## Updated at UTC 2026-03-03T03:51:51.272975

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-2628 9.8 0.00% 2 0 2026-03-03T02:16:10.873000 The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin for WordPres
CVE-2026-1566 8.8 0.00% 2 0 2026-03-03T00:15:55.133000 The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for W
CVE-2026-3338 7.5 0.00% 4 0 2026-03-02T23:16:31.653000 Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthentica
CVE-2026-3337 5.9 0.00% 2 0 2026-03-02T23:16:31.507000 Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthen
CVE-2026-3336 7.5 0.00% 4 0 2026-03-02T23:16:31.373000 Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenti
CVE-2026-0021 8.4 0.00% 2 0 2026-03-02T22:16:29.627000 In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible
CVE-2026-0020 8.4 0.00% 2 0 2026-03-02T22:16:29.477000 In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way t
CVE-2026-0006 9.8 0.00% 2 1 2026-03-02T22:16:28.227000 In multiple locations, there is a possible out of bounds read and write due to a
CVE-2026-20434 7.5 0.06% 1 0 2026-03-02T22:04:18.130000 In Modem, there is a possible out of bounds write due to a missing bounds check.
CVE-2026-21882 8.4 0.00% 2 0 2026-03-02T21:59:24 ### Impact **Vulnerability Type:** Local Privilege Escalation (LPE) / Improper
CVE-2026-0035 8.4 0.00% 2 0 2026-03-02T21:31:51 In createRequest of MediaProvider.java, there is a possible way for an app to ga
CVE-2026-0047 8.4 0.00% 2 0 2026-03-02T21:31:44 In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for
CVE-2026-0031 8.4 0.00% 2 0 2026-03-02T21:31:43 In multiple functions of mem_protect.c, there is a possible out of bounds write
CVE-2026-0030 8.4 0.00% 2 0 2026-03-02T21:31:43 In __host_check_page_state_range of mem_protect.c, there is a possible out of bo
CVE-2026-0034 8.4 0.00% 2 0 2026-03-02T21:31:42 In setPackageOrComponentEnabled of ManagedServices.java, there is a possible not
CVE-2025-48636 8.4 0.00% 4 0 2026-03-02T21:31:42 In openFile of BugreportContentProvider.java, there is a possible way to read an
CVE-2026-22207 9.8 0.17% 1 0 2026-03-02T21:16:26.037000 OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken ac
CVE-2026-0038 8.4 0.00% 2 0 2026-03-02T21:16:25.360000 In multiple functions of mem_protect.c, there is a possible way to execute arbit
CVE-2026-0037 8.4 0.00% 2 0 2026-03-02T21:16:25.210000 In multiple functions of ffa.c, there is a possible memory corruption due to a l
CVE-2026-0028 8.4 0.00% 2 0 2026-03-02T21:16:24.423000 In __pkvm_host_share_guest of mem_protect.c, there is a possible out of bounds w
CVE-2025-32313 8.4 0.00% 2 0 2026-03-02T21:16:23.910000 In UsageEvents of UsageEvents.java, there is a possible out of bounds write due
CVE-2026-27167 0.0 0.04% 2 0 2026-03-02T20:30:10.923000 Gradio is an open-source Python package designed for quick prototyping. Starting
CVE-2026-3408 4.3 0.04% 1 0 2026-03-02T20:30:10.923000 A vulnerability was identified in Open Babel up to 3.1.1. This impacts the funct
CVE-2026-3398 8.8 0.05% 2 0 2026-03-02T20:30:10.923000 A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function f
CVE-2026-28562 8.2 0.02% 2 0 2026-03-02T20:30:10.923000 wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics:
CVE-2026-3376 8.8 0.05% 2 0 2026-03-02T20:30:10.923000 A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by th
CVE-2026-3377 8.8 0.05% 2 0 2026-03-02T20:30:10.923000 A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is th
CVE-2026-3380 8.8 0.05% 2 0 2026-03-02T20:30:10.923000 A vulnerability was found in Tenda F453 1.0.0.3. This issue affects the function
CVE-2026-3379 8.8 0.05% 2 0 2026-03-02T20:30:10.923000 A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects
CVE-2026-27751 9.8 0.04% 2 0 2026-03-02T20:30:10.923000 SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default cre
CVE-2026-2471 7.5 0.04% 1 0 2026-03-02T20:30:10.923000 The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection i
CVE-2026-2751 8.3 0.01% 1 1 2026-03-02T20:30:10.923000 Blind SQL Injection via unsanitized array keys in Service Dependencies deletion.
CVE-2026-26861 8.3 0.02% 1 0 2026-03-02T20:30:10.923000 CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripti
CVE-2026-27836 7.5 0.03% 1 0 2026-03-02T20:30:10.923000 phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the Web
CVE-2026-27939 8.8 0.01% 1 0 2026-03-02T20:30:10.923000 Statmatic is a Laravel and Git powered content management system (CMS). Starting
CVE-2026-28408 9.8 0.05% 2 0 2026-03-02T20:30:10.923000 WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the
CVE-2026-28406 8.2 0.12% 1 0 2026-03-02T20:30:10.923000 kaniko is a tool to build container images from a Dockerfile, inside a container
CVE-2026-28414 7.5 0.15% 1 0 2026-03-02T20:30:10.923000 Gradio is an open-source Python package designed for quick prototyping. Prior to
CVE-2026-28426 8.7 0.03% 1 0 2026-03-02T20:30:10.923000 Statmatic is a Laravel and Git powered content management system (CMS). Prior to
CVE-2025-58107 7.5 0.00% 2 1 2026-03-02T20:29:29.330000 In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on
CVE-2026-21853 8.8 0.00% 2 0 2026-03-02T20:29:29.330000 AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to
CVE-2026-3180 7.5 0.00% 2 0 2026-03-02T20:29:29.330000 The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plu
CVE-2025-47373 7.8 0.00% 2 0 2026-03-02T20:29:29.330000 Memory Corruption when accessing buffers with invalid length during TA invocatio
CVE-2025-47377 7.8 0.00% 2 0 2026-03-02T20:29:29.330000 Memory Corruption when accessing a buffer after it has been freed while processi
CVE-2025-47381 7.8 0.00% 2 0 2026-03-02T20:29:29.330000 Memory Corruption while processing IOCTL calls when concurrent access to shared
CVE-2025-47386 7.8 0.00% 2 0 2026-03-02T20:29:29.330000 Memory Corruption while invoking IOCTL calls when concurrent access to shared bu
CVE-2025-59600 7.8 0.00% 2 0 2026-03-02T20:29:29.330000 Memory Corruption when adding user-supplied data without checking available buff
CVE-2026-21385 7.8 0.00% 2 0 2026-03-02T20:29:29.330000 Memory corruption while using alignments for memory allocation.
CVE-2025-52468 8.8 0.00% 2 0 2026-03-02T20:29:29.330000 Chamilo is a learning management system. Prior to version 1.11.30, an input vali
CVE-2026-28403 7.6 0.00% 2 0 2026-03-02T20:29:29.330000 Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `Director
CVE-2026-3432 0 0.00% 2 0 2026-03-02T20:29:29.330000 On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endpoint conta
CVE-2026-2999 9.8 0.10% 1 0 2026-03-02T20:29:29.330000 IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution v
CVE-2026-21660 9.8 0.02% 2 0 2026-03-02T18:32:46 Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext S
CVE-2026-3132 8.8 0.00% 2 0 2026-03-02T18:31:52 The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Re
CVE-2025-59603 7.8 0.00% 2 0 2026-03-02T18:31:52 Memory Corruption when processing invalid user address with nonstandard buffer a
CVE-2026-26720 9.8 0.00% 4 1 2026-03-02T18:31:51 An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute ar
CVE-2025-47376 7.8 0.00% 2 0 2026-03-02T18:31:51 Memory Corruption when concurrent access to shared buffer occurs during IOCTL ca
CVE-2026-24110 9.8 0.00% 4 0 2026-03-02T18:31:45 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send over
CVE-2025-47375 7.8 0.00% 2 0 2026-03-02T18:31:45 Memory corruption while handling different IOCTL calls from the user-space simul
CVE-2025-47379 7.8 0.00% 2 0 2026-03-02T18:31:45 Memory Corruption when concurrent access to shared buffer occurs due to improper
CVE-2025-47385 7.8 0.00% 2 0 2026-03-02T18:31:45 Memory Corruption when accessing trusted execution environment without proper pr
CVE-2026-20781 9.4 0.13% 1 0 2026-03-02T18:31:44.237000 WebSocket endpoints lack proper authentication mechanisms, enabling attackers t
CVE-2026-24101 9.8 0.00% 4 0 2026-03-02T18:31:44 An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_mul
CVE-2026-21657 9.8 0.08% 2 0 2026-03-02T18:31:41 Improper Control of Generation of Code ('Code Injection') vulnerability in Johns
CVE-2026-21656 9.8 0.08% 2 0 2026-03-02T18:31:41 Improper Control of Generation of Code ('Code Injection') vulnerability in Johns
CVE-2026-20792 7.5 0.06% 1 0 2026-03-02T18:31:26.967000 The WebSocket Application Programming Interface lacks restrictions on the numbe
CVE-2026-27767 9.4 0.13% 2 0 2026-03-02T18:27:43.510000 WebSocket endpoints lack proper authentication mechanisms, enabling attackers t
CVE-2026-21654 9.8 0.45% 2 0 2026-03-02T18:25:01.993000 Improper Neutralization of Special Elements used in an OS Command ('OS Command I
CVE-2026-21658 9.8 0.59% 3 0 2026-03-02T18:24:25.517000 Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code
CVE-2026-21659 9.8 0.52% 2 0 2026-03-02T18:23:49.030000 Unauthenticated Remote Code Execution and Information Disclosure due to Local Fi
CVE-2026-27772 9.4 0.13% 2 0 2026-03-02T15:46:42.537000 WebSocket endpoints lack proper authentication mechanisms, enabling attackers t
CVE-2026-3431 9.8 0.00% 3 0 2026-03-02T15:31:31 On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrar
CVE-2026-20430 8.8 0.02% 1 0 2026-03-02T15:31:24 In wlan AP FW, there is a possible out of bounds write due to an incorrect bound
CVE-2026-27942 None 0.04% 1 0 2026-03-02T15:10:06 ### Impact Application crashes with stack overflow when user use XML builder wit
CVE-2026-2584 None 0.30% 1 0 2026-03-02T09:30:37 A critical SQL Injection (SQLi) vulnerability has been identified in the authent
CVE-2026-3000 9.8 0.10% 2 0 2026-03-02T09:30:37 IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution v
CVE-2026-3422 9.8 0.40% 2 0 2026-03-02T09:30:31 U-Office Force developed by e-Excellence has a Insecure Deserialization vulnerab
CVE-2026-3412 4.3 0.03% 1 0 2026-03-02T06:32:05 A vulnerability was detected in itsourcecode University Management System 1.0. T
CVE-2026-3399 8.8 0.05% 2 0 2026-03-02T00:30:29 A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerabi
CVE-2026-3400 8.8 0.05% 2 0 2026-03-02T00:30:19 A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by
CVE-2026-3378 8.8 0.05% 2 0 2026-03-01T03:30:24 A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqosse
CVE-2026-28425 8.0 0.14% 1 0 2026-03-01T01:30:56 ### Impact An authenticated control panel user with access to Antlers-enabled in
CVE-2026-28416 8.2 0.03% 1 0 2026-03-01T01:29:34 ### Summary A Server-Side Request Forgery (SSRF) vulnerability in Gradio allows
CVE-2026-26862 8.3 0.01% 1 0 2026-03-01T01:26:40 CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Si
CVE-2026-2844 None 0.07% 1 0 2026-02-28T12:30:25 Missing Authentication for Critical Function vulnerability in Microchip TimePict
CVE-2026-3010 None 0.05% 1 0 2026-02-28T12:30:25 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site
CVE-2025-13673 7.5 0.06% 1 0 2026-02-28T09:30:14 The Tutor LMS – eLearning and online course solution plugin for WordPress is vul
CVE-2026-28370 9.1 0.08% 2 0 2026-02-28T02:24:33 In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0
CVE-2026-28363 10.0 0.09% 1 0 2026-02-28T02:17:26 In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be b
CVE-2026-28268 9.8 0.03% 2 0 2026-02-28T01:59:29 **Summary** A critical business logic vulnerability exists in the password reset
CVE-2026-28213 9.8 0.04% 1 0 2026-02-28T01:18:18.080000 EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have
CVE-2025-11252 9.8 0.03% 1 0 2026-02-28T01:09:31.663000 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-27630 7.5 0.10% 1 0 2026-02-28T01:01:22.727000 TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prio
CVE-2026-20902 8.0 0.20% 1 0 2026-02-27T23:13:13.603000 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and
CVE-2026-21718 10.0 0.07% 1 0 2026-02-27T23:11:48.947000 An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12
CVE-2026-2597 7.5 0.04% 1 0 2026-02-27T21:32:27 Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buff
CVE-2025-69437 8.7 0.04% 1 0 2026-02-27T21:32:27 PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can
CVE-2026-27141 7.5 0.05% 1 0 2026-02-27T21:32:22 Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running s
