## Updated at UTC 2026-01-25T19:19:00.651853

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-24061 9.8 0.49% 18 28 2026-01-25T01:16:04.343000 telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "
CVE-2026-0911 7.5 0.08% 2 0 2026-01-24T13:15:55.300000 The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPre
CVE-2026-1257 7.5 0.07% 3 0 2026-01-24T08:16:09.517000 The Administrative Shortcodes plugin for WordPress is vulnerable to Local File I
CVE-2025-13374 9.8 0.14% 2 1 2026-01-24T08:16:05.173000 The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads
CVE-2026-24469 7.5 0.03% 2 0 2026-01-24T03:16:01.150000 C++ HTTP Server is an HTTP/1.1 server built to handle client connections and ser
CVE-2026-24412 8.8 0.06% 2 0 2026-01-24T02:15:49.360000 iccDEV provides libraries and tools for interacting with, manipulating, and appl
CVE-2026-24609 7.5 0.11% 2 0 2026-01-23T22:36:54 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-24608 7.5 0.11% 2 0 2026-01-23T22:36:54 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-24635 7.5 0.11% 2 0 2026-01-23T22:36:54 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2025-69907 7.5 0.03% 2 0 2026-01-23T22:35:52 An unauthenticated information disclosure vulnerability exists in Newgen OmniDoc
CVE-2026-24367 8.8 0.03% 2 0 2026-01-23T22:16:23.753000 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-20750 9.1 0.03% 2 0 2026-01-23T22:16:15.977000 Gitea does not properly validate project ownership in organization project opera
CVE-2025-69180 8.8 0.03% 2 0 2026-01-23T22:16:14.630000 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2025-66720 7.5 0.01% 1 0 2026-01-23T21:31:51 Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/processor/amp
CVE-2025-67229 9.8 0.01% 1 0 2026-01-23T21:31:51 An improper certificate validation vulnerability exists in ToDesktop Builder v0.
CVE-2025-66719 9.1 0.03% 1 0 2026-01-23T21:31:50 An issue was discovered in Free5gc NRF 1.4.0. In the access-token generation log
CVE-2025-70983 10.0 0.01% 1 0 2026-01-23T21:30:54 Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows
CVE-2025-70985 9.1 0.01% 1 0 2026-01-23T21:30:44 Incorrect access control in the update function of RuoYi v4.8.2 allows unauthori
CVE-2025-70986 7.5 0.01% 1 0 2026-01-23T21:30:44 Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unaut
CVE-2026-24572 8.8 0.01% 2 0 2026-01-23T21:30:43 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-23760 0 3.36% 1 1 template 2026-01-23T20:16:02.600000 SmarterTools SmarterMail versions prior to build 9511 contain an authentication
CVE-2025-66428 8.8 0.02% 2 0 2026-01-23T20:15:53.510000 An issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.
CVE-2025-56590 9.8 0.05% 2 0 2026-01-23T20:15:53.183000 An issue was discovered in the InsertFromURL() function of the Apryse HTML2PDF S
CVE-2026-20912 None 0.03% 2 0 2026-01-23T20:14:54 Gitea does not properly validate repository ownership when linking attachments t
CVE-2026-20897 None 0.03% 2 0 2026-01-23T20:14:46 Gitea does not properly validate repository ownership when deleting Git LFS lock
CVE-2026-20736 None 0.03% 2 0 2026-01-23T20:11:38 Gitea does not properly verify repository context when deleting attachments. A u
CVE-2025-11344 6.3 0.19% 2 0 2026-01-23T19:15:51.993000 A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vul
CVE-2024-37079 9.8 82.70% 5 0 2026-01-23T19:15:51.807000 vCenter Server contains a heap-overflow vulnerability in the implementation of t
CVE-2025-34026 7.5 54.54% 3 0 template 2026-01-23T18:39:24.063000 The Versa Concerto SD-WAN orchestration platform is vulnerable to an authenticat
CVE-2025-54313 7.5 4.45% 3 3 2026-01-23T18:33:09.503000 eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious
CVE-2025-69908 7.5 0.01% 1 0 2026-01-23T18:31:35 An unauthenticated information disclosure vulnerability in Newgen OmniApp allows
CVE-2025-67221 None 0.04% 1 1 2026-01-23T16:56:03 The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for dee
CVE-2026-23954 8.7 0.09% 1 0 2026-01-23T15:46:36 ### Summary A user with the ability to launch a container with a custom image (e
CVE-2025-4319 9.4 0.07% 1 0 2026-01-23T15:31:44 Improper Restriction of Excessive Authentication Attempts, Weak Password Recover
CVE-2026-20613 7.8 0.01% 1 0 2026-01-23T15:16:07.070000 The ArchiveReader.extractContents() function used by cctl image load and contain
CVE-2025-4320 10.0 0.07% 1 0 2026-01-23T13:15:49.123000 Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for
CVE-2025-14866 8.8 0.02% 1 0 2026-01-23T13:15:47.983000 The Melapress Role Editor plugin for WordPress is vulnerable to Privilege Escala
CVE-2026-22273 8.8 0.02% 1 0 2026-01-23T12:30:36 Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior
CVE-2026-22271 7.5 0.02% 1 0 2026-01-23T09:30:30 Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior
CVE-2026-0603 8.3 0.07% 1 0 2026-01-23T09:30:29 A flaw was found in Hibernate. A remote attacker with low privileges could explo
CVE-2026-1363 9.8 0.03% 1 0 2026-01-23T09:30:29 IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Securi
CVE-2026-1364 9.8 0.13% 1 0 2026-01-23T09:15:47.643000 IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowin
CVE-2026-0791 8.1 0.57% 2 0 2026-01-23T06:31:33 ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remot
CVE-2026-0787 8.1 1.00% 2 0 2026-01-23T06:31:33 ALGO 8180 IP Audio Alerter SAC Command Injection Remote Code Execution Vulnerabi
CVE-2026-0785 7.5 0.92% 2 0 2026-01-23T06:31:33 ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution Vulnerabi
CVE-2026-0778 8.8 0.08% 1 0 2026-01-23T06:31:33 Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution V
CVE-2026-0792 8.1 0.57% 1 0 2026-01-23T06:31:33 ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Rem
CVE-2025-15349 7.5 0.09% 1 0 2026-01-23T06:31:32 Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This
CVE-2026-0762 8.1 0.36% 1 0 2026-01-23T06:31:32 GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution
CVE-2026-0761 9.8 1.39% 1 0 2026-01-23T06:31:32 Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code
CVE-2026-0760 9.8 1.30% 1 0 2026-01-23T06:31:32 Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data
CVE-2026-0755 9.8 1.00% 1 0 2026-01-23T06:31:32 gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability.
CVE-2026-0768 9.8 1.39% 1 0 2026-01-23T06:31:32 Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerabi
CVE-2026-0763 9.8 1.30% 2 0 2026-01-23T06:31:32 GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Re
CVE-2026-0765 8.8 0.70% 1 0 2026-01-23T06:31:32 Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Ex
CVE-2026-0774 8.8 0.14% 1 0 2026-01-23T06:31:32 WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnera
CVE-2026-0773 9.8 1.30% 1 0 2026-01-23T06:31:32 Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vuln
CVE-2026-0794 8.1 1.15% 2 0 2026-01-23T06:31:32 ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerabilit
CVE-2025-15061 9.8 0.85% 1 0 2026-01-23T06:31:24 Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Executio
CVE-2026-0710 8.4 0.05% 1 0 2026-01-23T06:31:24 A flaw was found in SIPp. A remote attacker could exploit this by sending specia
CVE-2025-15350 7.8 0.21% 1 0 2026-01-23T06:31:24 Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Cod
CVE-2025-15063 9.8 1.00% 1 0 2026-01-23T06:31:24 Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerabilit
CVE-2025-15348 7.8 0.21% 1 0 2026-01-23T06:31:23 Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code
CVE-2025-67847 8.8 0.07% 1 0 2026-01-23T05:16:24.250000 A flaw was found in Moodle. An attacker with access to the restore interface cou
CVE-2025-3839 8.0 0.01% 1 0 2026-01-23T05:16:21.753000 A flaw was found in Epiphany, a tool that allows websites to open external URL h
CVE-2026-0793 8.1 0.57% 2 0 2026-01-23T04:16:07.123000 ALGO 8180 IP Audio Alerter InformaCast Heap-based Buffer Overflow Remote Code Ex
CVE-2026-0786 7.5 1.22% 2 0 2026-01-23T04:16:06.180000 ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerabi
CVE-2026-0772 7.5 1.04% 1 0 2026-01-23T04:16:04.333000 Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vuln
CVE-2026-0770 9.8 1.15% 1 0 2026-01-23T04:16:04.063000 Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere R
CVE-2026-0769 9.8 1.04% 1 0 2026-01-23T04:16:03.933000 Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnera
CVE-2026-0766 8.8 0.70% 1 0 2026-01-23T04:16:03.527000 Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulner
CVE-2026-0764 9.8 1.30% 1 0 2026-01-23T04:16:03.250000 GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vuln
CVE-2026-0759 9.8 1.00% 1 0 2026-01-23T04:16:02.570000 Katana Network Development Starter Kit executeCommand Command Injection Remote C
CVE-2026-0758 7.8 0.05% 2 0 2026-01-23T04:16:02.433000 mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vu
CVE-2026-0757 8.8 0.07% 2 0 2026-01-23T04:16:02.297000 MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape
CVE-2026-0756 9.8 1.00% 1 0 2026-01-23T04:16:02.157000 github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulne
CVE-2025-15351 7.8 0.21% 1 0 2026-01-23T04:16:01.710000 Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Cod
CVE-2025-15062 7.8 0.05% 1 0 2026-01-23T04:16:01.033000 Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerabi
CVE-2025-15059 7.8 0.06% 1 0 2026-01-23T04:16:00.740000 GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerabi
CVE-2026-24304 9.9 0.08% 2 0 2026-01-23T02:15:55.547000 Improper access control in Azure Resource Manager allows an authorized attacker
CVE-2026-24306 9.8 0.09% 3 0 2026-01-23T00:31:24 Improper access control in Azure Front Door (AFD) allows an unauthorized attacke
CVE-2026-24305 9.3 0.07% 2 0 2026-01-23T00:31:24 Azure Entra ID Elevation of Privilege Vulnerability
CVE-2026-21520 7.5 0.10% 2 0 2026-01-23T00:31:24 Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio all
CVE-2026-24307 9.3 0.10% 1 0 2026-01-22T23:15:59.003000 Improper validation of specified type of input in M365 Copilot allows an unautho
CVE-2026-21264 9.3 0.07% 3 0 2026-01-22T23:15:57.407000 Improper neutralization of input during web page generation ('cross-site scripti
CVE-2026-21227 8.2 0.08% 2 0 2026-01-22T23:15:57.220000 Improper limitation of a pathname to a restricted directory ('path traversal') i
CVE-2025-54816 9.4 0.07% 2 0 2026-01-22T23:15:49.953000 This vulnerability occurs when a WebSocket endpoint does not enforce proper aut
CVE-2025-53968 7.5 0.08% 2 0 2026-01-22T23:15:49.800000 This vulnerability arises because there are no limitations on the number of aut
CVE-2026-23953 8.7 0.01% 1 0 2026-01-22T22:16:20.673000 Incus is a system container and virtual machine manager. In versions 6.20.0 and
CVE-2026-1201 0 0.04% 2 0 2026-01-22T22:16:16.130000 An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Ele
CVE-2025-31125 5.3 67.18% 3 7 template 2026-01-22T21:47:41 ### Summary The contents of arbitrary files can be returned to the browser. ##
CVE-2025-68645 8.8 26.23% 3 3 template 2026-01-22T21:33:44 A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Z
CVE-2026-24009 8.1 0.10% 1 0 2026-01-22T18:43:46 ### Impact A PyYAML-related Remote Code Execution (RCE) vulnerability, namely C
CVE-2025-13601 7.7 0.03% 1 0 2026-01-22T18:31:34 A heap-based buffer overflow problem was found in glib through an incorrect calc
CVE-2026-22278 8.1 0.09% 1 0 2026-01-22T18:30:45 Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restrictio
CVE-2026-22200 None 4.28% 1 1 template 2026-01-22T18:30:31 Enhancesoft osTicket versions up to and including 1.18.2 contain an arbitrary fi
CVE-2026-24006 7.5 0.04% 1 0 2026-01-22T18:02:24 Serialization of objects with extreme depth can **exceed the maximum call stack
CVE-2025-69828 10.0 0.26% 1 0 2026-01-22T17:16:28.403000 File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.
CVE-2025-67968 0 0.02% 3 0 2026-01-22T17:16:06.357000 Unrestricted Upload of File with Dangerous Type vulnerability in InspiryThemes R
CVE-2025-69764 9.8 0.07% 1 0 2026-01-22T16:16:07.660000 Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the fo
CVE-2025-36588 8.8 0.06% 1 0 2026-01-22T16:16:07.050000 Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutral
CVE-2026-23957 7.5 0.04% 1 0 2026-01-22T15:44:02 Overriding encoded array lengths by replacing them with an excessively large val
CVE-2026-23965 7.5 0.01% 1 0 2026-01-22T15:43:31 ### Summary A signature forgery vulnerability exists in the SM2 signature verif
CVE-2026-23967 7.5 0.01% 2 0 2026-01-22T15:43:21 ### Summary A signature malleability vulnerability exists in the SM2 signature
CVE-2026-23524 9.8 0.57% 1 0 2026-01-22T15:39:15 ### Impact This vulnerability affects Laravel Reverb versions prior to v1.7.0 w
CVE-2026-1329 8.8 0.15% 1 0 2026-01-22T15:31:44 A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the funct
CVE-2025-13928 7.5 0.01% 1 0 2026-01-22T15:31:39 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7
CVE-2025-10855 7.5 0.01% 1 0 2026-01-22T15:31:39 Authorization Bypass Through User-Controlled Key vulnerability in Solvera Softwa
CVE-2025-13927 7.5 0.03% 1 0 2026-01-22T15:31:38 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9
CVE-2026-1328 8.8 0.08% 1 0 2026-01-22T15:16:51.173000 A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. Impacted
CVE-2026-1324 8.8 0.04% 1 0 2026-01-22T15:16:50.420000 A vulnerability was identified in Sangfor Operation and Maintenance Management S
CVE-2025-69766 9.8 0.21% 1 0 2026-01-22T15:16:48.843000 Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the fo
CVE-2025-10856 8.1 0.01% 1 0 2026-01-22T13:16:04.043000 Unrestricted Upload of File with Dangerous Type vulnerability in Solvera Softwar
CVE-2025-10024 7.5 0.04% 1 0 2026-01-22T12:31:32 Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer
CVE-2025-4764 8.0 0.01% 1 2 2026-01-22T10:16:07.520000 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-1330 7.5 0.02% 1 0 2026-01-22T09:31:40 MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerabi
CVE-2026-1331 9.8 0.19% 1 0 2026-01-22T09:15:52.197000 MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnera
CVE-2026-0920 9.8 0.03% 3 2 2026-01-22T07:15:50.813000 The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Ad
CVE-2026-24042 9.4 0.14% 1 0 2026-01-22T04:16:00.187000 Appsmith is a platform to build admin panels, internal tools, and dashboards. In
CVE-2025-27380 7.6 0.03% 1 0 2026-01-22T03:31:34 HTML injection in Project Release in Altium Enterprise Server (AES) 7.0.3 on all
CVE-2025-27378 8.6 0.04% 1 0 2026-01-22T03:31:28 AES contains a SQL injection vulnerability due to an inactive configuration that
CVE-2026-24010 8.8 0.05% 2 0 2026-01-22T03:15:48.090000 Horilla is a free and open source Human Resource Management System (HRMS). A cri
CVE-2026-24002 9.0 0.05% 1 0 2026-01-22T03:15:47.777000 Grist is spreadsheet software using Python as its formula language. Grist offers
CVE-2026-23966 9.1 0.01% 2 0 2026-01-22T03:15:47.007000 sm-crypto provides JavaScript implementations of the Chinese cryptographic algor
CVE-2026-23956 7.5 0.04% 1 0 2026-01-22T02:15:52.310000 seroval facilitates JS value stringification, including complex structures beyon
CVE-2026-23737 7.5 0.07% 1 0 2026-01-21T23:15:52.493000 seroval facilitates JS value stringification, including complex structures beyon
CVE-2026-22807 8.8 0.05% 1 0 2026-01-21T22:15:49.077000 vLLM is an inference and serving engine for large language models (LLMs). Starti
CVE-2025-13878 7.5 0.03% 2 0 2026-01-21T21:31:32 Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This is
CVE-2026-20045 8.2 0.68% 8 1 2026-01-21T21:31:31 A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unif
CVE-2026-22793 9.6 0.20% 1 0 2026-01-21T21:16:10.107000 5ire is a cross-platform desktop artificial intelligence assistant and model con
CVE-2025-66692 7.5 0.04% 1 0 2026-01-21T18:31:36 A buffer over-read in the PublicKey::verify() method of Binance - Trust Wallet C
CVE-2026-20055 4.8 0.03% 1 0 2026-01-21T18:30:38 Multiple vulnerabilities in the web-based management interface of Cisco Packaged
CVE-2026-20092 6.0 0.01% 1 0 2026-01-21T18:30:38 A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual A
CVE-2025-70650 7.5 0.04% 1 0 2026-01-21T18:30:37 Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceL
CVE-2025-70651 7.5 0.04% 1 0 2026-01-21T18:30:30 Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid pa
CVE-2026-20109 4.8 0.03% 1 0 2026-01-21T17:16:08.723000 Multiple vulnerabilities in the web-based management interface of Cisco Packaged
CVE-2026-20080 5.3 0.10% 1 0 2026-01-21T17:16:08.410000 A vulnerability in the SSH service of Cisco IEC6400 Wireless Backhaul Edge Compu
CVE-2025-64087 9.8 0.07% 1 1 2026-01-21T16:56:51 A Server-Side Template Injection (SSTI) vulnerability in the FreeMarker componen
CVE-2026-22022 8.2 0.04% 1 0 2026-01-21T16:16:10.360000 Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based
CVE-2026-21945 7.5 0.04% 1 0 2026-01-21T16:16:08.437000 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Ente
CVE-2025-57156 7.5 0.10% 1 0 2026-01-21T15:32:23 NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/h
CVE-2025-55423 9.8 0.19% 1 0 2026-01-21T15:32:18 ipTIME routers A2003NS-MU 10.00.6 to 12.16.2 , N600 10.00.8 to 12.16.2, A604-V3
CVE-2025-65482 9.8 0.06% 1 1 2026-01-21T15:16:07.750000 An XML External Entity (XXE) vulnerability in opensagres XDocReport v0.9.2 to v2
CVE-2025-57155 7.5 0.11% 1 0 2026-01-21T15:16:06.827000 NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c i
CVE-2025-56353 7.5 0.04% 1 0 2026-01-21T15:16:06.640000 In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memo
CVE-2026-23885 6.4 0.02% 1 1 2026-01-21T14:55:34 ### Summary A vulnerability was discovered during a manual security audit of the
CVE-2026-22755 None 0.96% 1 0 2026-01-20T21:31:34 Improper Neutralization of Special Elements used in a Command ('Command Injectio
CVE-2025-64155 9.8 0.04% 1 4 2026-01-20T16:16:06.200000 An improper neutralization of special elements used in an os command ('os comman
CVE-2026-22844 10.0 0.29% 1 1 2026-01-20T15:33:21 A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before
CVE-2026-23744 9.8 0.65% 1 1 2026-01-16T21:57:11 ### Summary MCPJam inspector is the local-first development platform for MCP ser
CVE-2026-23490 7.5 0.05% 1 0 2026-01-16T21:56:00 ### Summary After reviewing pyasn1 v0.6.1 a Denial-of-Service issue has been fo
CVE-2026-23745 None 0.01% 1 1 2026-01-16T21:16:24 ### Summary The `node-tar` library (`<= 7.5.2`) fails to sanitize the `linkpath
CVE-2026-20965 7.5 0.03% 2 0 2026-01-16T16:23:11.237000 Improper verification of cryptographic signature in Windows Admin Center allows
CVE-2025-59718 9.8 2.27% 8 3 2025-12-17T13:54:45.390000 A improper verification of cryptographic signature vulnerability in Fortinet For
CVE-2025-14321 9.8 0.08% 1 0 2025-12-11T21:15:46.907000 Use-after-free in the WebRTC: Signaling component. This vulnerability affects Fi
CVE-2025-59719 9.8 0.08% 1 1 2025-12-09T19:59:29.507000 An improper verification of cryptographic signature vulnerability in Fortinet Fo
CVE-2025-1432 7.8 0.08% 1 0 2025-11-13T19:34:53.453000 A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force
CVE-2025-12480 9.1 74.74% 1 0 template 2025-11-12T15:32:32 Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access
CVE-2021-35394 9.8 94.22% 2 0 template 2025-11-07T19:01:01.300000 Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called
CVE-2025-34164 None 0.30% 1 0 2025-11-03T18:32:42 A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions p
CVE-2025-34165 0 0.19% 1 0 2025-09-02T15:55:35.520000 A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions
CVE-2024-32462 8.4 0.19% 1 1 2025-08-21T00:43:47.783000 Flatpak is a system for building, distributing, and running sandboxed desktop ap
CVE-2025-54068 None 0.12% 1 4 2025-08-18T08:03:59 ### Impact In Livewire v3 (≤ 3.6.3), a vulnerability allows unauthenticated atta
CVE-2007-0882 0 90.96% 2 0 2025-04-09T00:30:58.490000 Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10
CVE-2020-15250 4.4 0.02% 1 0 2024-11-21T05:05:11.403000 In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder cont
CVE-2020-14343 9.8 13.70% 1 2 2024-11-21T05:03:03.217000 A vulnerability was discovered in the PyYAML library in versions before 5.4, whe
CVE-1999-0113 None 18.66% 1 0 2024-02-13T18:38:18 Some implementations of rlogin allow root access if given a -froot parameter.
CVE-2026-24399 0 0.01% 4 0 N/A
CVE-2026-24406 0 0.06% 4 0 N/A
CVE-2026-24405 0 0.06% 2 0 N/A
CVE-2025-48384 0 0.33% 1 44 N/A
CVE-2026-1386 0 0.01% 1 0 N/A
CVE-2026-24138 0 0.03% 1 0 N/A
CVE-2026-24129 0 0.04% 1 0 N/A
CVE-2026-1220 0 0.00% 1 0 N/A
CVE-2026-24038 0 0.07% 1 0 N/A
CVE-2026-23962 0 0.04% 1 0 N/A
CVE-2026-22792 0 0.12% 1 0 N/A
CVE-2025-68137 0 0.02% 1 0 N/A

