140
(7.5 HIGH)

EPSS: 0.56%

updated 2026-07-07T21:32:33

1 posts

BeyondTrust Remote Support and Privileged Remote Access contain a high-severity pre-authentication vulnerability in the network communication subsystem.Β Insufficient validation of client-supplied input may allow an unauthenticated remote attacker to trigger a denial-of-service condition affecting appliance availability.

CVE-2026-40138
(8.1 HIGH)

EPSS: 0.42%

updated 2026-07-07T16:16:38.780000

2 posts

A critical pre-authentication vulnerability exists in the authentication subsystem of BeyondTrust Remote Support and Privileged Remote Access. Improper validation of authentication data may allow a network-positioned attacker to bypass access controls and gain unauthorized access to the appliance, including accounts with elevated privileges. Exploitation requires a specific authentication configur

DarkWebInformer@infosec.exchange at 2026-07-06T18:45:25.000Z ##

‼️ New Dark Web Informer Blog Post!

Title: Pre-Auth Access-Control Bypass in BeyondTrust Remote Support and PRA (CVE-2026-40138)

Link: darkwebinformer.com/pre-auth-a

##

DailyCyberSecurity@infosec.exchange at 2026-07-06T17:48:43.000Z ##

BeyondTrust patched a critical pre-authentication vulnerability (CVE-2026-40138, CVE-2026-40139, CVE-2026-40140). Update Remote Support instances now.

#BeyondTrust #Vulnerability #CVE202640138 #CyberSecurity #RemoteSupport

securityonline.info/cve-2026-4

##

CVE-2026-12375
(9.8 CRITICAL)

EPSS: 0.30%

updated 2026-07-07T15:33:58

1 posts

The uncanny-automator-pro WordPress plugin before 7.3.0.6 was distributed with malicious code after the vendor's uncanny-automator-pro WordPress plugin before 7.3.0.6 update/distribution infrastructure was compromised; the injected backdoor grants unauthenticated attackers an administrator session on affected sites and beacons the site's secret keys and administrator details to attacker-controlled

offseq@infosec.exchange at 2026-07-07T12:00:28.000Z ##

CVE-2026-12375 (CRITICAL): uncanny-automator-pro v7.3.0.5 distributed with a hidden backdoor due to vendor supply chain compromise. Attackers can gain admin access & exfiltrate secrets. Remove/disable this version now. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #SupplyChain

##

CVE-2026-4375
(9.0 None)

EPSS: 0.25%

updated 2026-07-07T15:33:58

1 posts

The DoLeads Integrator WordPress plugin through 0.65, wp2epub WordPress plugin through 0.65 have been seen to be used to achieve RCE, once they are added adding to a blog, for example using a vulnerability where unclosed extensions from wordpress.org can be installed by unauthorized users.

offseq@infosec.exchange at 2026-07-07T07:30:26.000Z ##

CVE-2026-4375: CRITICAL code injection (CWE-94) in DoLeads Integrator & wp2epub WordPress plugins ≀0.65 allows RCE by unauthorized users. No patch yet β€” restrict plugin installs & monitor for changes. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #CVE20264375

##

CVE-2026-53913
(9.8 CRITICAL)

EPSS: 0.57%

updated 2026-07-07T15:33:54

1 posts

Improper Authentication, Missing Authentication for Critical Function, Not Failing Securely ('Failing Open') vulnerability in Apache Camel Keycloak Component. The KeycloakSecurityPolicy of camel-keycloak guards a route by running KeycloakSecurityProcessor.beforeProcess(), which performs three checks in sequence: it rejects a request that carries no access token, then - only if requiredRoles is no

offseq@infosec.exchange at 2026-07-06T12:00:28.000Z ##

CVE-2026-53913 | CRITICAL | Apache Camel Keycloak: Default KeycloakSecurityPolicy skips token verification, enabling unauthenticated access and possible RCE on 4.15.0 – 4.18.2 & 4.19.0 – 4.20.x. Upgrade to 4.21.0/4.18.3. radar.offseq.com/threat/cve-20 #OffSeq #ApacheCamel #CVE202653913

##

CVE-2026-42143
(8.8 HIGH)

EPSS: 0.43%

updated 2026-07-07T15:16:46.463000

1 posts

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, user-controlled persistent volume names are interpolated into shell commands executed on managed servers without escaping or validation, allowing an authenticated member to inject shell metacharacters and execute commands as root when volume operations are triggered. This is

thehackerwire@mastodon.social at 2026-07-07T06:00:56.000Z ##

🟠 CVE-2026-42143 - High (8.8)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, user-controlled persistent volume names are interpolated into shell commands executed on managed servers without escaping ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34048
(9.9 CRITICAL)

EPSS: 0.40%

updated 2026-07-07T15:16:43.953000

1 posts

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, terminal websocket bootstrap routes only check authentication and do not enforce terminal authorization, allowing a low-privileged team member to connect to terminal routes and execute commands on team servers. This issue is fixed in version 4.0.0-beta.471.

offseq@infosec.exchange at 2026-07-07T06:00:29.000Z ##

CVE-2026-34048 (CRITICAL, CVSS 9.9): improper auth in coollabsio Coolify (<4.0.0-beta.471) lets low-priv users execute commands via terminal websockets. Update to 4.0.0-beta.471 ASAP. radar.offseq.com/threat/cve-20 #OffSeq #Coolify #CVE202634048 #infosec

##

CVE-2026-57981
(8.8 HIGH)

EPSS: 0.56%

updated 2026-07-07T15:12:44.373000

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T15:00:39.000Z ##

🟠 CVE-2026-57981 - High (8.8)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58299
(7.5 HIGH)

EPSS: 0.27%

updated 2026-07-07T14:42:37.003000

1 posts

Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-04T23:00:29.000Z ##

🟠 CVE-2026-58299 - High (7.5)

Time-of-check time-of-use (toctou) race condition in Microsoft Edge for Android allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-57974
(8.8 HIGH)

EPSS: 0.56%

updated 2026-07-07T13:43:32.083000

1 posts

Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T17:59:52.000Z ##

🟠 CVE-2026-57974 - High (8.8)

Integer overflow or wraparound in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-57986
(7.5 HIGH)

EPSS: 0.43%

updated 2026-07-07T12:50:49.980000

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T17:00:21.000Z ##

🟠 CVE-2026-57986 - High (7.5)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58289
(9.0 CRITICAL)

EPSS: 0.44%

updated 2026-07-07T12:40:04.297000

1 posts

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T09:00:18.000Z ##

πŸ”΄ CVE-2026-58289 - Critical (9)

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58292
(7.5 HIGH)

EPSS: 0.28%

updated 2026-07-07T12:37:27.530000

1 posts

Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-04T21:00:45.000Z ##

🟠 CVE-2026-58292 - High (7.5)

Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14345
(9.8 CRITICAL)

EPSS: 0.74%

updated 2026-07-07T06:31:27

1 posts

The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.12.7 via the 'postData' parameter parameter. This is due to unsanitized write of attacker-controlled postData values into a PHP-includeable .log file combined with the use of include_once to render that file in wpfnl_sho

thehackerwire@mastodon.social at 2026-07-07T07:00:23.000Z ##

πŸ”΄ CVE-2026-14345 - Critical (9.8)

The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 3.12.7 via the 'postData' parameter parameter. This is due to unsan...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58286
(8.1 HIGH)

EPSS: 0.31%

updated 2026-07-07T04:17:55.037000

1 posts

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

thehackerwire@mastodon.social at 2026-07-05T02:59:59.000Z ##

🟠 CVE-2026-58286 - High (8.1)

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43865
(8.1 HIGH)

EPSS: 0.80%

updated 2026-07-06T21:30:36

1 posts

Deserialization of Untrusted Data vulnerability in Apache Camel Hazelcast component. The camel-hazelcast component creates and manages Hazelcast instances using a default configuration that applies no Java deserialization filter. When Camel builds the Hazelcast Config itself - that is, when no user-supplied HazelcastInstance, hazelcastConfigUri, or referenced Config bean is provided - neither Haz

offseq@infosec.exchange at 2026-07-06T13:30:28.000Z ##

CVE-2026-43865 (CRITICAL): Apache Camel Hazelcast component deserializes untrusted data by default, enabling RCE if attacker accesses the cluster. Patch: 4.21.0, 4.18.3, or 4.14.8. Harden configs if upgrade isn't possible. radar.offseq.com/threat/cve-20 #OffSeq #CVE #ApacheCamel

##

CVE-2026-22555
(8.1 HIGH)

EPSS: 0.30%

updated 2026-07-06T21:16:54.240000

1 posts

Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets.

thehackerwire@mastodon.social at 2026-07-05T20:00:38.000Z ##

🟠 CVE-2026-22555 - High (8.1)

Gitea versions before 1.26.0 allow API users to fork a repository into an organization without first passing the CanCreateOrgRepo check, which can expose organization secrets.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-71347
(8.1 HIGH)

EPSS: 0.45%

updated 2026-07-06T21:16:52.797000

1 posts

picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.param_eval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed undetected code in pickle files that executes during deserialization, enabling arbitrary code execution in applications loading untrusted pickle data.

thehackerwire@mastodon.social at 2026-07-04T15:01:05.000Z ##

🟠 CVE-2025-71347 - High (8.1)

picklescan before 0.0.33 fails to detect malicious pickle files using numpy.f2py.crackfortran.param_eval function in reduce methods, allowing attackers to bypass security checks. Remote attackers can embed undetected code in pickle files that exec...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-55075
(7.4 HIGH)

EPSS: 0.48%

updated 2026-07-06T20:52:16

1 posts

### Summary Two flaws in Coder's OIDC login chained into account takeover: email-based user matching fell back to linking by email without checking for an existing link to a different IdP subject and the `email_verified` claim was only enforced when present as a boolean `false` so an absent or non-boolean claim was treated as verified. ### Impact An attacker who could authenticate at the config

hugovalters@mastodon.social at 2026-07-08T17:07:54.000Z ##

CVE-2026-55075 - Authentication Bypass in Coder. OIDC login flaws enable account takeover. CVSS 7.4. Update to patched versions immediately. #CVE #Coder #infosec

valtersit.com/cve/CVE-2026-550

##

CVE-2026-14637
(8.2 HIGH)

EPSS: 0.60%

updated 2026-07-06T20:16:30.450000

1 posts

A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7. The affected element is the function getCartItems in the library application/libraries/ShoppingCart.php. The manipulation of the argument shopping_cart leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed publicly and ma

thehackerwire@mastodon.social at 2026-07-04T20:59:48.000Z ##

🟠 CVE-2026-14637 - High (8.2)

A security vulnerability has been detected in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7. The affected element is the function getCartItems in the library application/libraries/ShoppingCart.php. The ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4967
(7.5 HIGH)

EPSS: 0.40%

updated 2026-07-06T19:46:08.807000

1 posts

In IMS, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed.

thehackerwire@mastodon.social at 2026-07-05T22:59:50.000Z ##

🟠 CVE-2026-4967 - High (7.5)

In IMS, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58282
(8.1 HIGH)

EPSS: 0.31%

updated 2026-07-06T19:17:59.803000

1 posts

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

thehackerwire@mastodon.social at 2026-07-05T14:00:13.000Z ##

🟠 CVE-2026-58282 - High (8.1)

Improper access control in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14803
(6.5 MEDIUM)

EPSS: 0.33%

updated 2026-07-06T19:16:59.597000

1 posts

Mojo::JSON versions before 9.47 for Perl allow memory exhaustion via unbounded recursion in the pure-Perl decoder. The pure-Perl decode path (`_decode_value` dispatching to `_decode_array` and `_decode_object`) recurses with no depth limit, so a small deeply nested JSON document can consume excessive memory. This path is the default when Cpanel::JSON::XS is not installed or `MOJO_NO_JSON_XS=1` i

offseq@infosec.exchange at 2026-07-06T03:00:26.000Z ##

CVE-2026-14803: HIGH severity vuln in Mojo::JSON <9.47 β€” pure-Perl decoder allows uncontrolled recursion. Apps may face DoS if Cpanel::JSON::XS isn’t enabled. Install XS module or limit JSON depth. radar.offseq.com/threat/cve-20 #OffSeq #infosec #Perl #DoS