CVE-2026-27755 9.8 0.11% 2 0 2026-02-27T21:31:26 SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak sessio
CVE-2026-22206 8.8 0.14% 1 0 2026-02-27T21:31:21 SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows
CVE-2026-22205 7.5 0.23% 1 0 2026-02-27T21:31:21 SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability cau
CVE-2026-26222 9.8 1.02% 1 0 2026-02-27T20:05:06.970000 Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes i
CVE-2026-27510 9.6 0.08% 4 0 2026-02-27T19:16:08.767000 Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree G
CVE-2026-27509 8.0 0.03% 4 0 2026-02-27T19:16:08.547000 Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not imp
CVE-2025-40932 8.2 0.03% 1 0 2026-02-27T19:16:04.780000 Apache::SessionX versions through 2.01 for Perl create insecure session id. Apa
CVE-2026-26986 7.5 0.05% 1 0 2026-02-27T19:11:09.313000 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio
CVE-2026-27950 7.5 0.08% 1 0 2026-02-27T19:10:21.367000 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio
CVE-2026-28274 8.7 0.07% 1 0 2026-02-27T19:07:37.763000 Initiative is a self-hosted project management platform. Versions of the applica
CVE-2026-28276 7.5 0.11% 1 0 2026-02-27T19:06:01.180000 Initiative is a self-hosted project management platform. An access control vulne
CVE-2026-24352 9.8 0.04% 1 0 2026-02-27T18:36:00.687000 PluXml CMS allows a user's session identifier to be set before authentication. T
CVE-2026-3271 8.8 0.11% 1 0 2026-02-27T18:32:07 A vulnerability was found in Tenda F453 1.0.0.3. This impacts the function fromP
CVE-2026-2749 10.0 0.03% 2 1 2026-02-27T18:31:12 Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Cent
CVE-2026-2750 9.1 0.04% 1 2 2026-02-27T18:31:06 Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Cen
CVE-2025-11251 9.8 0.01% 1 0 2026-02-27T17:22:23.443000 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-27969 None 0.04% 1 0 2026-02-27T16:03:55 ### Impact Anyone with read/write access to the backup storage location (e.g. a
CVE-2026-3272 8.8 0.08% 1 0 2026-02-27T15:48:08.343000 A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function f
CVE-2026-3301 9.8 2.90% 3 0 2026-02-27T15:36:49.730000 A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affe
CVE-2025-10990 7.5 0.15% 1 0 2026-02-27T15:34:19 A flaw was found in REXML. A remote attacker could exploit inefficient regular e
CVE-2026-23750 8.1 0.01% 1 0 2026-02-27T15:16:29.433000 Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buf
CVE-2026-25997 9.8 0.07% 1 0 2026-02-27T14:57:09.820000 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio
CVE-2026-25954 7.5 0.05% 1 0 2026-02-27T14:56:16.663000 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio
CVE-2026-25942 7.5 0.05% 1 0 2026-02-27T14:54:06.747000 FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to versio
CVE-2026-27498 0 0.59% 1 0 2026-02-27T14:06:59.787000 n8n is an open source workflow automation platform. Prior to versions 2.2.0 and
CVE-2026-21902 9.8 0.25% 3 0 2026-02-27T14:06:59.787000 An Incorrect Permission Assignment for Critical Resource vulnerability in the On
CVE-2025-71057 8.2 0.01% 1 0 2026-02-27T14:06:37.987000 Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124
CVE-2025-50857 9.8 0.58% 1 0 2026-02-27T14:06:37.987000 ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /mod
CVE-2026-26682 7.8 0.02% 1 0 2026-02-27T14:06:37.987000 An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary
CVE-2026-1565 8.8 0.28% 1 0 2026-02-27T14:06:37.987000 The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Members
CVE-2026-27449 7.5 0.05% 1 0 2026-02-27T14:06:37.987000 Umbraco Engage is a business intelligence platform. A vulnerability has been ide
CVE-2026-0980 8.3 0.22% 1 0 2026-02-27T14:06:37.987000 A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller
CVE-2026-28211 7.8 0.01% 1 0 2026-02-27T14:06:37.987000 The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA d
CVE-2025-12981 9.8 0.04% 1 0 2026-02-27T14:06:37.987000 The Listee theme for WordPress is vulnerable to privilege escalation in all vers
CVE-2026-24689 8.0 0.22% 1 0 2026-02-27T14:06:37.987000 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr
CVE-2026-25195 8.0 0.22% 1 0 2026-02-27T14:06:37.987000 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and
CVE-2026-25109 8.0 0.22% 1 0 2026-02-27T14:06:37.987000 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and p
CVE-2026-1442 7.8 0.01% 1 0 2026-02-27T14:06:37.987000 Since the encryption algorithm used to protect firmware updates is itself encryp
CVE-2026-24695 8.0 0.22% 1 0 2026-02-27T14:06:37.987000 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and
CVE-2026-2251 9.8 0.05% 2 0 2026-02-27T09:30:35 Improper limitation of a pathname to a restricted directory (Path Traversal) vul
CVE-2026-2252 7.5 0.04% 1 0 2026-02-27T09:30:35 An XML External Entity (XXE) vulnerability allows malicious user to perform Serv
CVE-2026-24663 9.1 1.35% 2 0 2026-02-27T03:30:33 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri
CVE-2026-27028 9.4 0.18% 2 0 2026-02-27T03:30:33 WebSocket endpoints lack proper authentication mechanisms, enabling attackers t
CVE-2026-21389 8.1 0.20% 1 0 2026-02-27T03:30:33 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri
CVE-2026-20910 8.1 0.20% 1 0 2026-02-27T03:30:33 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri
CVE-2026-24517 8.1 0.22% 1 0 2026-02-27T03:30:33 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and p
CVE-2026-24445 7.5 0.06% 1 0 2026-02-27T03:30:33 The WebSocket Application Programming Interface lacks restrictions on the numbe
CVE-2026-25111 8.1 0.22% 1 0 2026-02-27T03:30:33 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pri
CVE-2026-25085 8.6 0.07% 1 0 2026-02-27T03:30:33 A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which
CVE-2026-20742 8.1 0.20% 1 0 2026-02-27T03:30:32 An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and pr
CVE-2026-22553 9.8 1.26% 1 0 2026-02-27T03:15:54.487000 All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection
CVE-2026-25851 9.4 0.13% 2 0 2026-02-27T00:31:52 WebSocket endpoints lack proper authentication mechanisms, enabling attackers t
CVE-2026-24731 9.4 0.13% 1 0 2026-02-27T00:31:52 WebSocket endpoints lack proper authentication mechanisms, enabling attackers t
CVE-2026-25945 7.5 0.06% 1 0 2026-02-27T00:31:52 The WebSocket Application Programming Interface lacks restrictions on the numbe
CVE-2026-25113 7.5 0.06% 1 0 2026-02-27T00:31:51 The WebSocket Application Programming Interface lacks restrictions on the numbe
CVE-2026-25114 7.5 0.06% 1 0 2026-02-27T00:31:51 The WebSocket Application Programming Interface lacks restrictions on the numbe
CVE-2026-28136 7.6 0.03% 1 0 2026-02-26T21:32:34 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-26938 8.6 0.04% 1 0 2026-02-26T21:31:39 Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336)
CVE-2026-27888 None 0.04% 1 0 2026-02-26T19:55:35 ### Impact An attacker who uses this vulnerability can craft a PDF which leads t
CVE-2025-40552 9.8 5.22% 1 1 template 2026-02-26T19:30:48.133000 SolarWinds Web Help Desk was found to be susceptible to an authentication bypass
CVE-2026-27849 9.8 0.05% 1 0 2026-02-26T18:32:43 Due to missing neutralization of special elements, OS commands can be injected v
CVE-2026-3201 4.7 0.01% 1 0 2026-02-26T14:49:01.050000 USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4
CVE-2026-3202 4.7 0.02% 1 0 2026-02-26T14:47:37.923000 NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of ser
CVE-2026-3203 5.5 0.02% 1 0 2026-02-26T14:41:13.870000 RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to
CVE-2025-70327 9.8 2.05% 1 0 2026-02-26T03:32:24 TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerabi
CVE-2025-70328 8.8 2.94% 1 0 2026-02-26T03:31:18 TOTOLINK X6000R v9.4.0cu.1498_B20250826 contains an OS command injection vulnera
CVE-2026-20127 10.0 2.19% 2 2 2026-02-25T18:31:45 A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controlle
CVE-2025-13942 9.8 0.48% 1 0 2026-02-25T18:13:10.563000 A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 fi
CVE-2026-25108 8.8 18.59% 1 0 2026-02-24T21:32:35 FileZen contains an OS command injection vulnerability. When FileZen Antivirus C
CVE-2025-64328 7.2 24.83% 1 1 2026-02-24T19:30:59.130000 FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX
CVE-2025-40541 9.1 0.02% 1 0 2026-02-24T18:32:04 An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which
CVE-2025-40538 9.1 0.04% 1 0 2026-02-24T17:51:27.573000 A broken access control vulnerability exists in Serv-U which when exploited, giv
CVE-2026-26331 8.8 0.70% 1 1 2026-02-24T16:08:36 ### Summary When yt-dlp's `--netrc-cmd` command-line option (or `netrc_cmd` Pyth
CVE-2026-2033 8.1 15.58% 1 0 2026-02-23T18:14:13.887000 MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Executio
CVE-2026-2329 9.8 41.14% 1 0 2026-02-20T20:57:50.360000 An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP
CVE-2026-22769 10.0 34.16% 1 0 2026-02-18T18:30:35 Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a
CVE-2026-0714 6.8 0.01% 2 0 2026-02-18T17:55:46.557000 A physical attack vulnerability exists in certain Moxa industrial computers usin
CVE-2026-1731 9.8 60.92% 2 5 template 2026-02-17T15:31:33 BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote
CVE-2023-4911 7.8 57.16% 1 18 template 2026-02-13T18:31:22 A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so whi
CVE-2026-21513 8.8 4.12% 4 0 2026-02-10T21:31:29 Protection mechanism failure in MSHTML Framework allows an unauthorized attacker
CVE-2026-1603 8.6 11.74% 1 0 template 2026-02-10T18:30:49 An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allo
CVE-2020-37088 7.5 4.95% 1 0 2026-02-10T17:03:53.480000 School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthen
CVE-2026-1687 7.3 5.42% 1 0 2026-02-10T15:14:03.207000 A weakness has been identified in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon
CVE-2020-37123 9.8 12.89% 1 0 template 2026-02-05T20:47:37.777000 Pinger 1.0 contains a remote code execution vulnerability that allows attackers
CVE-2026-1207 5.4 7.39% 1 0 template 2026-02-04T17:34:46.147000 An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4
CVE-2026-21859 5.8 1.13% 1 0 template 2026-02-02T19:16:52.987000 Mailpit is an email testing tool and API for developers. Versions 1.28.0 and bel
CVE-2025-13348 None 0.01% 2 0 2026-02-02T03:31:18 An improper access control vulnerability exists in ASUS Secure Delete Driver of
CVE-2026-21852 None 0.05% 1 2 2026-01-21T21:40:20 A vulnerability in Claude Code's project-load flow allowed malicious repositorie
CVE-2026-0628 8.8 0.02% 1 2 2026-01-07T15:31:20 Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7
CVE-2025-0282 9.1 94.12% 1 10 template 2025-10-22T00:34:17 A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5,
CVE-2025-11462 7.8 0.04% 2 0 2025-10-14T18:15:34.687000 Improper Link Resolution Before File Access in the AWS VPN Client for macOS vers
CVE-2025-59536 None 0.04% 1 0 2025-10-03T14:16:36 Due to a bug in the startup trust dialog implementation, Claude Code could be tr
CVE-2024-37032 8.8 93.81% 1 3 template 2025-05-01T14:01:44.767000 Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64
CVE-2017-13089 8.8 51.23% 1 2 2025-04-20T01:37:25.860000 The http.c:skip_short_body() function is called in some circumstances, such as w
CVE-2023-4116 4.3 25.35% 1 0 template 2024-11-21T08:34:25.727000 A vulnerability classified as problematic was found in PHP Jabbers Taxi Booking
CVE-2023-41772 7.8 19.53% 1 1 2024-04-04T08:32:52 Win32k Elevation of Privilege Vulnerability
CVE-2026-28286 0 0.00% 2 0 N/A
CVE-2025-50187 0 0.00% 4 0 N/A
CVE-2025-68615 0 0.05% 2 1 N/A
CVE-2025-52482 0 0.00% 2 0 N/A
CVE-2026-23627 0 0.01% 1 0 N/A
CVE-2026-25955 0 0.05% 1 0 N/A
CVE-2026-25953 0 0.07% 1 0 N/A
CVE-2026-25952 0 0.07% 1 0 N/A
CVE-2026-25959 0 0.06% 1 0 N/A
CVE-2026-24680 0 0.02% 1 0 N/A
CVE-2026-27633 0 0.10% 1 0 N/A
CVE-2026-28215 0 0.06% 1 0 N/A
CVE-2026-27947 0 0.30% 1 0 N/A
CVE-2026-28272 0 0.03% 1 0 N/A
CVE-2026-28400 0 0.02% 1 0 N/A
CVE-2026-28411 0 0.27% 2 0 N/A
CVE-2026-28409 0 0.21% 2 0 N/A
CVE-2026-28216 0 0.04% 1 0 N/A
CVE-2026-28275 0 0.03% 1 0 N/A