CVE-2026-24061
(9.8 CRITICAL)

EPSS: 0.49%

updated 2026-01-25T01:16:04.343000

18 posts

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

28 repos

https://github.com/midox008/CVE-2026-24061

https://github.com/parameciumzhang/Tell-Me-Root

https://github.com/h3athen/CVE-2026-24061

https://github.com/JayGLXR/CVE-2026-24061-POC

https://github.com/infat0x/CVE-2026-24061

https://github.com/monstertsl/CVE-2026-24061

https://github.com/SafeBreach-Labs/CVE-2026-24061

https://github.com/Mr-Zapi/CVE-2026-24061

https://github.com/TryA9ain/CVE-2026-24061

https://github.com/yanxinwu946/CVE-2026-24061--telnetd

https://github.com/Chocapikk/CVE-2026-24061

https://github.com/cyberpoul/CVE-2026-24061-POC

https://github.com/hackingyseguridad/root

https://github.com/DeadlyHollows/CVE-2026-24061-setup

https://github.com/leonjza/inetutils-telnetd-auth-bypass

https://github.com/Ashwesker/Ashwesker-CVE-2026-24061

https://github.com/BrainBob/Telnet-TestVuln-CVE-2026-24061

https://github.com/madfxr/Twenty-Three-Scanner

https://github.com/BrainBob/CVE-2026-24061

https://github.com/xuemian168/CVE-2026-24061

https://github.com/typeconfused/CVE-2026-24061

https://github.com/m3ngx1ng/cve_2026_24061_cli

https://github.com/Alter-N0X/CVE-2026-24061-POC

https://github.com/r00tuser111/CVE-2026-24061

https://github.com/balgan/CVE-2026-24061

https://github.com/SystemVll/CVE-2026-24061

https://github.com/z3n70/CVE-2026-24061

https://github.com/duy-31/CVE-2026-24061---telnetd

beyondmachines1 at 2026-01-25T09:01:02.495Z ##

GNU InetUtils telnetd Authentication Bypass Exploited in the Wild

A critical authentication bypass in GNU InetUtils telnetd (CVE-2026-24061) is actively exploited only days after the public reporting of the flaw. It's urgent that you block any telnet server you are using from the Internet.

**THIS IS URGENT! Check if you are using Telnet anywhere in your network. IMMEDIATELY isolate the Telnet interface to trusted networks and patch the code. Then stop using Telnet and switch to SSH.**

beyondmachines.net/event_detai

##
h12o@mastodon.tokyo at 2026-01-25T06:39:29.000Z ##

2.7までのGNU inetutilsに含まれるtelnetdに、細工した環境変数を送信するだけで認証を回避して特権ユーザーでのログインが可能な脆弱性が発見されたらしい。CVE-2026-24061。いまどきtelnetdをThe Internetに露出している人はそうそういないはずとはいえ、なかなか興味深いので調べてみたところ。`telnetd`が`execv()`で呼び出す`/usr/bin/login`のコマンドラインオプションをうまく使うことでそういうことができてしまうようで、正直興奮した。

safebreach.com/blog/safebreach

#CVE #GNU #inetutils #login #telnetd #サイバーセキュリティ #セキュリティ #情報セキュリティ #脆弱性

##
alios@23.social at 2026-01-25T04:48:39.000Z ##

oh lol - 2026 - 9.8er (critical) CVE im *telnetd* :D (CVE-2026-24061)

nvd.nist.gov/vuln/detail/CVE-2

##
ivarch@fedi.ivarch.com at 2026-01-24T14:18:26.000Z ##

@distrowatch There's a critical vulnerability in the server side, CVE-2026-24061, to do with environment handling - see bleepingcomputer.com/news/secu

##
redsakana at 2026-01-24T11:43:36.072Z ##

Canonical not doing great on the telnetd vuln (CVE-2026-24061). Even if telnetd is not widely deployed today, it's still a huge auth bypass and the patch is simple and uncontroversial. Yet ubuntu.com/security/CVE-2026-2 was last updated 3 days ago and status is "needs evaluation" for all releases.

Really makes me want to pay for their premium services.

##
nu11secur1ty at 2026-01-24T08:59:38.989Z ##

nu11secur1ty.com/2026/01/cve-2

##
undercodenews@mastodon.social at 2026-01-24T01:25:49.000Z ##

GNU InetUtils Telnetd Root Authentication Bypass Vulnerability (CVE-2026-24061) Exposes Critical Legacy Risk + Video

Legacy Network Services Under Modern Threat Pressure The continued presence of legacy network services in modern infrastructures has once again proven to be a silent but dangerous liability. GNU InetUtils telnetd, a component still deployed in embedded systems, academic environments, and legacy enterprise networks, has been affected by a newly disclosed…

undercodenews.com/gnu-inetutil

##
beyondmachines1@infosec.exchange at 2026-01-25T09:01:02.000Z ##

GNU InetUtils telnetd Authentication Bypass Exploited in the Wild

A critical authentication bypass in GNU InetUtils telnetd (CVE-2026-24061) is actively exploited only days after the public reporting of the flaw. It's urgent that you block any telnet server you are using from the Internet.

**THIS IS URGENT! Check if you are using Telnet anywhere in your network. IMMEDIATELY isolate the Telnet interface to trusted networks and patch the code. Then stop using Telnet and switch to SSH.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##
alios@23.social at 2026-01-25T04:48:39.000Z ##

oh lol - 2026 - 9.8er (critical) CVE im *telnetd* :D (CVE-2026-24061)

nvd.nist.gov/vuln/detail/CVE-2

##
ivarch@fedi.ivarch.com at 2026-01-24T14:18:26.000Z ##

@distrowatch There's a critical vulnerability in the server side, CVE-2026-24061, to do with environment handling - see bleepingcomputer.com/news/secu

##
obivan@infosec.exchange at 2026-01-23T18:51:40.000Z ##

Telnet RCE Exploit github.com/SafeBreach-Labs/CVE

##
defendopsdiaries@infosec.exchange at 2026-01-23T16:35:53.000Z ##

Hackers are now getting instant root access to thousands of legacy devices with a single Telnet handshake—no password needed. The flaw is shockingly simple and already being exploited. How safe are your old systems?

thedefendopsdiaries.com/cve-20

##
jschauma@mstdn.social at 2026-01-23T02:23:01.000Z ##

Trollolol, telnetd lets you log in without a password if you send the USER environment variable as "-f root" (which gets passed unsanitized to login(1)).

(Yes, yes, telnet, but still. :-)

openwall.com/lists/oss-securit

CVE-2026-24061

##
colin_mcmillen@piaille.fr at 2026-01-22T17:26:17.000Z ##

There is a critical auth bypass vulnerability in telnetd (nvd.nist.gov/vuln/detail/CVE-2) so I will need to update the surl-server Apple II proxy image. It has telnetd enabled (on localhost only, so is only accessible via the Apple II's serial port and you're probably already root on it)

##
hrbrmstr@mastodon.social at 2026-01-22T11:38:41.000Z ##

We caught a few (desperate) fiends trying to have their way with our vulnerable-to Telnetd -f Auth Bypass vuln (CVE-2026-24061) systems and I took a spelunk in the PCAPs:

Some of the least clever and least capable actors I've seen in a while.

"-f Around and Find Out: 18 Hours of Unsolicited Telnet Houseguests “ takes you on a deep dive into the packets.

labs.greynoise.io//grimoire/20

cc: @darses

##
linux@activitypub.awakari.com at 2026-01-22T07:19:48.000Z ## Debian: inetutils Important Telnetd Login Bypass CVE-2026-24061 DSA-6106-1 Kyu Neushwaistein discovered that telnetd from inetutils does not sanitize the USER environment variable before passing it...

#Debian #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##
hrbrmstr@mastodon.social at 2026-01-22T07:42:41.000Z ##

I shot a 📄 to the team to 👀 later today but we've seen some activity on the recent Inetutils Telnetd -f Auth Bypass vuln (CVE-2026-24061) — viz.greynoise.io/tags/inetutil

We stood up some full vulnerable systems and a cpl IPs only hit those, so the targeting precision was oddly fast.

If they don't do a main GN blog I'll post deets on the Labs blog (I'm OOO today).

Rly glad this was a nothingburger.

Spidey-sense says something yuge (not related to this) is coming soon tho. The internet feels “off”.

##
cert_fr@social.numerique.gouv.fr at 2026-01-21T16:29:58.000Z ##

La vulnérabilité CVE-2026-24061 permet à un attaquant de se connecter en root en contournant l'authentification d'un service telnetd. Un code d'exploitation est disponible et son exploitation est triviale.
cert.ssi.gouv.fr/actualite/CER

##

CVE-2026-0911
(7.5 HIGH)

EPSS: 0.08%

updated 2026-01-24T13:15:55.300000

2 posts

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the action_import_module() function in all versions up to, and including, 7.8.9.2. This makes it possible for authenticated attackers, with a lower-privileged role (e.g., Subscriber-level access and above), to upload arbitrary files on

thehackerwire@mastodon.social at 2026-01-24T13:59:54.000Z ##

🟠 CVE-2026-0911 - High (7.5)

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the action_import_module() function in all versions up to, and including, 7.8.9.2...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T13:59:54.000Z ##

🟠 CVE-2026-0911 - High (7.5)

The Hustle – Email Marketing, Lead Generation, Optins, Popups plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the action_import_module() function in all versions up to, and including, 7.8.9.2...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1257
(7.5 HIGH)

EPSS: 0.07%

updated 2026-01-24T08:16:09.517000

3 posts

The Administrative Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.3.4 via the 'slug' attribute of the 'get_template' shortcode. This is due to insufficient path validation on user-supplied input passed to the get_template_part() function. This makes it possible for authenticated attackers, with Contributor-level access and above, to in

mastokukei@social.josko.org at 2026-01-24T09:01:01.000Z ##

testing Megawatt Charging System (MCS) for long-haul eActros/modern EVs.
- CVE-2026-1257: Administrative Shortcodes WordPress plugin vulnerability (Local File Inclusion).
- AI in security: 73% of CISOs likely to consider AI-enabled security solutions per Foundry study. [2/2]

##
thehackerwire@mastodon.social at 2026-01-24T08:29:03.000Z ##

🟠 CVE-2026-1257 - High (7.5)

The Administrative Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.3.4 via the 'slug' attribute of the 'get_template' shortcode. This is due to insufficient path validation on user-supp...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T08:29:03.000Z ##

🟠 CVE-2026-1257 - High (7.5)

The Administrative Shortcodes plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 0.3.4 via the 'slug' attribute of the 'get_template' shortcode. This is due to insufficient path validation on user-supp...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-13374
(9.8 CRITICAL)

EPSS: 0.14%

updated 2026-01-24T08:16:05.173000

2 posts

The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the kalrav_upload_file AJAX action in all versions up to, and including, 2.3.3. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

1 repos

https://github.com/boroeurnprach/CVE-2025-13374

thehackerwire@mastodon.social at 2026-01-24T11:35:24.000Z ##

🔴 CVE-2025-13374 - Critical (9.8)

The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the kalrav_upload_file AJAX action in all versions up to, and including, 2.3.3. This makes it possible for unauthenticated atta...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T11:35:24.000Z ##

🔴 CVE-2025-13374 - Critical (9.8)

The Kalrav AI Agent plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the kalrav_upload_file AJAX action in all versions up to, and including, 2.3.3. This makes it possible for unauthenticated atta...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24469
(7.5 HIGH)

EPSS: 0.03%

updated 2026-01-24T03:16:01.150000

2 posts

C++ HTTP Server is an HTTP/1.1 server built to handle client connections and serve HTTP requests. Versions 1.0 and below are vulnerable to Path Traversal via the RequestHandler::handleRequest method. This flaw allows an unauthenticated, remote attacker to read arbitrary files from the server's filesystem by crafting a malicious HTTP GET request containing ../ sequences. The application fails to sa

thehackerwire@mastodon.social at 2026-01-24T03:59:54.000Z ##

🟠 CVE-2026-24469 - High (7.5)

C++ HTTP Server is an HTTP/1.1 server built to handle client connections and serve HTTP requests. Versions 1.0 and below are vulnerable to Path Traversal via the RequestHandler::handleRequest method. This flaw allows an unauthenticated, remote att...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T03:59:54.000Z ##

🟠 CVE-2026-24469 - High (7.5)

C++ HTTP Server is an HTTP/1.1 server built to handle client connections and serve HTTP requests. Versions 1.0 and below are vulnerable to Path Traversal via the RequestHandler::handleRequest method. This flaw allows an unauthenticated, remote att...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24412
(8.8 HIGH)

EPSS: 0.06%

updated 2026-01-24T02:15:49.360000

2 posts

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml() function. This occurs when user-controllable input is unsafely incorporated into ICC profile data or other structured binary blobs. Successful exploitation may allow an attack

thehackerwire@mastodon.social at 2026-01-24T03:00:32.000Z ##

🟠 CVE-2026-24412 - High (8.8)

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml() function. This occurs ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T03:00:32.000Z ##

🟠 CVE-2026-24412 - High (8.8)

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have aHeap Buffer Overflow vulnerability in the CIccTagXmlSegmentedCurve::ToXml() function. This occurs ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24609
(7.5 HIGH)

EPSS: 0.11%

updated 2026-01-23T22:36:54

2 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through <= 3.1.

thehackerwire@mastodon.social at 2026-01-23T23:18:20.000Z ##

🟠 CVE-2026-24609 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through &lt;= 3.1.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T23:18:20.000Z ##

🟠 CVE-2026-24609 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent laurent allows PHP Local File Inclusion.This issue affects Laurent: from n/a through &lt;= 3.1.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24608
(7.5 HIGH)

EPSS: 0.11%

updated 2026-01-23T22:36:54

2 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent Core laurent-core allows PHP Local File Inclusion.This issue affects Laurent Core: from n/a through <= 2.4.1.

thehackerwire@mastodon.social at 2026-01-23T23:18:11.000Z ##

🟠 CVE-2026-24608 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent Core laurent-core allows PHP Local File Inclusion.This issue affects Laurent Core: from n/a through &lt;...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T23:18:11.000Z ##

🟠 CVE-2026-24608 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elated-Themes Laurent Core laurent-core allows PHP Local File Inclusion.This issue affects Laurent Core: from n/a through &lt;...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24635
(7.5 HIGH)

EPSS: 0.11%

updated 2026-01-23T22:36:54

2 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DevsBlink EduBlink Core edublink-core allows PHP Local File Inclusion.This issue affects EduBlink Core: from n/a through <= 2.0.7.

thehackerwire@mastodon.social at 2026-01-23T23:18:01.000Z ##

🟠 CVE-2026-24635 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DevsBlink EduBlink Core edublink-core allows PHP Local File Inclusion.This issue affects EduBlink Core: from n/a through &lt;=...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T23:18:01.000Z ##

🟠 CVE-2026-24635 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in DevsBlink EduBlink Core edublink-core allows PHP Local File Inclusion.This issue affects EduBlink Core: from n/a through &lt;=...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69907
(7.5 HIGH)

EPSS: 0.03%

updated 2026-01-23T22:35:52

2 posts

An unauthenticated information disclosure vulnerability exists in Newgen OmniDocs due to missing authentication and access control on the /omnidocs/GetListofCabinet API endpoint. A remote attacker can access this endpoint without valid credentials to retrieve sensitive internal configuration information, including cabinet names and database-related metadata. This allows unauthorized enumeration of

thehackerwire@mastodon.social at 2026-01-24T00:15:56.000Z ##

🟠 CVE-2025-69907 - High (7.5)

An unauthenticated information disclosure vulnerability exists in Newgen OmniDocs due to missing authentication and access control on the /omnidocs/GetListofCabinet API endpoint. A remote attacker can access this endpoint without valid credentials...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T00:15:56.000Z ##

🟠 CVE-2025-69907 - High (7.5)

An unauthenticated information disclosure vulnerability exists in Newgen OmniDocs due to missing authentication and access control on the /omnidocs/GetListofCabinet API endpoint. A remote attacker can access this endpoint without valid credentials...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24367
(8.8 HIGH)

EPSS: 0.03%

updated 2026-01-23T22:16:23.753000

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through < 3.2.8.

thehackerwire@mastodon.social at 2026-01-25T07:54:22.000Z ##

🟠 CVE-2026-24367 - High (8.8)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through &lt; 3.2.8.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-25T07:54:22.000Z ##

🟠 CVE-2026-24367 - High (8.8)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in shinetheme Traveler traveler allows Blind SQL Injection.This issue affects Traveler: from n/a through &lt; 3.2.8.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20750
(9.1 CRITICAL)

EPSS: 0.03%

updated 2026-01-23T22:16:15.977000

2 posts

Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization.

thehackerwire@mastodon.social at 2026-01-24T07:45:19.000Z ##

🔴 CVE-2026-20750 - Critical (9.1)

Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T07:45:19.000Z ##

🔴 CVE-2026-20750 - Critical (9.1)

Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69180
(8.8 HIGH)

EPSS: 0.03%

updated 2026-01-23T22:16:14.630000

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Blind SQL Injection.This issue affects Ultra Portfolio: from n/a through <= 6.7.

thehackerwire@mastodon.social at 2026-01-25T07:54:31.000Z ##

🟠 CVE-2025-69180 - High (8.8)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Blind SQL Injection.This issue affects Ultra Portfolio: from n/a through &lt;= 6.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-25T07:54:31.000Z ##

🟠 CVE-2025-69180 - High (8.8)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in themepassion Ultra Portfolio ultra-portfolio allows Blind SQL Injection.This issue affects Ultra Portfolio: from n/a through &lt;= 6.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-66720
(7.5 HIGH)

EPSS: 0.01%

updated 2026-01-23T21:31:51

1 posts

Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/processor/ampolicy.go in function HandleDeletePoliciesPolAssoId.

thehackerwire@mastodon.social at 2026-01-23T20:00:41.000Z ##

🟠 CVE-2025-66720 - High (7.5)

Null pointer dereference in free5gc pcf 1.4.0 in file internal/sbi/processor/ampolicy.go in function HandleDeletePoliciesPolAssoId.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-67229
(9.8 CRITICAL)

EPSS: 0.01%

updated 2026-01-23T21:31:51

1 posts

An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation.