##

CVE-2026-14535
(8.8 HIGH)

EPSS: 0.30%

updated 2026-07-06T18:55:20.287000

1 posts

In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImportsML analysis pass unconditionally calls AnalysisContext.shorten_code(node) on every import node it inspects, regardless of whether the import is flagged as unsafe. This call registers the shortened code representation in the shared AnalysisContext.reported_shortened_code set. When the MLAllowlist analysis pass subsequen

thehackerwire@mastodon.social at 2026-07-04T15:00:04.000Z ##

🟠 CVE-2026-14535 - High (8.8)

In Trail of Bits fickling versions up to and including 0.1.11, the UnsafeImportsML analysis pass unconditionally calls AnalysisContext.shorten_code(node) on every import node it inspects, regardless of whether the import is flagged as unsafe. This...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-12686
(0 None)

EPSS: 0.31%

updated 2026-07-06T18:41:46.210000

1 posts

An authenticated user could manipulate a company ID parameter in a POST request to the backend to gain unauthorised access to other companies hosted within the same subdomain environment. The application does not adequately verify whether the requested company ID belongs to the authenticated user’s session, resulting in a cross-tenant authorisation bypass. If this vulnerability is successfully exp

offseq@infosec.exchange at 2026-07-06T10:30:28.000Z ##

Adiss Biloop v6.1.1: CRITICAL CVE-2026-12686 enables authenticated users to bypass authorization via manipulated company ID, exposing cross-tenant data. Monitor logs and limit exposure while awaiting patch. radar.offseq.com/threat/cve-20 #OffSeq #CVE202612686 #infosec #vuln

##

CVE-2026-4321
(9.8 CRITICAL)

EPSS: 0.27%

updated 2026-07-06T18:16:46.247000

1 posts

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows SQL Injection. This issue affects Destekz: through 02062026.Β NOTE: The vendor was contacted and it was learned that the product is not supported.

thehackerwire@mastodon.social at 2026-07-05T22:00:34.000Z ##

πŸ”΄ CVE-2026-4321 - Critical (9.8)

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows SQL Injection.

This issue affects Destekz: through 02062026. NOTE: The ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-12250
(7.9 HIGH)

EPSS: 0.11%

updated 2026-07-06T18:16:45.163000

1 posts

Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation. This issue affects Pardus Domain Joiner: from 0.5.2 before 0.5.4.

thehackerwire@mastodon.social at 2026-07-05T16:00:38.000Z ##

🟠 CVE-2026-12250 - High (7.9)

Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation.

This issue affects Pardus Domain Joiner: from 0.5.2 before 0.5.4.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14570
(7.5 HIGH)

EPSS: 0.51%

updated 2026-07-06T18:16:45.163000

1 posts

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery. "Crypt::DSA::Util::makerandom forces the high bit of every value it returns to obtain an exactly N-bit integer for prime search. The signing nonce and the private key are drawn from makerandom. Because the high bit is always set, the result is not un

offseq@infosec.exchange at 2026-07-05T03:30:25.000Z ##

CVE-2026-14570: HIGH severity in TIMLEGGE Crypt::DSA (<1.22) β€” insufficiently random values in DSA signing allow attackers to recover private keys using lattice attacks. Replace all affected keys and upgrade to 1.22+. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Perl #Crypto

##

CVE-2026-14327
(7.5 HIGH)

EPSS: 0.46%

updated 2026-07-06T18:02:49.450000

1 posts

The AR for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. Exploitation requires an attacker to first obtain a valid nonce and secure nonce via the publ

thehackerwire@mastodon.social at 2026-07-05T23:59:54.000Z ##

🟠 CVE-2026-14327 - High (7.5)

The AR for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary fi...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14807
(9.8 CRITICAL)

EPSS: 0.46%

updated 2026-07-06T09:30:37

1 posts

ERP App developed by PROG MIS has a Use of Hard-coded Credentials vulnerability, allowing unauthenticated remote attackers to log in to view application code and obtain the database account and password.

offseq@infosec.exchange at 2026-07-06T09:00:29.000Z ##

CVE-2026-14807: CRITICAL hard-coded credentials in PROG MIS ERP App allow unauthenticated remote access to source code & DB creds. No patch available β€” restrict access & monitor activity. CVSS 9.3 radar.offseq.com/threat/cve-20 #OffSeq #CVE202614807 #ERP #infosec

##

CVE-2026-14808
(9.8 CRITICAL)

EPSS: 0.51%

updated 2026-07-06T09:30:37

1 posts

Prog Management System developed by PROG MIS has a Exposure of Sensitive Information vulnerability, allowing unauthenticated remote attackers to view a specific page and obtain the database account and password.

offseq@infosec.exchange at 2026-07-06T07:30:24.000Z ##

PROG MIS Prog Management System hit with CRITICAL vuln (CVE-2026-14808): unauthenticated attackers can access DB user & password. No patch yet β€” limit access & monitor systems. Details: radar.offseq.com/threat/cve-20 #OffSeq #CVE202614808 #Vuln #InfoSec

##

CVE-2026-59510(CVSS UNKNOWN)

EPSS: 0.37%

updated 2026-07-05T18:30:56

1 posts

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.get_filepath() function constructed a file path by joining the configured PDF storage directory with a path derived from a PDF object identifier, without verifying that the resolved path remained within the intended PDF_FOLDER directory. An authentica

offseq@infosec.exchange at 2026-07-06T04:30:24.000Z ##

CVE-2026-59510: ail-framework ≀6.9.0 has a HIGH path traversal flaw πŸ—‚οΈ. Authenticated attackers can access sensitive files outside the PDF dir. Restrict PDF ops access & monitor activity. Patch when released. radar.offseq.com/threat/cve-20 #OffSeq #vulnerability #pathtraversal

##

CVE-2026-9085
(8.8 HIGH)

EPSS: 0.10%

updated 2026-07-05T15:30:34

1 posts

Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing. This issue affects Pardus-Parental-Control: from <=0.5.1 before 0.7.0.

thehackerwire@mastodon.social at 2026-07-05T16:00:25.000Z ##

🟠 CVE-2026-9085 - High (8.8)

Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing.

This issue affects Pardus-Parental-Control: from ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-6509
(7.8 HIGH)

EPSS: 0.10%

updated 2026-07-05T15:30:34

1 posts

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Privilege Escalation. This issue affects Pardus Update: from <=0.6.3 before 0.6.6.

thehackerwire@mastodon.social at 2026-07-05T16:00:15.000Z ##

🟠 CVE-2026-6509 - High (7.8)

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Privilege Escalation.

This issue affects Pardus Update: from &lt;=0.6.3 before 0.6.6.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-59509(CVSS UNKNOWN)

EPSS: 0.35%

updated 2026-07-05T15:30:33

1 posts

An unauthenticated improper input validation vulnerability in the POST /fetch_cve_data endpoint in cve-search. A remote attacker can manipulate request parameters controlling the MongoDB collection, projected fields, and regular-expression filters to read arbitrary application MongoDB collections. This can expose administrative usernames and password hashes from the mgmt_users collection, enabling

offseq@infosec.exchange at 2026-07-06T00:00:37.000Z ##

CVE-2026-59509 (CRITICAL): cve-search POST /fetch_cve_data allows unauth'd access to arbitrary MongoDB collections, exposing admin creds for offline cracking. Restrict endpoint, monitor activity, check vendor updates. radar.offseq.com/threat/ghsa-3 #OffSeq #infosec #CVE202659509

##

CVE-2026-14751
(6.3 MEDIUM)

EPSS: 0.20%

updated 2026-07-05T15:30:33

1 posts

A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notes_controller::search_scratch_data of the file application/PHP/objects/notes/search_scratch_data.php. This manipulation of the argument field_name causes sql injection. It is possible to initiate the attack remotely. The exploit has been made available to th

offseq@infosec.exchange at 2026-07-05T14:00:28.000Z ##

SQL injection (MEDIUM, CVE-2026-14751) in mjperpinosa stumasy: All versions at risk via Notes_controller::search_scratch_data. No patch yet, public exploit exists. Sanitize field_name & restrict access. Details: radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #Vulnerability #AppSec

##

CVE-2026-14738
(3.7 LOW)

EPSS: 0.21%

updated 2026-07-05T12:30:30

1 posts

A security flaw has been discovered in exo-explore exo up to 1.0.71. Affected is the function _image_cache_key of the file src/exo/worker/engines/mlx/vision.py of the component Vision Feature Cache. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. The exploitability is told to be difficult. The explo

offseq@infosec.exchange at 2026-07-05T11:00:26.000Z ##

CVE-2026-14738 (MEDIUM, CVSS 6.3) impacts exo-explore exo ≀1.0.71. Weak hash in Vision Feature Cache, remote exploit released, high complexity. Patch pending. Review deployments & monitor for updates. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #CVE202614738 #Infosec

##

CVE-2026-14721
(8.8 HIGH)

EPSS: 0.45%

updated 2026-07-05T09:30:24

2 posts

A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase_5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used.

offseq@infosec.exchange at 2026-07-05T09:30:25.000Z ##

UTT HiPER 1250GW (v3.2.7-210907-180535) hit by HIGH severity stack buffer overflow (CVE-2026-14721). Remote code execution possible via 'ssid' in /goform/ConfigWirelessBase_5g. No patch β€” restrict access. radar.offseq.com/threat/cve-20 #OffSeq #CVE #Infosec #NetSec

##

thehackerwire@mastodon.social at 2026-07-05T09:00:09.000Z ##

🟠 CVE-2026-14721 - High (8.8)

A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase_5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buff...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14781
(4.8 MEDIUM)

EPSS: 0.20%

updated 2026-07-05T09:30:23

1 posts

A flaw exists in the org.keycloak.broker.oidc package where the OIDC broker incorrectly synchronizes the email_verified claim. When an OIDC identity provider is configured with trustEmail=true and the userinfo endpoint is enabled, Keycloak retrieves the email address from the userinfo response but retrieves the email_verified status exclusively from the id_token. The root cause is a lack of valida

offseq@infosec.exchange at 2026-07-05T08:00:24.000Z ##

CVE-2026-14781 (MEDIUM): Red Hat Build of Keycloak flaw in OIDC broker email_verified claim sync. If trustEmail=true & userinfo enabled, attacker can mark emails as verified. Review config & monitor fixes. radar.offseq.com/threat/cve-20 #OffSeq #Keycloak #Vuln #IAM

##

CVE-2026-14703
(6.3 MEDIUM)

EPSS: 0.20%

updated 2026-07-05T06:30:33

1 posts

A vulnerability has been found in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /patientorder.php. Such manipulation of the argument editid leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.

offseq@infosec.exchange at 2026-07-05T05:00:24.000Z ##

SQL injection (MEDIUM severity) found in itsourcecode Hospital Management System 1.0 via 'editid' in /patientorder.php (CVE-2026-14703). No patch yet β€” enforce input validation & parameterized queries. radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #Vuln #HealthcareIT

##

CVE-2026-14691
(6.3 MEDIUM)

EPSS: 0.24%

updated 2026-07-05T03:32:41

1 posts

A security vulnerability has been detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This impacts the function update_settings_info of the file classes/SystemSettings.php of the component Setting Handler. Such manipulation of the argument content[] leads to code injection. The attack can be executed remotely. The exploit has been disclosed publicly and may be used.

offseq@infosec.exchange at 2026-07-05T02:00:26.000Z ##

CVE-2026-14691 (MEDIUM): SourceCodester Multi-Vendor Online Grocery Management System 1.0 is vulnerable to remote code injection via update_settings_info in SystemSettings.php. Exploit is public. Monitor & restrict access until fix released. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #AppSec

##

CVE-2026-14534
(8.8 HIGH)

EPSS: 0.33%

updated 2026-07-04T15:30:24

1 posts

Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard library modules _posixsubprocess, site, and atexit in the UNSAFE_IMPORTS denylist (fickle.py). Because these modules are absent from the denylist, fickling's check_safety() function returns LIKELY_SAFE with zero findings for pickle payloads that invoke dangerous functions including _posixsubprocess.fork_e

thehackerwire@mastodon.social at 2026-07-04T15:00:15.000Z ##

🟠 CVE-2026-14534 - High (8.8)