CVE-2026-2628
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-03-03T02:16:10.873000

2 posts

The All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 2.2.5. This makes it possible for unauthenticated attackers to bypass authentication and log in as other users, including administrators.

offseq at 2026-03-03T03:00:28.945Z ##

⚠️ CVE-2026-2628: CRITICAL auth bypass in All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin (≤2.2.5). Attackers can access WP admin accounts with no credentials. Disable plugin or restrict logins until patched! radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-03-03T03:00:28.000Z ##

⚠️ CVE-2026-2628: CRITICAL auth bypass in All-in-One Microsoft 365 & Entra ID / Azure AD SSO Login plugin (≤2.2.5). Attackers can access WP admin accounts with no credentials. Disable plugin or restrict logins until patched! radar.offseq.com/threat/cve-20 #OffSeq #WordPress #AzureAD

##

CVE-2026-1566
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-03T00:15:55.133000

2 posts

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 5.2.7. This is due to the plugin allowing users with a LatePoint Agent role, who are creating new customers to set the 'wordpress_user_id' field. This makes it possible for authenticated attackers, with Agent-level a

offseq at 2026-03-03T01:30:26.970Z ##

🚩 CVE-2026-1566 (HIGH): LatePoint WordPress plugin lets Agent users reset admin passwords — leads to full privilege escalation. All versions up to 5.2.7 affected. Restrict Agent roles & monitor now. radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-03-03T01:30:26.000Z ##

🚩 CVE-2026-1566 (HIGH): LatePoint WordPress plugin lets Agent users reset admin passwords — leads to full privilege escalation. All versions up to 5.2.7 affected. Restrict Agent roles & monitor now. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Vuln #Infosec

##

CVE-2026-3338
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-02T23:16:31.653000

4 posts

Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0.

awssecurityfeed at 2026-03-02T23:30:01.448Z ##

Issue with AWS-LC: an open-source, general-purpose cryptographic library (CVE-2026-3336, CVE-2026-3337, CVE-2026-3338)

Bulletin ID: 2026-005-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/02 14:30 PM PST
Description:
AWS-LC is an open-source, general-purpose cryptographic library. We identified three distin...

aws.amazon.com/security/securi

##
thehackerwire@mastodon.social at 2026-03-02T22:22:10.000Z ##

🟠 CVE-2026-3338 - High (7.5)

Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes.

Customers of AWS services do not need to take action. Applica...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
awssecurityfeed@infosec.exchange at 2026-03-02T23:30:01.000Z ##

Issue with AWS-LC: an open-source, general-purpose cryptographic library (CVE-2026-3336, CVE-2026-3337, CVE-2026-3338)

Bulletin ID: 2026-005-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/02 14:30 PM PST
Description:
AWS-LC is an open-source, general-purpose cryptographic library. We identified three distin...

aws.amazon.com/security/securi

#aws #security

##
thehackerwire@mastodon.social at 2026-03-02T22:22:10.000Z ##

🟠 CVE-2026-3338 - High (7.5)

Improper signature validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass signature verification when processing PKCS7 objects with Authenticated Attributes.

Customers of AWS services do not need to take action. Applica...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3337
(5.9 MEDIUM)

EPSS: 0.00%

updated 2026-03-02T23:16:31.507000

2 posts

Observable timing discrepancy in AES-CCM decryption in AWS-LC allows an unauthenticated user to potentially determine authentication tag validity via timing analysis. The impacted implementations are through the EVP CIPHER API: EVP_aes_128_ccm, EVP_aes_192_ccm, and EVP_aes_256_ccm. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC vers

awssecurityfeed at 2026-03-02T23:30:01.448Z ##

Issue with AWS-LC: an open-source, general-purpose cryptographic library (CVE-2026-3336, CVE-2026-3337, CVE-2026-3338)

Bulletin ID: 2026-005-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/02 14:30 PM PST
Description:
AWS-LC is an open-source, general-purpose cryptographic library. We identified three distin...

aws.amazon.com/security/securi

##
awssecurityfeed@infosec.exchange at 2026-03-02T23:30:01.000Z ##

Issue with AWS-LC: an open-source, general-purpose cryptographic library (CVE-2026-3336, CVE-2026-3337, CVE-2026-3338)

Bulletin ID: 2026-005-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/02 14:30 PM PST
Description:
AWS-LC is an open-source, general-purpose cryptographic library. We identified three distin...

aws.amazon.com/security/securi

#aws #security

##

CVE-2026-3336
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-02T23:16:31.373000

4 posts

Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer. Customers of AWS services do not need to take action. Applications using AWS-LC should upgrade to AWS-LC version 1.69.0.

awssecurityfeed at 2026-03-02T23:30:01.448Z ##

Issue with AWS-LC: an open-source, general-purpose cryptographic library (CVE-2026-3336, CVE-2026-3337, CVE-2026-3338)

Bulletin ID: 2026-005-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/02 14:30 PM PST
Description:
AWS-LC is an open-source, general-purpose cryptographic library. We identified three distin...

aws.amazon.com/security/securi

##
thehackerwire@mastodon.social at 2026-03-02T22:22:20.000Z ##

🟠 CVE-2026-3336 - High (7.5)

Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer.

Customers of AWS services do not nee...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
awssecurityfeed@infosec.exchange at 2026-03-02T23:30:01.000Z ##

Issue with AWS-LC: an open-source, general-purpose cryptographic library (CVE-2026-3336, CVE-2026-3337, CVE-2026-3338)

Bulletin ID: 2026-005-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 2026/03/02 14:30 PM PST
Description:
AWS-LC is an open-source, general-purpose cryptographic library. We identified three distin...

aws.amazon.com/security/securi

#aws #security

##
thehackerwire@mastodon.social at 2026-03-02T22:22:20.000Z ##

🟠 CVE-2026-3336 - High (7.5)

Improper certificate validation in PKCS7_verify() in AWS-LC allows an unauthenticated user to bypass certificate chain verification when processing PKCS7 objects with multiple signers, except the final signer.

Customers of AWS services do not nee...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0021
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T22:16:29.627000

2 posts

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T23:00:39.000Z ##

🟠 CVE-2026-0021 - High (8.4)

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T23:00:39.000Z ##

🟠 CVE-2026-0021 - High (8.4)

In hasInteractAcrossUsersFullPermission of AppInfoBase.java, there is a possible cross-user permission bypass due to a confused deputy. This could lead to local escalation of privilege with no additional execution privileges needed. User interacti...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0020
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T22:16:29.477000

2 posts

In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T23:00:25.000Z ##

🟠 CVE-2026-0020 - High (8.4)

In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges n...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T23:00:25.000Z ##

🟠 CVE-2026-0020 - High (8.4)

In parsePermissionGroup of ParsedPermissionUtils.java, there is a possible way to bypass a consent dialog to obtain permissions due to a permissions bypass. This could lead to local escalation of privilege with no additional execution privileges n...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0006
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-03-02T22:16:28.227000

2 posts

In multiple locations, there is a possible out of bounds read and write due to a heap buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.

1 repos

https://github.com/aydin5245/cve-2026-0006

offseq at 2026-03-03T00:00:39.097Z ##

🔴 CVE-2026-0006: CRITICAL RCE in Android 16 via heap buffer overflows. No user action or privileges needed — remote attackers can fully compromise devices. Patch urgently when available! radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-03-03T00:00:39.000Z ##

🔴 CVE-2026-0006: CRITICAL RCE in Android 16 via heap buffer overflows. No user action or privileges needed — remote attackers can fully compromise devices. Patch urgently when available! radar.offseq.com/threat/cve-20 #OffSeq #Android #RCE #Vulnerability

##

CVE-2026-20434
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-02T22:04:18.130000

1 posts

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is needed for exploitation. Patch ID: MOLY00782946; Issue ID: MSV-4135.

thehackerwire@mastodon.social at 2026-03-02T14:40:54.000Z ##

🟠 CVE-2026-20434 - High (7.5)

In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges n...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21882
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:59:24

2 posts

### Impact **Vulnerability Type:** Local Privilege Escalation (LPE) / Improper Privilege Management / Arbitrary Command Execution. The application automatically re-executes the previously failed command but does not properly drop elevated privileges during this process. When the tool is executed with `sudo` or otherwise runs with an effective UID of root, it records the last executed command an

thehackerwire@mastodon.social at 2026-03-02T20:19:46.000Z ##

🟠 CVE-2026-21882 - High (8.4)

theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via command re-execution. This issue has been patched i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T20:19:46.000Z ##

🟠 CVE-2026-21882 - High (8.4)

theshit is a command-line utility that automatically detects and fixes common mistakes in shell commands. Prior to version 0.2.0, improper privilege dropping allows local privilege escalation via command re-execution. This issue has been patched i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0035
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:31:51

2 posts

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T22:00:26.000Z ##

🟠 CVE-2026-0035 - High (8.4)

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges n...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T22:00:26.000Z ##

🟠 CVE-2026-0035 - High (8.4)

In createRequest of MediaProvider.java, there is a possible way for an app to gain read/write access to non-existing files due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges n...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0047
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:31:44

2 posts

In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T20:19:55.000Z ##

🟠 CVE-2026-0047 - High (8.4)

In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T20:19:55.000Z ##

🟠 CVE-2026-0047 - High (8.4)

In dumpBitmapsProto of ActivityManagerService.java, there is a possible way for an app to access private information due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0031
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:31:43

2 posts

In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T21:19:54.000Z ##

🟠 CVE-2026-0031 - High (8.4)

In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploit...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T21:19:54.000Z ##

🟠 CVE-2026-0031 - High (8.4)

In multiple functions of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploit...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0030
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:31:43

2 posts

In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T21:19:45.000Z ##

🟠 CVE-2026-0030 - High (8.4)

In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T21:19:45.000Z ##

🟠 CVE-2026-0030 - High (8.4)

In __host_check_page_state_range of mem_protect.c, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not n...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0034
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:31:42

2 posts

In setPackageOrComponentEnabled of ManagedServices.java, there is a possible notification policy desync due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T22:00:15.000Z ##

🟠 CVE-2026-0034 - High (8.4)

In setPackageOrComponentEnabled of ManagedServices.java, there is a possible notification policy desync due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T22:00:15.000Z ##

🟠 CVE-2026-0034 - High (8.4)

In setPackageOrComponentEnabled of ManagedServices.java, there is a possible notification policy desync due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-48636
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:31:42

4 posts

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T20:20:18.000Z ##

🟠 CVE-2025-48636 - High (8.4)

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T20:20:04.000Z ##

🟠 CVE-2025-48636 - High (8.4)

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T20:20:18.000Z ##

🟠 CVE-2025-48636 - High (8.4)

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T20:20:04.000Z ##

🟠 CVE-2025-48636 - High (8.4)

In openFile of BugreportContentProvider.java, there is a possible way to read and write unauthorized files due to a path traversal error. This could lead to local escalation of privilege with no additional execution privileges needed. User interac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22207
(9.8 CRITICAL)

EPSS: 0.17%

updated 2026-03-02T21:16:26.037000

1 posts

OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when the root_api_key configuration is omitted. Attackers can send requests to protected endpoints without authentication headers to access administrative functions including account management, resource operations, and system conf

thehackerwire@mastodon.social at 2026-02-28T10:09:48.000Z ##

🔴 CVE-2026-22207 - Critical (9.8)

OpenViking through version 0.1.18, prior to commit 0251c70, contains a broken access control vulnerability that allows unauthenticated attackers to gain ROOT privileges when the root_api_key configuration is omitted. Attackers can send requests ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0038
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:16:25.360000

2 posts

In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T22:14:48.000Z ##

🟠 CVE-2026-0038 - High (8.4)

In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T22:14:48.000Z ##

🟠 CVE-2026-0038 - High (8.4)

In multiple functions of mem_protect.c, there is a possible way to execute arbitrary code due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not ne...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0037
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:16:25.210000

2 posts

In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T22:00:36.000Z ##

🟠 CVE-2026-0037 - High (8.4)

In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T22:00:36.000Z ##

🟠 CVE-2026-0037 - High (8.4)

In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0028
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:16:24.423000

2 posts

In __pkvm_host_share_guest of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T21:19:35.000Z ##

🟠 CVE-2026-0028 - High (8.4)

In __pkvm_host_share_guest of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ex...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T21:19:35.000Z ##

🟠 CVE-2026-0028 - High (8.4)

In __pkvm_host_share_guest of mem_protect.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for ex...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-32313
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-02T21:16:23.910000

2 posts

In UsageEvents of UsageEvents.java, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

thehackerwire@mastodon.social at 2026-03-02T22:14:57.000Z ##

🟠 CVE-2025-32313 - High (8.4)

In UsageEvents of UsageEvents.java, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for explo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T22:14:57.000Z ##

🟠 CVE-2025-32313 - High (8.4)

In UsageEvents of UsageEvents.java, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for explo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27167
(0.0 NONE)

EPSS: 0.04%

updated 2026-03-02T20:30:10.923000

2 posts

Gradio is an open-source Python package designed for quick prototyping. Starting in version 4.16.0 and prior to version 6.6.0, Gradio applications running outside of Hugging Face Spaces automatically enable "mocked" OAuth routes when OAuth components (e.g. `gr.LoginButton`) are used. When a user visits `/login/huggingface`, the server retrieves its own Hugging Face access token via `huggingface_hu

AAKL at 2026-03-02T15:36:46.889Z ##

New.