thehackerwire@mastodon.social at 2026-01-23T20:00:28.000Z ##

🔴 CVE-2025-67229 - Critical (9.8)

An improper certificate validation vulnerability exists in ToDesktop Builder v0.32.1 This vulnerability allows an unauthenticated, on-path attacker to spoof backend responses by exploiting insufficient certificate validation.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-66719
(9.1 CRITICAL)

EPSS: 0.03%

updated 2026-01-23T21:31:50

1 posts

An issue was discovered in Free5gc NRF 1.4.0. In the access-token generation logic of free5GC, the AccessTokenScopeCheck() function in file internal/sbi/processor/access_token.go bypasses all scope validation when the attacker uses a crafted targetNF value. This allows attackers to obtain an access token with any arbitrary scope.

thehackerwire@mastodon.social at 2026-01-23T20:25:16.000Z ##

🔴 CVE-2025-66719 - Critical (9.1)

An issue was discovered in Free5gc NRF 1.4.0. In the access-token generation logic of free5GC, the AccessTokenScopeCheck() function in file internal/sbi/processor/access_token.go bypasses all scope validation when the attacker uses a crafted targe...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70983
(10.0 CRITICAL)

EPSS: 0.01%

updated 2026-01-23T21:30:54

1 posts

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges.

thehackerwire@mastodon.social at 2026-01-23T20:24:29.000Z ##

🔴 CVE-2025-70983 - Critical (9.9)

Incorrect access control in the authRoutes function of SpringBlade v4.5.0 allows attackers with low-level privileges to escalate privileges.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70985
(9.1 CRITICAL)

EPSS: 0.01%

updated 2026-01-23T21:30:44

1 posts

Incorrect access control in the update function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily modify data outside of their scope.

thehackerwire@mastodon.social at 2026-01-23T20:24:39.000Z ##

🔴 CVE-2025-70985 - Critical (9.1)

Incorrect access control in the update function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily modify data outside of their scope.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70986
(7.5 HIGH)

EPSS: 0.01%

updated 2026-01-23T21:30:44

1 posts

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data.

thehackerwire@mastodon.social at 2026-01-23T20:24:18.000Z ##

🟠 CVE-2025-70986 - High (7.5)

Incorrect access control in the selectDept function of RuoYi v4.8.2 allows unauthorized attackers to arbitrarily access sensitive department data.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24572
(8.8 HIGH)

EPSS: 0.01%

updated 2026-01-23T21:30:43

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio Content nelio-content allows Blind SQL Injection.This issue affects Nelio Content: from n/a through <= 4.1.0.

thehackerwire@mastodon.social at 2026-01-24T00:15:47.000Z ##

🟠 CVE-2026-24572 - High (8.8)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio Content nelio-content allows Blind SQL Injection.This issue affects Nelio Content: from n/a through &lt;= 4.1.0.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T00:15:47.000Z ##

🟠 CVE-2026-24572 - High (8.8)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nelio Software Nelio Content nelio-content allows Blind SQL Injection.This issue affects Nelio Content: from n/a through &lt;= 4.1.0.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23760
(0 None)

EPSS: 3.36%

updated 2026-01-23T20:16:02.600000

1 posts

SmarterTools SmarterMail versions prior to build 9511 contain an authentication bypass vulnerability in the password reset API. The force-reset-password endpoint permits anonymous requests and fails to verify the existing password or a reset token when resetting system administrator accounts. An unauthenticated attacker can supply a target administrator username and a new password to reset the acc

Nuclei template

1 repos

https://github.com/MaxMnMl/smartermail-CVE-2026-23760-poc

AAKL@infosec.exchange at 2026-01-22T18:52:55.000Z ##

New.

Huntress: DE&TH to Vulnerabilities: Huntress Catches SmarterMail Account Takeover Leading to RCE (CVE-2026-23760) huntress.com/blog/smartermail- @huntress #infosec

##

CVE-2025-66428
(8.8 HIGH)

EPSS: 0.02%

updated 2026-01-23T20:15:53.510000

2 posts

An issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.1 allows privilege escalation.

thehackerwire@mastodon.social at 2026-01-24T07:45:30.000Z ##

🟠 CVE-2025-66428 - High (8.8)

An issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.1 allows privilege escalation.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T07:45:30.000Z ##

🟠 CVE-2025-66428 - High (8.8)

An issue with WordPress directory names in WebPros WordPress Toolkit before 6.9.1 allows privilege escalation.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-56590
(9.8 CRITICAL)

EPSS: 0.05%

updated 2026-01-23T20:15:53.183000

2 posts

An issue was discovered in the InsertFromURL() function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server.

thehackerwire@mastodon.social at 2026-01-24T07:45:39.000Z ##

🔴 CVE-2025-56590 - Critical (9.8)

An issue was discovered in the InsertFromURL() function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T07:45:39.000Z ##

🔴 CVE-2025-56590 - Critical (9.8)

An issue was discovered in the InsertFromURL() function of the Apryse HTML2PDF SDK thru 11.10. This vulnerability could allow an attacker to execute arbitrary operating system commands on the local server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20912(CVSS UNKNOWN)

EPSS: 0.03%

updated 2026-01-23T20:14:54

2 posts

Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthorized users.

thehackerwire@mastodon.social at 2026-01-24T00:17:39.000Z ##

🔴 CVE-2026-20912 - Critical (9.1)

Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthori...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T00:17:39.000Z ##

🔴 CVE-2026-20912 - Critical (9.1)

Gitea does not properly validate repository ownership when linking attachments to releases. An attachment uploaded to a private repository could potentially be linked to a release in a different public repository, making it accessible to unauthori...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20897(CVSS UNKNOWN)

EPSS: 0.03%

updated 2026-01-23T20:14:46

2 posts

Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repository may be able to delete LFS locks belonging to other repositories.

thehackerwire@mastodon.social at 2026-01-24T00:17:51.000Z ##

🔴 CVE-2026-20897 - Critical (9.1)

Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repository may be able to delete LFS locks belonging to other repositories.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T00:17:51.000Z ##

🔴 CVE-2026-20897 - Critical (9.1)

Gitea does not properly validate repository ownership when deleting Git LFS locks. A user with write access to one repository may be able to delete LFS locks belonging to other repositories.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20736(CVSS UNKNOWN)

EPSS: 0.03%

updated 2026-01-23T20:11:38

2 posts

Gitea does not properly verify repository context when deleting attachments. A user who previously uploaded an attachment to a repository may be able to delete it after losing access to that repository by making the request through a different repository they can access.

thehackerwire@mastodon.social at 2026-01-24T00:18:01.000Z ##

🟠 CVE-2026-20736 - High (7.5)

Gitea does not properly verify repository context when deleting attachments. A user who previously uploaded an attachment to a repository may be able to delete it after losing access to that repository by making the request through a different rep...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T00:18:01.000Z ##

🟠 CVE-2026-20736 - High (7.5)

Gitea does not properly verify repository context when deleting attachments. A user who previously uploaded an attachment to a repository may be able to delete it after losing access to that repository by making the request through a different rep...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-11344
(6.3 MEDIUM)

EPSS: 0.19%

updated 2026-01-23T19:15:51.993000

2 posts

A vulnerability was detected in ILIAS up to 8.23/9.13/10.1. Affected by this vulnerability is an unknown functionality of the component Certificate Import Handler. The manipulation results in Remote Code Execution. The attack may be performed from remote. Upgrading to version 8.24, 9.14 and 10.2 addresses this issue. It is recommended to upgrade the affected component.

renereh1@neos.social at 2026-01-24T12:33:22.000Z ##

ILIAS 10.0, 10.1, 10.2 – Unauthenticated RCE write-up published:
srlabs.de/blog/breaking-ilias-

Why is this being published only now?

The vulnerability discussed here is tracked as CVE-2025-11344 and was assigned a CVSS base score of 5.3 (MEDIUM). Anyone wondering why this was not classified as CRITICAL should be aware that the CNA relied on the base score and severity assessment provided by ILIAS in its security advisory, which included neither a scoring matrix nor any justification for the rating.

##
renereh1@neos.social at 2026-01-24T12:33:22.000Z ##

ILIAS 10.0, 10.1, 10.2 – Unauthenticated RCE write-up published:
srlabs.de/blog/breaking-ilias-

Why is this being published only now?

The vulnerability discussed here is tracked as CVE-2025-11344 and was assigned a CVSS base score of 5.3 (MEDIUM). Anyone wondering why this was not classified as CRITICAL should be aware that the CNA relied on the base score and severity assessment provided by ILIAS in its security advisory, which included neither a scoring matrix nor any justification for the rating.

##

CVE-2024-37079
(9.8 CRITICAL)

EPSS: 82.70%

updated 2026-01-23T19:15:51.807000

5 posts

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution.

jbhall56 at 2026-01-24T15:24:41.449Z ##

The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in the implementation of the DCE/RPC protocol that could allow a bad actor with network access to vCenter Server to achieve remote code execution. thehackernews.com/2026/01/cisa

##
jbhall56@infosec.exchange at 2026-01-24T15:24:41.000Z ##

The vulnerability in question is CVE-2024-37079 (CVSS score: 9.8), which refers to a heap overflow in the implementation of the DCE/RPC protocol that could allow a bad actor with network access to vCenter Server to achieve remote code execution. thehackernews.com/2026/01/cisa

##
youranonnewsirc@nerdculture.de at 2026-01-23T21:24:23.000Z ##

Here's a summary of the latest in technology and cybersecurity from the last 24 hours:

**Cybersecurity:** Marlink Cyber revealed a critical DNS DoS flaw in ISC BIND (Jan 22). CISA added a Broadcom VMware vCenter vulnerability (CVE-2024-37079) to its exploited list (Jan 23). CISA & NSA warned of Chinese state-sponsored BRICKSTORM malware targeting gov networks (Jan 22).

**Technology:** Apple's Siri AI training is reportedly shifting to Google's TPUs (Jan 22). Nvidia CEO Jensen Huang linked AI growth to power constraints at Davos (Jan 22).

#News #Anonymous #AnonNews_irc

##
DarkWebInformer@infosec.exchange at 2026-01-23T19:52:04.000Z ##

‼️CISA has added 5 vulnerabilities to the KEV Catalog

darkwebinformer.com/cisa-kev-c

CVE-2024-37079: Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability

CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability

CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability

CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability

##
cisakevtracker@mastodon.social at 2026-01-23T19:01:12.000Z ##

CVE ID: CVE-2024-37079
Vendor: Broadcom
Product: VMware vCenter Server
Date Added: 2026-01-23
Notes: support.broadcom.com/web/ecx/s ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-34026
(7.5 HIGH)

EPSS: 54.54%

updated 2026-01-23T18:39:24.063000

3 posts

The Versa Concerto SD-WAN orchestration platform is vulnerable to an authentication bypass in the Traefik reverse proxy configuration, allowing at attacker to access administrative endpoints. The internal Actuator endpoint can be leveraged for access to heap dumps and trace logs.This issue is known to affect Concerto from 12.1.2 through 12.2.0. Additional versions may be vulnerable.

Nuclei template

DarkWebInformer@infosec.exchange at 2026-01-23T19:52:04.000Z ##

‼️CISA has added 5 vulnerabilities to the KEV Catalog

darkwebinformer.com/cisa-kev-c

CVE-2024-37079: Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability

CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability

CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability

CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability

##
cisakevtracker@mastodon.social at 2026-01-22T19:01:27.000Z ##

CVE ID: CVE-2025-34026
Vendor: Versa
Product: Concerto
Date Added: 2026-01-22
Notes: security-portal.versa-networks ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##
AAKL@infosec.exchange at 2026-01-22T18:43:25.000Z ##

More updates from CISA:

- CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability cve.org/CVERecord?id=CVE-2025-

And several industrial advisories are listed here: cisa.gov/ #CISA #infoec #vulnerability

##

CVE-2025-54313
(7.5 HIGH)

EPSS: 4.45%

updated 2026-01-23T18:33:09.503000

3 posts

eslint-config-prettier 8.10.1, 9.1.1, 10.1.6, and 10.1.7 has embedded malicious code for a supply chain compromise. Installing an affected package executes an install.js file that launches the node-gyp.dll malware on Windows.

3 repos

https://github.com/nihilor/cve-2025-54313

https://github.com/ShinP451/scavenger_scanner

https://github.com/Drasrax/npm-shai-hulud-scanner

DarkWebInformer@infosec.exchange at 2026-01-23T19:52:04.000Z ##

‼️CISA has added 5 vulnerabilities to the KEV Catalog

darkwebinformer.com/cisa-kev-c

CVE-2024-37079: Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability

CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability

CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability

CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability

##
cisakevtracker@mastodon.social at 2026-01-22T19:01:58.000Z ##

CVE ID: CVE-2025-54313
Vendor: Prettier
Product: eslint-config-prettier
Date Added: 2026-01-22
Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: npmjs.com/package/eslint-confi ; github.com/prettier/eslint-con ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##
AAKL@infosec.exchange at 2026-01-22T18:43:25.000Z ##

More updates from CISA:

- CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability cve.org/CVERecord?id=CVE-2025-

And several industrial advisories are listed here: cisa.gov/ #CISA #infoec #vulnerability

##

CVE-2025-69908
(7.5 HIGH)

EPSS: 0.01%

updated 2026-01-23T18:31:35

1 posts

An unauthenticated information disclosure vulnerability in Newgen OmniApp allows attackers to enumerate valid privileged usernames via a publicly accessible client-side JavaScript resource.

thehackerwire@mastodon.social at 2026-01-23T16:45:19.000Z ##

🟠 CVE-2025-69908 - High (7.5)

An unauthenticated information disclosure vulnerability in Newgen OmniApp allows attackers to enumerate valid privileged usernames via a publicly accessible client-side JavaScript resource.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-67221(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-01-23T16:56:03

1 posts

The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents.

1 repos

https://github.com/kpatsakis/CVE-2025-67221

thehackerwire@mastodon.social at 2026-01-23T01:55:11.000Z ##

🟠 CVE-2025-67221 - High (7.5)

The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23954
(8.7 HIGH)

EPSS: 0.09%

updated 2026-01-23T15:46:36

1 posts

### Summary A user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) can use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file read, and host arbitrary file write, ultimately resulting in arbitrary command execution on the host. This can also be exploited in IncusOS. ### Details When using an image wit

thehackerwire@mastodon.social at 2026-01-22T23:00:52.000Z ##

🟠 CVE-2026-23954 - High (8.7)

Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image (e.g a member of the ‘incus’ group) to use directory traversal or symbolic links in the ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-4319
(9.4 CRITICAL)

EPSS: 0.07%

updated 2026-01-23T15:31:44

1 posts

Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute Force, Password Recovery Exploitation.This issue affects Sufirmam: through 23012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

thehackerwire@mastodon.social at 2026-01-23T13:43:50.000Z ##

🔴 CVE-2025-4319 - Critical (9.4)

Improper Restriction of Excessive Authentication Attempts, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Brute Force, Password Recovery Exploitation.This issu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20613
(7.8 HIGH)

EPSS: 0.01%

updated 2026-01-23T15:16:07.070000

1 posts

The ArchiveReader.extractContents() function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file into any user-writable location on the system using relative pathnames. This issue is addressed in container 0.8.0 and containerization 0.21.0.

thehackerwire@mastodon.social at 2026-01-23T15:53:05.000Z ##

🟠 CVE-2026-20613 - High (7.8)

The ArchiveReader.extractContents() function used by cctl image load and container image load performs no pathname validation before extracting an archive member. This means that a carelessly or maliciously constructed archive can extract a file i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-4320
(10.0 CRITICAL)

EPSS: 0.07%

updated 2026-01-23T13:15:49.123000

1 posts

Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation.This issue affects Sufirmam: through 23012026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

thehackerwire@mastodon.social at 2026-01-23T13:43:40.000Z ##

🔴 CVE-2025-4320 - Critical (10)

Authentication Bypass by Primary Weakness, Weak Password Recovery Mechanism for Forgotten Password vulnerability in Birebirsoft Software and Technology Solutions Sufirmam allows Authentication Bypass, Password Recovery Exploitation.This issue affe...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-14866
(8.8 HIGH)

EPSS: 0.02%

updated 2026-01-23T13:15:47.983000

1 posts

The Melapress Role Editor plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.1. This is due to a misconfigured capability check on the 'save_secondary_roles_field' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to assign themselves additional roles including Administrator.

thehackerwire@mastodon.social at 2026-01-23T13:43:59.000Z ##

🟠 CVE-2025-14866 - High (8.8)

The Melapress Role Editor plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.1.1. This is due to a misconfigured capability check on the 'save_secondary_roles_field' function. This makes it possible ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22273
(8.8 HIGH)

EPSS: 0.02%

updated 2026-01-23T12:30:36

1 posts

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of Default Credentials vulnerability in the OS. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Elevation of privileges.

thehackerwire@mastodon.social at 2026-01-23T10:18:16.000Z ##

🟠 CVE-2026-22273 - High (8.8)

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains an Use of Default Credentials vulnerability in the OS. A low privileged attacker with remote access could potentially exploit this vulnerability, ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22271
(7.5 HIGH)

EPSS: 0.02%

updated 2026-01-23T09:30:30

1 posts

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to information exposure.

thehackerwire@mastodon.social at 2026-01-23T10:09:31.000Z ##

🟠 CVE-2026-22271 - High (7.5)

Dell ECS, versions 3.8.1.0 through 3.8.1.7, and Dell ObjectScale versions prior to 4.2.0.0, contains a Cleartext Transmission of Sensitive Information vulnerability. An unauthenticated attacker with remote access could potentially exploit this vul...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0603
(8.3 HIGH)

EPSS: 0.07%

updated 2026-01-23T09:30:29

1 posts

A flaw was found in Hibernate. A remote attacker with low privileges could exploit a second-order SQL injection vulnerability by providing specially crafted, unsanitized non-alphanumeric characters in the ID column when the InlineIdsOrClauseBuilder is used. This could lead to sensitive information disclosure, such as reading system files, and allow for data manipulation or deletion within the appl

thehackerwire@mastodon.social at 2026-01-23T10:12:04.000Z ##

🟠 CVE-2026-0603 - High (8.3)

A flaw was found in Hibernate. A remote attacker with low privileges could exploit a second-order SQL injection vulnerability by providing specially crafted, unsanitized non-alphanumeric characters in the ID column when the InlineIdsOrClauseBuilde...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1363
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-01-23T09:30:29

1 posts

IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end.

thehackerwire@mastodon.social at 2026-01-23T10:09:41.000Z ##

🔴 CVE-2026-1363 - Critical (9.8)

IAQS and I6 developed by JNC has a Client-Side Enforcement of Server-Side Security vulnerability, allowing unauthenticated remote attackers to gain administrator privileges by manipulating the web front-end.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1364
(9.8 CRITICAL)

EPSS: 0.13%

updated 2026-01-23T09:15:47.643000

1 posts

IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities.

thehackerwire@mastodon.social at 2026-01-23T10:09:51.000Z ##

🔴 CVE-2026-1364 - Critical (9.8)

IAQS and I6 developed by JNC has a Missing Authentication vulnerability, allowing unauthenticated remote attackers to directly operate system administrative functionalities.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0791
(8.1 HIGH)

EPSS: 0.57%

updated 2026-01-23T06:31:33

2 posts

ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Replaces header of SIP INVITE requests.

thehackerwire@mastodon.social at 2026-01-23T05:30:23.000Z ##

🟠 CVE-2026-0791 - High (8.1)

ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. A...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T05:02:14.000Z ##

🟠 CVE-2026-0791 - High (8.1)

ALGO 8180 IP Audio Alerter SIP INVITE Replaces Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. A...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0787
(8.1 HIGH)

EPSS: 1.00%

updated 2026-01-23T06:31:33

2 posts

ALGO 8180 IP Audio Alerter SAC Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SAC module. The issue results from the lack of proper validation of a user-suppli

thehackerwire@mastodon.social at 2026-01-23T05:30:13.000Z ##

🟠 CVE-2026-0787 - High (8.1)

ALGO 8180 IP Audio Alerter SAC Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not requi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T05:02:04.000Z ##

🟠 CVE-2026-0787 - High (8.1)

ALGO 8180 IP Audio Alerter SAC Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not requi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0785
(7.5 HIGH)

EPSS: 0.92%

updated 2026-01-23T06:31:33

2 posts

ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw exists within the API interface. The issue results from the lack of proper validation of a user-supplie

thehackerwire@mastodon.social at 2026-01-23T05:03:44.000Z ##

🟠 CVE-2026-0785 - High (7.5)

ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T05:01:55.000Z ##

🟠 CVE-2026-0785 - High (7.5)

ALGO 8180 IP Audio Alerter API Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0778
(8.8 HIGH)

EPSS: 0.08%

updated 2026-01-23T06:31:33

1 posts

Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the telnet service, which listens on TCP port 2000 by default. Th

thehackerwire@mastodon.social at 2026-01-23T05:02:27.000Z ##

🟠 CVE-2026-0778 - High (8.8)

Enel X JuiceBox 40 Telnet Service Missing Authentication Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Enel X JuiceBox 40 charging stations. Authent...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0792
(8.1 HIGH)

EPSS: 0.57%

updated 2026-01-23T06:31:33

1 posts

ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Alert-Info header of SIP INVITE reque

thehackerwire@mastodon.social at 2026-01-23T05:02:18.000Z ##

🟠 CVE-2026-0792 - High (8.1)

ALGO 8180 IP Audio Alerter SIP INVITE Alert-Info Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15349
(7.5 HIGH)

EPSS: 0.09%

updated 2026-01-23T06:31:32

1 posts

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SCPI component. The issue results from the lack of proper locking when performing operations on an

thehackerwire@mastodon.social at 2026-01-23T13:59:41.000Z ##

🟠 CVE-2025-15349 - High (7.5)

Anritsu ShockLine SCPI Race Condition Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Anritsu ShockLine. Authentication is not required to exploit thi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0762
(8.1 HIGH)

EPSS: 0.36%

updated 2026-01-23T06:31:32

1 posts

GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Interaction with a malicious DAAS server is required to exploit this vulnerability but attack vectors may vary depending on the implementation. The specific flaw exists within the stream_daas

thehackerwire@mastodon.social at 2026-01-23T11:03:31.000Z ##

🟠 CVE-2026-0762 - High (8.1)

GPT Academic stream_daas Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Interaction with a malicious DAAS serve...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0761
(9.8 CRITICAL)

EPSS: 1.39%

updated 2026-01-23T06:31:32

1 posts

Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The specific flaw exists within the actionoutput_str_to_mapping function. The issue results from the lack

thehackerwire@mastodon.social at 2026-01-23T10:19:14.000Z ##

🔴 CVE-2026-0761 - Critical (9.8)

Foundation Agents MetaGPT actionoutput_str_to_mapping Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0760
(9.8 CRITICAL)

EPSS: 1.30%

updated 2026-01-23T06:31:32

1 posts

Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authentication is not required to exploit this vulnerability. The specific flaw exists within the deserialize_message function. The issue results from the la

thehackerwire@mastodon.social at 2026-01-23T10:19:05.000Z ##

🔴 CVE-2026-0760 - Critical (9.8)

Foundation Agents MetaGPT deserialize_message Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foundation Agents MetaGPT. Authe...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0755
(9.8 CRITICAL)

EPSS: 1.00%

updated 2026-01-23T06:31:32

1 posts

gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the execAsync method. The issue results from the lack of proper validation of a user-su

thehackerwire@mastodon.social at 2026-01-23T10:12:14.000Z ##

🔴 CVE-2026-0755 - Critical (9.8)

gemini-mcp-tool execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of gemini-mcp-tool. Authentication is not required to exploit this vuln...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0768
(9.8 CRITICAL)

EPSS: 1.39%

updated 2026-01-23T06:31:32

1 posts

Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the code parameter provided to the validate endpoint. The issue results from the lack of proper validation of a use

thehackerwire@mastodon.social at 2026-01-23T06:02:21.000Z ##

🔴 CVE-2026-0768 - Critical (9.8)

Langflow code Code Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability.

The specif...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0763
(9.8 CRITICAL)

EPSS: 1.30%

updated 2026-01-23T06:31:32

2 posts

GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the run_in_subprocess_wrapper_func function. The issue results from the lack o

thehackerwire@mastodon.social at 2026-01-23T06:02:11.000Z ##

🔴 CVE-2026-0763 - Critical (9.8)

GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is no...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T05:57:29.000Z ##

🔴 CVE-2026-0763 - Critical (9.8)

GPT Academic run_in_subprocess_wrapper_func Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is no...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0765
(8.8 HIGH)

EPSS: 0.70%

updated 2026-01-23T06:31:32

1 posts

Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability. The specific flaw exists within the install_frontmatter_requirements function.The issue results from the lack of proper validati

thehackerwire@mastodon.social at 2026-01-23T05:58:14.000Z ##

🟠 CVE-2026-0765 - High (8.8)

Open WebUI PIP install_frontmatter_requirements Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to expl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0774
(8.8 HIGH)

EPSS: 0.14%

updated 2026-01-23T06:31:32

1 posts

WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WatchYourLAN. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the arpstrs parameter. The issue results from the lack of proper validation of

thehackerwire@mastodon.social at 2026-01-23T05:57:19.000Z ##

🟠 CVE-2026-0774 - High (8.8)

WatchYourLAN Configuration Page Argument Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WatchYourLAN. Authentication is not required to exp...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0773
(9.8 CRITICAL)

EPSS: 1.30%

updated 2026-01-23T06:31:32

1 posts

Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the add_tool endpoint, which listens on TCP port 7541 by default. The issue results from the lack of proper

thehackerwire@mastodon.social at 2026-01-23T05:57:09.000Z ##

🔴 CVE-2026-0773 - Critical (9.8)

Upsonic Cloudpickle Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Upsonic. Authentication is not required to exploit this vu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0794
(8.1 HIGH)

EPSS: 1.15%

updated 2026-01-23T06:31:32

2 posts

ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of SIP calls. The issue results from the lack of validating the existence o

thehackerwire@mastodon.social at 2026-01-23T05:03:33.000Z ##

🟠 CVE-2026-0794 - High (8.1)

ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T05:01:52.000Z ##

🟠 CVE-2026-0794 - High (8.1)

ALGO 8180 IP Audio Alerter SIP Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15061
(9.8 CRITICAL)

EPSS: 0.85%

updated 2026-01-23T06:31:24

1 posts

Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the fetchWithRetry method. The issue results from the lack o

thehackerwire@mastodon.social at 2026-01-23T14:20:28.000Z ##

🔴 CVE-2025-15061 - Critical (9.8)

Framelink Figma MCP Server fetchWithRetry Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Framelink Figma MCP Server. Authentication is not re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0710
(8.4 HIGH)

EPSS: 0.05%

updated 2026-01-23T06:31:24

1 posts

A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted Session Initiation Protocol (SIP) messages during an active call. This vulnerability, a NULL pointer dereference, can cause the application to crash, leading to a denial of service. Under specific conditions, it may also allow an attacker to execute unauthorized code, compromising the system's integrity and

thehackerwire@mastodon.social at 2026-01-23T14:20:07.000Z ##

🟠 CVE-2026-0710 - High (8.4)

A flaw was found in SIPp. A remote attacker could exploit this by sending specially crafted Session Initiation Protocol (SIP) messages during an active call. This vulnerability, a NULL pointer dereference, can cause the application to crash, leadi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15350
(7.8 HIGH)

EPSS: 0.21%

updated 2026-01-23T06:31:24

1 posts

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin

thehackerwire@mastodon.social at 2026-01-23T13:59:52.000Z ##

🟠 CVE-2025-15350 - High (7.8)

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15063
(9.8 CRITICAL)

EPSS: 1.00%

updated 2026-01-23T06:31:24

1 posts

Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ollama MCP Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the execAsync method. The issue results from the lack of proper validation of a use

thehackerwire@mastodon.social at 2026-01-23T13:12:20.000Z ##

🔴 CVE-2025-15063 - Critical (9.8)

Ollama MCP Server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ollama MCP Server. Authentication is not required to exploit this ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15348
(7.8 HIGH)

EPSS: 0.21%

updated 2026-01-23T06:31:23

1 posts

Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu ShockLine. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing

thehackerwire@mastodon.social at 2026-01-23T13:12:29.000Z ##

🟠 CVE-2025-15348 - High (7.8)

Anritsu ShockLine CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu ShockLine. User interaction is requ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-67847
(8.8 HIGH)

EPSS: 0.07%

updated 2026-01-23T05:16:24.250000

1 posts

A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore routines. Successful exploitation could result in a full compromise of the Moodle application.

thehackerwire@mastodon.social at 2026-01-23T05:25:21.000Z ##

🟠 CVE-2025-67847 - High (8.8)

A flaw was found in Moodle. An attacker with access to the restore interface could trigger server-side execution of arbitrary code. This is due to insufficient validation of restore input, which leads to unintended interpretation by core restore r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-3839
(8.0 HIGH)

EPSS: 0.01%

updated 2026-01-23T05:16:21.753000

1 posts

A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable. The browser fails to properly warn or gate this action, resulting in potential code execution on the client device via trusted UI behavior.

thehackerwire@mastodon.social at 2026-01-23T05:25:31.000Z ##

🟠 CVE-2025-3839 - High (8)

A flaw was found in Epiphany, a tool that allows websites to open external URL handler applications with minimal user interaction. This design can be misused to exploit vulnerabilities within those handlers, making them appear remotely exploitable...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0793
(8.1 HIGH)

EPSS: 0.57%

updated 2026-01-23T04:16:07.123000

2 posts

ALGO 8180 IP Audio Alerter InformaCast Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the InformaCast functionality. The issue results from the lack of pr

thehackerwire@mastodon.social at 2026-01-23T05:03:23.000Z ##

🟠 CVE-2026-0793 - High (8.1)

ALGO 8180 IP Audio Alerter InformaCast Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentica...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T05:01:42.000Z ##

🟠 CVE-2026-0793 - High (8.1)

ALGO 8180 IP Audio Alerter InformaCast Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentica...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0786
(7.5 HIGH)

EPSS: 1.22%

updated 2026-01-23T04:16:06.180000

2 posts

ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific flaw exists within the SCI module. The issue results from the lack of proper validation of a user-supplied s

thehackerwire@mastodon.social at 2026-01-23T05:25:40.000Z ##

🟠 CVE-2026-0786 - High (7.5)

ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T05:02:01.000Z ##

🟠 CVE-2026-0786 - High (7.5)

ALGO 8180 IP Audio Alerter SCI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0772
(7.5 HIGH)

EPSS: 1.04%

updated 2026-01-23T04:16:04.333000

1 posts

Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is required to exploit this vulnerability. The specific flaw exists within the disk cache service. The issue results from the lack of proper validation of user-supplied data, which can

thehackerwire@mastodon.social at 2026-01-23T05:30:32.000Z ##

🟠 CVE-2026-0772 - High (7.5)

Langflow Disk Cache Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is required to exploit this vulne...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0770
(9.8 CRITICAL)

EPSS: 1.15%

updated 2026-01-23T04:16:04.063000

1 posts

Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the exec_globals parameter provided to the validate endpoint. The

thehackerwire@mastodon.social at 2026-01-23T05:02:36.000Z ##

🔴 CVE-2026-0770 - Critical (9.8)

Langflow exec_globals Inclusion of Functionality from Untrusted Control Sphere Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0769
(9.8 CRITICAL)

EPSS: 1.04%

updated 2026-01-23T04:16:03.933000

1 posts

Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of eval_custom_component_code function. The issue results from the lack of proper validati

thehackerwire@mastodon.social at 2026-01-23T06:02:31.000Z ##

🔴 CVE-2026-0769 - Critical (9.8)

Langflow eval_custom_component_code Eval Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Langflow. Authentication is not required to exploit this vuln...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0766
(8.8 HIGH)

EPSS: 0.70%

updated 2026-01-23T04:16:03.527000

1 posts

Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulnerability. The specific flaw exists within the load_tool_module_by_id function. The issue results from the lack of proper validation of a user-supplied s

thehackerwire@mastodon.social at 2026-01-23T05:58:24.000Z ##

🟠 CVE-2026-0766 - High (8.8)

Open WebUI load_tool_module_by_id Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Open WebUI. Authentication is required to exploit this vulne...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0764
(9.8 CRITICAL)

EPSS: 1.30%

updated 2026-01-23T04:16:03.250000

1 posts

GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit this vulnerability. The specific flaw exists within the upload endpoint. The issue results from the lack of proper validation of user-supplied data, which

thehackerwire@mastodon.social at 2026-01-23T05:58:04.000Z ##

🔴 CVE-2026-0764 - Critical (9.8)

GPT Academic upload Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0759
(9.8 CRITICAL)

EPSS: 1.00%

updated 2026-01-23T04:16:02.570000

1 posts

Katana Network Development Starter Kit executeCommand Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Katana Network Development Starter Kit. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of the executeCommand method. The issue

thehackerwire@mastodon.social at 2026-01-23T10:18:54.000Z ##

🔴 CVE-2026-0759 - Critical (9.8)

Katana Network Development Starter Kit executeCommand Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Katana Network Development Starter Kit. ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0758
(7.8 HIGH)

EPSS: 0.05%

updated 2026-01-23T04:16:02.433000

2 posts

mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of mcp-server-siri-shortcuts. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the shortcutName pa

thehackerwire@mastodon.social at 2026-01-23T11:03:22.000Z ##

🟠 CVE-2026-0758 - High (7.8)

mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of mcp-server-siri-shortcuts. An attacker must first obtain the...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T10:18:35.000Z ##

🟠 CVE-2026-0758 - High (7.8)

mcp-server-siri-shortcuts shortcutName Command Injection Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of mcp-server-siri-shortcuts. An attacker must first obtain the...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0757
(8.8 HIGH)

EPSS: 0.07%

updated 2026-01-23T04:16:02.297000

2 posts

MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability. This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing

thehackerwire@mastodon.social at 2026-01-23T11:03:11.000Z ##

🟠 CVE-2026-0757 - High (8.8)

MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability. This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. User interaction is requir...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T10:18:26.000Z ##

🟠 CVE-2026-0757 - High (8.8)

MCP Manager for Claude Desktop execute-command Command Injection Sandbox Escape Vulnerability. This vulnerability allows remote attackers to bypass the sandbox on affected installations of MCP Manager for Claude Desktop. User interaction is requir...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0756
(9.8 CRITICAL)

EPSS: 1.00%

updated 2026-01-23T04:16:02.157000

1 posts

github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of github-kanban-mcp-server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the create_issue parameter. The issue results from the lack of proper valid

thehackerwire@mastodon.social at 2026-01-23T10:12:23.000Z ##

🔴 CVE-2026-0756 - Critical (9.8)

github-kanban-mcp-server execAsync Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of github-kanban-mcp-server. Authentication is not required to...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15351
(7.8 HIGH)

EPSS: 0.21%

updated 2026-01-23T04:16:01.710000

1 posts

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin

thehackerwire@mastodon.social at 2026-01-23T14:00:02.000Z ##

🟠 CVE-2025-15351 - High (7.8)

Anritsu VectorStar CHX File Parsing Deserialization of Untrusted Data Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Anritsu VectorStar. User interaction is re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15062
(7.8 HIGH)

EPSS: 0.05%

updated 2026-01-23T04:16:01.033000

1 posts

Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of SKP files. The iss

thehackerwire@mastodon.social at 2026-01-23T13:12:10.000Z ##

🟠 CVE-2025-15062 - High (7.8)

Trimble SketchUp SKP File Parsing Use-After-Free Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trimble SketchUp. User interaction is required to exploit this ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15059
(7.8 HIGH)

EPSS: 0.06%

updated 2026-01-23T04:16:00.740000

1 posts

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PSP files. The issue results f

thehackerwire@mastodon.social at 2026-01-23T14:20:17.000Z ##

🟠 CVE-2025-15059 - High (7.8)

GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerabilit...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24304
(9.9 CRITICAL)

EPSS: 0.08%

updated 2026-01-23T02:15:55.547000

2 posts

Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.

thehackerwire@mastodon.social at 2026-01-23T02:22:19.000Z ##

🔴 CVE-2026-24304 - Critical (9.9)

Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-23T02:22:05.000Z ##

🔴 CVE-2026-24304 - Critical (9.9)

Improper access control in Azure Resource Manager allows an authorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24306
(9.8 CRITICAL)

EPSS: 0.09%

updated 2026-01-23T00:31:24

3 posts

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

AAKL@infosec.exchange at 2026-01-23T17:12:39.000Z ##

If you missed this, Microsoft posted several security updates yesterday, all of them critical, affecting Microsoft accounts, Copilot, Office, Azure, and Entra: msrc.microsoft.com/update-guide

Noteworthy:

- Microsoft Account Spoofing Vulnerability: CVE-2026-21264 msrc.microsoft.com/update-guid

- Azure Entra ID Elevation of Privilege Vulnerability: CVE-2026-24305 msrc.microsoft.com/update-guid

- Azure Front Door Elevation of Privilege Vulnerability: CVE-2026-24306 msrc.microsoft.com/update-guid #infosec #Microsoft #Azure #Copilot #vulnerability

##
thehackerwire@mastodon.social at 2026-01-23T00:02:08.000Z ##

🔴 CVE-2026-24306 - Critical (9.8)

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-22T23:29:46.000Z ##

🔴 CVE-2026-24306 - Critical (9.8)

Improper access control in Azure Front Door (AFD) allows an unauthorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24305
(9.3 CRITICAL)

EPSS: 0.07%

updated 2026-01-23T00:31:24

2 posts

Azure Entra ID Elevation of Privilege Vulnerability

AAKL@infosec.exchange at 2026-01-23T17:12:39.000Z ##

If you missed this, Microsoft posted several security updates yesterday, all of them critical, affecting Microsoft accounts, Copilot, Office, Azure, and Entra: msrc.microsoft.com/update-guide

Noteworthy:

- Microsoft Account Spoofing Vulnerability: CVE-2026-21264 msrc.microsoft.com/update-guid

- Azure Entra ID Elevation of Privilege Vulnerability: CVE-2026-24305 msrc.microsoft.com/update-guid

- Azure Front Door Elevation of Privilege Vulnerability: CVE-2026-24306 msrc.microsoft.com/update-guid #infosec #Microsoft #Azure #Copilot #vulnerability

##
thehackerwire@mastodon.social at 2026-01-22T23:28:02.000Z ##

🔴 CVE-2026-24305 - Critical (9.3)

Azure Entra ID Elevation of Privilege Vulnerability

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21520
(7.5 HIGH)

EPSS: 0.10%

updated 2026-01-23T00:31:24

2 posts

Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector

thehackerwire@mastodon.social at 2026-01-23T00:04:02.000Z ##

🟠 CVE-2026-21520 - High (7.5)

Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-22T23:30:13.000Z ##

🟠 CVE-2026-21520 - High (7.5)

Exposure of Sensitive Information to an Unauthorized Actor in Copilot Studio allows a unauthenticated attacker to view sensitive information through network attack vector

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24307
(9.3 CRITICAL)

EPSS: 0.10%

updated 2026-01-22T23:15:59.003000

1 posts

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

thehackerwire@mastodon.social at 2026-01-22T23:27:43.000Z ##

🔴 CVE-2026-24307 - Critical (9.3)

Improper validation of specified type of input in M365 Copilot allows an unauthorized attacker to disclose information over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21264
(9.3 CRITICAL)

EPSS: 0.07%

updated 2026-01-22T23:15:57.407000

3 posts

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Account allows an unauthorized attacker to perform spoofing over a network.

AAKL@infosec.exchange at 2026-01-23T17:12:39.000Z ##

If you missed this, Microsoft posted several security updates yesterday, all of them critical, affecting Microsoft accounts, Copilot, Office, Azure, and Entra: msrc.microsoft.com/update-guide

Noteworthy:

- Microsoft Account Spoofing Vulnerability: CVE-2026-21264 msrc.microsoft.com/update-guid

- Azure Entra ID Elevation of Privilege Vulnerability: CVE-2026-24305 msrc.microsoft.com/update-guid

- Azure Front Door Elevation of Privilege Vulnerability: CVE-2026-24306 msrc.microsoft.com/update-guid #infosec #Microsoft #Azure #Copilot #vulnerability

##
thehackerwire@mastodon.social at 2026-01-23T00:02:29.000Z ##

🔴 CVE-2026-21264 - Critical (9.3)

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Account allows an unauthorized attacker to perform spoofing over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-22T23:30:05.000Z ##

🔴 CVE-2026-21264 - Critical (9.3)

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Account allows an unauthorized attacker to perform spoofing over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21227
(8.2 HIGH)

EPSS: 0.08%

updated 2026-01-22T23:15:57.220000

2 posts

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network.

thehackerwire@mastodon.social at 2026-01-23T00:02:19.000Z ##

🟠 CVE-2026-21227 - High (8.2)

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-22T23:29:55.000Z ##

🟠 CVE-2026-21227 - High (8.2)

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure Logic Apps allows an unauthorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-54816
(9.4 CRITICAL)

EPSS: 0.07%

updated 2026-01-22T23:15:49.953000

2 posts

This vulnerability occurs when a WebSocket endpoint does not enforce proper authentication mechanisms, allowing unauthorized users to establish connections. As a result, attackers can exploit this weakness to gain unauthorized access to sensitive data or perform unauthorized actions. Given that no authentication is required, this can lead to privilege escalation and potentially compromise the

beyondmachines1@infosec.exchange at 2026-01-23T13:01:02.000Z ##

Multiple Vulnerabilities Reported in EVMAPA Electric Vehicle Charging Systems

CISA reports three vulnerabilities in EVMAPA charging station management software, including a critical authentication bypass (CVE-2025-54816) that allows remote command execution and service disruption.