Trail of Bits fickling versions up to and including 0.1.10 do not include the Python standard library modules _posixsubprocess, site, and atexit in the UNSAFE_IMPORTS denylist (fickle.py). Because these modules are absent from the denylist, fickli...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-53360
(0 None)

EPSS: 0.27%

updated 2026-07-04T12:17:01.880000

1 posts

In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Require in-GHCB scratch area if GHCB v2+ is in use As per the GHCB spec, when using GHCB v2+ require the software scratch area to reside in the GHCB's shared buffer. Note, things like Page State Change (PSC) requests _rely_ on this behavior, as the guest can't provide a length when making the request, i.e. the size of

1 repos

https://github.com/0xCyberstan/CVE-2026-53360-POC

offseq@infosec.exchange at 2026-07-05T00:00:34.000Z ##

CVE-2026-53360: Linux kernel KVM SEV-SNP HIGH vuln allows SEV-SNP guests OOB read/write on host heap memory 🐧. Heap corruption & info leaks possible. Patch status unclear β€” avoid untrusted guests & check advisories. radar.offseq.com/threat/ghsa-4 #OffSeq #Linux #Vuln

##

CVE-2026-46242
(7.8 HIGH)

EPSS: 0.12%

updated 2026-07-04T12:16:57.160000

11 posts

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix ep_remove struct eventpoll / struct file UAF ep_remove() (via ep_remove_file()) cleared file->f_ep under file->f_lock but then kept using @file inside the critical section (is_file_epoll(), hlist_del_rcu() through the head, spin_unlock). A concurrent __fput() taking the eventpoll_release() fastpath in that window

2 repos

https://github.com/0xBlackash/CVE-2026-46242

https://github.com/SaithFranklinB/ScannerBadEpoll

jschauma@mstdn.social at 2026-07-08T20:49:14.000Z ##

Here's your weekly batch of Linux local privilege escalation vulnerabilities:

CVE-2026-43499 "GhostLock"
nebusec.ai/research/ionstack-p

CVE-2026-46242 "Bad Epoll"
github.com/J-jaeyoung/bad-epoll

Enjoy! ✌️

##

jschauma@mstdn.social at 2026-07-08T20:49:14.000Z ##

Here's your weekly batch of Linux local privilege escalation vulnerabilities:

CVE-2026-43499 "GhostLock"
nebusec.ai/research/ionstack-p

CVE-2026-46242 "Bad Epoll"
github.com/J-jaeyoung/bad-epoll

Enjoy! ✌️

##

netsecio@mastodon.social at 2026-07-08T14:52:58.000Z ##

πŸ“° New 'Bad Epoll' Linux Kernel Zero-Day (CVE-2026-46242) Grants Full Root Access

🚨 CRITICAL ZERO-DAY: 'Bad Epoll' (CVE-2026-46242) in Linux Kernel allows any local user to gain full root access. The use-after-free bug affects servers, desktops & Android. PoC exists. Patch immediately! 🐧πŸ’₯ #Linux #CyberSecurity #ZeroDay #Infosec

🌐 cyber[.]netsecops[.]io

πŸ”— cyber.netsecops.io/articles/ba

##

youranonnewsirc@nerdculture.de at 2026-07-07T16:05:23.000Z ##

Geopolitical: The NATO Summit commenced in Ankara on July 7, addressing defense spending and new air power deals. Ukraine executed long-range drone strikes on Russia's Omsk refinery on July 7. Cybersecurity: A critical Adobe ColdFusion vulnerability (CVE-2026-48282) is being actively exploited. A Linux 'Bad Epoll' root exploit (CVE-2026-46242) has also been publicly released. Technology: The UN Global Dialogue on AI Governance started July 6 in Geneva. Microsoft announced 4,800 job cuts, notably affecting its Xbox division, on July 6.

#AnonNews_irc #Cybersecurity #News

##

threatnoir@infosec.exchange at 2026-07-07T01:05:15.000Z ##

⚠️ CRITICAL: Proof-of-Concept Exploit Released for Linux β€˜Bad Epoll’ Root Access Vulnerability

A public proof-of-concept exploit is now available for CVE-2026-46242, a race-condition use-after-free bug in the Linux kernel epoll facility that allows unprivileged local processes to escalate to root. This affects kernel versions 6.4 and newer, including Android devices. Any system running vulne…

threatnoir.com/focus

#infosec #cybersecurity

##

halildeniz@mastodon.social at 2026-07-06T19:17:25.000Z ##

The new Linux kernel threat that outsmarted AI: Bad Epoll! 🚨

Discover the deep technical mechanics of CVE-2026-46242, how it escapes Chrome's sandbox to gain root, and its critical impact on Android/Linux systems. πŸ‘‡

πŸ”— denizhalil.com/2026/07/06/bad-

#linux #CyberSecurity #CVE202646242

##

netsecio@mastodon.social at 2026-07-06T15:34:17.000Z ##

πŸ“° New 'Bad Epoll' Linux Kernel Zero-Day (CVE-2026-46242) Grants Full Root Access

🚨 CRITICAL ZERO-DAY: 'Bad Epoll' (CVE-2026-46242) in Linux Kernel allows any local user to gain full root access. The use-after-free bug affects servers, desktops & Android. PoC exists. Patch immediately! 🐧πŸ’₯ #Linux #CyberSecurity #ZeroDay #Infosec

🌐 cyber[.]netsecops[.]io

πŸ”— cyber.netsecops.io/articles/ba

##

DailyCyberSecurity@infosec.exchange at 2026-07-06T07:38:43.000Z ##

A critical Bad Epoll vulnerability (CVE-2026-46242) allows local users to gain root access on Linux and Android devices. Patch your systems immediately.

#LinuxSecurity #BadEpoll #CyberSecurity #ZeroDay #CVE202646242

meterpreter.org/bad-epoll-vuln

##

youranonnewsirc@nerdculture.de at 2026-07-05T16:04:41.000Z ##

Here's a summary of the latest geopolitical, technology, and cybersecurity news:

Geopolitics: Russian President Putin and U.S. President Trump held a 90-minute call on July 4th. Russia claims to have captured Kostyantynivka in eastern Donetsk, Ukraine.
Technology: Grok 4.5 has entered private beta at SpaceX/Tesla. Meta plans to rent out its AI computing power. Micron is expanding high-bandwidth memory (HBM) production in Japan. Five Eyes alliance warns AI-fueled cyberattacks are "months away."
Cybersecurity: A critical "Bad Epoll" Linux kernel flaw (CVE-2026-46242) allows root access on Linux/Android. AI-automated JadePuffer ransomware has been detected. Lazarus Group is pushing 108 malicious packages.

#AnonNews_irc #Cybersecurity #News

##

guru@thecybersecguru.com at 2026-07-05T06:20:36.000Z ##

Bad Epoll: Inside CVE-2026-46242, the Race Condition an AI Model Read Right Past

Learn how Bad Epoll (CVE-2026-46242) enables Linux root access through an epoll race condition, why AI missed it, exploit details, impact, and mitigation

thecybersecguru.com/exploits/c

##

lobsters@mastodon.social at 2026-07-04T20:15:11.000Z ##

Bad Epoll (CVE-2026-46242) lobste.rs/s/drf6my #linux #security
github.com/J-jaeyoung/bad-epoll

##

CVE-2025-71343
(8.1 HIGH)

EPSS: 0.30%

updated 2026-07-04T03:31:09

1 posts

picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.make_label function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but executes arbitrary commands when pickle.load() is called.

thehackerwire@mastodon.social at 2026-07-04T15:00:44.000Z ##

🟠 CVE-2025-71343 - High (8.1)

picklescan before 0.0.30 fails to detect malicious pickle files that exploit lib2to3.pgen2.pgen.ParserGenerator.make_label function in the reduce method. Attackers can craft malicious pickle files with embedded code that evades detection but execu...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-54424
(8.4 HIGH)

EPSS: 0.24%

updated 2026-07-04T03:31:08

1 posts

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version isΒ Parsec for Windows version 150-104a. A user can generate a situation where there is an instance of parsecd.exe running as NT AUTHORITY\SYSTEM with a user-controlled value of the AppData environment va

1 repos

https://github.com/tomadimitrie/CVE-2026-54424

thehackerwire@mastodon.social at 2026-07-04T16:00:26.000Z ##

🟠 CVE-2026-54424 - High (8.4)

An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user ca...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-71353
(8.1 HIGH)

EPSS: 0.30%

updated 2026-07-04T03:31:08

1 posts

picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch._dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitrary commands when loaded.

thehackerwire@mastodon.social at 2026-07-04T16:00:15.000Z ##

🟠 CVE-2025-71353 - High (8.1)

picklescan before 0.0.28 fails to detect malicious pickle files that exploit torch._dynamo.guards.GuardBuilder.get function in reduce methods. Attackers can craft pickle files with embedded code that evades picklescan detection and executes arbitr...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-71345
(8.1 HIGH)

EPSS: 0.43%

updated 2026-07-04T03:31:08

1 posts

picklescan before 0.0.30 fails to detect malicious pickle files that invoke torch.utils.bottleneck.__main__.run_autograd_prof function. Attackers can embed undetected code in pickle files that executes during deserialization, enabling remote code execution.

thehackerwire@mastodon.social at 2026-07-04T15:00:54.000Z ##

🟠 CVE-2025-71345 - High (8.1)

picklescan before 0.0.30 fails to detect malicious pickle files that invoke torch.utils.bottleneck.__main__.run_autograd_prof function. Attackers can embed undetected code in pickle files that executes during deserialization, enabling remote code ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-56645
(8.8 HIGH)

EPSS: 0.56%

updated 2026-07-03T21:31:47

1 posts

Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T17:00:44.000Z ##

🟠 CVE-2026-56645 - High (8.8)

Heap-based buffer overflow in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-57985
(7.6 HIGH)

EPSS: 0.48%

updated 2026-07-03T21:31:47

1 posts

Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T16:01:36.000Z ##

🟠 CVE-2026-57985 - High (7.6)

Improper input validation in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58283
(8.1 HIGH)

EPSS: 0.33%

updated 2026-07-03T21:31:47

1 posts

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

thehackerwire@mastodon.social at 2026-07-05T15:00:19.000Z ##

🟠 CVE-2026-58283 - High (8.1)

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform spoofing over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58276
(7.5 HIGH)

EPSS: 0.43%

updated 2026-07-03T21:31:47

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T14:00:03.000Z ##

🟠 CVE-2026-58276 - High (7.5)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58290
(7.5 HIGH)

EPSS: 0.25%

updated 2026-07-03T21:31:47

1 posts

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T09:00:28.000Z ##

🟠 CVE-2026-58290 - High (7.5)

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58288
(8.3 HIGH)

EPSS: 0.44%

updated 2026-07-03T21:31:47

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T03:00:21.000Z ##

🟠 CVE-2026-58288 - High (8.3)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58287
(8.3 HIGH)

EPSS: 0.44%

updated 2026-07-03T21:31:47

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T03:00:10.000Z ##

🟠 CVE-2026-58287 - High (8.3)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58285
(8.3 HIGH)

EPSS: 0.44%

updated 2026-07-03T21:31:47

1 posts

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-04T23:00:49.000Z ##

🟠 CVE-2026-58285 - High (8.3)

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58284
(8.3 HIGH)

EPSS: 0.40%

updated 2026-07-03T21:31:47

1 posts

Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-04T23:00:39.000Z ##

🟠 CVE-2026-58284 - High (8.3)

Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58294
(7.5 HIGH)

EPSS: 0.34%

updated 2026-07-03T21:31:47

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-04T22:00:41.000Z ##

🟠 CVE-2026-58294 - High (7.5)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58293
(8.1 HIGH)

EPSS: 0.44%

updated 2026-07-03T21:31:47

1 posts

External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-04T22:00:29.000Z ##

🟠 CVE-2026-58293 - High (8.1)

External control of file name or path in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-57975
(7.5 HIGH)