Tenable has added three vulnerabilities to its threat advisories:

- Critical: CVE-2026-3432: Sim Studio AI - Unauthenticated OAuth Token Theft tenable.com/security/research/

- Critical: CVE-2026-3431: Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion tenable.com/security/research/

- Medium: CVE-2026-27167: Gradio - Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret tenable.com/security/research/ @tenable

##
AAKL@infosec.exchange at 2026-03-02T15:36:46.000Z ##

New.

Tenable has added three vulnerabilities to its threat advisories:

- Critical: CVE-2026-3432: Sim Studio AI - Unauthenticated OAuth Token Theft tenable.com/security/research/

- Critical: CVE-2026-3431: Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion tenable.com/security/research/

- Medium: CVE-2026-27167: Gradio - Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret tenable.com/security/research/ @tenable #vulnerability #infosec

##

CVE-2026-3408
(4.3 MEDIUM)

EPSS: 0.04%

updated 2026-03-02T20:30:10.923000

1 posts

A vulnerability was identified in Open Babel up to 3.1.1. This impacts the function OBAtom::GetExplicitValence of the file isrc/atom.cpp of the component CDXML File Handler. Such manipulation leads to null pointer dereference. The attack can be launched remotely. The exploit is publicly available and might be used. The name of the patch is e23a224b8fd9d7c2a7cde9ef4ec6afb4c05aa08a. It is best pract

offseq@infosec.exchange at 2026-03-02T04:30:28.000Z ##

🔎 CVE-2026-3408 (MEDIUM): Open Babel 3.1.0/3.1.1 vulnerable to DoS via null pointer dereference in CDXML handler. Exploit public, patch available (commit e23a224b8fd9…). Update now to prevent app crashes! radar.offseq.com/threat/cve-20 #OffSeq #OpenBabel #VulnAlert

##

CVE-2026-3398
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-02T20:30:10.923000

2 posts

A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. Executing a manipulation of the argument wanmode/PPPOEPassword can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

offseq@infosec.exchange at 2026-03-02T03:00:27.000Z ##

🔎 HIGH severity: Tenda F453 v1.0.0.3 vulnerable to remote buffer overflow (CVE-2026-3398) via /goform/AdvSetWan. Exploit public, RCE possible with no auth. Disable remote admin & monitor for exploits. Patch ASAP. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #RouterSec

##
thehackerwire@mastodon.social at 2026-03-01T22:19:46.000Z ##

🟠 CVE-2026-3398 - High (8.8)

A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. Executing a manipulation of the argument wanmode/PPPOEPassword can lead to buffer overflow. The atta...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28562
(8.2 HIGH)

EPSS: 0.02%

updated 2026-03-02T20:30:10.923000

2 posts

wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payloads to perform blind boolean extraction of credentials from the WordPress database.

offseq@infosec.exchange at 2026-03-01T10:30:26.000Z ##

🛡️ HIGH severity: CVE-2026-28562 in wpForo Forum 2.4.14 (WordPress) — unauthenticated SQL injection via wpfob, enabling blind credential extraction. Apply WAF rules & monitor logs until a fix is released. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #SQLInjection #Infosec

##
thehackerwire@mastodon.social at 2026-03-01T05:01:04.000Z ##

🟠 CVE-2026-28562 - High (8.2)

wpForo 2.4.14 contains an unauthenticated SQL injection vulnerability in Topics::get_topics() where the ORDER BY clause relies on ineffective esc_sql() sanitization on unquoted identifiers. Attackers exploit the wpfob parameter with CASE WHEN payl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3376
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-02T20:30:10.923000

2 posts

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used.

offseq@infosec.exchange at 2026-03-01T09:00:26.000Z ##

🔒 CVE-2026-3376: HIGH severity buffer overflow in Tenda F453 v1.0.0.3 (/goform/SafeMacFilter). Public exploit enables remote code execution — no auth needed. Isolate devices & restrict access until patched. radar.offseq.com/threat/cve-20 #OffSeq #RouterVuln #InfoSec

##
thehackerwire@mastodon.social at 2026-03-01T05:00:55.000Z ##

🟠 CVE-2026-3376 - High (8.8)

A security vulnerability has been detected in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromSafeMacFilter of the file /goform/SafeMacFilter. Such manipulation of the argument page leads to buffer overflow. It is possible t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3377
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-02T20:30:10.923000

2 posts

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Performing a manipulation of the argument page results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used.

offseq@infosec.exchange at 2026-03-01T07:30:28.000Z ##

⚠️ CVE-2026-3377 (HIGH): Buffer overflow in Tenda F453 v1.0.0.3 via /goform/SafeUrlFilter. Public exploit available, no patch yet. Restrict device access & monitor traffic. Details: radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Tenda #Infosec

##
thehackerwire@mastodon.social at 2026-03-01T05:00:44.000Z ##

🟠 CVE-2026-3377 - High (8.8)

A vulnerability was detected in Tenda F453 1.0.0.3. Affected by this issue is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter. Performing a manipulation of the argument page results in buffer overflow. The attack can be initiated ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3380
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-02T20:30:10.923000

2 posts

A vulnerability was found in Tenda F453 1.0.0.3. This issue affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page results in buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.

offseq@infosec.exchange at 2026-03-01T04:30:27.000Z ##

🚨 CVE-2026-3380: HIGH-severity buffer overflow in Tenda F453 (v1.0.0.3). Remotely exploitable, no auth needed — PoC public. Isolate devices, restrict WAN, monitor for /goform/L7Im traffic. Patch pending. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Tenda #InfoSec

##
thehackerwire@mastodon.social at 2026-03-01T04:26:28.000Z ##

🟠 CVE-2026-3380 - High (8.8)

A vulnerability was found in Tenda F453 1.0.0.3. This issue affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page results in buffer overflow. The attack may be launched remotely. The exploit has been made...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3379
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-02T20:30:10.923000

2 posts

A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.

thehackerwire@mastodon.social at 2026-03-01T04:26:37.000Z ##

🟠 CVE-2026-3379 - High (8.8)

A vulnerability has been found in Tenda F453 1.0.0.3. This vulnerability affects the function fromSetIpBind of the file /goform/SetIpBind. The manipulation of the argument page leads to buffer overflow. The attack may be initiated remotely. The ex...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-03-01T03:00:27.000Z ##

🚨 HIGH severity: Tenda F453 v1.0.0.3 has a buffer overflow (CVE-2026-3379) in /goform/SetIpBind. Remotely exploitable with no auth. Restrict access, monitor for exploit attempts, and patch ASAP. radar.offseq.com/threat/cve-20 #OffSeq #Cybersecurity #Vulnerability #CVE20263379

##

CVE-2026-27751
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-03-02T20:30:10.923000

2 posts

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default credentials without password change enforcement to gain full administrative control of the device.

offseq@infosec.exchange at 2026-02-28T09:00:27.000Z ##

🔐 CVE-2026-27751 (CRITICAL): SODOLA SL902-SWTGW124AS gateways (≤200.1.20) use default creds, enabling remote admin takeover. Change all passwords or restrict access ASAP! No patch yet. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #IoTSecurity #NetworkSecurity

##
thehackerwire@mastodon.social at 2026-02-28T07:00:03.000Z ##

🔴 CVE-2026-27751 - Critical (9.8)

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a default credentials vulnerability that allows remote attackers to obtain administrative access to the management interface. Attackers can authenticate using the hardcoded default...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2471
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-02T20:30:10.923000

1 posts

The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the `BaseModel` class constructor calling `maybe_unserialize()` on all properties retrieved from the database without validation. This makes it possible for unauthenticated attackers to in

thehackerwire@mastodon.social at 2026-02-28T07:17:52.000Z ##

🟠 CVE-2026-2471 - High (7.5)

The WP Mail Logging plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1.15.0 via deserialization of untrusted input from the email log message field. This is due to the `BaseModel` class constructor c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2751
(8.3 HIGH)

EPSS: 0.01%

updated 2026-03-02T20:30:10.923000

1 posts

Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central Server before 25.10.8, 24.10.20, 24.04.24.

1 repos

https://github.com/hakaioffsec/Centreon-Exploits-2026

thehackerwire@mastodon.social at 2026-02-28T07:15:01.000Z ##

🟠 CVE-2026-2751 - High (8.3)

Blind SQL Injection via unsanitized array keys in Service Dependencies deletion. Vulnerability in Centreon Centreon Web on Central Server on Linux (Service Dependencies modules) allows Blind SQL Injection.This issue affects Centreon Web on Central...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26861
(8.3 HIGH)

EPSS: 0.02%

updated 2026-03-02T20:30:10.923000

1 posts

CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window.postMessage. The handleCustomHtmlPreviewPostMessageEvent function in src/util/campaignRender/nativeDisplay.js performs insufficient origin validation using the includes() method, which can be bypassed by an attacker using a subdomain

thehackerwire@mastodon.social at 2026-02-28T06:03:18.000Z ##

🟠 CVE-2026-26861 - High (8.3)

CleverTap Web SDK version 1.15.2 and earlier is vulnerable to Cross-Site Scripting (XSS) via window.postMessage. The handleCustomHtmlPreviewPostMessageEvent function in src/util/campaignRender/nativeDisplay.js performs insufficient origin validati...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27836
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-02T20:30:10.923000

1 posts

phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This allows unauthenticated attackers to create unlimited user accounts even when registration is disabled. Version 4.0.18 fixes the issue.

thehackerwire@mastodon.social at 2026-02-28T06:02:59.000Z ##

🟠 CVE-2026-27836 - High (7.5)

phpMyFAQ is an open source FAQ web application. Prior to version 4.0.18, the WebAuthn prepare endpoint (`/api/webauthn/prepare`) creates new active user accounts without any authentication, CSRF protection, captcha, or configuration checks. This a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27939
(8.8 HIGH)

EPSS: 0.01%

updated 2026-03-02T20:30:10.923000

1 posts

Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 and prior to version 6.4.0, Authenticated Control Panel users may under certain conditions obtain elevated privileges without completing the intended verification step. This can allow access to sensitive operations and, depending on the user’s existing permissions, may lead to privilege escalation. Th

thehackerwire@mastodon.social at 2026-02-28T05:51:45.000Z ##

🟠 CVE-2026-27939 - High (8.8)

Statmatic is a Laravel and Git powered content management system (CMS). Starting in version 6.0.0 and prior to version 6.4.0, Authenticated Control Panel users may under certain conditions obtain elevated privileges without completing the intended...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28408
(9.8 CRITICAL)

EPSS: 0.05%

updated 2026-03-02T20:30:10.923000

2 posts

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar_tipo_docs_atendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like Postman or the file's URL on the web to access features exclusive to employees. The vulnerability allow

thehackerwire@mastodon.social at 2026-02-28T05:16:30.000Z ##

🔴 CVE-2026-28408 - Critical (9.8)

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionar_tipo_docs_atendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malic...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-02-28T03:00:26.000Z ##

🔴 CRITICAL: CVE-2026-28408 in WeGIA (<3.6.5) lets unauthenticated attackers inject massive unauthorized data via adicionar_tipo_docs_atendido.php. Upgrade to 3.6.5 ASAP. Monitor & restrict access now. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #WeGIA #CVE202628408

##

CVE-2026-28406
(8.2 HIGH)

EPSS: 0.12%

updated 2026-03-02T20:30:10.923000

1 posts

kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without enforcing that the final path stays within `dest`. A tar entry like `../outside.txt` escapes the extraction root and writes files outside the destinatio

thehackerwire@mastodon.social at 2026-02-28T05:16:20.000Z ##

🟠 CVE-2026-28406 - High (8.2)

kaniko is a tool to build container images from a Dockerfile, inside a container or Kubernetes cluster. Starting in version 1.25.4 and prior to version 1.25.10, kaniko unpacks build context archives using `filepath.Join(dest, cleanedName)` without...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28414
(7.5 HIGH)

EPSS: 0.15%

updated 2026-03-02T20:30:10.923000

1 posts

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitrary files from the file system. Python 3.13+ changed the definition of `os.path.isabs` so that root-relative paths like `/windows/win.ini` on Windows are

thehackerwire@mastodon.social at 2026-02-28T05:01:04.000Z ##

🟠 CVE-2026-28414 - High (7.5)

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.7, Gradio apps running on Window with Python 3.13+ are vulnerable to an absolute path traversal issue that enables unauthenticated attackers to read arbitra...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28426
(8.7 HIGH)

EPSS: 0.03%

updated 2026-03-02T20:30:10.923000

1 posts

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious JavaScript that executes when viewed by higher-privileged users. This has been fixed in 5.73.11 and 6.4.0.

thehackerwire@mastodon.social at 2026-02-28T04:26:02.000Z ##

🟠 CVE-2026-28426 - High (8.7)

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, stored XSS vulnerability in svg and icon related components allow authenticated users with appropriate permissions to inject malicious Jav...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-58107
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base64-encoded password.