**Make sure all EVAMPA managed systems are isolated from the internet and accessible from trusted networks only. Two of the three laws don't have a patch yet, so your priority control is isolation. Then reach to the vendor for more details on upcoming patches.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
thehackerwire@mastodon.social at 2026-01-22T23:30:22.000Z ##

🔴 CVE-2025-54816 - Critical (9.4)

This vulnerability occurs when a WebSocket endpoint does not enforce
proper authentication mechanisms, allowing unauthorized users to
establish connections. As a result, attackers can exploit this weakness
to gain unauthorized access to sensiti...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-53968
(7.5 HIGH)

EPSS: 0.08%

updated 2026-01-22T23:15:49.800000

2 posts

This vulnerability arises because there are no limitations on the number of authentication attempts a user can make. An attacker can exploit this weakness by continuously sending authentication requests, leading to a denial-of-service (DoS) condition. This can overwhelm the authentication system, rendering it unavailable to legitimate users and potentially causing service disruption. This can

thehackerwire@mastodon.social at 2026-01-23T00:04:12.000Z ##

🟠 CVE-2025-53968 - High (7.5)

This vulnerability arises because there are no limitations on the number
of authentication attempts a user can make. An attacker can exploit
this weakness by continuously sending authentication requests, leading
to a denial-of-service (DoS) con...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-22T23:30:22.000Z ##

🟠 CVE-2025-53968 - High (7.5)

This vulnerability arises because there are no limitations on the number
of authentication attempts a user can make. An attacker can exploit
this weakness by continuously sending authentication requests, leading
to a denial-of-service (DoS) con...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23953
(8.7 HIGH)

EPSS: 0.01%

updated 2026-01-22T22:16:20.673000

1 posts

Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ group) can create an environment variable containing newlines, which can be used to add additional configuration items in the container’s lxc.conf due to newline injection. This can allow adding arbitrary

thehackerwire@mastodon.social at 2026-01-22T23:00:42.000Z ##

🟠 CVE-2026-23953 - High (8.7)

Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration (e.g a member of the ‘incus’ group) can create an environment variable contai...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1201
(0 None)

EPSS: 0.04%

updated 2026-01-22T22:16:16.130000

2 posts

An Authorization Bypass Through User-Controlled Key vulnerability in Hubitat Elevation home automation controllers prior to version 2.4.2.157 could allow a remote authenticated user to control connected devices outside of their authorized scope via client-side request manipulation.

beyondmachines1 at 2026-01-24T15:01:02.128Z ##

Hubitat Patches Critical Authorization Bypass in Elevation Hubs

Hubitat patched a critical authorization bypass vulnerability (CVE-2026-1201) in its Elevation Hubs that allowed authenticated users to gain unauthorized control over connected devices.

**Make sure all Hubitat devices are isolated from the internet and accessible from trusted networks only. Also, limit the access only to trusted users and educate them on risks of malware, infostealers, password recycling and phishing. Then plan an update cycle for your Hubitat Elevation Hub to firmware version 2.4.2.157.**

beyondmachines.net/event_detai

##
beyondmachines1@infosec.exchange at 2026-01-24T15:01:02.000Z ##

Hubitat Patches Critical Authorization Bypass in Elevation Hubs

Hubitat patched a critical authorization bypass vulnerability (CVE-2026-1201) in its Elevation Hubs that allowed authenticated users to gain unauthorized control over connected devices.

**Make sure all Hubitat devices are isolated from the internet and accessible from trusted networks only. Also, limit the access only to trusted users and educate them on risks of malware, infostealers, password recycling and phishing. Then plan an update cycle for your Hubitat Elevation Hub to firmware version 2.4.2.157.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-31125
(5.3 MEDIUM)

EPSS: 67.18%

updated 2026-01-22T21:47:41

3 posts

### Summary The contents of arbitrary files can be returned to the browser. ### Impact Only apps explicitly exposing the Vite dev server to the network (using `--host` or [`server.host` config option](https://vitejs.dev/config/server-options.html#server-host)) are affected. ### Details - base64 encoded content of non-allowed files is exposed using `?inline&import` (originally reported as `?imp

Nuclei template

7 repos

https://github.com/nkuty/CVE-2025-30208-31125-31486-32395

https://github.com/MuhammadWaseem29/Vitejs-exploit

https://github.com/sunhuiHi666/CVE-2025-31125

https://github.com/harshgupptaa/Path-Transversal-CVE-2025-31125-

https://github.com/xuemian168/CVE-2025-30208

https://github.com/0xgh057r3c0n/CVE-2025-31125

https://github.com/jackieya/ViteVulScan

DarkWebInformer@infosec.exchange at 2026-01-23T19:52:04.000Z ##

‼️CISA has added 5 vulnerabilities to the KEV Catalog

darkwebinformer.com/cisa-kev-c

CVE-2024-37079: Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability

CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability

CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability

CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability

##
cisakevtracker@mastodon.social at 2026-01-22T19:01:42.000Z ##

CVE ID: CVE-2025-31125
Vendor: Vite
Product: Vitejs
Date Added: 2026-01-22
Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/vitejs/vite/commit/ ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##
AAKL@infosec.exchange at 2026-01-22T18:43:25.000Z ##

More updates from CISA:

- CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability cve.org/CVERecord?id=CVE-2025-

And several industrial advisories are listed here: cisa.gov/ #CISA #infoec #vulnerability

##

CVE-2025-68645
(8.8 HIGH)

EPSS: 26.23%

updated 2026-01-22T21:33:44

3 posts

A Local File Inclusion (LFI) vulnerability exists in the Webmail Classic UI of Zimbra Collaboration (ZCS) 10.0 and 10.1 because of improper handling of user-supplied request parameters in the RestFilter servlet. An unauthenticated remote attacker can craft requests to the /h/rest endpoint to influence internal request dispatching, allowing inclusion of arbitrary files from the WebRoot directory.

Nuclei template

3 repos

https://github.com/chinaxploiter/CVE-2025-68645-PoC

https://github.com/Ashwesker/Ashwesker-CVE-2025-68645

https://github.com/MaxMnMl/zimbramail-CVE-2025-68645-poc

DarkWebInformer@infosec.exchange at 2026-01-23T19:52:04.000Z ##

‼️CISA has added 5 vulnerabilities to the KEV Catalog

darkwebinformer.com/cisa-kev-c

CVE-2024-37079: Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability

CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability

CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability

CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability

##
cisakevtracker@mastodon.social at 2026-01-22T19:01:11.000Z ##

CVE ID: CVE-2025-68645
Vendor: Synacor
Product: Zimbra Collaboration Suite (ZCS)
Date Added: 2026-01-22
Notes: wiki.zimbra.com/wiki/Security_ ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##
AAKL@infosec.exchange at 2026-01-22T18:43:25.000Z ##

More updates from CISA:

- CVE-2025-54313: Prettier eslint-config-prettier Embedded Malicious Code Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-31125: Vite Vitejs Improper Access Control Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-34026: Versa Concerto Improper Authentication Vulnerability cve.org/CVERecord?id=CVE-2025-

- CVE-2025-68645: Synacor Zimbra Collaboration Suite (ZCS) PHP Remote File Inclusion Vulnerability cve.org/CVERecord?id=CVE-2025-

And several industrial advisories are listed here: cisa.gov/ #CISA #infoec #vulnerability

##

CVE-2026-24009
(8.1 HIGH)

EPSS: 0.10%

updated 2026-01-22T18:43:46

1 posts

### Impact A PyYAML-related Remote Code Execution (RCE) vulnerability, namely CVE-2020-14343, is exposed in `docling-core >=2.21.0, <2.48.4` and, specifically only if the application uses `pyyaml < 5.4` and invokes `docling_core.types.doc.DoclingDocument.load_from_yaml()` passing it untrusted YAML data. ### Patches The vulnerability has been patched in `docling-core` version **2.48.4**. The fix

thehackerwire@mastodon.social at 2026-01-22T16:22:51.000Z ##

🟠 CVE-2026-24009 - High (8.1)

Docling Core (or docling-core) is a library that defines core data types and transformations in the document processing application Docling. A PyYAML-related Remote Code Execution (RCE) vulnerability, namely CVE-2020-14343, is exposed in docling-c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-13601
(7.7 HIGH)

EPSS: 0.03%

updated 2026-01-22T18:31:34

1 posts

A heap-based buffer overflow problem was found in glib through an incorrect calculation of buffer size in the g_escape_uri_string() function. If the string to escape contains a very large number of unacceptable characters (which would need escaping), the calculation of the length of the escaped string could overflow, leading to a potential write off the end of the newly allocated string.

linux@activitypub.awakari.com at 2026-01-23T10:26:56.000Z ## Oracle Linux 10 ELSA-2026-0975 Moderate CVE-2025-13601 Security Update The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

#Oracle #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2026-22278
(8.1 HIGH)

EPSS: 0.09%

updated 2026-01-22T18:30:45

1 posts

Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthorized access.

thehackerwire@mastodon.social at 2026-01-22T17:47:41.000Z ##

🟠 CVE-2026-22278 - High (8.1)

Dell PowerScale OneFS versions prior to 9.13.0.0 contains an improper restriction of excessive authentication attempts vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Unauthori...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22200(CVSS UNKNOWN)

EPSS: 4.28%

updated 2026-01-22T18:30:31

1 posts

Enhancesoft osTicket versions up to and including 1.18.2 contain an arbitrary file read vulnerability in the ticket PDF export functionality. A remote attacker can submit a ticket containing crafted rich-text HTML that includes PHP filter expressions which are insufficiently sanitized before being processed by the mPDF PDF generator during export. When the attacker exports the ticket to PDF, the g

Nuclei template

1 repos

https://github.com/horizon3ai/CVE-2026-22200

_r_netsec@infosec.exchange at 2026-01-22T16:13:06.000Z ##

CVE-2026-22200: Ticket to Shell in osTicket horizon3.ai/attack-research/at

##

CVE-2026-24006
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-22T18:02:24

1 posts

Serialization of objects with extreme depth can **exceed the maximum call stack limit**. **Mitigation**: `Seroval` introduces a `depthLimit` parameter in serialization/deserialization methods. **An error will be thrown if the depth limit is reached.**

thehackerwire@mastodon.social at 2026-01-22T04:05:02.000Z ##

🟠 CVE-2026-24006 - High (7.5)

Seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0
and below, serialization of objects with extreme depth can exceed the maximum call stack limit. In version 1.4.1, Sero...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69828
(10.0 CRITICAL)

EPSS: 0.26%

updated 2026-01-22T17:16:28.403000

1 posts

File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit

thehackerwire@mastodon.social at 2026-01-22T17:47:52.000Z ##

🔴 CVE-2025-69828 - Critical (10)

File Upload vulnerability in TMS Global Software TMS Management Console v.6.3.7.27386.20250818 allows a remote attacker to execute arbitrary code via the Logo upload in /Customer/AddEdit

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-67968
(0 None)

EPSS: 0.02%

updated 2026-01-22T17:16:06.357000

3 posts

Unrestricted Upload of File with Dangerous Type vulnerability in InspiryThemes Real Homes CRM realhomes-crm allows Using Malicious Files.This issue affects Real Homes CRM: from n/a through <= 1.0.0.

beyondmachines1 at 2026-01-25T15:01:02.501Z ##

Critical File Upload Flaw reported RealHomes CRM Plugin

RealHomes CRM plugin version 1.0.1 patches a critical file upload vulnerability (CVE-2025-67968) that allowed low-privileged users to take over WordPress sites. The flaw affected over 30,000 real estate websites by failing to validate user permissions and file types.

**If you are using RealHomes CRM plugin, update it ASAP to version 1.0.1. Attackers can easily upload web shell and take over your website. When coding, always use proper permission checks and file type validation for file uploads.**

beyondmachines.net/event_detai

##
beyondmachines1@infosec.exchange at 2026-01-25T15:01:02.000Z ##

Critical File Upload Flaw reported RealHomes CRM Plugin

RealHomes CRM plugin version 1.0.1 patches a critical file upload vulnerability (CVE-2025-67968) that allowed low-privileged users to take over WordPress sites. The flaw affected over 30,000 real estate websites by failing to validate user permissions and file types.

**If you are using RealHomes CRM plugin, update it ASAP to version 1.0.1. Attackers can easily upload web shell and take over your website. When coding, always use proper permission checks and file type validation for file uploads.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
AAKL@infosec.exchange at 2026-01-22T15:47:18.000Z ##

New. CVE-2025-67968

Patchstack: Critical Arbitrary File Upload Vulnerability in RealHomes CRM Plugin Affecting 30k+ Sites patchstack.com/articles/critic

Infosecurity-Magazine: RealHomes CRM Plugin Flaw Affected 30,000 WordPress Sites c-span.org/event/house-committ #infosec #WordPress #vulnerability

##

CVE-2025-69764
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-01-22T16:16:07.660000

1 posts

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution.

thehackerwire@mastodon.social at 2026-01-22T16:23:12.000Z ##

🔴 CVE-2025-69764 - Critical (9.8)

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the stbpvid stack buffer, which may result in memory corruption and remote code execution.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-36588
(8.8 HIGH)

EPSS: 0.06%

updated 2026-01-22T16:16:07.050000

1 posts

Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Command execution.

thehackerwire@mastodon.social at 2026-01-22T16:23:02.000Z ##

🟠 CVE-2025-36588 - High (8.8)

Dell Unisphere for PowerMax, version(s) 10.2.0.x, contain(s) an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability. A low privileged attacker with remote access could potentially exploit this vulnera...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23957
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-22T15:44:02

1 posts

Overriding encoded array lengths by replacing them with an excessively large value causes the deserialization process to **significantly increase processing time**. **Mitigation**: `Seroval` no longer encodes array lengths. Instead, it computes length using `Array.prototype.length` during deserialization.

thehackerwire@mastodon.social at 2026-01-22T03:00:25.000Z ##

🟠 CVE-2026-23957 - High (7.5)

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0
and below, overriding encoded array lengths by replacing them with an excessively large value causes the deserializati...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23965
(7.5 HIGH)

EPSS: 0.01%

updated 2026-01-22T15:43:31

1 posts

### Summary A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto. Under default configurations, an attacker can forge valid signatures for arbitrary public keys. If the message space contains sufficient redundancy, the attacker can fix the prefix of the message associated with the forged signature to satisfy specific formatting requirements. ### Credit T

thehackerwire@mastodon.social at 2026-01-22T05:07:12.000Z ##

🟠 CVE-2026-23965 - High (7.5)

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature forgery vulnerability exists in the SM2 signature verification logic of sm-crypto prior to version 0.4.0. Under default configurat...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23967
(7.5 HIGH)

EPSS: 0.01%

updated 2026-01-22T15:43:21

2 posts

### Summary A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library. An attacker can derive a new valid signature for a previously signed message from an existing signature. ### Credit This vulnerability was discovered by: - XlabAI Team of Tencent Xuanwu Lab - Atuin Automated Vulnerability Discovery Engine

thehackerwire@mastodon.social at 2026-01-22T04:04:30.000Z ##

🟠 CVE-2026-23967 - High (7.5)

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library prior to version 0.3.14. An att...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-22T04:03:27.000Z ##

🟠 CVE-2026-23967 - High (7.5)

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A signature malleability vulnerability exists in the SM2 signature verification logic of the sm-crypto library prior to version 0.3.14. An att...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23524
(9.8 CRITICAL)

EPSS: 0.57%

updated 2026-01-22T15:39:15

1 posts

### Impact This vulnerability affects Laravel Reverb versions prior to v1.7.0 when horizontal scaling is enabled (`REVERB_SCALING_ENABLED=true`). The exploitability of this vulnerability is increased because Redis servers are commonly deployed without authentication. With horizontal scaling enabled, Reverb servers communicate via Redis PubSub. Reverb previously passed data from the Redis channe

thehackerwire@mastodon.social at 2026-01-21T22:18:34.000Z ##

🔴 CVE-2026-23524 - Critical (9.8)

Laravel Reverb provides a real-time WebSocket communication backend for Laravel applications. In versions 1.6.3 and below, Reverb passes data from the Redis channel directly into PHP’s unserialize() function without restricting which classes can...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1329
(8.8 HIGH)

EPSS: 0.15%

updated 2026-01-22T15:31:44

1 posts

A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used.

thehackerwire@mastodon.social at 2026-01-22T16:00:44.000Z ##

🟠 CVE-2026-1329 - High (8.8)

A flaw has been found in Tenda AX1803 1.0.0.1. The affected element is the function fromGetWifiGuestBasic of the file /goform/WifiGuestSet. Executing a manipulation of the argument guestWrlPwd/guestEn/guestSsid/hideSsid/guestSecurity can lead to s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-13928
(7.5 HIGH)

EPSS: 0.01%

updated 2026-01-22T15:31:39

1 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a denial of service condition by exploiting incorrect authorization validation in API endpoints.

thehackerwire@mastodon.social at 2026-01-22T16:02:23.000Z ##

🟠 CVE-2025-13928 - High (7.5)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.7 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to cause a denial of service condition by exploiting incorrec...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-10855
(7.5 HIGH)

EPSS: 0.01%

updated 2026-01-22T15:31:39

1 posts

Authorization Bypass Through User-Controlled Key vulnerability in Solvera Software Services Trade Inc. Teknoera allows Exploitation of Trusted Identifiers.This issue affects Teknoera: through 01102025.

thehackerwire@mastodon.social at 2026-01-22T13:17:53.000Z ##

🟠 CVE-2025-10855 - High (7.5)

Authorization Bypass Through User-Controlled Key vulnerability in Solvera Software Services Trade Inc. Teknoera allows Exploitation of Trusted Identifiers.This issue affects Teknoera: through 01102025.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-13927
(7.5 HIGH)

EPSS: 0.03%

updated 2026-01-22T15:31:38

1 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted requests with malformed authentication data.

thehackerwire@mastodon.social at 2026-01-22T16:02:13.000Z ##

🟠 CVE-2025-13927 - High (7.5)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 11.9 before 18.6.4, 18.7 before 18.7.2, and 18.8 before 18.8.2 that could have allowed an unauthenticated user to create a denial of service condition by sending crafted re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1328
(8.8 HIGH)

EPSS: 0.08%

updated 2026-01-22T15:16:51.173000

1 posts

A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. Impacted is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.

thehackerwire@mastodon.social at 2026-01-22T16:00:55.000Z ##

🟠 CVE-2026-1328 - High (8.8)

A vulnerability was detected in Totolink NR1800X 9.1.0u.6279_B20210910. Impacted is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Performing a manipulation of the argument ssid results in buffer ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1324
(8.8 HIGH)

EPSS: 0.04%

updated 2026-01-22T15:16:50.420000

1 posts

A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The manipulation of the argument keypassword leads to os command injection. It is possible to initiate the attack remotely. The exploit is publicly available a

thehackerwire@mastodon.social at 2026-01-22T16:01:05.000Z ##

🟠 CVE-2026-1324 - High (8.8)

A vulnerability was identified in Sangfor Operation and Maintenance Management System up to 3.0.12. Affected by this issue is the function SessionController of the file /isomp-protocol/protocol/session of the component SSH Protocol Handler. The ma...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69766
(9.8 CRITICAL)

EPSS: 0.21%

updated 2026-01-22T15:16:48.843000

1 posts

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution.

thehackerwire@mastodon.social at 2026-01-22T16:02:34.000Z ##

🔴 CVE-2025-69766 - Critical (9.8)

Tenda AX3 firmware v16.03.12.11 contains a stack-based buffer overflow in the formGetIptv function due to improper handling of the citytag stack buffer, which may result in memory corruption and remote code execution.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-10856
(8.1 HIGH)

EPSS: 0.01%

updated 2026-01-22T13:16:04.043000

1 posts

Unrestricted Upload of File with Dangerous Type vulnerability in Solvera Software Services Trade Inc. Teknoera allows File Content Injection.This issue affects Teknoera: through 01102025.

thehackerwire@mastodon.social at 2026-01-22T13:17:44.000Z ##

🟠 CVE-2025-10856 - High (8.1)

Unrestricted Upload of File with Dangerous Type vulnerability in Solvera Software Services Trade Inc. Teknoera allows File Content Injection.This issue affects Teknoera: through 01102025.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-10024
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-22T12:31:32

1 posts

Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Education Management System allows Parameter Injection.This issue affects Education Management System: through 23.09.2025.

thehackerwire@mastodon.social at 2026-01-22T12:53:45.000Z ##

🟠 CVE-2025-10024 - High (7.5)

Authorization Bypass Through User-Controlled Key vulnerability in EXERT Computer Technologies Software Ltd. Co. Education Management System allows Parameter Injection.This issue affects Education Management System: through 23.09.2025.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-4764
(8.0 HIGH)

EPSS: 0.01%

updated 2026-01-22T10:16:07.520000

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection.This issue affects Hotel Guest Hotspot: through 22012026.  NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

2 repos

https://github.com/RootHarpy/CVE-2025-47646

https://github.com/Nxploited/CVE-2025-47646

thehackerwire@mastodon.social at 2026-01-22T10:59:54.000Z ##

🟠 CVE-2025-4764 - High (8)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aida Computer Information Technology Inc. Hotel Guest Hotspot allows SQL Injection.This issue affects Hotel Guest Hotspot: through 22012026. 