EPSS: 0.43%

updated 2026-07-03T21:31:46

1 posts

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T15:00:29.000Z ##

🟠 CVE-2026-57975 - High (7.5)

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58295
(8.3 HIGH)

EPSS: 0.37%

updated 2026-07-03T21:31:41

1 posts

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

thehackerwire@mastodon.social at 2026-07-04T22:00:52.000Z ##

🟠 CVE-2026-58295 - High (8.3)

Access of resource using incompatible type ('type confusion') in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-12481
(8.8 HIGH)

EPSS: 0.40%

updated 2026-07-03T21:31:40

1 posts

A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the `Lambda` layer. Specifically, the `_raise_for_lambda_deserialization()` function fails to enforce the safe-mode guard when `safe_mode` is set to `None`, which is the default value when `from_config()` is called outside of a `SafeModeScope` context. This logic er

thehackerwire@mastodon.social at 2026-07-05T21:00:15.000Z ##

🟠 CVE-2026-12481 - High (8.8)

A vulnerability in keras-team/keras version 3.14.0 allows for arbitrary code execution due to improper handling of deserialization in the `Lambda` layer. Specifically, the `_raise_for_lambda_deserialization()` function fails to enforce the safe-mo...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-57992
(7.5 HIGH)

EPSS: 0.43%

updated 2026-07-03T21:31:40

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T13:59:53.000Z ##

🟠 CVE-2026-57992 - High (7.5)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-57984
(7.5 HIGH)

EPSS: 0.43%

updated 2026-07-03T21:31:39

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

thehackerwire@mastodon.social at 2026-07-05T16:01:25.000Z ##

🟠 CVE-2026-57984 - High (7.5)

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-57983
(8.7 HIGH)

EPSS: 0.46%

updated 2026-07-03T21:31:39

1 posts

Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

thehackerwire@mastodon.social at 2026-07-05T16:01:14.000Z ##

🟠 CVE-2026-57983 - High (8.7)

Improper authorization in Microsoft Edge (Chromium-based) allows an unauthorized attacker to bypass a security feature over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14544
(9.8 CRITICAL)

EPSS: 0.51%

updated 2026-07-03T09:31:35

1 posts

A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted print data.

thehackerwire@mastodon.social at 2026-07-05T22:00:45.000Z ##

πŸ”΄ CVE-2026-14544 - Critical (9.8)

A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14352
(7.5 HIGH)

EPSS: 0.47%

updated 2026-07-03T06:32:11

1 posts

The AR for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary files on the server, which can contain sensitive information. The three intended access controls all fail: valid nonces are freely minted by unauthentica

thehackerwire@mastodon.social at 2026-07-05T23:00:09.000Z ##

🟠 CVE-2026-14352 - High (7.5)

The AR for WooCommerce plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and including, 8.40 via the 'file' parameter parameter. This makes it possible for unauthenticated attackers to read the contents of arbitrary ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9725
(9.1 CRITICAL)

EPSS: 0.74%

updated 2026-07-03T06:32:11

1 posts

The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 2.5.2 This is due to insufficient path validation in the store_design_data() function, which constructs a filesystem path from the user-supplied 'nbd_item_key' POST parameter sanitized only with sanitize_text_field() β€” which does not strip path

thehackerwire@mastodon.social at 2026-07-05T23:00:00.000Z ##

πŸ”΄ CVE-2026-9725 - Critical (9.1)

The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 2.5.2 This is due to insufficient path validation in the store_design_data() function, whic...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-13768
(10.0 CRITICAL)

EPSS: 0.56%

updated 2026-07-03T00:32:02

1 posts

Gardyn devices expose a privileged iothubowner key. Access to this key will allow a malicious user to invoke an IoTHub Registry Manager function which returns connection information for all Gardyn Home Kit and Studio devices. Access to this key also allows a malicious user to execute arbitrary commands on a specific connected device and may allow the malicious user to pivot to other devices on the

1 repos

https://github.com/MichaelAdamGroberman/CVE-2026-13768

thehackerwire@mastodon.social at 2026-07-06T00:00:05.000Z ##

πŸ”΄ CVE-2026-13768 - Critical (10)

Gardyn devices expose a privileged iothubowner key. Access to this key will allow a malicious user to invoke an IoTHub Registry Manager function which returns connection information for all Gardyn Home Kit and Studio devices. Access to this key al...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-13368(CVSS UNKNOWN)

EPSS: 0.65%

updated 2026-07-03T00:31:57

1 posts

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that have a Mobile VPN with IKEv2 configured to use an external LDAP authentication server. This vulnerabili

beyondmachines1@infosec.exchange at 2026-07-05T08:01:07.000Z ##

WatchGuard Patches Third Critical IKEv2 RCE in Firebox Appliances

WatchGuard patched a critical pre-authentication RCE vulnerability (CVE-2026-13368) in Firebox appliances. The vulnerability allows unauthenticated attackers to gain administrative control. Legacy T15 and T35 models currently do not have a patch.

**If you use WatchGuard Firebox firewalls, read the advisory in detail. Plan a very quick update to Fireware OS 2026.2.1 or 12.12.1. If you run legacy T15/T35 models, disable external LDAP authentication for IKEv2 as a temporary fix, and if you're on version 11.x, migrate to supported hardware since no patch is coming.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-41106
(9.3 CRITICAL)

EPSS: 0.53%

updated 2026-07-03T00:31:53

1 posts

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

thehackerwire@mastodon.social at 2026-07-06T00:00:17.000Z ##

πŸ”΄ CVE-2026-41106 - Critical (9.3)

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-57517
(9.8 CRITICAL)

EPSS: 0.59%

updated 2026-07-02T20:17:04.450000

1 posts

Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability that allows unauthenticated remote attackers to execute arbitrary SQL queries by submitting unsanitized input through the userRes POST parameter at the user endpoint. Attackers can exploit MySQL root privileges obtained via the injection to write arbitrary files using INTO DUMPFILE, enabling deployment of a PHP webshe

1 repos

https://github.com/shinthink/CVE-2026-57517

tugatech@masto.pt at 2026-07-07T17:54:32.000Z ##

O Control Web Panel sofre uma falha crítica que exige atualização urgente nos servidores. A vulnerabilidade CVE-2026-57517 permite a execução remota de código sem autenticação prévia. 🚨

πŸ”— tugatech.com.pt/t86933-control

#control #falha #nos #urgente #web 

##

CVE-2026-13773
(6.0 MEDIUM)

EPSS: 3.42%

updated 2026-07-02T18:26:29.023000

1 posts

IBM WebSphere Extreme Scale 8.6.1.0 through 8.6.1.6 Approximately 50 generated CORBA stub classes in WebSphere eXtreme Scale's ogclient.jar call ORB.string_to_object() on an attacker-controlled IOR string during Java deserialization, turning any unfiltered ObjectInputStream sink in WAS into outbound IIOP SSRF to an attacker-chosen host; when chained with the IBM ORB's getUserException class-instan

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-50746
(10.0 CRITICAL)

EPSS: 0.83%

updated 2026-07-02T15:32:12

3 posts

A malicious actor with access to the network could exploit an Improper Access Control vulnerability found in UniFi Connect Application to execute a Command Injection on the host device.

jbhall56@infosec.exchange at 2026-07-08T13:01:06.000Z ##

The CVE-2026-50746 vulnerability affects UniFi Connect Application (versions 3.4.16 and earlier), a management software suite that Ubiquiti customers can use to automate and manage commercial building operations. bleepingcomputer.com/news/secu

##

offseq@infosec.exchange at 2026-07-08T09:00:29.000Z ##

CRITICAL: Ubiquiti UniFi OS hit by 7 flaws, incl. CVE-2026-50746 (command injection) in UniFi Connect ≀3.4.16. Exploitable w/ network access, no user interaction. Update to 3.4.20+ ASAP. No in-the-wild exploits yet. radar.offseq.com/threat/ubiqui #OffSeq #Ubiquiti #Infosec #CVE202650746

##

DailyCyberSecurity@infosec.exchange at 2026-07-07T13:30:36.000Z ##

Ubiquiti's UniFi security advisory 066 patches 25 flaws, including a critical command injection (CVE-2026-50746) scoring 10.0. Update your devices now.

#Ubiquiti #UniFi #UniFiOS #UniFiProtect #CommandInjection #CyberSecurity

securityonline.info/unifi-secu

##

CVE-2026-10104
(4.4 MEDIUM)

EPSS: 0.26%

updated 2026-07-02T12:31:02

1 posts

The Product Video Gallery for Woocommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom_thumbnail Parameter in all versions up to, and including, 1.5.1.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with shop manager-level access and above, to inject arbitrary web scripts in pages that will execute wh

1 repos

https://github.com/Ravi-lk/CVE-2026-10104-POC

DarkWebInformer@infosec.exchange at 2026-07-06T18:53:04.000Z ##

🚨 CVE-2026-10104 PoC published

GitHub: github.com/Ravi-lk/CVE-2026-10

A PoC is available for an authenticated stored XSS issue in Product Video Gallery for WooCommerce.

The flaw affects older versions of the WordPress plugin and can allow JavaScript execution on public product pages after a user with product-editing access injects the payload.

Fixed in 1.5.1.9.

##

CVE-2026-43503
(8.8 HIGH)

EPSS: 0.14%

updated 2026-07-02T12:17:20.070000

1 posts

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail to propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()->flags when moving frags from source to destination. __pskb_copy_fclone() defers the rest of the shinfo metadata to skb_copy_header(

8 repos

https://github.com/douglasmun/pagecache-lpe-containment-kit

https://github.com/entra1337/DirtyClone

https://github.com/sec0x/CVE-2026-43503

https://github.com/SecureWithUmer/CVE-2026-43503

https://github.com/gl1tch0x1/DirtyClone

https://github.com/aexdyhaxor/CVE-2026-43503-DirtyClone

https://github.com/mooder1/dirtyclone-CVE-2026-43503

https://github.com/0xBlackash/CVE-2026-43503

sekurakbot@mastodon.com.pl at 2026-07-07T15:08:00.000Z ##

Dirty Clone – kolejny sposΓ³b na roota pod Linuksem

Nie tak dawno pisaliśmy o serii podatności Dirty Frag występujących w większości nowoczesnych dystrybucji Linuksa. I choć mogłoby się wydawać, że deweloperzy naprawili błędy, to najnowsze badania pokazują, że problem nie został jednak wyeliminowany. W jądrze pozostała bowiem niezałatana luka, którą badacze z JFrog ochrzcili mianem Dirty Clone (CVE-2026-43503). Podobnie...

#AktualnoΕ›ci #Eskalacja #Hacking #Kernel #Linux #LocalRoot #Lpe #PageCache

sekurak.pl/dirty-clone-kolejny

##

CVE-2026-45659
(8.8 HIGH)

EPSS: 3.22%

updated 2026-07-02T12:16:47.143000

2 posts

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

4 repos

https://github.com/mistbarbarianspot/CVE-2026-45659-SharePoint-RCE

https://github.com/amnsecurity/CVE-2026-45659-SharePoint-RCE

https://github.com/HORKimhab/CVE-2026-45659

https://github.com/jenniferreire26/CVE-2026-45659

youranonnewsirc@nerdculture.de at 2026-07-05T10:04:44.000Z ##

Here's a brief on recent geopolitical, technology, and cybersecurity developments:

Geopolitically, Russia claims control of Kostyantynivka in Ukraine, and Presidents Putin and Trump discussed Ukraine ahead of the upcoming NATO summit. In technology, Amazon launched its satellite internet service to compete with Starlink, and Alibaba banned Anthropic AI usage amidst a data dispute. Cybersecurity noted a US government entity paid $1 million in a data-theft extortion, while a critical SharePoint RCE (CVE-2026-45659) is actively exploited. AI-powered phishing and scams are also targeting the World Cup 2026.

#AnonNews_irc #Cybersecurity #News

##

youranonnewsirc@nerdculture.de at 2026-07-05T04:04:45.000Z ##

Geopolitical: US-Iran talks paused for funeral (July 4-5, 2026). Ukraine's Zelenskiy and Trump discussed the Russia-Ukraine war.

Technology: SK Telecom plans a 15GW AI data center in Asia (July 5, 2026). OpenAI reportedly eyes US government equity.