1 repos

https://github.com/geo-chen/microsoft

thehackerwire@mastodon.social at 2026-03-02T19:18:26.000Z ##

🟠 CVE-2025-58107 - High (7.5)

In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base6...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:18:26.000Z ##

🟠 CVE-2025-58107 - High (7.5)

In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-mail address, device ID, bearer token, and base6...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21853
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a website. An attacker can trigger the vulnerability in two common scenarios: 1/ A victim visits a malicious website controlled by the attacker and the website r

thehackerwire@mastodon.social at 2026-03-02T19:18:16.000Z ##

🟠 CVE-2026-21853 - High (8.8)

AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a websit...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:18:16.000Z ##

🟠 CVE-2026-21853 - High (8.8)

AFFiNE is an open-source, all-in-one workspace and an operating system. Prior to version 0.25.4, there is a one-click remote code execution vulnerability. This vulnerability can be exploited by embedding a specially crafted affine: URL on a websit...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3180
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cgl_mail’ parameter in all versions up to, and including, 28.1.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthentic

thehackerwire@mastodon.social at 2026-03-02T19:00:00.000Z ##

🟠 CVE-2026-3180 - High (7.5)

The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cgl_mail’ parameter in all versions up to, and including, 28.1....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:00:00.000Z ##

🟠 CVE-2026-3180 - High (7.5)

The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to blind SQL Injection via the ‘cgLostPasswordEmail’ and the ’cgl_mail’ parameter in all versions up to, and including, 28.1....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-47373
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

Memory Corruption when accessing buffers with invalid length during TA invocation.

thehackerwire@mastodon.social at 2026-03-02T18:09:27.000Z ##

🟠 CVE-2025-47373 - High (7.8)

Memory Corruption when accessing buffers with invalid length during TA invocation.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T18:09:27.000Z ##

🟠 CVE-2025-47373 - High (7.8)

Memory Corruption when accessing buffers with invalid length during TA invocation.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-47377
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.

thehackerwire@mastodon.social at 2026-03-02T17:41:52.000Z ##

🟠 CVE-2025-47377 - High (7.8)

Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T17:41:52.000Z ##

🟠 CVE-2025-47377 - High (7.8)

Memory Corruption when accessing a buffer after it has been freed while processing IOCTL calls.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-47381
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

thehackerwire@mastodon.social at 2026-03-02T17:41:42.000Z ##

🟠 CVE-2025-47381 - High (7.8)

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T17:41:42.000Z ##

🟠 CVE-2025-47381 - High (7.8)

Memory Corruption while processing IOCTL calls when concurrent access to shared buffer occurs.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-47386
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.

thehackerwire@mastodon.social at 2026-03-02T17:34:54.000Z ##

🟠 CVE-2025-47386 - High (7.8)

Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T17:34:54.000Z ##

🟠 CVE-2025-47386 - High (7.8)

Memory Corruption while invoking IOCTL calls when concurrent access to shared buffer occurs.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-59600
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

Memory Corruption when adding user-supplied data without checking available buffer space.

thehackerwire@mastodon.social at 2026-03-02T17:19:48.000Z ##

🟠 CVE-2025-59600 - High (7.8)

Memory Corruption when adding user-supplied data without checking available buffer space.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T17:19:48.000Z ##

🟠 CVE-2025-59600 - High (7.8)

Memory Corruption when adding user-supplied data without checking available buffer space.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21385
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

Memory corruption while using alignments for memory allocation.

thehackerwire@mastodon.social at 2026-03-02T17:19:37.000Z ##

🟠 CVE-2026-21385 - High (7.8)

Memory corruption while using alignments for memory allocation.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T17:19:37.000Z ##

🟠 CVE-2026-21385 - High (7.8)

Memory corruption while using alignments for memory allocation.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-52468
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importing user data from CSV files. This flaw occurs due to insufficient sanitization of user data, specifically in the "Last Name", "First Name", and "Username" fields. It allows attackers to inject a stored cross-site scripting (XSS) payload that is triggered when the user profile is

thehackerwire@mastodon.social at 2026-03-02T16:29:39.000Z ##

🟠 CVE-2025-52468 - High (8.8)

Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importing user data from CSV files. This flaw occurs due to insufficient sanitization of user data, specifically in the "Last Name", "...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T16:29:39.000Z ##

🟠 CVE-2025-52468 - High (8.8)

Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importing user data from CSV files. This flaw occurs due to insufficient sanitization of user data, specifically in the "Last Name", "...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28403
(7.6 HIGH)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server (`ws://127.0.0.1:<httpPort+1>`) accepts connections from any origin without validating the HTTP `Origin` header during the WebSocket handshake. A malicious web page visited in the same browser session can silently connect to the local WebSocket server and send arbitrary `DirectorCommand` payloa

thehackerwire@mastodon.social at 2026-03-02T16:27:51.000Z ##

🟠 CVE-2026-28403 - High (7.6)

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server (`ws://127.0.0.1:`) accepts connections from any origin without validating the HTTP `Origin` header during the WebSocket handshake. A maliciou...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T16:27:51.000Z ##

🟠 CVE-2026-28403 - High (7.6)

Textream is a free macOS teleprompter app. Prior to version 1.5.1, the `DirectorServer` WebSocket server (`ws://127.0.0.1:`) accepts connections from any origin without validating the HTTP `Origin` header during the WebSocket handshake. A maliciou...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3432
(0 None)

EPSS: 0.00%

updated 2026-03-02T20:29:29.330000

2 posts

On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endpoint contains a code path that bypasses all authorization checks when provided with `credentialAccountUserId` and `providerId` parameters. An unauthenticated attacker can retrieve OAuth access tokens for any user by supplying their user ID and a provider name, effectively stealing credentials to third-party services.

AAKL at 2026-03-02T15:36:46.889Z ##

New.

Tenable has added three vulnerabilities to its threat advisories:

- Critical: CVE-2026-3432: Sim Studio AI - Unauthenticated OAuth Token Theft tenable.com/security/research/

- Critical: CVE-2026-3431: Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion tenable.com/security/research/

- Medium: CVE-2026-27167: Gradio - Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret tenable.com/security/research/ @tenable

##
AAKL@infosec.exchange at 2026-03-02T15:36:46.000Z ##

New.

Tenable has added three vulnerabilities to its threat advisories:

- Critical: CVE-2026-3432: Sim Studio AI - Unauthenticated OAuth Token Theft tenable.com/security/research/

- Critical: CVE-2026-3431: Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion tenable.com/security/research/

- Medium: CVE-2026-27167: Gradio - Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret tenable.com/security/research/ @tenable #vulnerability #infosec

##

CVE-2026-2999
(9.8 CRITICAL)

EPSS: 0.10%

updated 2026-03-02T20:29:29.330000

1 posts

IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary executable files from a remote source and execute them.

thehackerwire@mastodon.social at 2026-03-02T07:22:27.000Z ##

🔴 CVE-2026-2999 - Critical (9.8)

IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary executable files from a remote source and execute them.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21660
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-02T18:32:46

2 posts

Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential misuse or system compromise This issue affects Frick Controls Quantum HD version 10.22 and prior.

thehackerwire@mastodon.social at 2026-03-02T19:01:17.000Z ##

🔴 CVE-2026-21660 - Critical (9.8)

Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:01:17.000Z ##

🔴 CVE-2026-21660 - Critical (9.8)

Hardcoded Email Credentials Saved as Plaintext in Firmware (CWE-256: Plaintext Storage of a Password) vulnerability in Frick Controls Quantum HD version 10.22 and prior lead to unauthorized access, exposure of sensitive information, and potential...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3132
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T18:31:52

2 posts

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMA_Widget_Admin::render_preview'. This is due to missing capability check. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute code on the server.

thehackerwire@mastodon.social at 2026-03-02T19:00:12.000Z ##

🟠 CVE-2026-3132 - High (8.8)

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMA_Widget_Admin::render_preview'. This is due to missing capability check. This makes it po...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:00:12.000Z ##

🟠 CVE-2026-3132 - High (8.8)

The Master Addons for Elementor Premium plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.3 via the 'JLTMA_Widget_Admin::render_preview'. This is due to missing capability check. This makes it po...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-59603
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T18:31:52

2 posts

Memory Corruption when processing invalid user address with nonstandard buffer address.

thehackerwire@mastodon.social at 2026-03-02T17:34:35.000Z ##

🟠 CVE-2025-59603 - High (7.8)

Memory Corruption when processing invalid user address with nonstandard buffer address.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T17:34:35.000Z ##

🟠 CVE-2025-59603 - High (7.8)

Memory Corruption when processing invalid user address with nonstandard buffer address.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26720
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-03-02T18:31:51

4 posts

An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute arbitrary code via the local.driver.ts module.

1 repos

https://github.com/dillonkirsch/CVE-2026-26720-Twenty-RCE

thehackerwire@mastodon.social at 2026-03-02T19:12:48.000Z ##

🔴 CVE-2026-26720 - Critical (9.8)

An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute arbitrary code via the local.driver.ts module.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:00:32.000Z ##

🔴 CVE-2026-26720 - Critical (9.8)

An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute arbitrary code via the local.driver.ts module.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:12:48.000Z ##

🔴 CVE-2026-26720 - Critical (9.8)

An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute arbitrary code via the local.driver.ts module.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:00:32.000Z ##

🔴 CVE-2026-26720 - Critical (9.8)

An issue in Twenty CRM v1.15.0 and before allows a remote attacker to execute arbitrary code via the local.driver.ts module.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-47376
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T18:31:51

2 posts

Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.

thehackerwire@mastodon.social at 2026-03-02T18:09:17.000Z ##

🟠 CVE-2025-47376 - High (7.8)

Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T18:09:17.000Z ##

🟠 CVE-2025-47376 - High (7.8)

Memory Corruption when concurrent access to shared buffer occurs during IOCTL calls.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24110
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-03-02T18:31:45

4 posts

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send overly long `addDhcpRules` data. When these rules enter the `addDhcpRule` function and are processed by `ret = sscanf(pRule, " %d\t%[^\t]\t%[^\n\r\t]", &dhcpsIndex, dhcpsIP, dhcpsMac);`, the lack of size validation for the rules could lead to buffer overflows in `dhcpsIndex`, `dhcpsIP`, and `dhcpsMac`.

thehackerwire@mastodon.social at 2026-03-02T19:13:05.000Z ##

🔴 CVE-2026-24110 - Critical (9.8)

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send overly long `addDhcpRules` data. When these rules enter the `addDhcpRule` function and are processed by `ret = sscanf(pRule, " %d\t%[^\t]\t%[^\n\r\t]", &dhcpsIndex, dhcpsI...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:00:50.000Z ##

🔴 CVE-2026-24110 - Critical (9.8)

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send overly long `addDhcpRules` data. When these rules enter the `addDhcpRule` function and are processed by `ret = sscanf(pRule, " %d\t%[^\t]\t%[^\n\r\t]", &dhcpsIndex, dhcpsI...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:13:05.000Z ##

🔴 CVE-2026-24110 - Critical (9.8)

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send overly long `addDhcpRules` data. When these rules enter the `addDhcpRule` function and are processed by `ret = sscanf(pRule, " %d\t%[^\t]\t%[^\n\r\t]", &dhcpsIndex, dhcpsI...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:00:50.000Z ##

🔴 CVE-2026-24110 - Critical (9.8)