N...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1330
(7.5 HIGH)

EPSS: 0.02%

updated 2026-01-22T09:31:40

1 posts

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.

thehackerwire@mastodon.social at 2026-01-22T09:38:42.000Z ##

🟠 CVE-2026-1330 - High (7.5)

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Read vulnerability, allowing unauthenticated remote attackers to exploit Absolute Path Traversal to download arbitrary system files.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1331
(9.8 CRITICAL)

EPSS: 0.19%

updated 2026-01-22T09:15:52.197000

1 posts

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

thehackerwire@mastodon.social at 2026-01-22T09:38:33.000Z ##

🔴 CVE-2026-1331 - Critical (9.8)

MeetingHub developed by HAMASTAR Technology has an Arbitrary File Upload vulnerability, allowing unauthenticated remote attackers to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0920
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-01-22T07:15:50.813000

3 posts

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' function not restricting what user roles a user can register with. This makes it possible for unauthenticated attackers to supply the 'lakit_bkrole' parameter during registration and gain administrator ac

2 repos

https://github.com/Galaxy-sc/CVE-2026-0920-WordPress-LA-Studio-Exploit

https://github.com/O99099O/By-Poloss..-..CVE-2026-0920

beyondmachines1 at 2026-01-25T14:01:02.685Z ##

20,000 WordPress Sites Exposed to Backdoor in LA-Studio Element Kit

LA-Studio patched a critical backdoor in its Element Kit for Elementor plugin (CVE-2026-0920) that allowed unauthenticated attackers to create administrator accounts. The malicious code was planted by a former employee and affected over 20,000 WordPress websites.

**If you are using Element Kit for Elementor, this is URGENT. Your plugin may have an active backdoor. Update the LA-Studio Element Kit plugin to version 1.6.0 immediately to remove the backdoor and review your Wordpress server users for unexpected user accounts.**

beyondmachines.net/event_detai

##
beyondmachines1@infosec.exchange at 2026-01-25T14:01:02.000Z ##

20,000 WordPress Sites Exposed to Backdoor in LA-Studio Element Kit

LA-Studio patched a critical backdoor in its Element Kit for Elementor plugin (CVE-2026-0920) that allowed unauthenticated attackers to create administrator accounts. The malicious code was planted by a former employee and affected over 20,000 WordPress websites.

**If you are using Element Kit for Elementor, this is URGENT. Your plugin may have an active backdoor. Update the LA-Studio Element Kit plugin to version 1.6.0 immediately to remove the backdoor and review your Wordpress server users for unexpected user accounts.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
thehackerwire@mastodon.social at 2026-01-22T08:00:10.000Z ##

🔴 CVE-2026-0920 - Critical (9.8)

The LA-Studio Element Kit for Elementor plugin for WordPress is vulnerable to Administrative User Creation in all versions up to, and including, 1.5.6.3. This is due to the 'ajax_register_handle' function not restricting what user roles a user can...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24042
(9.4 CRITICAL)

EPSS: 0.14%

updated 2026-01-22T04:16:00.187000

1 posts

Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished (edit-mode) actions by sending viewMode=false (or omitting it) to POST /api/v1/actions/execute. This bypasses the expected publish boundary where public viewers should only execute published actions, not edit-mode vers

thehackerwire@mastodon.social at 2026-01-22T05:04:32.000Z ##

🔴 CVE-2026-24042 - Critical (9.4)

Appsmith is a platform to build admin panels, internal tools, and dashboards. In versions 1.94 and below, publicly accessible apps allow unauthenticated users to execute unpublished (edit-mode) actions by sending viewMode=false (or omitting it) to...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-27380
(7.6 HIGH)

EPSS: 0.03%

updated 2026-01-22T03:31:34

1 posts

HTML injection in Project Release in Altium Enterprise Server (AES) 7.0.3 on all platforms allows an authenticated attacker to execute arbitrary JavaScript in the victim’s browser via crafted HTML content.

thehackerwire@mastodon.social at 2026-01-22T03:00:34.000Z ##

🟠 CVE-2025-27380 - High (7.6)

HTML injection in Project Release in Altium Enterprise Server (AES) 7.0.3 on all platforms allows an authenticated attacker to execute arbitrary JavaScript in the victim’s browser via crafted HTML content.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-27378
(8.6 HIGH)

EPSS: 0.04%

updated 2026-01-22T03:31:28

1 posts

AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to inject and execute arbitrary SQL queries.

thehackerwire@mastodon.social at 2026-01-22T01:25:22.000Z ##

🟠 CVE-2025-27378 - High (8.6)

AES contains a SQL injection vulnerability due to an inactive configuration that prevents the latest SQL parsing logic from being applied. When this configuration is not enabled, crafted input may be improperly handled, allowing attackers to injec...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24010
(8.8 HIGH)

EPSS: 0.05%

updated 2026-01-22T03:15:48.090000

2 posts

Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions prior to 1.5.0, with Social Engineering, allows authenticated users to deploy phishing attacks. By uploading a malicious HTML file disguised as a profile picture, an attacker can create a convincing login page replica that steals user credentials. When a victim visits the upl

thehackerwire@mastodon.social at 2026-01-22T04:04:10.000Z ##

🟠 CVE-2026-24010 - High (8.8)

Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions prior to 1.5.0, with Social Engineering, allows authenticated users to deploy phishing attacks. By uploading a malicious HT...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-22T04:03:07.000Z ##

🟠 CVE-2026-24010 - High (8.8)

Horilla is a free and open source Human Resource Management System (HRMS). A critical File Upload vulnerability in versions prior to 1.5.0, with Social Engineering, allows authenticated users to deploy phishing attacks. By uploading a malicious HT...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24002
(9.0 CRITICAL)

EPSS: 0.05%

updated 2026-01-22T03:15:47.777000

1 posts

Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the user may be working with untrusted spreadsheets. One such method runs them in pyodide, but pyodide on node does not have a useful sandbox barrier. If a user of Grist sets `GRIST_SANDBOX_FLAVOR` to `pyodide` and opens a malicious document, tha

thehackerwire@mastodon.social at 2026-01-22T04:04:53.000Z ##

🔴 CVE-2026-24002 - Critical (9)

Grist is spreadsheet software using Python as its formula language. Grist offers several methods for running those formulas in a sandbox, for cases where the user may be working with untrusted spreadsheets. One such method runs them in pyodide, bu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23966
(9.1 CRITICAL)

EPSS: 0.01%

updated 2026-01-22T03:15:47.007000

2 posts

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto prior to version 0.3.14. By interacting with the SM2 decryption interface multiple times, an attacker can fully recover the private key within approximately several hundred interactions. Version 0.3.14 patches

thehackerwire@mastodon.social at 2026-01-22T04:04:19.000Z ##

🔴 CVE-2026-23966 - Critical (9.1)

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto prior to version 0.3.14. By interacting with the SM2 decr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-22T04:03:18.000Z ##

🔴 CVE-2026-23966 - Critical (9.1)

sm-crypto provides JavaScript implementations of the Chinese cryptographic algorithms SM2, SM3, and SM4. A private key recovery vulnerability exists in the SM2 decryption logic of sm-crypto prior to version 0.3.14. By interacting with the SM2 decr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23956
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-22T02:15:52.310000

1 posts

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during deserialization. Additionally, overriding RegExp serialization with patterns that trigger catastrophic backtracking can lead to ReDoS (Regular Expression

thehackerwire@mastodon.social at 2026-01-22T03:00:16.000Z ##

🟠 CVE-2026-23956 - High (7.5)

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0
and below, overriding RegExp serialization with extremely large patterns can exhaust JavaScript runtime memory during ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23737
(7.5 HIGH)

EPSS: 0.07%

updated 2026-01-21T23:15:52.493000

1 posts

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, improper input handling in the JSON deserialization component can lead to arbitrary JavaScript code execution. Exploitation is possible via overriding constant value and error deserialization, allowing indirect access to unsafe JS evaluation. At minimum, attac

thehackerwire@mastodon.social at 2026-01-21T23:59:59.000Z ##

🟠 CVE-2026-23737 - High (7.5)

seroval facilitates JS value stringification, including complex structures beyond JSON.stringify capabilities. In versions 1.4.0 and below, improper input handling in the JSON deserialization component can lead to arbitrary JavaScript code executi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22807
(8.8 HIGH)

EPSS: 0.05%

updated 2026-01-21T22:15:49.077000

1 posts

vLLM is an inference and serving engine for large language models (LLMs). Starting in version 0.10.1 and prior to version 0.14.0, vLLM loads Hugging Face `auto_map` dynamic modules during model resolution without gating on `trust_remote_code`, allowing attacker-controlled Python code in a model repo/path to execute at server startup. An attacker who can influence the model repo/path (local directo

thehackerwire@mastodon.social at 2026-01-21T22:18:44.000Z ##

🟠 CVE-2026-22807 - High (8.8)

vLLM is an inference and serving engine for large language models (LLMs). Starting in version 0.10.1 and prior to version 0.14.0, vLLM loads Hugging Face `auto_map` dynamic modules during model resolution without gating on `trust_remote_code`, all...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-13878
(7.5 HIGH)

EPSS: 0.03%

updated 2026-01-21T21:31:32

2 posts

Malformed BRID/HHIT records can cause `named` to terminate unexpectedly. This issue affects BIND 9 versions 9.18.40 through 9.18.43, 9.20.13 through 9.20.17, 9.21.12 through 9.21.16, 9.18.40-S1 through 9.18.43-S1, and 9.20.13-S1 through 9.20.17-S1.

linux@activitypub.awakari.com at 2026-01-22T20:08:13.000Z ## Debian Oldstable BIND9 Critical Denial of Service DSA-6107-1 CVE-2025-13878 Vlatko Kosturjak discovered that BIND, a DNS server implementation, does not properly handle malformed BRID/HHIT records,...

#Debian #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##
linux@activitypub.awakari.com at 2026-01-21T15:49:37.000Z ## Slackware: bind Critical DoS Issue CVE-2025-13878 2026-021-01 New bind packages are available for Slackware 15.0 and -current to fix security issues.

#Slackware #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2026-20045
(8.2 HIGH)

EPSS: 0.68%

updated 2026-01-21T21:31:31

8 posts

A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker&nbsp;to execute arbitrary commands on the under

1 repos

https://github.com/Ashwesker/Ashwesker-CVE-2026-20045

AAKL@infosec.exchange at 2026-01-22T16:23:31.000Z ##

CISA added Cisco's critical RCE vulnerability to the KEV catalogue late yesterday.

CVE-2026-20045 Cisco Unified Communications Products Code Injection Vulnerability cisa.gov/news-events/alerts/20

More:

Computerworld: Critical Cisco UC bug actively exploited computerworld.com/article/4120 #infosec #Cisco #vulnerability

@TalosSecurity

##
beyondmachines1@infosec.exchange at 2026-01-22T08:01:02.000Z ##

Cisco Patches Actively Exploited Flaw in Unified Communications Products

Cisco patched a critical remote code execution vulnerability (CVE-2026-20045) in its Unified Communications products that attackers are actively trying to exploit to gain root access. The flaw allows unauthenticated attackers to take full control of enterprise telephony and messaging infrastructure via malicious HTTP requests.

**If you are using Cisco communication platforms, read this advisory in detail. Make sure the web management interface are isolated from the internet and accessible from trusted networks only. Then plan a quick update. Because someone will find a way to reach the vulnerable interface even if it's isolated.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##
oversecurity@mastodon.social at 2026-01-21T22:40:07.000Z ##

Cisco fixes Unified Communications RCE zero day exploited in attacks

Cisco has fixed a critical Unified Communications and Webex Calling remote code execution vulnerability, tracked as CVE-2026-20045, that has been...

🔗️ [Bleepingcomputer] link.is.it/WDsEt3

##
DarkWebInformer@infosec.exchange at 2026-01-21T22:17:13.000Z ##

‼️Attackers Actively Probing RCE Vulnerability in Cisco Enterprise Communications Products

CVE-2026-20045: Cisco Unified Communications Products Code Injection Vulnerability

CVSS: 8.2
CISA KEV: Added today; January 21st, 2026
CVE Published: January 21st, 2026

Advisory: nvd.nist.gov/vuln/detail/CVE-2

Description: A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P), Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could allow an unauthenticated, remote attacker&nbsp;to execute arbitrary commands on the underlying operating system of an affected device.&nbsp; This vulnerability is due to improper validation of user-supplied input in HTTP requests. An attacker could exploit this vulnerability by sending a sequence of crafted HTTP requests to the web-based management interface of an affected device. A successful exploit could allow the attacker to obtain user-level access to the underlying operating system and then elevate privileges to root. Note: Cisco has assigned this security advisory a Security Impact Rating (SIR) of Critical rather than High as the score indicates. The reason is that exploitation of this vulnerability could result in an attacker elevating privileges to root.

##
cisakevtracker@mastodon.social at 2026-01-21T22:01:00.000Z ##

CVE ID: CVE-2026-20045
Vendor: Cisco
Product: Unified Communications Manager
Date Added: 2026-01-21
Notes: sec.cloudapps.cisco.com/securi ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##
campuscodi@mastodon.social at 2026-01-21T21:43:36.000Z ##

New Cisco zero-day, CVE-2026-20045

sec.cloudapps.cisco.com/securi

##
thehackerwire@mastodon.social at 2026-01-21T17:37:55.000Z ##

🟠 CVE-2026-20045 - High (8.2)

A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unified Communications Manager Session Management Edition (Unified CM SME), Cisco Unified Communications Manager IM &amp; Presence Service (Unified CM IM&amp;P), Cisco Uni...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
AAKL@infosec.exchange at 2026-01-21T17:10:43.000Z ##

Four advisories from Cisco today, one of them critical. Too bad some crows no longer follow these things. 😇

- Critical: CVE-2026-20045: Cisco Unified Communications Products Remote Code Execution Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20055 and CVE-2026-20109: Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20092: Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20080: Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #Cisco #infosec #vulnerability

##

CVE-2026-22793
(9.6 CRITICAL)

EPSS: 0.20%

updated 2026-01-21T21:16:10.107000

1 posts

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, an unsafe option parsing vulnerability in the ECharts Markdown plugin allows any user able to submit ECharts code blocks to execute arbitrary JavaScript code in the renderer context. This can lead to Remote Code Execution (RCE) in environments where privileged APIs (such a

thehackerwire@mastodon.social at 2026-01-21T21:51:53.000Z ##

🔴 CVE-2026-22793 - Critical (9.6)

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, an unsafe option parsing vulnerability in the ECharts Markdown plugin allows any user able to submit ECharts code blocks...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-66692
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-21T18:31:36

1 posts

A buffer over-read in the PublicKey::verify() method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service (DoS) via a crafted input.

thehackerwire@mastodon.social at 2026-01-21T17:38:04.000Z ##

🟠 CVE-2025-66692 - High (7.5)

A buffer over-read in the PublicKey::verify() method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service (DoS) via a crafted input.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20055
(4.8 MEDIUM)

EPSS: 0.03%

updated 2026-01-21T18:30:38

1 posts

Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.&nbsp; These vulnerabilities exist because the web-

AAKL@infosec.exchange at 2026-01-21T17:10:43.000Z ##

Four advisories from Cisco today, one of them critical. Too bad some crows no longer follow these things. 😇

- Critical: CVE-2026-20045: Cisco Unified Communications Products Remote Code Execution Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20055 and CVE-2026-20109: Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20092: Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20080: Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #Cisco #infosec #vulnerability

##

CVE-2026-20092
(6.0 MEDIUM)

EPSS: 0.01%

updated 2026-01-21T18:30:38

1 posts

A vulnerability in the read-only maintenance shell of Cisco Intersight Virtual Appliance could allow an authenticated, local attacker with administrative privileges to elevate privileges to root on the virtual appliance. This vulnerability is due to improper file permissions on configuration files for system accounts within the maintenance shell of the virtual appliance. An attacker could exploit

AAKL@infosec.exchange at 2026-01-21T17:10:43.000Z ##

Four advisories from Cisco today, one of them critical. Too bad some crows no longer follow these things. 😇

- Critical: CVE-2026-20045: Cisco Unified Communications Products Remote Code Execution Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20055 and CVE-2026-20109: Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20092: Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20080: Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #Cisco #infosec #vulnerability

##

CVE-2025-70650
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-21T18:30:37

1 posts

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetMacFilterCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

thehackerwire@mastodon.social at 2026-01-21T16:16:52.000Z ##

🟠 CVE-2025-70650 - High (7.5)

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the deviceList parameter of the formSetMacFilterCfg function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70651
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-21T18:30:30

1 posts

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

thehackerwire@mastodon.social at 2026-01-21T16:17:02.000Z ##

🟠 CVE-2025-70651 - High (7.5)

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow in the ssid parameter of the form_fast_setting_wifi_set function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted request.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20109
(4.8 MEDIUM)

EPSS: 0.03%

updated 2026-01-21T17:16:08.723000

1 posts

Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise (Packaged CCE) and Cisco Unified Contact Center Enterprise (Unified CCE) could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the web-based management interface of an affected device.&nbsp; These vulnerabilities exist because the we

AAKL@infosec.exchange at 2026-01-21T17:10:43.000Z ##

Four advisories from Cisco today, one of them critical. Too bad some crows no longer follow these things. 😇

- Critical: CVE-2026-20045: Cisco Unified Communications Products Remote Code Execution Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20055 and CVE-2026-20109: Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20092: Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20080: Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #Cisco #infosec #vulnerability

##

CVE-2026-20080
(5.3 MEDIUM)

EPSS: 0.10%

updated 2026-01-21T17:16:08.410000

1 posts

A vulnerability in the SSH service of Cisco IEC6400 Wireless Backhaul Edge Compute Software could allow an unauthenticated, remote attacker to cause the SSH service to stop responding. This vulnerability exists because the SSH service lacks effective flood protection. An attacker could exploit this vulnerability by initiating a denial of service (DoS) attack against the SSH port. A successful e

AAKL@infosec.exchange at 2026-01-21T17:10:43.000Z ##

Four advisories from Cisco today, one of them critical. Too bad some crows no longer follow these things. 😇

- Critical: CVE-2026-20045: Cisco Unified Communications Products Remote Code Execution Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20055 and CVE-2026-20109: Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20092: Cisco Intersight Virtual Appliance Privilege Escalation Vulnerability sec.cloudapps.cisco.com/securi

- Medium severity: CVE-2026-20080: Cisco IEC6400 Wireless Backhaul Edge Compute Software SSH Denial of Service Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #Cisco #infosec #vulnerability

##

CVE-2025-64087
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-01-21T16:56:51

1 posts

A Server-Side Template Injection (SSTI) vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitrary code via injecting crafted template expressions.