Cybersecurity: CISA urged patching an actively exploited SharePoint RCE (CVE-2026-45659) by July 4, 2026. Ransomware attacks typically spike during US holidays. A Homeland Security network (HSIN) breach was reported.

#AnonNews_irc #Cybersecurity #News

##

CVE-2026-58457
(9.8 CRITICAL)

EPSS: 1.67%

updated 2026-07-01T21:36:26

1 posts

Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02) contains an unauthenticated OS command injection vulnerability that allows network-adjacent attackers to execute arbitrary shell commands by injecting unsanitized input through the smacfilter_conf handler in the commuos web backend. Attackers can append semicolon-delimited payloads to the name, enable, or mac GET parameters, which are passe

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-10539
(9.0 CRITICAL)

EPSS: 0.24%

updated 2026-07-01T19:59:44.537000

1 posts

A Control-M/Server communication command does not sufficiently filter or sanitize user-supplied input. Under certain conditions, this issue may allow an unauthenticated attacker to execute unauthorized commands on the affected server, potentially leading to compromise of the server.Β  This vulnerability affects Control-M/Server versions 9.0.20.x to 9.0.21.200 (included) and potentially earlier u

CVE-2026-58452
(8.8 HIGH)

EPSS: 2.42%

updated 2026-07-01T18:32:05

1 posts

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a string beginning with a valid MAC-like prefix followed by a semicolon and a shell payload, which bypas

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-58453
(9.8 CRITICAL)

EPSS: 1.69%

updated 2026-07-01T18:32:04

1 posts

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain a hard-coded credentials vulnerability that allows network-adjacent attackers to gain unauthorized access by using the default admin username with an empty password accepted by the anyka_ipc HTTP service on port 80. Attackers can authenticate with these hardcoded credentials to access camera snapshots, video streams, netw

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-20191
(7.5 HIGH)

EPSS: 0.76%

updated 2026-07-01T18:31:59

1 posts

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container.&nbsp; This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read arbitrary files fr

AAKL@infosec.exchange at 2026-07-06T16:26:18.000Z ##

At least Cisco is undeterred by the news slump over the long July 4 holiday. This is a new advisory:

High-severity CVE-2026-20191: Cisco Catalyst Center Arbitrary File Read Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #infosec #Cisco #vulnerability

##

CVE-2026-56413
(10.0 CRITICAL)

EPSS: 3.08%

updated 2026-07-01T18:17:31.553000

1 posts

Storage Concentrator (SC & SCVM) contains a command injection vulnerability in the ms_service.pl service, which listens on TCP port 9000 by default and accepts custom network packets to perform device actions. An unauthenticated remote attacker can send a specially crafted packet containing a malicious payload that is processed without adequate sanitization, resulting in arbitrary command executio

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-8451
(7.5 HIGH)

EPSS: 0.50%

updated 2026-07-01T15:52:58.800000

3 posts

Insufficient input validation inΒ NetScaler ADC and NetScaler GatewayΒ leading to memory overread ifΒ NetScaler ADC or NetScaler Gateway is configured as a SAML IDP

5 repos

https://github.com/derekpreston81/CVE_ADC_IOC_2026

https://github.com/attarwahyup/Netscaler-CVE-2026-8451

https://github.com/watchtowrlabs/watchTowr-vs-Netscaler-CVE-2026-8451

https://github.com/0xBlackash/CVE-2026-8451

https://github.com/amnsecurity/CVE-2026-8451-CitrixBleed

CVE-2026-6688
(7.6 HIGH)

EPSS: 0.21%

updated 2026-07-01T15:35:28

1 posts

FatFs R0.16 and earlier contains a downstream-caller vulnerability pattern associated with FatFs long filename handling. With LFN enabled, fno.fname can be up to 255 characters; many callers copy it into short fixed buffers without bounds checks, causing overflow. This maps to CWE-120 (Buffer Copy without Checking Size of Input). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H

nemo@mas.to at 2026-07-05T02:54:08.000Z ##

πŸ€– Researchers at runZero say AI-assisted testing found 7 security flaws in the FatFs FAT/exFAT filesystem library (CVE-2026-6682 to CVE-2026-6688), potentially exposing millions of embedded devices via malicious USB drives/SD cardsβ€”and sometimes OTA update paths. πŸ”“πŸ“‰ cyberinsider.com/ai-helps-find #cybersecurity #IoT #vulnerabilities #embedded

##

CVE-2026-13602(CVSS UNKNOWN)

EPSS: 0.24%

updated 2026-07-01T15:35:27

1 posts

We found a chain of combining multiple weaknesses in the product that could allow an attacker to become any user in the backend and access any data: * The payment integration plugins Stripe (included in the core system), pretix-mollie, pretix-oppwa, pretix-bitpay, pretix-payone, pretix-secuconnect, pretix-sofort, and pretix-saferpay contain a code path that is intended for the transp

CVE-2026-6682
(7.6 HIGH)

EPSS: 0.21%

updated 2026-07-01T15:35:27

1 posts

In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume() where fasize *= fs->n_fats can wrap, leading to attacker-controlled file-size metadata and unsafe read lengths in downstream callers. This maps to CWE-190 (Integer Overflow or Wraparound). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (7.6, High). Remote delivery is also possible in OTA/up

nemo@mas.to at 2026-07-05T02:54:08.000Z ##

πŸ€– Researchers at runZero say AI-assisted testing found 7 security flaws in the FatFs FAT/exFAT filesystem library (CVE-2026-6682 to CVE-2026-6688), potentially exposing millions of embedded devices via malicious USB drives/SD cardsβ€”and sometimes OTA update paths. πŸ”“πŸ“‰ cyberinsider.com/ai-helps-find #cybersecurity #IoT #vulnerabilities #embedded

##

CVE-2026-56415
(10.0 CRITICAL)

EPSS: 3.07%

updated 2026-07-01T00:34:43

1 posts

Storage Concentrator (SC & SCVM) contains a command injection vulnerability within the debug.pl script that is reachable without authentication. A remote attacker can submit a specially crafted HTTP request containing a malicious payload that is processed without adequate input sanitization, resulting in arbitrary command execution with root-level privileges on the underlying system.

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-56700
(9.8 CRITICAL)

EPSS: 1.68%

updated 2026-07-01T00:34:43

1 posts

Grav CMS before 2.0.0-beta.2 contains multiple code-execution vulnerabilities. Three unsafe unserialize() calls - in Scheduler\JobQueue, Framework\Cache\Adapter\FileCache, and Session - deserialize untrusted data without restricting allowed classes, enabling PHP object injection and, via a gadget chain, arbitrary code execution where an attacker controls the serialized input. Additionally, Install

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-11712
(9.3 CRITICAL)

EPSS: 0.22%

updated 2026-06-30T21:31:52

1 posts

IBM WebSphere Application Server 9.0, and 8.5 is affected by a cross-site scripting vulnerability in the administrative console help system.

DailyCyberSecurity@infosec.exchange at 2026-07-06T02:05:34.000Z ##

IBM WebSphere vulnerabilities like CVE-2026-11712 expose servers to severe XSS and path traversal attacks. Patch systems immediately.

#IBM #WebSphere #CyberSecurity #CVE202611712

securityonline.info/ibm-websph

##

CVE-2026-8037
(9.6 CRITICAL)

EPSS: 29.64%

updated 2026-06-30T15:30:32

1 posts

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints

Nuclei template

1 repos

https://github.com/HORKimhab/CVE-2026-8037

CVE-2026-8631
(9.8 CRITICAL)

EPSS: 1.33%

updated 2026-06-30T03:36:46

1 posts

A potential security vulnerability has been identified in the HP Linux Imaging and Printing Software. This potential vulnerability may allow escalation of privileges and/or arbitrary code execution via an integer overflow in the hpcups processing path when handling crafted print data.

thehackerwire@mastodon.social at 2026-07-05T22:00:45.000Z ##

πŸ”΄ CVE-2026-14544 - Critical (9.8)

A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer ...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23111
(7.8 HIGH)

EPSS: 0.34%

updated 2026-06-30T03:36:36

1 posts

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix inverted genmask check in nft_map_catchall_activate() nft_map_catchall_activate() has an inverted element activity check compared to its non-catchall counterpart nft_mapelem_activate() and compared to what is logically required. nft_map_catchall_activate() is called from the abort path to re-activate c

8 repos

https://github.com/0xBlackash/CVE-2026-23111

https://github.com/vrtlbob/Linux-Kernel-Vulnerabilities-CVE-2026-23111

https://github.com/HORKimhab/CVE-2026-23111

https://github.com/bakano98/cve-2026-23111-poc

https://github.com/ishankaru/CVE-2026-23111-nftables-lab

https://github.com/seguridadentrerios/CVE-2026-23111

https://github.com/Baba01hacker666/CVE-2026-23111

https://github.com/criann/check-cve-2026-23111

nemo@mas.to at 2026-07-08T06:10:16.000Z ##

Root-Zugriff durch einen Linux-Kernel-Bug: Ein einzelnes falsch gesetztes Ausrufezeichen in Nftables (CVE-2026-23111) negierte eine Bedingung und ΓΆffnete eine Use-after-free-LΓΌcke. Angreifer mit einfachen Rechten kΓΆnnen Code als Root ausfΓΌhren. Patch seit Feb. 2026. πŸ”’πŸ§ golem.de/news/root-zugriff-moe #Linux #Security #CVE #Nftables

##

CVE-2026-56782
(9.8 CRITICAL)

EPSS: 3.02%

updated 2026-06-29T20:17:39.907000

1 posts

Gorse before 0.5.10 contains an authentication bypass vulnerability in the /api/dump and /api/restore endpoints that allows unauthenticated attackers to access protected functionality when admin_api_key is empty, which is the default configuration. Remote attackers can exfiltrate the entire database including user records, items, and feedback data containing personally identifiable information, or

Nuclei template

2 repos

https://github.com/BiiTts/CVE-2026-56782-Gorse-Auth-Bypass

https://github.com/thecodeb0ss/CVE-2026-56782

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-13545
(8.8 HIGH)

EPSS: 2.71%

updated 2026-06-29T09:30:32

1 posts

A vulnerability has been found in D-Link DCS-935L 1.10.01. This affects the function sub_400E40 of the file setconf.cgi of the component POST Parameter Handler. Such manipulation of the argument UID leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-50548
(9.8 CRITICAL)

EPSS: 0.64%

updated 2026-06-26T16:51:25.290000

1 posts

Cursor is a code editor built for programming with AI. Prior to 3.0, Cursor runs agent terminal commands in a sandbox by default, and the sandbox grants write access to the command's working directory. A flaw was identified in how the agent could modify the working_directory parameter, which could cause the sandbox to include writable paths outside the intended workspace. A malicious agent could s

DailyCyberSecurity@infosec.exchange at 2026-07-06T14:25:33.000Z ##

Discover the new Cursor IDE RCE vulnerability called DuneSlide. This critical sandbox escape flaw assigned CVE-2026-50548 threatens developer environments.