An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may send overly long `addDhcpRules` data. When these rules enter the `addDhcpRule` function and are processed by `ret = sscanf(pRule, " %d\t%[^\t]\t%[^\n\r\t]", &dhcpsIndex, dhcpsI...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-47375
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T18:31:45

2 posts

Memory corruption while handling different IOCTL calls from the user-space simultaneously.

thehackerwire@mastodon.social at 2026-03-02T18:09:07.000Z ##

🟠 CVE-2025-47375 - High (7.8)

Memory corruption while handling different IOCTL calls from the user-space simultaneously.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T18:09:07.000Z ##

🟠 CVE-2025-47375 - High (7.8)

Memory corruption while handling different IOCTL calls from the user-space simultaneously.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-47379
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T18:31:45

2 posts

Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.

thehackerwire@mastodon.social at 2026-03-02T17:42:01.000Z ##

🟠 CVE-2025-47379 - High (7.8)

Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T17:42:01.000Z ##

🟠 CVE-2025-47379 - High (7.8)

Memory Corruption when concurrent access to shared buffer occurs due to improper synchronization between assignment and deallocation of buffer resources.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-47385
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-02T18:31:45

2 posts

Memory Corruption when accessing trusted execution environment without proper privilege check.

thehackerwire@mastodon.social at 2026-03-02T17:34:45.000Z ##

🟠 CVE-2025-47385 - High (7.8)

Memory Corruption when accessing trusted execution environment without proper privilege check.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T17:34:45.000Z ##

🟠 CVE-2025-47385 - High (7.8)

Memory Corruption when accessing trusted execution environment without proper privilege check.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20781
(9.4 CRITICAL)

EPSS: 0.13%

updated 2026-03-02T18:31:44.237000

1 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required,

thehackerwire@mastodon.social at 2026-02-27T07:02:58.000Z ##

🔴 CVE-2026-20781 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24101
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-03-02T18:31:44

4 posts

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a command injection vulnerability.

thehackerwire@mastodon.social at 2026-03-02T19:12:57.000Z ##

🔴 CVE-2026-24101 - Critical (9.8)

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a comm...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:00:41.000Z ##

🔴 CVE-2026-24101 - Critical (9.8)

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a comm...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:12:57.000Z ##

🔴 CVE-2026-24101 - Critical (9.8)

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a comm...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:00:41.000Z ##

🔴 CVE-2026-24101 - Critical (9.8)

An issue was discovered in goform/formSetIptv in Tenda AC15V1.0 V15.03.05.18_multi. When the condition is met, `s1_1` will be passed into sub_B0488, concatenated into `doSystemCmd`. The value of s1_1 is not validated, potentially leading to a comm...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21657
(9.8 CRITICAL)

EPSS: 0.08%

updated 2026-03-02T18:31:41

2 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication occurs.This issue affects Frick Controls Quantum HD version 10.22 and prior.

thehackerwire@mastodon.social at 2026-03-02T19:56:54.000Z ##

🔴 CVE-2026-21657 - Critical (9.8)

Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:56:54.000Z ##

🔴 CVE-2026-21657 - Critical (9.8)

Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21656
(9.8 CRITICAL)

EPSS: 0.08%

updated 2026-03-02T18:31:41

2 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication occurs.This issue affects Frick Controls Quantum HD version 10.22 and prior.

thehackerwire@mastodon.social at 2026-03-02T19:56:45.000Z ##

🔴 CVE-2026-21656 - Critical (9.8)

Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:56:45.000Z ##

🔴 CVE-2026-21656 - Critical (9.8)

Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20792
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-02T18:31:26.967000

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or misrouting legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-02-27T07:00:50.000Z ##

🟠 CVE-2026-20792 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or misrouting legitimate charge...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27767
(9.4 CRITICAL)

EPSS: 0.13%

updated 2026-03-02T18:27:43.510000

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required,

beyondmachines1@infosec.exchange at 2026-02-27T13:01:11.000Z ##

Critical Vulnerabilities in SWITCH EV Charging Platform Allow Station Impersonation

SWITCH EV's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27767), that allow attackers to impersonate charging stations and hijack sessions.

**Make sure your SWITCH EV station management is isolated from the internet and behind a firewall or VPN. Since the vendor has not released a patch that's your only defense until the vendor does something or you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
thehackerwire@mastodon.social at 2026-02-27T06:21:19.000Z ##

🔴 CVE-2026-27767 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21654
(9.8 CRITICAL)

EPSS: 0.45%

updated 2026-03-02T18:25:01.993000

2 posts

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication occurs.This issue affects Frick Controls Quantum HD version 10.22

thehackerwire@mastodon.social at 2026-03-02T19:01:27.000Z ##

🔴 CVE-2026-21654 - Critical (9.8)

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:01:27.000Z ##

🔴 CVE-2026-21654 - Critical (9.8)

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows OS Command Injection. Insufficient validation of input in certain parameters may permit ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21658
(9.8 CRITICAL)

EPSS: 0.59%

updated 2026-03-02T18:24:25.517000

3 posts

Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permit unexpected actions, which could impact the security of the device before authentication occurs.This issue affects Frick Controls Quantum HD version 10.

thehackerwire@mastodon.social at 2026-03-02T19:57:04.000Z ##

🔴 CVE-2026-21658 - Critical (9.8)

Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:57:04.000Z ##

🔴 CVE-2026-21658 - Critical (9.8)

Unauthenticated Remote Code Execution i.e Improper Control of Generation of Code ('Code Injection') vulnerability in Johnson Controls Frick Controls Quantum HD allows Code Injection. Insufficient validation of input in certain parameters may permi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-21659
(9.8 CRITICAL)

EPSS: 0.52%

updated 2026-03-02T18:23:49.030000

2 posts

Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to execute arbitrary code on the affected device, leading to full system compromise. This issue affects Frick Controls Quantum HD: Frick Controls Quantum HD version 10.22 and prior.

thehackerwire@mastodon.social at 2026-03-02T19:01:07.000Z ##

🔴 CVE-2026-21659 - Critical (9.8)

Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to
execute arbitrary code on the affected device, lea...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T19:01:07.000Z ##

🔴 CVE-2026-21659 - Critical (9.8)

Unauthenticated Remote Code Execution and Information Disclosure due to Local File Inclusion (LFI) vulnerability in Johnson Controls Frick Controls Quantum HD allow an unauthenticated attacker to
execute arbitrary code on the affected device, lea...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27772
(9.4 CRITICAL)

EPSS: 0.13%

updated 2026-03-02T15:46:42.537000

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required,

beyondmachines1@infosec.exchange at 2026-02-27T11:01:19.000Z ##

Multiple Vulnerabilities Reported in EV Energy Charging Platform

EV Energy's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27772), that allow attackers to hijack electric vehicle charging stations and disrupt energy infrastructure.

**Make sure to isolate EV Energy systems from the public internet and use a VPN for any required remote management. Since the vendor hasn't released a patch, this is your only defense until you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
thehackerwire@mastodon.social at 2026-02-27T06:21:29.000Z ##

🔴 CVE-2026-27772 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3431
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-03-02T15:31:31

3 posts

On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrictions. An attacker can leverage these endpoints to connect to any reachable MongoDB instance and perform unauthorized operations including reading, modifying, and deleting data.

AAKL at 2026-03-02T15:36:46.889Z ##

New.

Tenable has added three vulnerabilities to its threat advisories:

- Critical: CVE-2026-3432: Sim Studio AI - Unauthenticated OAuth Token Theft tenable.com/security/research/

- Critical: CVE-2026-3431: Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion tenable.com/security/research/

- Medium: CVE-2026-27167: Gradio - Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret tenable.com/security/research/ @tenable

##
AAKL@infosec.exchange at 2026-03-02T15:36:46.000Z ##

New.

Tenable has added three vulnerabilities to its threat advisories:

- Critical: CVE-2026-3432: Sim Studio AI - Unauthenticated OAuth Token Theft tenable.com/security/research/

- Critical: CVE-2026-3431: Sim Studio AI - MongoDB SSRF and Arbitrary Document Deletion tenable.com/security/research/

- Medium: CVE-2026-27167: Gradio - Mocked OAuth Login Exposes Server Credentials and Uses Hardcoded Session Secret tenable.com/security/research/ @tenable #vulnerability #infosec

##
thehackerwire@mastodon.social at 2026-03-02T13:17:11.000Z ##

🔴 CVE-2026-3431 - Critical (9.8)

On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrictions. An attacker can leverage these endpoints to connect to any reachable MongoDB insta...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20430
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-02T15:31:24

1 posts

In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00467553; Issue ID: MSV-5151.

thehackerwire@mastodon.social at 2026-03-02T14:40:44.000Z ##

🟠 CVE-2026-20430 - High (8.8)

In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges needed. User interaction is not needed for explo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27942(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-03-02T15:10:06

1 posts

### Impact Application crashes with stack overflow when user use XML builder with `prserveOrder:true` for following or similar input: ``` [{ 'foo': [ { 'bar': [{ '@_V': 'baz' }] } ] }] ``` Cause: `arrToStr` was not validating if the input is an array or a string and treating all non-array values as text content. _What kind of vulnerability is it? Who is impacted?_ ### Patches Ye

thehackerwire@mastodon.social at 2026-02-28T13:00:48.000Z ##

🟠 CVE-2026-27942 - High (7.5)

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with `pr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2584(CVSS UNKNOWN)

EPSS: 0.30%

updated 2026-03-02T09:30:37

1 posts

A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially crafted SQL queries through the login interface. Due to low attack complexity (AC:L) and the absence of specific requirements (AT:N), the vulnerability allows for a total compromise of the system's c

offseq@infosec.exchange at 2026-03-02T10:30:29.000Z ##

🚨 CRITICAL: CVE-2026-2584 in Ciser CSIP firmware 3.0 – 5.1 enables unauthenticated SQL injection via login interface. Config data at risk — patch not yet released. Restrict access & monitor now. radar.offseq.com/threat/cve-20 #OffSeq #CVE20262584 #SQLi #FirmwareSecurity

##

CVE-2026-3000
(9.8 CRITICAL)

EPSS: 0.10%

updated 2026-03-02T09:30:37

2 posts

IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary DLL files from a remote source and execute them.

offseq@infosec.exchange at 2026-03-02T09:00:30.000Z ##

🚨 CVE-2026-3000 (CRITICAL): IDExpert Windows Logon Agent v2.7.3.230719 allows unauthenticated remote code execution via malicious DLL download. Disable agent, monitor for unusual activity, restrict outbound traffic. radar.offseq.com/threat/cve-20 #OffSeq #Cybersecurity #RCE #CVE

##
thehackerwire@mastodon.social at 2026-03-02T07:22:09.000Z ##

🔴 CVE-2026-3000 - Critical (9.8)

IDExpert Windows Logon Agent developed by Changing has a Remote Code Execution vulnerability, allowing unauthenticated remote attackers to force the system to download arbitrary DLL files from a remote source and execute them.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3422
(9.8 CRITICAL)

EPSS: 0.40%

updated 2026-03-02T09:30:31

2 posts

U-Office Force developed by e-Excellence has a Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized content.

offseq@infosec.exchange at 2026-03-02T07:30:28.000Z ##

🚨 CRITICAL: CVE-2026-3422 in e-Excellence U-Office Force enables unauthenticated remote code execution via insecure deserialization (CWE-502). No patch — restrict access, monitor traffic, use WAF/RASP. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Infosec #CVE20263422

##
thehackerwire@mastodon.social at 2026-03-02T07:22:17.000Z ##

🔴 CVE-2026-3422 - Critical (9.8)

U-Office Force developed by e-Excellence has a Insecure Deserialization vulnerability, allowing unauthenticated remote attackers to execute arbitrary code on the server by sending maliciously crafted serialized content.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3412
(4.3 MEDIUM)

EPSS: 0.03%

updated 2026-03-02T06:32:05

1 posts

A vulnerability was detected in itsourcecode University Management System 1.0. This affects an unknown part of the file /att_single_view.php. The manipulation of the argument dt results in cross site scripting. The attack can be executed remotely. The exploit is now public and may be used.

offseq@infosec.exchange at 2026-03-02T06:00:29.000Z ##

CVE-2026-3412: Medium XSS in itsourcecode University Management System v1.0. 'dt' param in /att_single_view.php is vulnerable. Public exploit available — patch or mitigate to prevent session hijack & data theft. Details: radar.offseq.com/threat/cve-20 #OffSeq #XSS #Vuln

##

CVE-2026-3399
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-02T00:30:29

2 posts

A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. The manipulation of the argument dips leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.

offseq@infosec.exchange at 2026-03-02T01:30:29.000Z ##

🚨 HIGH severity: CVE-2026-3399 impacts Tenda F453 (v1.0.0.3) via buffer overflow in httpd's fromGstDhcpSetSer. Remotely exploitable, public exploit available. Patch or mitigate now to prevent device takeover! radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Infosec #Router