1 repos

https://github.com/AT190510-Cuong/CVE-2025-64087-SSTI-

thehackerwire@mastodon.social at 2026-01-21T16:25:11.000Z ##

🔴 CVE-2025-64087 - Critical (9.8)

A Server-Side Template Injection (SSTI) vulnerability in the FreeMarker component of opensagres XDocReport v1.0.0 to v2.1.0 allows attackers to execute arbitrary code via injecting crafted template expressions.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22022
(8.2 HIGH)

EPSS: 0.04%

updated 2026-01-21T16:16:10.360000

1 posts

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components.  Only deployments that meet all of the following criteria are impacted by this vulnerability: * Use of Solr's "RuleBasedAuthorizationPlugin" * A RuleBasedA

thehackerwire@mastodon.social at 2026-01-21T16:22:52.000Z ##

🟠 CVE-2026-22022 - High (8.2)

Deployments of Apache Solr 5.3.0 through 9.10.0 that rely on Solr's "Rule Based Authorization Plugin" are vulnerable to allowing unauthorized access to certain Solr APIs, due to insufficiently strict input validation in those components.  Only de...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21945
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-21T16:16:08.437000

1 posts

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for JDK: 17.0.17 and 21.0.9; Oracle GraalVM Enterprise Edition: 21.3.16. Easily exploitable vulnerability allows unaut

AAKL@infosec.exchange at 2026-01-21T17:38:56.000Z ##

From yesterday, relating to CVE-2026-21945. Oracle has listed this vulnerability in its latest advisory: oracle.com/security-alerts/cpu

Tenable: SSRF Vulnerability in Java TLS Handshakes Creates DoS Risk tenable.com/blog/tenable-disco @tenable #infosec #threatresearch #JavaScript #vulnerability #DDoS #Oracle

##

CVE-2025-57156
(7.5 HIGH)

EPSS: 0.10%

updated 2026-01-21T15:32:23

1 posts

NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).

thehackerwire@mastodon.social at 2026-01-21T16:23:10.000Z ##

🟠 CVE-2025-57156 - High (7.5)

NULL pointer dereference in the dacp_reply_playqueueedit_clear function in src/httpd_dacp.c in owntone-server through commit 6d604a1 (newer commit after version 28.12) allows remote attackers to cause a Denial of Service (crash).

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-55423
(9.8 CRITICAL)

EPSS: 0.19%

updated 2026-01-21T15:32:18

1 posts

ipTIME routers A2003NS-MU 10.00.6 to 12.16.2 , N600 10.00.8 to 12.16.2, A604-V3 10.01.6 to 10.07.2, A6ns-M 10.01.6 to 14.19.4 , V508 10.02.2 to 10.06.4, N704QCA 10.02.4 to 12.16.2, A8ns-M 10.03.2 to 14.19.4, A304 10.05.4 to 10.07.4, A3004NS-M,A5004NS-M,A9004M 10.05.4 to 14.19.4, N702R 10.05.8 to 10.06.8, A604M 10.06.4 to 10.07.2, A804NS-MU 10.06.4 to 12.10.2, N804R 10.06.4 to 12.16.2, A7004M,A8004

thehackerwire@mastodon.social at 2026-01-21T16:25:01.000Z ##

🔴 CVE-2025-55423 - Critical (9.8)

A command injection vulnerability exists in the upnp_relay() function in multiple ipTIME router models because the controlURL value used to pass port-forwarding information to an upper router is passed to system() without proper validation or sani...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-65482
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-01-21T15:16:07.750000

1 posts

An XML External Entity (XXE) vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file.

1 repos

https://github.com/AT190510-Cuong/CVE-2025-65482-XXE-

thehackerwire@mastodon.social at 2026-01-21T16:25:20.000Z ##

🔴 CVE-2025-65482 - Critical (9.8)

An XML External Entity (XXE) vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-57155
(7.5 HIGH)

EPSS: 0.11%

updated 2026-01-21T15:16:06.827000

1 posts

NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c in owntone-server through commit 5e6f19a (newer commit after version 28.2) allows remote attackers to cause a Denial of Service.

thehackerwire@mastodon.social at 2026-01-21T16:23:01.000Z ##

🟠 CVE-2025-57155 - High (7.5)

NULL pointer dereference in the daap_reply_groups function in src/httpd_daap.c in owntone-server through commit 5e6f19a (newer commit after version 28.2) allows remote attackers to cause a Denial of Service.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-56353
(7.5 HIGH)

EPSS: 0.04%

updated 2026-01-21T15:16:06.640000

1 posts

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs due to the broker's failure to validate or reject malformed UTF-8 strings in topic filters. An attacker can exploit this by sending repeated subscription requests with arbitrarily large or invalid filter payloads. Each request causes memory to be allocated for the malformed topic filter, but the broker d

thehackerwire@mastodon.social at 2026-01-21T16:36:44.000Z ##

🟠 CVE-2025-56353 - High (7.5)

In tinyMQTT commit 6226ade15bd4f97be2d196352e64dd10937c1962 (2024-02-18), a memory leak occurs due to the broker's failure to validate or reject malformed UTF-8 strings in topic filters. An attacker can exploit this by sending repeated subscriptio...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23885
(6.4 MEDIUM)

EPSS: 0.02%

updated 2026-01-21T14:55:34

1 posts

### Summary A vulnerability was discovered during a manual security audit of the AlchemyCMS source code. The application uses the Ruby `eval()` function to dynamically execute a string provided by the `resource_handler.engine_name` attribute in `Alchemy::ResourcesHelper#resource_url_proxy`. ### Details The vulnerability exists in `app/helpers/alchemy/resources_helper.rb` at line 28. The code expl

1 repos

https://github.com/TheDeepOpc/CVE-2026-23885

DarkWebInformer@infosec.exchange at 2026-01-22T16:07:19.000Z ##

‼️CVE-2026-23885: AlchemyCMS has Authenticated Remote Code Execution (RCE) via eval injection in ResourcesHelper

CVSS: 6.4
CVE Published: January 19th, 2026

Advisory/Exploit/PoC: github.com/advisories/GHSA-276

Description: Alchemy is an open source content management system engine written in Ruby on Rails. Prior to versions 7.4.12 and 8.0.3, the application uses the Ruby `eval()` function to dynamically execute a string provided by the `resource_handler.engine_name` attribute in `Alchemy::ResourcesHelper#resource_url_proxy`. The vulnerability exists in `app/helpers/alchemy/resources_helper.rb` at line 28. The code explicitly bypasses security linting with `# rubocop:disable Security/Eval`, indicating that the use of a dangerous function was known but not properly mitigated. Since `engine_name` is sourced from module definitions that can be influenced by administrative configurations, it allows an authenticated attacker to escape the Ruby sandbox and execute arbitrary system commands on the host OS. Versions 7.4.12 and 8.0.3 fix the issue by replacing `eval()` with `send()`.

##

CVE-2026-22755(CVSS UNKNOWN)

EPSS: 0.96%

updated 2026-01-20T21:31:34

1 posts

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Vivotek Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, M

beyondmachines1@infosec.exchange at 2026-01-23T12:01:03.000Z ##

Critical Command Injection Vulnerability in Legacy Vivotek Cameras

Akamai SIRT discovered a critical command injection vulnerability (CVE-2026-22755) in legacy Vivotek cameras that allows unauthenticated attackers to execute arbitrary code as root.

**If you are using Vivotek cameras, this is important and urgent. Make sure your cameras are isolated from the internet and accessible from trusted networks only. Check and enforce password authentication. Then check your firmware version and if there's an update, patch ASAP. For end-of-life devices, isolate them, enforce passwords and plan a replacement process.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-64155
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-01-20T16:16:06.200000

1 posts

An improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSIEM 7.4.0, FortiSIEM 7.3.0 through 7.3.4, FortiSIEM 7.1.0 through 7.1.8, FortiSIEM 7.0.0 through 7.0.4, FortiSIEM 6.7.0 through 6.7.10 may allow an attacker to execute unauthorized code or commands via crafted TCP requests.

4 repos

https://github.com/Ashwesker/Ashwesker-CVE-2025-64155

https://github.com/purehate/CVE-2025-64155-hunter

https://github.com/horizon3ai/CVE-2025-64155

https://github.com/cyberdudebivash/CYBERDUDEBIVASH-FortiSIEM-CVE-2025-64155-Scanner

beyondmachines1@infosec.exchange at 2026-01-22T15:01:02.000Z ##

Attacks Target Freshly Patched Critical Fortinet Flaws

The Fortinet command injection flaw in FortiSIEM (CVE-2025-64155) is reported to be actively exploited to gain root access.

**This became urgent. FortiSIEM is actively attacked. Patch your FortiSIEM appliances to the latest version immediately and block port 7900 from any public access.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

CVE-2026-22844
(10.0 CRITICAL)

EPSS: 0.29%

updated 2026-01-20T15:33:21

1 posts

A Command Injection vulnerability in Zoom Node Multimedia Routers (MMRs) before version 5.2.1716.0 may allow a meeting participant to conduct remote code execution of the MMR via network access.

1 repos

https://github.com/Ashwesker/Ashwesker-CVE-2026-22844

beyondmachines1@infosec.exchange at 2026-01-22T09:01:02.000Z ##

Zoom Patches Critical Command Injection Flaw in Node Multimedia Routers

Zoom patched a critical command injection vulnerability (CVE-2026-22844) in its Node Multimedia Routers that allowed meeting participants to execute remote code. The flaw affects hybrid and connector deployments.

**Make sure all Zoom Node devices are isolated from the internet and accessible from trusted networks only. Update your MMR modules to version 5.2.1716.0 ASAP, because even if isolated there will be a way in through compromised endpoints of users.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-23744
(9.8 CRITICAL)

EPSS: 0.65%

updated 2026-01-16T21:57:11

1 posts

### Summary MCPJam inspector is the local-first development platform for MCP servers. The Latest version Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. This vulnerability is similar to CVE-2025-49596, but more severe. While CVE-2025-4959

1 repos

https://github.com/boroeurnprach/CVE-2026-23744-PoC

DarkWebInformer@infosec.exchange at 2026-01-22T00:51:05.000Z ##

‼️CVE-2026-23744: Versions 1.4.2 and earlier of MCPJam inspector are vulnerable to remote code execution (RCE)

CVSS: 9.8
CVE Published: January 16th, 2026
PoC/Exploit Published: January 20th, 2026

GitHub PoC: github.com/boroeurnprach/CVE-2

Advisory: github.com/advisories/GHSA-232

MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely via a simple HTTP request. Version 1.4.3 contains a patch.

##

CVE-2026-23490
(7.5 HIGH)

EPSS: 0.05%

updated 2026-01-16T21:56:00

1 posts

### Summary After reviewing pyasn1 v0.6.1 a Denial-of-Service issue has been found that leads to memory exhaustion from malformed RELATIVE-OID with excessive continuation octets. ### Details The integer issue can be found in the decoder as `reloid += ((subId << 7) + nextSubId,)`: https://github.com/pyasn1/pyasn1/blob/main/pyasn1/codec/ber/decoder.py#L496 ### PoC For the DoS: ```py import pyas

linux@activitypub.awakari.com at 2026-01-22T20:22:00.000Z ## Ubuntu 25.10 pyasn1 Critical Denial of Service CVE-2026-23490 pyasn1 could be made to crash if it received specially crafted input.

#Ubuntu #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2026-23745(CVSS UNKNOWN)

EPSS: 0.01%

updated 2026-01-16T21:16:24

1 posts

### Summary The `node-tar` library (`<= 7.5.2`) fails to sanitize the `linkpath` of `Link` (hardlink) and `SymbolicLink` entries when `preservePaths` is false (the default secure behavior). This allows malicious archives to bypass the extraction root restriction, leading to **Arbitrary File Overwrite** via hardlinks and **Symlink Poisoning** via absolute symlink targets. ### Details The vulnera

1 repos

https://github.com/Jvr2022/CVE-2026-23745

benzogaga33@mamot.fr at 2026-01-21T16:40:02.000Z ##

Node.js – CVE-2026-23745 : cette faille de sécurité dans la bibliothèque node-tar est à prendre au sérieux it-connect.fr/node-js-cve-2026 #ActuCybersécurité #Cybersécurité #Vulnérabilité

##

CVE-2026-20965
(7.5 HIGH)

EPSS: 0.03%

updated 2026-01-16T16:23:11.237000

2 posts

Improper verification of cryptographic signature in Windows Admin Center allows an authorized attacker to elevate privileges locally.

agowa338@chaos.social at 2026-01-25T11:42:45.000Z ##

Microslop is a bit late for the new year celebration (or a bit early for Chinese new year).

Either way they're starting/ending the year with a banger: CVE-2026-20965

Being able to steal Global Admin token and labeling it a medium severity.

#infosec #infosec2026 #itsec #itsecurity

##
agowa338@chaos.social at 2026-01-25T11:42:45.000Z ##

Microslop is a bit late for the new year celebration (or a bit early for Chinese new year).

Either way they're starting/ending the year with a banger: CVE-2026-20965

Being able to steal Global Admin token and labeling it a medium severity.

#infosec #infosec2026 #itsec #itsecurity

##

CVE-2025-59718
(9.8 CRITICAL)

EPSS: 2.27%

updated 2025-12-17T13:54:45.390000

8 posts

A improper verification of cryptographic signature vulnerability in Fortinet FortiOS 7.6.0 through 7.6.3, FortiOS 7.4.0 through 7.4.8, FortiOS 7.2.0 through 7.2.11, FortiOS 7.0.0 through 7.0.17, FortiProxy 7.6.0 through 7.6.3, FortiProxy 7.4.0 through 7.4.10, FortiProxy 7.2.0 through 7.2.14, FortiProxy 7.0.0 through 7.0.21, FortiSwitchManager 7.2.0 through 7.2.6, FortiSwitchManager 7.0.0 through 7

3 repos

https://github.com/moften/CVE-2025-59718-Fortinet-Poc

https://github.com/Ashwesker/Ashwesker-CVE-2025-59718

https://github.com/exfil0/CVE-2025-59718-PoC

undercodenews@mastodon.social at 2026-01-24T10:30:07.000Z ##

Fortinet Under Fire: Critical FortiCloud SSO Bypass Actively Exploited While Patch Still Missing

A Silent Crisis Unfolding in Enterprise Networks Fortinet, one of the world’s most widely deployed cybersecurity vendors, is facing mounting scrutiny after confirming that a critical FortiCloud Single Sign-On (SSO) authentication bypass vulnerability remains unpatched. Tracked as CVE-2025-59718, the flaw is not theoretical or limited to lab conditions—it is already being…

undercodenews.com/fortinet-und

##
undercodenews@mastodon.social at 2026-01-24T04:49:55.000Z ##

Fortinet Firewall Chaos: Patched FortiGate Devices Still Wide Open to Admin Takeovers

Introduction: A Patch That Didn’t Patch Fortinet customers who believed they were safe after applying the latest FortiGate updates are now facing an uncomfortable reality. A newly disclosed authentication bypass flaw, tracked as CVE-2025-59718, continues to expose FortiGate firewalls to full administrative compromise—even on systems already updated to version 7.4.10. The issue has…

undercodenews.com/fortinet-fir

##
benzogaga33@mamot.fr at 2026-01-23T10:40:03.000Z ##

FortiCloud SSO : des firewalls Fortinet piratés, des configurations volées ! it-connect.fr/forticloud-sso-c #ActuCybersécurité #Cybersécurité

##
zeljkazorz@infosec.exchange at 2026-01-22T13:19:37.000Z ##

CVE-2025-59718, a critical authentication bypass flaw that attackers exploited in December 2025 to compromise FortiGate appliances, appears to persist in newer, purportedly fixed releases of the underlying FortiOS.

helpnetsecurity.com/2026/01/21

#Cybersecurity #Fortinet #CVE

##
technadu@infosec.exchange at 2026-01-22T12:24:34.000Z ##

Fortinet FortiGate admins are observing exploitation patterns consistent with CVE-2025-59718 even on patched systems, suggesting incomplete mitigation in earlier updates.

Reports include SSO-based admin creation and activity aligned with previously documented attacks. Additional FortiOS releases are expected.

The situation reinforces the need for defense-in-depth around identity, logging, and privileged access.

Source: bleepingcomputer.com/news/secu

Follow @technadu for neutral, operationally focused security reporting.

#Infosec #Fortinet #FirewallSecurity #IAM #VulnerabilityManagement #TechNadu

##
beyondmachines1@infosec.exchange at 2026-01-22T12:01:02.000Z ##

FortiGate Firewalls Compromised Despite Recent Patches for CVE-2025-59718

Fortinet FortiGate firewalls are reported to still be vulnerable to authentication bypass attacks via CVE-2025-59718 even after applying initial patches. Attackers use malicious SAML responses to create unauthorized admin accounts and steal configuration data.

**If you are using Fortinet FortiGate, this is important and urgent. Your device may still be vulnerable. Disable the FortiCloud SSO login feature immediately on all FortiGate appliances to prevent unauthorized administrative access.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
benzogaga33@mamot.fr at 2026-01-22T10:40:03.000Z ##

CVE-2025-59718 – Des firewalls FortiGate piratés malgré l’installation des derniers patchs it-connect.fr/cve-2025-59718-d #ActuCybersécurité #Cybersécurité #Vulnérabilité #Fortinet

##
decio@infosec.exchange at 2026-01-22T07:38:37.000Z ##

Si vous administrez des FortiGate/FortiOS : des admins signalent un contournement du patch de la vulnérabilité critique CVE-2025-59718 (FortiCloud SSO fortiguard.fortinet.com/psirt/ ) → compromission possible même sur des firewalls « patchés » (ex. 7.4.9/7.4.10).

( reddit.com/r/fortinet/comments )

Préreq : “Allow administrative login using FortiCloud SSO” activé (souvent après enregistrement FortiCare).

Mitigation : désactiver admin-forticloud-sso-login + restreindre l’accès admin + vérifier logs/nouveaux comptes.

Chaîne d'exploitation: CVE-2025-59718 (+ CVE-2025-59719 côté FortiWeb) ➡️ envoi de messages SAML forgés ➡️ bypass de vérification de signature ➡️ accès admin non autorisé.

[Références]
"Fortinet admins report patched FortiGate firewalls getting hacked"
👇
bleepingcomputer.com/news/secu

( cyberveille.ch/posts/2026-01-2)

💬
⬇️
infosec.pub/post/40878137

#CyberVeille #Fortinet #FortiGate #FortiOS #CVE_2025_59718

##

CVE-2025-14321
(9.8 CRITICAL)

EPSS: 0.08%

updated 2025-12-11T21:15:46.907000

1 posts

Use-after-free in the WebRTC: Signaling component. This vulnerability affects Firefox < 146, Firefox ESR < 140.6, Thunderbird < 146, and Thunderbird < 140.6.

_r_netsec@infosec.exchange at 2026-01-23T07:13:06.000Z ##

Firefox / WebRTC Encoded Transforms: UAF via undetached ArrayBuffer / CVE-2025-1432 aisle.com/blog/firefox-webrtc-

##

CVE-2025-59719
(9.8 CRITICAL)

EPSS: 0.08%

updated 2025-12-09T19:59:29.507000

1 posts

An improper verification of cryptographic signature vulnerability in Fortinet FortiWeb 8.0.0, FortiWeb 7.6.0 through 7.6.4, FortiWeb 7.4.0 through 7.4.9 may allow an unauthenticated attacker to bypass the FortiCloud SSO login authentication via a crafted SAML response message.

1 repos

https://github.com/moften/CVE-2025-59718-Fortinet-Poc

decio@infosec.exchange at 2026-01-22T07:38:37.000Z ##

Si vous administrez des FortiGate/FortiOS : des admins signalent un contournement du patch de la vulnérabilité critique CVE-2025-59718 (FortiCloud SSO fortiguard.fortinet.com/psirt/ ) → compromission possible même sur des firewalls « patchés » (ex. 7.4.9/7.4.10).

( reddit.com/r/fortinet/comments )

Préreq : “Allow administrative login using FortiCloud SSO” activé (souvent après enregistrement FortiCare).

Mitigation : désactiver admin-forticloud-sso-login + restreindre l’accès admin + vérifier logs/nouveaux comptes.

Chaîne d'exploitation: CVE-2025-59718 (+ CVE-2025-59719 côté FortiWeb) ➡️ envoi de messages SAML forgés ➡️ bypass de vérification de signature ➡️ accès admin non autorisé.