#CursorIDE #RCE #DuneSlide #CyberSecurity #CVE202650548

securityonline.info/cursor-ide

##

CVE-2026-57589
(7.4 HIGH)

EPSS: 0.12%

updated 2026-06-26T05:16:31.673000

13 posts

sys/kern/sysv_sem.c in OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root. This is a context switch use-after-free after tsleep in sys_semget().

newsyc200@toot.community at 2026-07-08T19:43:48.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root: nvd.nist.gov/vuln/detail/cve-2

Discussion: news.ycombinator.com/item?id=4

##

hackernewsdaily@bsd.cafe at 2026-07-08T19:00:09.000Z ##

πŸ“° Today's Top 20 Hacker News Stories (Sorted by Score) πŸ“°
----------------------------------------
πŸ”– Title: Decoding the obfuscated bash script on a Uniqlo t-shirt
πŸ”— URL: tris.sherliker.net/blog/obfusc
πŸ‘ Score: [1103]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: GitLost: We Tricked GitHub's AI Agent into Leaking Private Repos
πŸ”— URL: noma.security/blog/gitlost-how
πŸ‘ Score: [461]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Chatto is now Open Source
πŸ”— URL: hmans.dev/blog/chatto-is-open-
πŸ‘ Score: [378]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: GPT‑Live
πŸ”— URL: openai.com/index/introducing-g
πŸ‘ Score: [336]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Tenda firmware (multiple versions) contains hidden authentication backdoor
πŸ”— URL: kb.cert.org/vuls/id/213560
πŸ‘ Score: [326]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: How to Build a Minimal ZFS NAS Without Synology, QNAP, TrueNAS (2024)
πŸ”— URL: neil.computer/notes/how-to-set
πŸ‘ Score: [313]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: EVE Online's Carbon engine is now open source: Fenris Creations explains why
πŸ”— URL: gamesindustry.biz/eve-onlines-
πŸ‘ Score: [309]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Structure and Interpretation of Computer Programs Video Lectures (1986)
πŸ”— URL: ocw.mit.edu/courses/6-001-stru
πŸ‘ Score: [305]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Mistral's Robostral Navigate: a state of the art robotics navigation model
πŸ”— URL: mistral.ai/news/robostral-navi
πŸ‘ Score: [299]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Apple to increase spend with Broadcom to produce billions more U.S. chips
πŸ”— URL: apple.com/newsroom/2026/07/app
πŸ‘ Score: [248]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: TypeScript 7
πŸ”— URL: devblogs.microsoft.com/typescr
πŸ‘ Score: [199]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: OpenBSD has a use-after-free allowing local privilege escalation to root
πŸ”— URL: nvd.nist.gov/vuln/detail/cve-2
πŸ‘ Score: [174]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Cloudflare Meerkat - Globally distributed consensus
πŸ”— URL: blog.cloudflare.com/meerkat-in
πŸ‘ Score: [157]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Grok 4.5
πŸ”— URL: x.ai/news/grok-4-5
πŸ‘ Score: [152]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: EU now one step away from reviving private message scanning rules
πŸ”— URL: cyberinsider.com/eu-now-one-st
πŸ‘ Score: [133]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: SWE-1.7 Reach Near GPT 5.5 and Opus Intelligence
πŸ”— URL: cognition.com/blog/swe-1-7
πŸ‘ Score: [130]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Japan's Hayabusa2 probe to conduct flyby of Torifune asteroid
πŸ”— URL: www3.nhk.or.jp/nhkworld/en/new
πŸ‘ Score: [128]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Geosql: A Claude/Codex skill for geospatial data
πŸ”— URL: github.com/dekart-xyz/geosql
πŸ‘ Score: [107]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: Show HN: Follow London Trains in 3D
πŸ”— URL: ride.nexttrain.london/
πŸ‘ Score: [94]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------
πŸ”– Title: NoiseLang: Where N = 5 is a Dirac delta
πŸ”— URL: manualmeida.dev/articles/noise
πŸ‘ Score: [89]
πŸ’¬ Discussion: news.ycombinator.com/item?id=4
----------------------------------------

##

hn100@social.lansky.name at 2026-07-08T16:05:10.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root

Link: nvd.nist.gov/vuln/detail/cve-2
Discussion: news.ycombinator.com/item?id=4

##

newsycombinator@framapiaf.org at 2026-07-08T16:00:47.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root
Link: nvd.nist.gov/vuln/detail/cve-2
Comments: news.ycombinator.com/item?id=4

##

hn50@social.lansky.name at 2026-07-08T15:25:07.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root

Link: nvd.nist.gov/vuln/detail/cve-2
Discussion: news.ycombinator.com/item?id=4

##

hn100@social.lansky.name at 2026-07-08T16:05:10.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root

Link: nvd.nist.gov/vuln/detail/cve-2
Discussion: news.ycombinator.com/item?id=4

##

newsycombinator@framapiaf.org at 2026-07-08T16:00:47.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root
Link: nvd.nist.gov/vuln/detail/cve-2
Comments: news.ycombinator.com/item?id=4

##

hn50@social.lansky.name at 2026-07-08T15:25:07.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root

Link: nvd.nist.gov/vuln/detail/cve-2
Discussion: news.ycombinator.com/item?id=4

##

hnbot@chrispelli.fun at 2026-07-08T14:48:47.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root - nvd.nist.gov/vuln/detail/cve-2

#hackernews

##

ngate@mastodon.social at 2026-07-08T14:47:21.000Z ##

Oh, joy! πŸ˜’ A riveting tale of OpenBSD's latest "oopsie-daisy" moment, where users can magically escalate privilegesβ€”because who doesn't love a good #security blunder? Meanwhile, the article itself is a masterpiece of accessibility: blocked by Cloudflare like a bouncer at a club for nerds. πŸ•΅οΈβ€β™‚οΈπŸ”’
nvd.nist.gov/vuln/detail/cve-2 #OpenBSD #Blunder #Accessibility #Issues #HackerNews #PrivilegeEscalation #HackerNews #ngated

##

h4ckernews@mastodon.social at 2026-07-08T14:47:16.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root

nvd.nist.gov/vuln/detail/cve-2

Comments: news.ycombinator.com/item?id=4

#HackerNews #OpenBSD #UseAfterFree #PrivilegeEscalation #Cybersecurity #Vulnerability #CVE-2026-57589

##

CuratedHackerNews@mastodon.social at 2026-07-08T14:36:03.000Z ##

OpenBSD has a use-after-free allowing local privilege escalation to root

nvd.nist.gov/vuln/detail/cve-2

#gov #openbsd

##

lobsters@mastodon.social at 2026-07-08T01:50:10.000Z ##

OpenBSD through 7.9 has a use-after-free allowing local privilege escalation to root (CVE-2026-57589) lobste.rs/s/7hmu0w #openbsd #security
nvd.nist.gov/vuln/detail/cve-2

##

CVE-2026-53111(CVSS UNKNOWN)

EPSS: 0.18%

updated 2026-06-24T18:32:50

1 posts

In the Linux kernel, the following vulnerability has been resolved: bpf: test_run: Fix the null pointer dereference issue in bpf_lwt_xmit_push_encap The bpf_lwt_xmit_push_encap helper needs to access skb_dst(skb)->dev to calculate the needed headroom: err = skb_cow_head(skb, len + LL_RESERVED_SPACE(skb_dst(skb)->dev)); But skb->_skb_refdst may not be initialized when the skb is set up b

nemo@mas.to at 2026-07-08T06:11:51.000Z ##

πŸ›‘οΈ Linux rocked by CVE-2026-53111: a single faulty character leads to a use-after-free flaw that can help unprivileged users evade sandbox defensesβ€”and escalate to root. Researchers say the February kernel fix has been backported to major distros. #Linux #Security arstechnica.com/security/2026/

##

CVE-2026-39999
(9.1 CRITICAL)

EPSS: 0.39%

updated 2026-06-23T15:32:31

1 posts

Authentication Bypass by Spoofing vulnerability in Apache APISIX. The attacker can completely bypass authentication capitalising on certain configurations of jwt-auth plugin. This issue affects Apache APISIX: from v2.2 through v3.16.0. Users are recommended to upgrade to version v3.17.0, which fixes the issue.

DailyCyberSecurity@infosec.exchange at 2026-07-08T12:21:46.000Z ##

APISIX authentication bypass CVE-2026-39999 lets attackers forge JWTs via algorithm confusion. APISIX 3.16.0 is affected; upgrade to 3.16.1.

#APISIX #ApacheAPISIX #JWT #AuthBypass #InfoSec

securityonline.info/apisix-jwt

##

CVE-2026-20181
(9.1 CRITICAL)

EPSS: 0.75%

updated 2026-06-17T18:36:07

1 posts

A vulnerability in Cisco ISE and ISE-PIC could allow an authenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. To exploit this vulnerability, the attacker must have valid administrative credentials. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a c

AAKL@infosec.exchange at 2026-07-07T17:30:37.000Z ##

If you missed this yesterday, Cisco posted this advisory on a critical vulnerability that was first published in June.

CRITICAL: CVE-2026-20181 and CVE-2026-20190: Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities sec.cloudapps.cisco.com/securi @TalosSecurity

More: sec.cloudapps.cisco.com/securi #Cisco #infosec #vulnerability

##

CVE-2026-20190
(7.5 HIGH)

EPSS: 0.41%

updated 2026-06-17T18:36:07

1 posts

A vulnerability in Cisco ISE and ISE-PIC could allow an unauthenticated, remote attacker to view sensitive information on an affected device. This vulnerability is due to improper authorization checks when a resource is accessed. An attacker could exploit this vulnerability by sending crafted traffic to an affected device. A successful exploit could allow the attacker to gain access to sensitive

AAKL@infosec.exchange at 2026-07-07T17:30:37.000Z ##

If you missed this yesterday, Cisco posted this advisory on a critical vulnerability that was first published in June.

CRITICAL: CVE-2026-20181 and CVE-2026-20190: Cisco Identity Services Engine Remote Code Execution and Information Disclosure Vulnerabilities sec.cloudapps.cisco.com/securi @TalosSecurity

More: sec.cloudapps.cisco.com/securi #Cisco #infosec #vulnerability

##

CVE-2026-28737
(8.7 HIGH)

EPSS: 0.34%

updated 2026-06-17T18:10:20

1 posts

## Summary Me again. Gitea's built-in 3D file viewer (powered by Online3DViewer) is vulnerable to stored cross-site scripting (XSS) through crafted `.gltf` files. When a glTF file declares an unsupported required extension, Online3DViewer generates an error message containing the extension name and Gitea inserts it into the DOM using `innerHTML` without sanitization. An attacker who can push a `

thehackerwire@mastodon.social at 2026-07-05T20:00:17.000Z ##

🟠 CVE-2026-28737 - High (8.7)

Gitea versions from 1.25.0 before 1.26.0 allow stored cross-site scripting through the extensionsRequired field in glTF files rendered by the 3D file viewer.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26128
(7.8 HIGH)

EPSS: 0.45%

updated 2026-06-17T10:25:46.367000

1 posts

Improper authentication in Windows SMB Server allows an authorized attacker to elevate privileges locally.

2 repos

https://github.com/jarnovandenbrink/CVE-2026-26128

https://github.com/jonaslejon/ad-autopwn

DailyCyberSecurity@infosec.exchange at 2026-07-06T01:05:37.000Z ##

Synacktiv publicly disclosed a Kerberos reflection bypass, CVE-2026-26128, with PoC exploit code. It yields SYSTEM on most Windows builds. Patch now.

securityonline.info/kerberos-r

##

CVE-2024-30326
(7.8 HIGH)

EPSS: 0.91%

updated 2026-06-17T07:26:44.557000

2 posts

Foxit PDF Reader Doc Object Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Doc objects. The issue

DarkWebInformer at 2026-07-08T15:42:46.787Z ##

‼️ New Dark Web Informer Blog Post!

Title: Foxit PDF Reader RCE Flaw CVE-2024-30326 Highlights PDF Attack Surface

Link: darkwebinformer.com/foxit-pdf-

##

DarkWebInformer@infosec.exchange at 2026-07-08T15:42:46.000Z ##

‼️ New Dark Web Informer Blog Post!

Title: Foxit PDF Reader RCE Flaw CVE-2024-30326 Highlights PDF Attack Surface

Link: darkwebinformer.com/foxit-pdf-

##

CVE-2024-26582
(7.8 HIGH)

EPSS: 0.25%

updated 2026-06-17T07:17:49.183000

1 posts

In the Linux kernel, the following vulnerability has been resolved: net: tls: fix use-after-free with partial reads and async decrypt tls_decrypt_sg doesn't take a reference on the pages from clear_skb, so the put_page() in tls_decrypt_done releases them, and we trigger a use-after-free in process_rx_list when we try to read from the partially-read skb.