##
thehackerwire@mastodon.social at 2026-03-01T23:19:42.000Z ##

🟠 CVE-2026-3399 - High (8.8)

A vulnerability was identified in Tenda F453 1.0.0.3. Affected by this vulnerability is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. The manipulation of the argument dips leads to buffer overflow. The at...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3400
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-02T00:30:19

2 posts

A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-03-02T00:21:00.000Z ##

🟠 CVE-2026-3400 - High (8.8)

A security flaw has been discovered in Tenda AC15 up to 15.13.07.13. Affected by this issue is some unknown functionality of the file /goform/TextEditingConversion. The manipulation of the argument wpapsk_crypto2_4g results in stack-based buffer o...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-03-02T00:00:39.000Z ##

🛡️ CVE-2026-3400 (HIGH, CVSS 8.7): Stack-based buffer overflow in Tenda AC15 routers (≤v15.13.07.13) allows unauthenticated remote code execution. PoC code is public. Restrict access & monitor for patches! radar.offseq.com/threat/cve-20 #OffSeq #Infosec #CVE #Vulnerability

##

CVE-2026-3378
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-01T03:30:24

2 posts

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used.

offseq@infosec.exchange at 2026-03-01T06:00:32.000Z ##

🔥 CVE-2026-3378 (HIGH, CVSS 8.7): Buffer overflow in Tenda F453 (FW 1.0.0.3) lets remote attackers execute code or cause DoS — no authentication needed. PoC exploit published. Patch or restrict access now! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Tenda #RouterSecurity

##
thehackerwire@mastodon.social at 2026-03-01T04:26:47.000Z ##

🟠 CVE-2026-3378 - High (8.8)

A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has be...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28425
(8.0 HIGH)

EPSS: 0.14%

updated 2026-03-01T01:30:56

1 posts

### Impact An authenticated control panel user with access to Antlers-enabled inputs may be able to achieve remote code execution in the application context. That can lead to full compromise of the application, including access to sensitive configuration, modification or exfiltration of data, and potential impact on availability. Exploitation is only possible where Antlers runs on user-controlled

thehackerwire@mastodon.social at 2026-02-28T04:25:52.000Z ##

🟠 CVE-2026-28425 - High (8)

Statmatic is a Laravel and Git powered content management system (CMS). Prior to versions 5.73.11 and 6.4.0, an authenticated control panel user with access to Antlers-enabled inputs may be able to achieve remote code execution in the application ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28416
(8.2 HIGH)

EPSS: 0.03%

updated 2026-03-01T01:29:34

1 posts

### Summary A Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a malicious Gradio Space. When a victim application uses `gr.load()` to load an attacker-controlled Space, the malicious `proxy_url` from the config is trusted and added to the allowlist, enabling the attacker to access internal services, cl

thehackerwire@mastodon.social at 2026-02-28T05:01:14.000Z ##

🟠 CVE-2026-28416 - High (8.2)

Gradio is an open-source Python package designed for quick prototyping. Prior to version 6.6.0, a Server-Side Request Forgery (SSRF) vulnerability in Gradio allows an attacker to make arbitrary HTTP requests from a victim's server by hosting a mal...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26862
(8.3 HIGH)

EPSS: 0.01%

updated 2026-03-01T01:26:40

1 posts

CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessage in the Visual Builder module. The origin validation in src/modules/visualBuilder/pageBuilder.js (lines 56-60) uses the includes() method to verify the originUrl contains "dashboard.clevertap.com", which can be bypassed by an attacker using a crafted subdomain.

thehackerwire@mastodon.social at 2026-02-28T06:59:53.000Z ##

🟠 CVE-2026-26862 - High (8.3)

CleverTap Web SDK version 1.15.2 and earlier is vulnerable to DOM-based Cross-Site Scripting (XSS) via window.postMessage in the Visual Builder module. The origin validation in src/modules/visualBuilder/pageBuilder.js (lines 56-60) uses the includ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2844(CVSS UNKNOWN)

EPSS: 0.07%

updated 2026-02-28T12:30:25

1 posts

Missing Authentication for Critical Function vulnerability in Microchip TimePictra allows Configuration/Environment Manipulation.This issue affects TimePictra: from 11.0 through 11.3 SP2.

offseq@infosec.exchange at 2026-03-01T01:30:27.000Z ##

⚠️ CRITICAL vuln in Microchip TimePictra (11.0 – 11.3 SP2): CVE-2026-2844 lets remote, unauthenticated attackers manipulate configs. No patch yet — restrict access & monitor logs! radar.offseq.com/threat/cve-20 #OffSeq #TimePictra #Vulnerability #OTSecurity

##

CVE-2026-3010(CVSS UNKNOWN)

EPSS: 0.05%

updated 2026-02-28T12:30:25

1 posts

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Microchip TimePictra allows Query System for Information.This issue affects TimePictra: from 11.0 through 11.3 SP2.

offseq@infosec.exchange at 2026-03-01T00:00:38.000Z ##

🚨 CVE-2026-3010: CRITICAL XSS in Microchip TimePictra v11.0 – 11.3 SP2. Remote, unauthenticated attackers can inject scripts via web UI. Restrict access, enable WAF, monitor logs. Patch awaited. Full info: radar.offseq.com/threat/cve-20 #OffSeq #XSS #ICS #Vuln

##

CVE-2025-13673
(7.5 HIGH)

EPSS: 0.06%

updated 2026-02-28T09:30:14

1 posts

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'coupon_code' parameter in all versions up to, and including, 3.9.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into alrea

thehackerwire@mastodon.social at 2026-02-28T08:18:13.000Z ##

🟠 CVE-2025-13673 - High (7.5)

The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to SQL Injection via the 'coupon_code' parameter in all versions up to, and including, 3.9.6 due to insufficient escaping on the user supplied parameter and ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28370
(9.1 CRITICAL)

EPSS: 0.08%

updated 2026-02-28T02:24:33

2 posts

In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unauthorized access to the host and further compromise of the Vitrage service. All deployments exposing the Vitrage API are affected. This occurs in _create_

offseq@infosec.exchange at 2026-02-27T07:30:29.000Z ##

⚠️ CRITICAL: CVE-2026-28370 in OpenStack Vitrage (CVSS 9.1) enables authenticated RCE via eval injection in query parser. Upgrade to fixed versions, restrict API access, and monitor logs. Affects 0, 13.0.0, 14.0.0, 15.0.0. Details: radar.offseq.com/threat/cve-20 #OffSeq #OpenStack #Vuln

##
thehackerwire@mastodon.social at 2026-02-27T05:20:14.000Z ##

🔴 CVE-2026-28370 - Critical (9.1)

In the query parser in OpenStack Vitrage before 12.0.1, 13.0.0, 14.0.0, and 15.0.0, a user allowed to access the Vitrage API may trigger code execution on the Vitrage service host as the user the Vitrage service runs under. This may result in unau...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28363
(10.0 CRITICAL)

EPSS: 0.09%

updated 2026-02-28T02:17:26

1 posts

In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free execution paths that were intended to require approval. Only an exact string such as --compress-program was denied.

0x3e4@cyberplace.social at 2026-02-27T09:10:57.000Z ##

another day another critical vulnerability in openclaw 🥲🤡

"In OpenClaw before 2026.2.23, tools.exec.safeBins validation for sort could be bypassed via GNU long-option abbreviations (such as --compress-prog) in allowlist mode, leading to approval-free execution paths that were intended to require approval."

🔐 CVE-2026-28363

📊 CVSS: 9.9 · Critical
📅 02/27/2026, 04:16 AM
🛡️ CWE: CWE-184
📦 Affected: OpenClaw OpenClaw (< 2026.2.23)

🔗 hecate.pw/vulnerability/CVE-20

#cve #vulnerability #hecate

##

CVE-2026-28268
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-02-28T01:59:29

2 posts

**Summary** A critical business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a failure to invalidate tokens upon use and a critical logic bug in the token cleanup cron job, reset tokens remain valid forever. This allows an attacker who intercepts a single reset token (via logs, browser history, or phi

thehackerwire@mastodon.social at 2026-02-28T05:51:55.000Z ##

🔴 CVE-2026-28268 - Critical (9.8)

Vikunja is an open-source self-hosted task management platform. Versions prior to 2.1.0 have a business logic vulnerability exists in the password reset mechanism of vikunja/api that allows password reset tokens to be reused indefinitely. Due to a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-02-28T04:30:27.000Z ##

🚨 CRITICAL vuln in go-vikunja vikunja (<2.1.0): Password reset tokens never expire due to logic flaw, enabling persistent account takeover. Patch to v2.1.0+ now! CVE-2026-28268 radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Security #FOSS

##

CVE-2026-28213
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-02-28T01:18:18.080000

1 posts

EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attacker to take over the associated account. Version 2.1.1 fixes the issue.

thehackerwire@mastodon.social at 2026-02-28T09:01:01.000Z ##

🔴 CVE-2026-28213 - Critical (9.8)

EverShop is a TypeScript-first eCommerce platform. Versions prior to 2.1.1 have a vulnerability in the "Forgot Password" functionality. When specifying a target email address, the API response returns the password reset token. This allows an attac...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-11252
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-02-28T01:09:31.663000

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

thehackerwire@mastodon.social at 2026-02-28T07:59:59.000Z ##

🔴 CVE-2025-11252 - Critical (9.8)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Signum Technology Promotion and Training Inc. Windesk.Fm allows SQL Injection.This issue affects windesk.Fm: through 27022026.

NOTE: The vendor ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27630
(7.5 HIGH)

EPSS: 0.10%

updated 2026-02-28T01:01:22.727000

1 posts

TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service (DoS) attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforcing a maximum concurrency limit or an appropriate request timeout. An unauthenticated remote attacker can exhaust server concurrency limits and memory by

thehackerwire@mastodon.social at 2026-03-01T05:01:38.000Z ##

🟠 CVE-2026-27630 - High (7.5)

TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 are vulnerable to a Denial of Service (DoS) attack known as Slowloris. The server spawns a new OS thread for every incoming connection without enforc...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20902
(8.0 HIGH)

EPSS: 0.20%

updated 2026-02-27T23:13:13.603000

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the map filename field during the map upload action of the parameters route.

thehackerwire@mastodon.social at 2026-02-27T06:19:26.000Z ##

🟠 CVE-2026-20902 - High (8)

An OS command injection

vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the map filename field during the map
upl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21718
(10.0 CRITICAL)

EPSS: 0.07%

updated 2026-02-27T23:11:48.947000

1 posts

An authentication bypass vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, enabling any attackers to bypass the authentication requirement and achieve pre-authenticated code execution on the system.

thehackerwire@mastodon.social at 2026-02-27T05:36:39.000Z ##

🔴 CVE-2026-21718 - Critical (10)

An authentication bypass vulnerability exists in Copeland XWEB Pro
version 1.12.1 and prior, enabling any attackers to bypass the
authentication requirement and achieve pre-authenticated code execution
on the system.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2597
(7.5 HIGH)

EPSS: 0.04%

updated 2026-02-27T21:32:27

1 posts

Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes(). The function does not validate that the length parameter is non-negative. If a negative value (e.g. -1) is supplied, the expression length + 1u causes an integer wraparound, resulting in a zero-byte allocation. The subsequent call to chosen random function (e.g. getrandom

thehackerwire@mastodon.social at 2026-02-28T08:19:59.000Z ##

🟠 CVE-2026-2597 - High (7.5)

Crypt::SysRandom::XS versions before 0.010 for Perl is vulnerable to a heap buffer overflow in the XS function random_bytes().