[Références]
"Fortinet admins report patched FortiGate firewalls getting hacked"
👇
bleepingcomputer.com/news/secu

( cyberveille.ch/posts/2026-01-2)

💬
⬇️
infosec.pub/post/40878137

#CyberVeille #Fortinet #FortiGate #FortiOS #CVE_2025_59718

##

CVE-2025-1432
(7.8 HIGH)

EPSS: 0.08%

updated 2025-11-13T19:34:53.453000

1 posts

A maliciously crafted 3DM file, when parsed through Autodesk AutoCAD, can force a Use-After-Free vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process.

_r_netsec@infosec.exchange at 2026-01-23T07:13:06.000Z ##

Firefox / WebRTC Encoded Transforms: UAF via undetached ArrayBuffer / CVE-2025-1432 aisle.com/blog/firefox-webrtc-

##

CVE-2025-12480
(9.1 CRITICAL)

EPSS: 74.74%

updated 2025-11-12T15:32:32

1 posts

Triofox versions prior to 16.7.10368.56560, are vulnerable to an Improper Access Control flaw that allows access to initial setup pages even after setup is complete.

Nuclei template

catc0n@infosec.exchange at 2026-01-23T19:48:15.000Z ##

Join @vulncheck next week for our new In the Wild webcast series! This month, our research team will do a deep dive on developing an exploit for Gladinet Triofox CVE-2025-12480, a process that wound up being significantly more complex than expected.

Wednesday, Jan. 28 @ 1 PM ET (and the last Wednesday of every month!)

wwv.vulncheck.com/in-the-wild-

##

CVE-2021-35394
(9.8 CRITICAL)

EPSS: 94.22%

updated 2025-11-07T19:01:01.300000

2 posts

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that is usually compiled as 'UDPServer' binary. The binary is affected by multiple memory corruption vulnerabilities and an arbitrary command injection vulnerability that can be exploited by remote unauthenticated attackers.

Nuclei template

hrbrmstr@mastodon.social at 2026-01-24T13:16:28.000Z ##

185.93.89.75 was a busy bee today! Attempting Realtek Jungle SDK formWsc Injection aimed mostly @ the U.S.

That SDK is used in RTL819x series chipsets (RTL819xD and related) that provide wireless capabilities for a broad range of IoT devices. Based on the ONEKEY/IoT Inspector research that disclosed CVE-2021-35394 and related vulnerabilities.

Wonder what mischief they're up to?

##
hrbrmstr@mastodon.social at 2026-01-24T13:16:28.000Z ##

185.93.89.75 was a busy bee today! Attempting Realtek Jungle SDK formWsc Injection aimed mostly @ the U.S.

That SDK is used in RTL819x series chipsets (RTL819xD and related) that provide wireless capabilities for a broad range of IoT devices. Based on the ONEKEY/IoT Inspector research that disclosed CVE-2021-35394 and related vulnerabilities.

Wonder what mischief they're up to?

##

CVE-2025-34164(CVSS UNKNOWN)

EPSS: 0.30%

updated 2025-11-03T18:32:42

1 posts

A heap-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially result in arbitrary code execution.

codewhitesec@infosec.exchange at 2026-01-23T12:28:24.000Z ##

You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 code-white.com/blog/2026-01-ns

##

CVE-2025-34165
(0 None)

EPSS: 0.19%

updated 2025-09-02T15:55:35.520000

1 posts

A stack-based buffer overflow vulnerability in NetSupport Manager 14.x versions prior to 14.12.0000 allows a remote, unauthenticated attacker to cause a denial of service (DoS) or potentially leak a limited amount of memory.

codewhitesec@infosec.exchange at 2026-01-23T12:28:24.000Z ##

You like technical deep dives into binary exploitation and crazy heap wizardry? Then you'll like our blog post about unauth'ed RCE in NetSupport Manager aka CVE-2025-34164 & CVE-2025-34165 code-white.com/blog/2026-01-ns

##

CVE-2024-32462
(8.4 HIGH)

EPSS: 0.19%

updated 2025-08-21T00:43:47.783000

1 posts

Flatpak is a system for building, distributing, and running sandboxed desktop applications on Linux. in versions before 1.10.9, 1.12.9, 1.14.6, and 1.15.8, a malicious or compromised Flatpak app could execute arbitrary code outside its sandbox. Normally, the `--command` argument of `flatpak run` expects to be given a command to run in the specified Flatpak app, optionally along with some arguments

1 repos

https://github.com/SpiralBL0CK/CVE-2024-32462

alip@mastodon.online at 2026-01-22T17:50:13.000Z ##

Sometimes devil is in the details. #POSIX requires option parsing to terminate when the initial non-option argument is encountered. This is different than the #GNU style which continues parsing arguments until an explicit "--" is encountered. The latter has been susceptible to command line injection attacks. One recent example is in #bubblewrap & #flatpak combo with CVE-2024-32462. Otoh, #sydbox and all its utilities use posixly correct option parsing: nvd.nist.gov/vuln/detail/cve-2 #linux #security

##

CVE-2025-54068(CVSS UNKNOWN)

EPSS: 0.12%

updated 2025-08-18T08:03:59

1 posts

### Impact In Livewire v3 (≤ 3.6.3), a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is unique to Livewire v3 and does not affect prior major versions. Exploitation requires a component to be mounted and configured in a particular way, but does no

4 repos

https://github.com/haxorstars/CVE-2025-54068

https://github.com/z0d131482700x/Livewire2025CVE

https://github.com/synacktiv/Livepyre

https://github.com/flame-11/CVE-2025-54068-livewire

DarkWebInformer@infosec.exchange at 2026-01-22T19:25:25.000Z ##

‼️Livepyre: A tool designed to exploit CVE-2025-54068 and Remote Command Execution if the APP_KEY of the Livewire project is known.

GitHub: github.com/synacktiv/Livepyre

Writeup: synacktiv.com/en/publications/

CVSS: 9.2

Description: Livewire is a full-stack framework for Laravel. In Livewire v3 up to and including v3.6.3, a vulnerability allows unauthenticated attackers to achieve remote command execution in specific scenarios. The issue stems from how certain component property updates are hydrated. This vulnerability is unique to Livewire v3 and does not affect prior major versions. Exploitation requires a component to be mounted and configured in a particular way, but does not require authentication or user interaction. This issue has been patched in Livewire v3.6.4. All users are strongly encouraged to upgrade to this version or later as soon as possible. No known workarounds are available.

##

CVE-2007-0882
(0 None)

EPSS: 90.96%

updated 2025-04-09T00:30:58.490000

2 posts

Argument injection vulnerability in the telnet daemon (in.telnetd) in Solaris 10 and 11 (SunOS 5.10 and 5.11) misinterprets certain client "-f" sequences as valid requests for the login program to skip authentication, which allows remote attackers to log into certain accounts, as demonstrated by the bin account.

ela at 2026-01-24T08:21:34.638Z ##

OMG. -froot bug resurfaced. seclists.org/oss-sec/2026/q1/89

I see the headlines, "10 years old bug".

My friends, this bug is older. Much older. Not this particular instance, but it is a classical mistake to make. It's a command line injection when calling the login executable.

Some people point to CVE-2007-0882. Solaris had that, almost 20 years ago.

But it's even older than that. It's so old it predates the CVE system. I don't remember exact dates, but we popped Linux and AIX boxes with that, mid 90s.

But it is *even older* than that. Have a look at System V R4, ©1990, getty calling login with unsanitized input:

github.com/calmsacibis995/svr4

But how deep does the rabbit hole go? When was this bug introduced?

Getty called login with user input since the dawn of time (UNIX V2, 1972):

tuhs.org/cgi-bin/utree.pl?file

But this predates command line arguments in login:

tuhs.org/cgi-bin/utree.pl?file

So, when did this particular command line feature of login appear?

In the BSD universe, -f was introduced with POSIX compatibilitiy in 4.3BSD-Reno:

tuhs.org/cgi-bin/utree.pl?file

But someone paid attention and filtered out user names starting with - in getty:

tuhs.org/cgi-bin/utree.pl?file

RCS timestamp says 6/29/1990, so same age as SysV R4.

The original 4.3BSD (1986) doesn't filter the user name:

tuhs.org/cgi-bin/utree.pl?file

And it does have a -r option in login:

tuhs.org/cgi-bin/utree.pl?file

Exploitable? No idea, argv processing might be a problem. I'll find out another day.

In conclusion: bug existed since 1990, it's so easy to make when implementing POSIX that it keeps resurfacing, and at least one person in Berkeley knew since day 0.

##
ela@infosec.exchange at 2026-01-24T08:21:34.000Z ##

OMG. -froot bug resurfaced. seclists.org/oss-sec/2026/q1/89

I see the headlines, "10 years old bug".

My friends, this bug is older. Much older. Not this particular instance, but it is a classical mistake to make. It's a command line injection when calling the login executable.

Some people point to CVE-2007-0882. Solaris had that, almost 20 years ago.

But it's even older than that. It's so old it predates the CVE system. I don't remember exact dates, but we popped Linux and AIX boxes with that, mid 90s.

But it is *even older* than that. Have a look at System V R4, ©1990, getty calling login with unsanitized input:

github.com/calmsacibis995/svr4

But how deep does the rabbit hole go? When was this bug introduced?

Getty called login with user input since the dawn of time (UNIX V2, 1972):

tuhs.org/cgi-bin/utree.pl?file

But this predates command line arguments in login:

tuhs.org/cgi-bin/utree.pl?file

So, when did this particular command line feature of login appear?

In the BSD universe, -f was introduced with POSIX compatibilitiy in 4.3BSD-Reno:

tuhs.org/cgi-bin/utree.pl?file

But someone paid attention and filtered out user names starting with - in getty:

tuhs.org/cgi-bin/utree.pl?file

RCS timestamp says 6/29/1990, so same age as SysV R4.

The original 4.3BSD (1986) doesn't filter the user name:

tuhs.org/cgi-bin/utree.pl?file

And it does have a -r option in login:

tuhs.org/cgi-bin/utree.pl?file

Exploitable? No idea, argv processing might be a problem. I'll find out another day.

In conclusion: bug existed since 1990, it's so easy to make when implementing POSIX that it keeps resurfacing, and at least one person in Berkeley knew since day 0.

##

CVE-2020-15250
(4.4 MEDIUM)

EPSS: 0.02%

updated 2024-11-21T05:05:11.403000

1 posts

In JUnit4 from version 4.7 and before 4.13.1, the test rule TemporaryFolder contains a local information disclosure vulnerability. On Unix like systems, the system's temporary directory is shared between all users on that system. Because of this, when files and directories are written into this directory they are, by default, readable by other users on that same system. This vulnerability does not

bitbonk@mastodon.social at 2026-01-23T19:21:57.000Z ##

@bradwilson @xunit well well, just because we are not running something in production doesn’t mean it can’t have vulnerablilities 😊😈

nvd.nist.gov/vuln/detail/cve-2

##

CVE-2020-14343
(9.8 CRITICAL)

EPSS: 13.70%

updated 2024-11-21T05:03:03.217000

1 posts

A vulnerability was discovered in the PyYAML library in versions before 5.4, where it is susceptible to arbitrary code execution when it processes untrusted YAML files through the full_load method or with the FullLoader loader. Applications that use the library to process untrusted input may be vulnerable to this flaw. This flaw allows an attacker to execute arbitrary code on the system by abusing

2 repos

https://github.com/j4k0m/loader-CVE-2020-14343

https://github.com/Kairo-one/CVE-2020-14343-PyYAML

thehackerwire@mastodon.social at 2026-01-22T16:22:51.000Z ##

🟠 CVE-2026-24009 - High (8.1)

Docling Core (or docling-core) is a library that defines core data types and transformations in the document processing application Docling. A PyYAML-related Remote Code Execution (RCE) vulnerability, namely CVE-2020-14343, is exposed in docling-c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-1999-0113(CVSS UNKNOWN)

EPSS: 18.66%

updated 2024-02-13T18:38:18

1 posts

Some implementations of rlogin allow root access if given a -froot parameter.

fets.bsky.social@bsky.brid.gy at 2026-01-23T05:17:17.948Z ##

I remember a similar one on AIX with rlogind in the early 90s. (CVE-1999-0113 from 1994 it seems). I may or may not have used this at the time :-)

##

CVE-2026-24399
(0 None)

EPSS: 0.01%

4 posts

N/A

thehackerwire@mastodon.social at 2026-01-24T01:34:09.000Z ##

🔴 CVE-2026-24399 - Critical (9.3)

ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an payload containing a javascript: URI can be proces...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T01:20:46.000Z ##

🔴 CVE-2026-24399 - Critical (9.3)

ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an payload containing a javascript: URI can be proces...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T01:34:09.000Z ##

🔴 CVE-2026-24399 - Critical (9.3)

ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an payload containing a javascript: URI can be proces...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T01:20:46.000Z ##

🔴 CVE-2026-24399 - Critical (9.3)

ChatterMate is a no-code AI chatbot agent framework. In versions 1.0.8 and below, the chatbot accepts and executes malicious HTML/JavaScript payloads when supplied as chat input. Specifically, an payload containing a javascript: URI can be proces...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24406
(0 None)

EPSS: 0.06%

4 posts

N/A

thehackerwire@mastodon.social at 2026-01-24T01:33:59.000Z ##

🟠 CVE-2026-24406 - High (8.8)

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccTagNamedColor2::SetSize(). This occurs when user-contro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T01:20:39.000Z ##

🟠 CVE-2026-24406 - High (8.8)

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccTagNamedColor2::SetSize(). This occurs when user-contro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T01:33:59.000Z ##

🟠 CVE-2026-24406 - High (8.8)

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccTagNamedColor2::SetSize(). This occurs when user-contro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T01:20:39.000Z ##

🟠 CVE-2026-24406 - High (8.8)

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccTagNamedColor2::SetSize(). This occurs when user-contro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24405
(0 None)

EPSS: 0.06%

2 posts

N/A

thehackerwire@mastodon.social at 2026-01-24T01:20:49.000Z ##

🟠 CVE-2026-24405 - High (8.8)

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccMpeCalculator::Read(). This occurs when user-controllab...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-01-24T01:20:49.000Z ##

🟠 CVE-2026-24405 - High (8.8)

iccDEV provides libraries and tools for interacting with, manipulating, and applying ICC color management profiles. Versions 2.3.1.1 and below have a Heap Buffer Overflow vulnerability in CIccMpeCalculator::Read(). This occurs when user-controllab...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-48384
(0 None)

EPSS: 0.33%

1 posts

N/A

44 repos

https://github.com/vignesh21-git/CVE-2025-48384

https://github.com/jacobholtz/CVE-2025-48384-submodule

https://github.com/beishanxueyuan/CVE-2025-48384

https://github.com/mukesh-610/cve-2025-48384-exploit

https://github.com/eliox01/CVE-2025-48384

https://github.com/acheong08/CVE-2025-48384

https://github.com/p1026/CVE-2025-48384

https://github.com/altm4n/cve-2025-48384

https://github.com/ECHO6789/CVE-2025-48384-submodule

https://github.com/replicatorbot/CVE-2025-48384

https://github.com/kallydev/cve-2025-48384-hook

https://github.com/vignesh21-git/CVE-2025-48384-submodule

https://github.com/mukesh-610/cve-2025-48384

https://github.com/nguyentranbaotran/cve-2025-48384-poc

https://github.com/liamg/CVE-2025-48384-submodule

https://github.com/liamg/CVE-2025-48384

https://github.com/zr0n/CVE-2025-48384-sub

https://github.com/IK-20211125/CVE-2025-48384

https://github.com/EdwardYeIntrix/CVE-2025-48384-Scanner

https://github.com/s41r4j/CVE-2025-48384-submodule

https://github.com/s41r4j/CVE-2025-48384

https://github.com/beishanxueyuan/CVE-2025-48384-test

https://github.com/butyraldehyde/CVE-2025-48384-PoC

https://github.com/fluoworite/CVE-2025-48384

https://github.com/greatyy/CVE-2025-48384-p

https://github.com/butyraldehyde/CVE-2025-48384-PoC-Part2

https://github.com/elprogramadorgt/CVE-2025-48384

https://github.com/fishyyh/CVE-2025-48384

https://github.com/arun1033/CVE-2025-48384

https://github.com/altm4n/cve-2025-48384-hub

https://github.com/fishyyh/CVE-2025-48384-POC

https://github.com/NigelX/CVE-2025-48384

https://github.com/fluoworite/CVE-2025-48384-sub

https://github.com/f1shh/CVE-2025-48384

https://github.com/replicatorbot/CVE-2025-48384-POC

https://github.com/vinieger/vinieger-CVE-2025-48384-Dockerfile

https://github.com/ppd520/CVE-2025-48384

https://github.com/admin-ping/CVE-2025-48384-RCE

https://github.com/Anezatraa/CVE-2025-48384-submodule

https://github.com/testdjshan/CVE-2025-48384

https://github.com/jacobholtz/CVE-2025-48384-poc

https://github.com/MarcoTondolo/cve-2025-48384-poc

https://github.com/zr0n/CVE-2025-48384-main

https://github.com/simplyfurious/CVE-2025-48384-submodule_test

linux@activitypub.awakari.com at 2026-01-23T21:15:44.000Z ## Future-Proof Your Ubuntu: Mastering Backporting to Bypass Package Obsolescence Key Points A high vulnerability (CVE-2025-48384) was discovered in git, allowing arbitrary code execution when cloning...

#Ubuntu #News

Origin | Interest | Match ##

CVE-2026-1386
(0 None)

EPSS: 0.01%

1 posts

N/A

linux@activitypub.awakari.com at 2026-01-23T20:51:09.000Z ## CVE-2026-1386 - Arbitrary Host File Overwrite via Symlink in Firecracker Jailer Bulletin ID: 2026-003-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/01/23 12:30 ...


Origin | Interest | Match ##

CVE-2026-24138
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-01-23T01:45:01.000Z ##

🟠 CVE-2026-24138 - High (7.5)

FOG is a free open-source cloning/imaging/rescue suite/inventory management system. Versions 1.5.10.1754 and below contain an unauthenticated SSRF vulnerability in getversion.php which can be triggered by providing a user-controlled url parameter....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24129
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-01-22T23:27:52.000Z ##

🟠 CVE-2026-24129 - High (8)

Runtipi is a Docker-based, personal homeserver orchestrator that facilitates multiple services on a single server. Versions 3.7.0 and above allow an authenticated user to execute arbitrary system commands on the host server by injecting shell meta...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1220
(0 None)

EPSS: 0.00%

1 posts

N/A

beyondmachines1@infosec.exchange at 2026-01-22T10:01:03.000Z ##

Google Patches High-Severity V8 Race Condition in Chrome 144

Google released Chrome 144 to patch a high-severity race condition in the V8 engine (CVE-2026-1220) that could allow arbitrary code execution.

**If you are using Google Chrome or other Chromium-based browsers (Edge, Brave, Vivaldi, Opera...) patch your browser ASAP. Even if the flaw is not critical, you shouldn't wait for the flaw to become actively exploited. Update now, it's trivial and all your tabs reopen after the update.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-24038
(0 None)

EPSS: 0.07%

1 posts

N/A

thehackerwire@mastodon.social at 2026-01-22T05:07:02.000Z ##

🟠 CVE-2026-24038 - High (8.1)

Horilla is a free and open source Human Resource Management System (HRMS). In version 1.4.0, the OTP handling logic has a flawed equality check that can be bypassed. When an OTP expires, the server returns None, and if an attacker omits the otp fi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23962
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-01-22T04:05:11.000Z ##

🟠 CVE-2026-23962 - High (7.5)

Mastodon is a free, open-source social network server based on ActivityPub. Mastodon versions before v4.3.18, v4.4.12, and v4.5.5 do not have a limit on the maximum number of poll options for remote posts, allowing attackers to create polls with a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22792
(0 None)

EPSS: 0.12%

1 posts

N/A

thehackerwire@mastodon.social at 2026-01-21T21:52:03.000Z ##

🔴 CVE-2026-22792 - Critical (9.6)

5ire is a cross-platform desktop artificial intelligence assistant and model context protocol client. Prior to version 0.15.3, an unsafe HTML rendering permits untrusted HTML (including on* event attributes) to execute in the renderer context. An ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-68137
(0 None)

EPSS: 0.02%

1 posts

N/A

thehackerwire@mastodon.social at 2026-01-21T20:34:12.000Z ##

🟠 CVE-2025-68137 - High (8.3)

EVerest is an EV charging software stack. Prior to version 2025.10.0, an integer overflow occurring in `SdpPacket::parse_header()` allows the current buffer length to be set to 7 after a complete header of size 8 has been read. The remaining lengt...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
Visit counter For Websites