CVE-2026-26231
(8.5 HIGH)

EPSS: 0.29%

updated 2026-06-16T23:41:03

1 posts

## Summary Any authenticated low-privilege user with read access to a repository can push arbitrary commits directly to that repository, bypassing all write-access checks. ## Vulnerability Gitea's "Allow edits from maintainers" PR option can be abused via reverse-fork PRs: 1. The web UI PR-create endpoint binds `allow_maintainer_edit=true` **without** verifying that the submitter has write acc

thehackerwire@mastodon.social at 2026-07-05T20:00:28.000Z ##

🟠 CVE-2026-26231 - High (8.5)

Gitea versions up to and including 1.26.1 allow the Allow edits from maintainers permission path to authorize commits to repositories that the user can read but should not be able to write.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28699
(8.1 HIGH)

EPSS: 0.57%

updated 2026-06-16T23:40:35

1 posts

### Summary Gitea fails to enforce OAuth2 access token scopes when the token is submitted via HTTP Basic authentication instead of a Bearer token. An OAuth2 application granted only `read:user` can use the same token as `Authorization: Basic base64(<token>:x-oauth-basic)` and perform write actions, including modifying profiles, adding email addresses, creating repositories, and deleting repositor

1 repos

https://github.com/Alardiians/gitea-CVE-2026-28699

thehackerwire@mastodon.social at 2026-07-05T18:00:15.000Z ##

🟠 CVE-2026-28699 - High (8.1)

Gitea versions up to and including 1.26.1 allow OAuth2 access token scope enforcement to be bypassed through HTTP Basic authentication.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28744
(8.1 HIGH)

EPSS: 0.34%

updated 2026-06-16T23:38:13

1 posts

### Summary Gitea v1.26.1 enforces repository-scoped access-token permissions on repository operations. In the Git Smart HTTP path, however, this check runs only when the token is presented via HTTP Basic authentication β€” `CheckRepoScopedToken()` returns early unless `ctx.IsBasicAuth` is true β€” so the same token sent as `Authorization: Bearer <token>` bypasses the scope check entirely. As a resul

thehackerwire@mastodon.social at 2026-07-05T17:00:33.000Z ##

🟠 CVE-2026-28744 - High (8.1)

Gitea versions up to and including 1.26.1 allow Git smart HTTP requests authenticated with bearer tokens to bypass repository token scope checks.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48062
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-06-11T17:16:09

1 posts

### Impact The `ext_in` upload validation rule checked the MIME-derived guessed extension instead of the client-provided filename extension. As a result, an uploaded file named `shell.php` containing GIF-like content could pass validation such as: ``` uploaded[avatar]|is_image[avatar]|mime_in[avatar,image/gif]|ext_in[avatar,gif] ``` because the detected MIME type maps to `gif`, even though the upl

DarkWebInformer@infosec.exchange at 2026-07-07T18:06:37.000Z ##

⚠️ CVE-2026-48062: CodeIgniter4 RCE Risk
CodeIgniter4 has a critical ext_in upload validation bypass with a CVSS 9.8 severity score.

Under unsafe upload configurations, a malicious file may bypass extension checks and potentially lead to remote code execution.

FOFA reports 14,862 matching CodeIgniter results over the past year.

Risk conditions:

β€’ User-controlled uploads
β€’ ext_in used for validation
β€’ Original filenames preserved
β€’ Uploads stored in a web-accessible path
β€’ Script execution allowed in that directory

Patch: upgrade to CodeIgniter4 4.7.3+

FOFA Query: app="CodeIgniter"

FOFA Link: en.fofa.info/result?qbase64=YX

Search results are not confirmed vulnerable hosts. Validate before taking action.

##

CVE-2026-43456
(7.8 HIGH)

EPSS: 0.16%

updated 2026-05-20T18:32:38

2 posts

In the Linux kernel, the following vulnerability has been resolved: bonding: fix type confusion in bond_setup_by_slave() kernel BUG at net/core/skbuff.c:2306! Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI RIP: 0010:pskb_expand_head+0xa08/0xfe0 net/core/skbuff.c:2306 RSP: 0018:ffffc90004aff760 EFLAGS: 00010293 RAX: 0000000000000000 RBX: ffff88807e3c8780 RCX: ffffffff89593e0e RDX: ffff88807b7c49

lobsters@mastodon.social at 2026-07-07T11:30:11.000Z ##

Reporting a 19+ Years Hidden Linux Kernel Zero-Day for Google kernelCTF: CVE-2026-43456 lobste.rs/s/txjns0 #linux #networking #security
gmo-cybersecurity.com/blog/19-

##

guru@thecybersecguru.com at 2026-07-05T05:45:29.000Z ##

Unearthing a 19-Year-Old Linux Kernel Zero-Day: The Deep Dive into CVE-2026-43456

Learn how CVE-2026-43456, a 19-year-old Linux kernel zero-day, enables privilege escalation through a bonding driver type confusion vulnerability

thecybersecguru.com/exploits/c

##

CVE-2026-33112
(8.8 HIGH)

EPSS: 2.11%

updated 2026-05-12T18:30:49

1 posts

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

DailyCyberSecurity@infosec.exchange at 2026-07-07T14:01:40.000Z ##

A SharePoint remote code execution flaw (CVE-2026-33112) is now public with full details and PoC. A low-privilege user can run code. Patch now.

#SharePoint #RCE #CVE202633112 #Microsoft #CyberSecurity

securityonline.info/sharepoint

##

CVE-2025-3248(CVSS UNKNOWN)

EPSS: 99.97%

updated 2025-11-05T20:12:46

4 posts

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.

Nuclei template

27 repos

https://github.com/xuemian168/CVE-2025-3248

https://github.com/imbas007/CVE-2025-3248

https://github.com/Kiraly07/Demo_CVE-2025-3248

https://github.com/EQSTLab/CVE-2025-3248

https://github.com/12-test-12/CVE-2025-3248

https://github.com/tiemio/RCE-CVE-2025-3248

https://github.com/bambooqj/cve-2025-3248

https://github.com/ill-deed/Langflow-CVE-2025-3248-Multi-target

https://github.com/verylazytech/CVE-2025-3248

https://github.com/vigilante-1337/CVE-2025-3248

https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance

https://github.com/0-d3y/langflow-rce-exploit

https://github.com/r0otk3r/CVE-2025-3248

https://github.com/dennisec/CVE-2025-3248

https://github.com/wand3rlust/CVE-2025-3248

https://github.com/PuddinCat/CVE-2025-3248-POC

https://github.com/0xgh057r3c0n/CVE-2025-3248

https://github.com/b0ySie7e/CVE-2025-3248-POC

https://github.com/min8282/CVE-2025-3248

https://github.com/zapstiko/CVE-2025-3248

https://github.com/get-xor/coreweave-demo-2026-05

https://github.com/Praison001/CVE-2025-3248

https://github.com/Vip3rLi0n/CVE-2025-3248

https://github.com/ynsmroztas/CVE-2025-3248-Langflow-RCE

https://github.com/drackyjr/cve-2025-3248-exploit

https://github.com/dennisec/Mass-CVE-2025-3248

https://github.com/nebari-playground/langflow-cve-2025-3248

kev_Stalker@infosec.exchange at 2026-07-07T15:06:04.000Z ##

CVE-2025-3248 - Changed to Known Ransomware Status

Langflow Missing Authentication VulnerabilityVendor: LangflowProduct: LangflowLangflow contains a missing authentication vulnerability in the /api/v1/validate/code endpoint that allows a remote, unauthenticated attacker to execute arbitrary code via crafted HTTP requests.Status changed from Unknown to Known for ransomware campaign usage.Flip detected on: July 07, 2026 at 15:00:35 UTCDate Addedhttps://nvd.nist.gov/vuln/detail/CVE-2025-3248

##

threatnoir@infosec.exchange at 2026-07-07T01:05:19.000Z ##

⚠️ CRITICAL: Sysdig clocks first documented case of agentic ransomware

JadePuffer deployed the first documented end-to-end agentic ransomware attack in June 2026, using AI agents to autonomously conduct reconnaissance, steal credentials, move laterally, and encrypt systems. The attack exploited CVE-2025-3248 in Langflow and targeted MySQL and Alibaba Nacos instances.…

threatnoir.com/focus

#infosec #cybersecurity

##

BrentD@techhub.social at 2026-07-06T17:13:49.000Z ##

We're here! AI Agent executed automated Ransomware operation.

JadePuffer used an autonomous AI agent for reconnaissance on the target, to steal credentials, move laterally, establish persistence, escalate privileges, and to encrypt data.

WHOA! β€œThe operation also adapted in real time, retrying failed steps within refined parameters. In one sequence, it went from a failed login to a working fix in 31 seconds,”

bleepingcomputer.com/news/secu

NIST CVE (CVE-2025-3248) posted here: nvd.nist.gov/vuln/detail/CVE-2 #JadePuffer #Ransomware #Security #Hackers #NIST_CVE #CVE2025_3248 #AgenticThreatActors #AI #AIAgents #CyberAttack #CyberSecurity #LLMs #MySQL #PostgreSQL #CVE #JadePuffer

##

hasamba@infosec.exchange at 2026-07-05T14:43:12.000Z ##

----------------

🎯 AI
===================

Sysdig Threat Research Team documented what they assess as the first case of agentic ransomware, an operation dubbed JADEPUFFER. The entire extortion campaign, from initial access to destructive database encryption, was driven by a large language model rather than a human operator.

Initial Access and Vulnerability

JADEPUFFER gained entry through CVE-2025-3248, a missing-authentication flaw in Langflow's code validation endpoint that allows unauthenticated Python execution. Langflow, an open-source framework for building LLM-driven applications, is frequently exposed on the internet with weak network controls and often holds API keys and cloud credentials.

Attack Chain Analysis

The operation unfolded across two distinct targets: the internet-facing Langflow instance and a separate production database server, the true objective.

Phase 1 on the Langflow instance:
1. Reconnaissance: The LLM enumerated the host (id, uname -a, hostname, network interfaces, running processes) and swept for secrets in parallel: LLM provider API keys (OpenAI, Anthropic, DeepSeek, Gemini), cloud credentials (AWS, GCP, Azure, and Chinese providers: ALIBABA_, ALIYUN_, TENCENT_, HUAWEI_), cryptocurrency wallets and seed phrases, and database credentials.
2. Local data looting: Dumped Langflow's backing Postgres database, harvested stored credentials and API keys, staged output locally, reviewed it, then deleted staging files.
3. Internal lateral discovery: Scanned the internal address space for databases, object storage, secret stores, and service-discovery endpoints, probing with default credentials.
4. MinIO enumeration: Probed minio.internal:9000 and 127.0.0.1:9000 for the S3-compatible object store.

What Makes This Different

Two characteristics distinguish JADEPUFFER from conventional ransomware:

1. Self-narrating payloads: The LLM-generated code contained natural language reasoning, target prioritization, and detailed annotations. Human operators rarely embed this kind of commentary. The payloads documented their own decision-making process.
2. Real-time adaptation: When a step failed, the LLM refined its approach and retried within seconds. In one observed sequence, it went from a failed authentication attempt to a corrected working login in 31 seconds.

Detection Considerations
β€’ Patch Langflow instances against CVE-2025-3248 immediately
β€’ Do not expose Langflow to the internet without authentication and network controls
β€’ Monitor for credential-sweeping patterns targeting LLM API keys and cloud credentials in parallel
β€’ Treat self-annotating scripts as a potential indicator of LLM-generated payloads
β€’ The "first documented case" assessment comes from Sysdig TRT alone; independent verification is recommended

πŸ”Ή JADEPUFFER #Ransomware #AI #LLM #CVE_2025_3248

πŸ”— Source: sysdig.com/blog/jadepuffer-age

##

CVE-2026-45367
(0 None)

EPSS: 0.00%

1 posts

N/A

EUVD_Bot@mastodon.social at 2026-07-08T23:00:12.000Z ##

🚨 EUVD-2026-42440

πŸ“Š Score: 7.5/10 (CVSS v3.1)
πŸ“¦ Product: org.hl7.fhir.core
🏒 Vendor: hapifhir
πŸ“… Updated: 2026-07-08

πŸ“ HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.10, the fix for CVE-2026-45367 incompletely patched the DSTU2 module, leaving FHIRPathEngine.matches() in org.hl7.fhir.dstu2/util...

πŸ”— euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##

CVE-2026-45309
(0 None)

EPSS: 0.00%

1 posts

N/A

EUVD_Bot@mastodon.social at 2026-07-08T22:00:31.000Z ##

🚨 EUVD-2026-42400

πŸ“Š Score: 5.9/10 (CVSS v3.1)
πŸ“¦ Product: asyncssh
🏒 Vendor: ronf
πŸ“… Updated: 2026-07-08

πŸ“ AsyncSSH is a Python package which provides an asynchronous client and server implementation of the SSHv2 protocol on top of the Python asyncio framework. Version 2.23.0 contains an incomplete fix for CVE-2026-45309 in SSHServerConfig._set_tokens that blocks /...

πŸ”— euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##

CVE-2026-33697
(0 None)

EPSS: 0.06%

1 posts

N/A

CVE-2026-54161
(0 None)

EPSS: 0.00%

1 posts

N/A

1 repos

https://github.com/ja-errorpro/CVE-2026-54161

DailyCyberSecurity@infosec.exchange at 2026-07-08T13:29:43.000Z ##

A Network UPS Tools RCE (CVE-2026-54161) lets a malicious upsd trigger upsmon command injection as root. No patch exists yet, so mitigate now.

#NetworkUPSTools #NUT #upsmon #CommandInjection #RCE #CVE202654161 #CyberSecurity

securityonline.info/network-up

##

offseq@infosec.exchange at 2026-07-08T06:00:28.000Z ##

CRITICAL: Gitea Docker (<1.26.3) is vulnerable to auth bypass (CVE-2026-20896) β€” attackers can access repos & secrets by spoofing a username header. Actively exploited! Patch to 1.26.3+ & restrict access now. radar.offseq.com/threat/critic #OffSeq #Gitea #Vuln #Infosec

##

DarkWebInformer@infosec.exchange at 2026-07-07T17:38:26.000Z ##

🚨 Critical Gitea flaw CVE-2026-20896 is being probed in the wild

Researchers warn that attackers are targeting a critical Gitea Docker image flaw that can allow authentication bypass with a single HTTP header.

The issue affects official Gitea Docker images up to 1.26.2 when reverse-proxy authentication is enabled.

The vulnerable default trusted any source IP as a reverse proxy, meaning an attacker who could reach the container’s HTTP port could spoof X-WEBAUTH-USER and impersonate a known or guessable user.

Gitea patched the issue in 1.26.3 / 1.26.4, and a public PoC/checker is now available.

Sysdig says the first in-the-wild probing was seen 13 days after disclosure.

Observed IP: 159[.]26[.]98[.]241

##

beyondmachines1@infosec.exchange at 2026-07-07T12:01:07.000Z ##

Gitea Docker Images Vulnerable to Critical Authentication Bypass, Already Attacked

Gitea patched a critical authentication bypass vulnerability (CVE-2026-20896) in its Docker images that allows attackers to impersonate any user with a single HTTP header. The flaw is being exploited in the wild.

**If you self-host Gitea, first make sure it's isolated from the internet and reachable only from trusted networks, then update to version 1.26.3 or later ASAP. If you can't update immediately, edit your app.ini to change REVERSE_PROXY_TRUSTED_PROXIES from * to your actual reverse proxy's specific IP address, and rotate all credentials and secrets stored in your repositories.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

thehackerwire@mastodon.social at 2026-07-05T21:00:05.000Z ##

πŸ”΄ CVE-2026-20896 - Critical (9.8)

Gitea Docker image versions up to and including 1.26.2 use REVERSE_PROXY_TRUSTED_PROXIES=* by default, allowing any source IP to impersonate a user when reverse-proxy authentication headers such as X-WEBAUTH-USER are enabled.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14380
(0 None)

EPSS: 0.24%

1 posts

N/A

offseq@infosec.exchange at 2026-07-08T00:00:42.000Z ##

CVE-2026-14380 | CRITICAL eval injection in HMBRAND DBI <1.650 lets attackers execute arbitrary Perl code via Profile. Remote code exec possible with exposed DBI::Gofer/ProxyServer. Restrict access & monitor for patches. radar.offseq.com/threat/cve-20 #OffSeq #Perl #Security

##

CVE-2026-54234
(0 None)

EPSS: 0.34%

1 posts

N/A

hugovalters@mastodon.social at 2026-07-07T14:01:57.000Z ##

CVE-2026-54234 - High-severity DoS in vLLM. Multi-request speculative decoding triggers out-of-vocabulary token crash. CVSS 7.5. No patch yet - update to v0.24.0+ immediately. #CVE #vLLM #infosec

valtersit.com/cve/CVE-2026-542

##

CVE-2026-57155
(0 None)

EPSS: 0.00%

1 posts

N/A

beyondmachines1@infosec.exchange at 2026-07-07T09:01:07.000Z ##

OPNsense Patches Critical Root Vulnerability in GeoIP Alias Importer

OPNsense released critical security updates to fix a root remote code execution vulnerability (CVE-2026-57155) in its GeoIP alias importer. The update also patches several other flaws including XPath injection and stored cross-site scripting.

**Make sure your OPNsense firewall's management interface is isolated from the internet and reachable only from trusted networks, since even a low-level user with alias-editing rights can exploit this flaw. Update to OPNsense 26.1.11 or 26.4.1p1 ASAP. If you can't update immediately, lock down management access and limit alias-editing permissions to trusted administrators only.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-12943
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-07T08:30:35.000Z ##

A critical IBM Power HMC vulnerability (CVE-2026-12943) allows unauthenticated attackers to execute commands. Patch your systems immediately.

#IBMPowerHMC #Vulnerability #CyberSecurity #CVE202612943 #Infosec

securityonline.info/ibm-power-

##

CVE-2026-34168
(0 None)

EPSS: 0.40%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-07T07:00:46.000Z ##

🟠 CVE-2026-34168 - High (8.8)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, the LocalPersistentVolume.name field is interpolated directly into docker volume shell commands without shell argument esc...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34152
(0 None)

EPSS: 0.37%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-07T07:00:34.000Z ##

🟠 CVE-2026-34152 - High (8.8)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.471, pre-deployment and post-deployment commands are single-quote escaped but then sent through SSH heredoc transport that pres...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42200
(0 None)

EPSS: 0.54%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-07T06:00:42.000Z ##

🟠 CVE-2026-42200 - High (8.8)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.474, PostgreSQL initialization script (generate_init_scripts() method in app/Actions/Database/StartPostgresql.php) filename han...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34158
(0 None)

EPSS: 0.36%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-07T06:00:26.000Z ##

🟠 CVE-2026-34158 - High (8.8)

Coolify is an open-source and self-hostable tool for managing servers, applications, and databases. Prior to 4.0.0-beta.469, the executeInDocker() helper wraps user-controlled commands in single quotes without escaping embedded single quotes. Atta...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-54060
(0 None)

EPSS: 0.36%

1 posts

N/A

hugovalters@mastodon.social at 2026-07-07T05:11:21.000Z ##

CVE-2026-54060 - Supply chain attack in Pillow Python imaging library. FontFile.compile() bypasses decompression bomb check, enabling excessive memory allocation. CVSS 7.5. Update to Pillow 12.3.0 immediately. #CVE #infosec #Python

valtersit.com/cve/CVE-2026-540

##

CVE-2026-34037
(0 None)

EPSS: 0.25%

1 posts

N/A

offseq@infosec.exchange at 2026-07-07T04:30:26.000Z ##

CVE-2026-34037: CRITICAL auth bypass in coollabsio coolify (=4.0.0-beta.464). Privileged users can clone resources into other teams, risking cross-tenant data exposure. Fix: upgrade to 4.0.0-beta.464. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #coolify #Infosec

##

CVE-2026-12184
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-06T02:42:07.000Z ##

Two PHP flaws are patched. CVE-2026-12184 is a PHP remote DoS that crashes PHP-FPM, and CVE-2026-14355 causes memory corruption. Update PHP now.

#PHP #RemoteDoS #DoS #PHPFPM #CyberSecurity #Vulnerability #InfoSec

securityonline.info/php-remote

##

CVE-2026-14355
(0 None)

EPSS: 0.28%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-06T02:42:07.000Z ##

Two PHP flaws are patched. CVE-2026-12184 is a PHP remote DoS that crashes PHP-FPM, and CVE-2026-14355 causes memory corruption. Update PHP now.

#PHP #RemoteDoS #DoS #PHPFPM #CyberSecurity #Vulnerability #InfoSec

securityonline.info/php-remote

##

CVE-2026-49429
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-06T01:35:33.000Z ##

Recent FreeBSD security advisories detail severe flaws like CVE-2026-49420, CVE-2026-49429, and CVE-2026-49422. Patch immediately to stop attacks.

#FreeBSD #Vulnerability #CyberSecurity #CVE202649420

securityonline.info/freebsd-se

##

CVE-2026-49422
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-06T01:35:33.000Z ##

Recent FreeBSD security advisories detail severe flaws like CVE-2026-49420, CVE-2026-49429, and CVE-2026-49422. Patch immediately to stop attacks.

#FreeBSD #Vulnerability #CyberSecurity #CVE202649420

securityonline.info/freebsd-se

##

CVE-2026-49420
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-06T01:35:33.000Z ##

Recent FreeBSD security advisories detail severe flaws like CVE-2026-49420, CVE-2026-49429, and CVE-2026-49422. Patch immediately to stop attacks.

#FreeBSD #Vulnerability #CyberSecurity #CVE202649420

securityonline.info/freebsd-se

##

CVE-2026-52747
(0 None)

EPSS: 0.00%

1 posts

N/A

secdb@infosec.exchange at 2026-07-06T00:25:23.000Z ##

πŸ“ˆ CVE Published in last 7 days (2026-06-29 - 2026-06-29)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 195
- High: 612
- Medium: 729
- Low: 114
- None: 230

Status:
- UNKNOWN: 68
- Analyzed: 534
- Awaiting Analysis: 109
- Deferred: 568
- Modified: 39
- Received: 443
- Rejected: 6
- Undergoing Analysis: 113

CISA KEVs:
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0701 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- Chrome: 434
- VulnCheck: 177
- VulDB: 162
- Patchstack: 125
- Wordfence: 96
- GitHub, Inc.: 81
- N/A: 68
- Microsoft Corporation: 49
- IBM Corporation: 43
- Gitea Limited: 40

Top Affected Products:
- UNKNOWN: 1234
- Google Chrome: 401
- Geovision Inc. Geowebplayer: 16
- Imagemagick: 13
- Langflow: 11
- Nvidia Nemo Megatron Bridge: 11
- Adobe Coldfusion: 10
- Uvnc Ultravnc: 9
- Apache Activemq: 9
- Ibm Websphere Application Server: 8

Top EPSS Score:
- CVE-2026-27771 - 40.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13773 - 3.41 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56413 - 3.08 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56415 - 3.07 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56782 - 3.02 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-13545 - 2.71 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58452 - 2.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58453 - 1.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-56700 - 1.68 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-58457 - 1.67 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

thehackerwire@mastodon.social at 2026-07-05T18:00:03.000Z ##

🟠 CVE-2026-27771 - High (8.2)

Gitea versions up to and including 1.26.1 have insufficient permission checks for Composer package source links, which can expose private or internal package source information.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-10054
(0 None)

EPSS: 0.16%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-05T22:00:24.000Z ##

🟠 CVE-2026-10054 - High (8.8)

In affected versions of Eclipse Theia (1.8.1 and later), the browser backend exposes privileged terminal RPC over WebSocket (/services/shell-terminal, /services/terminals/:id) without service-level authentication.

WebSocket origin validation i...

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-05T20:59:54.000Z ##

πŸ”΄ CVE-2026-22874 - Critical (9.6)

Gitea versions up to and including 1.26.2 have incomplete SSRF protection in webhook and migration allow-list filtering.

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58426
(0 None)

EPSS: 0.18%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-04T21:00:34.000Z ##

πŸ”΄ CVE-2026-58426 - Critical (9.6)

Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58424
(0 None)

EPSS: 0.20%

1 posts

N/A

CVE-2026-58423
(0 None)

EPSS: 0.31%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-04T16:00:37.000Z ##

🟠 CVE-2026-58423 - High (7.7)

LFS authentication bypass via malformed SSH sub-verb allows unauthorized read access to private repositories

πŸ”— thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

Visit counter For Websites