The function does not validate that the length parameter is non-negative. If a negative value (e.g. -1) is supplied, th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-69437
(8.7 HIGH)

EPSS: 0.04%

updated 2026-02-27T21:32:27

1 posts

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system and views it, the embedded JavaScript payload can be triggered, resulting in issues such as credential theft, arbitrary API execution, and other securit

thehackerwire@mastodon.social at 2026-02-28T07:00:13.000Z ##

🟠 CVE-2025-69437 - High (8.7)

PublicCMS v5.202506.d and earlier is vulnerable to stored XSS. Uploaded PDFs can contain JavaScript payloads and bypass PDF security checks in the backend CmsFileUtils.java. If a user uploads a PDF file containing a malicious payload to the system...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27141
(7.5 HIGH)

EPSS: 0.05%

updated 2026-02-27T21:32:22

1 posts

Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic

thehackerwire@mastodon.social at 2026-02-28T10:09:58.000Z ##

🟠 CVE-2026-27141 - High (7.5)

Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running server to panic

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27755
(9.8 CRITICAL)

EPSS: 0.11%

updated 2026-02-27T21:31:26

2 posts

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess valid credentials can calculate the session identifier offline and bypass authentication without completing the login flow, gaining unauthorized access to t

offseq@infosec.exchange at 2026-02-28T07:30:26.000Z ##

🚨 CRITICAL: CVE-2026-27755 in SODOLA SL902-SWTGW124AS (≤200.1.20) lets attackers forge MD5-based session IDs, bypassing auth remotely. No patch yet — segment, restrict, monitor! radar.offseq.com/threat/cve-20 #OffSeq #CVE202627755 #IoTSecurity #Infosec

##
thehackerwire@mastodon.social at 2026-02-28T06:03:08.000Z ##

🔴 CVE-2026-27755 - Critical (9.8)

SODOLA SL902-SWTGW124AS firmware versions through 200.1.20 contain a weak session identifier generation vulnerability that allows attackers to forge authenticated sessions by computing predictable MD5-based cookies. Attackers who know or guess val...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22206
(8.8 HIGH)

EPSS: 0.14%

updated 2026-02-27T21:31:21

1 posts

SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Attackers can exploit this SQL injection flaw combined with PHP tag processing to achieve remote code execution on the server.

thehackerwire@mastodon.social at 2026-02-28T10:01:09.000Z ##

🟠 CVE-2026-22206 - High (8.8)

SPIP versions prior to 4.4.10 contain a SQL injection vulnerability that allows authenticated low-privilege users to execute arbitrary SQL queries by manipulating union-based injection techniques. Attackers can exploit this SQL injection flaw comb...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22205
(7.5 HIGH)

EPSS: 0.23%

updated 2026-02-27T21:31:21

1 posts

SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to bypass login verification and retrieve sensitive internal data.

thehackerwire@mastodon.social at 2026-02-28T10:00:58.000Z ##

🟠 CVE-2026-22205 - High (7.5)

SPIP versions prior to 4.4.10 contain an authentication bypass vulnerability caused by PHP type juggling that allows unauthenticated attackers to access protected information. Attackers can exploit loose type comparisons in authentication logic to...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26222
(9.8 CRITICAL)

EPSS: 1.02%

updated 2026-02-27T20:05:06.970000

1 posts

Altec DocLink (now maintained by Beyond Limits Inc.) version 4.0.336.0 exposes insecure .NET Remoting endpoints over TCP and HTTP/SOAP via Altec.RDCHostService.exe using the ObjectURI "doclinkServer.soap". The service does not require authentication and is vulnerable to unsafe object unmarshalling, allowing remote attackers to read arbitrary files from the underlying system by specifying local fil

secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-27510
(9.6 CRITICAL)

EPSS: 0.08%

updated 2026-02-27T19:16:08.767000

4 posts

Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The Android application stores programs in a local SQLite database (unitree_go2.db, table dog_programme) and transmits the programme_text content, including

cyberveille@mastobot.ping.moi at 2026-03-02T23:00:11.000Z ##

📢 Robots Unitree Go2 : deux failles RCE (CVE-2026-27509, CVE-2026-27510) via DDS et base Android
📝 Selon un billet technique publié par Olivier Laflamme (26 février 2026), deux vulnérabilités critiques de type RCE affectent les robots Uni...
📖 cyberveille : cyberveille.ch/posts/2026-03-0
🌐 source : boschko.ca/unitree-go2-rce/
#CVE_2026_27509 #CVE_2026_27510 #Cyberveille

##
sambowne at 2026-03-02T21:14:20.433Z ##

From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) boschko.ca/unitree-go2-rce/

##
sambowne@infosec.exchange at 2026-03-02T21:14:20.000Z ##

From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) boschko.ca/unitree-go2-rce/

##
thehackerwire@mastodon.social at 2026-02-28T10:10:42.000Z ##

🔴 CVE-2026-27510 - Critical (9.6)

Unitree Go2 firmware versions 1.1.7 through 1.1.11, when used with the Unitree Go2 Android application (com.unitree.doggo2), are vulnerable to remote code execution due to missing integrity protection and validation of user-created programmes. The...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27509
(8.0 HIGH)

EPSS: 0.03%

updated 2026-02-27T19:16:08.547000

4 posts

Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publish a crafted message (api_id=1002) containing arbitrary Python, which the robot writes to disk under

cyberveille@mastobot.ping.moi at 2026-03-02T23:00:11.000Z ##

📢 Robots Unitree Go2 : deux failles RCE (CVE-2026-27509, CVE-2026-27510) via DDS et base Android
📝 Selon un billet technique publié par Olivier Laflamme (26 février 2026), deux vulnérabilités critiques de type RCE affectent les robots Uni...
📖 cyberveille : cyberveille.ch/posts/2026-03-0
🌐 source : boschko.ca/unitree-go2-rce/
#CVE_2026_27509 #CVE_2026_27510 #Cyberveille

##
sambowne at 2026-03-02T21:14:20.433Z ##

From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) boschko.ca/unitree-go2-rce/

##
sambowne@infosec.exchange at 2026-03-02T21:14:20.000Z ##

From DDS Packets to Robot Shells: Two RCEs in Unitree Robots (CVE-2026-27509 & CVE-2026-27510) boschko.ca/unitree-go2-rce/

##
thehackerwire@mastodon.social at 2026-02-28T10:10:08.000Z ##

🟠 CVE-2026-27509 - High (8)

Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, una...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-40932
(8.2 HIGH)

EPSS: 0.03%

updated 2026-02-27T19:16:04.780000

1 posts

Apache::SessionX versions through 2.01 for Perl create insecure session id. Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand() function, the epoch time, and the PID. The PID will come from a small set of numbers, and the epoch time may be guessed, if it is not leaked from the HTT

thehackerwire@mastodon.social at 2026-02-28T09:00:51.000Z ##

🟠 CVE-2025-40932 - High (8.2)

Apache::SessionX versions through 2.01 for Perl create insecure session id.

Apache::SessionX generates session ids insecurely. The default session id generator in Apache::SessionX::Generate::MD5 returns a MD5 hash seeded with the built-in rand() ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26986
(7.5 HIGH)

EPSS: 0.05%

updated 2026-02-27T19:11:09.313000

1 posts

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on title allocation failure without first removing the entry from the `railWindows` hash table, leaving a dangling pointer that is freed again on disconnect. Ve

thehackerwire@mastodon.social at 2026-03-01T06:00:03.000Z ##

🟠 CVE-2026-26986 - High (7.5)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `rail_window_free` dereferences a freed `xfAppWindow` pointer during `HashTable_Free` cleanup because `xf_rail_window_common` calls `free(appWindow)` on titl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27950
(7.5 HIGH)

EPSS: 0.08%

updated 2026-02-27T19:10:21.367000

1 posts

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the SDL2 implementation, the fix appears to have been applied only to the SDL3 code path. In the SDL2 implementation, the pointer is not nulled after free. Th

thehackerwire@mastodon.social at 2026-03-01T05:59:53.000Z ##

🟠 CVE-2026-27950 - High (7.5)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the S...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28274
(8.7 HIGH)

EPSS: 0.07%

updated 2026-02-27T19:07:37.763000

1 posts

Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting (XSS) in the document upload functionality. Any user with upload permissions within the "Initiatives" section can upload a malicious `.html` or `.htm` file as a document. Because the uploaded HTML file is served under the application's origin without pr

thehackerwire@mastodon.social at 2026-02-27T07:03:07.000Z ##

🟠 CVE-2026-28274 - High (8.7)

Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 are vulnerable to Stored Cross-Site Scripting (XSS) in the document upload functionality. Any user with upload permissions within the "Initiatives...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28276
(7.5 HIGH)

EPSS: 0.11%

updated 2026-02-27T19:06:01.180000

1 posts

Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or authorization checks. Any uploaded file can be accessed directly via its URL by unauthenticated users (e.g., in an incognito browser session), leading t

thehackerwire@mastodon.social at 2026-02-27T07:20:56.000Z ##

🟠 CVE-2026-28276 - High (7.5)

Initiative is a self-hosted project management platform. An access control vulnerability exists in Initiative versions prior to 0.32.2 where uploaded documents are served from a publicly accessible /uploads/ directory without any authentication or...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24352
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-02-27T18:36:00.687000

1 posts

PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID for a victim and later hijack the authenticated session. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only

thehackerwire@mastodon.social at 2026-02-28T08:00:09.000Z ##

🔴 CVE-2026-24352 - Critical (9.8)

PluXml CMS allows a user's session identifier to be set before authentication. The value of this session ID stays the same after authentication. This behaviour enables an attacker to fix a session ID
for a victim and later hijack the authenticated...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3271
(8.8 HIGH)

EPSS: 0.11%

updated 2026-02-27T18:32:07

1 posts

A vulnerability was found in Tenda F453 1.0.0.3. This impacts the function fromP2pListFilter of the file /goform/P2pListFilterof of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be launched remotely. The exploit has been made public and could be used.

thehackerwire@mastodon.social at 2026-02-27T06:20:25.000Z ##

🟠 CVE-2026-3271 - High (8.8)

A vulnerability was found in Tenda F453 1.0.0.3. This impacts the function fromP2pListFilter of the file /goform/P2pListFilterof of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be launched r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2749
(10.0 CRITICAL)

EPSS: 0.03%

updated 2026-02-27T18:31:12

2 posts

Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.

1 repos

https://github.com/hakaioffsec/Centreon-Exploits-2026

offseq@infosec.exchange at 2026-02-28T10:30:27.000Z ##

🚨 CRITICAL: CVE-2026-2749 hits Centreon Open Tickets (Linux Central Server). All before v25.10.3/24.10.8/24.04.7 at risk — remote exploit, full compromise possible. Restrict access & monitor systems! radar.offseq.com/threat/cve-20 #OffSeq #Centreon #Vuln

##
thehackerwire@mastodon.social at 2026-02-28T07:14:43.000Z ##

🔴 CVE-2026-2749 - Critical (9.9)

Vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centroen Open Ticket modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10.3, 24.10.8, 24.04.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2750
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-02-27T18:31:06

1 posts

Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.

2 repos

https://github.com/hakaioffsec/Centreon-Exploits-2026

https://github.com/RootAid/CVE-2026-27507

thehackerwire@mastodon.social at 2026-02-28T07:14:53.000Z ##

🔴 CVE-2026-2750 - Critical (9.1)

Improper Input Validation vulnerability in Centreon Centreon Open Tickets on Central Server on Linux (Centreon Open Tickets modules).This issue affects Centreon Open Tickets on Central Server: from all before 25.10; 24.10;24.04.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-11251
(9.8 CRITICAL)

EPSS: 0.01%

updated 2026-02-27T17:22:23.443000

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

thehackerwire@mastodon.social at 2026-02-28T08:02:44.000Z ##

🔴 CVE-2025-11251 - Critical (9.8)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dayneks Software Industry and Trade Inc. E-Commerce Platform allows SQL Injection.This issue affects E-Commerce Platform: through 27022026.

NOTE...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27969(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-02-27T16:03:55

1 posts

### Impact Anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipulate backup manifest files so that files in the manifest — which may be files that they have also added to the manifest and backup contents — are written to any accessible location on restore. This is a common [Path Traversal](https://owasp.org/www-community/attacks/Path_Traversal) security issue

thehackerwire@mastodon.social at 2026-02-28T12:00:14.000Z ##

🟠 CVE-2026-27969 - High (8.8)

Vitess is a database clustering system for horizontal scaling of MySQL. Prior to versions 23.0.3 and 22.0.4, anyone with read/write access to the backup storage location (e.g. an S3 bucket) can manipulate backup manifest files so that files in the...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3272
(8.8 HIGH)

EPSS: 0.08%

updated 2026-02-27T15:48:08.343000

1 posts

A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.

thehackerwire@mastodon.social at 2026-02-27T06:21:09.000Z ##

🟠 CVE-2026-3272 - High (8.8)

A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. This manipulation of the argument page causes buffer overflow. Remote exploitation of the ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3301
(9.8 CRITICAL)

EPSS: 2.90%

updated 2026-02-27T15:36:49.730000

3 posts

A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the argument webWlanIdx results in os command injection. The attack can be initiated remotely. The exploit has been released to the public and may be used for

secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##
thehackerwire@mastodon.social at 2026-02-27T06:18:53.000Z ##

🔴 CVE-2026-3301 - Critical (9.8)

A security flaw has been discovered in Totolink N300RH 6.1c.1353_B20190305. Affected by this vulnerability is the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Performing a manipulation of the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-02-27T06:00:27.000Z ##

⚠️ CRITICAL OS command injection in Totolink N300RH (v6.1c.1353_B20190305) — CVE-2026-3301. Unauthenticated remote exploit possible, with public exploit code out. Restrict access & monitor until patch released. radar.offseq.com/threat/cve-20 #OffSeq #CVE20263301 #IoTSecurity

##

CVE-2025-10990
(7.5 HIGH)

EPSS: 0.15%

updated 2026-02-27T15:34:19

1 posts

A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS), impacting the availability of the affected component. This issue is the result of an incomplete fix for CVE-2024-49761.

thehackerwire@mastodon.social at 2026-02-28T07:59:50.000Z ##

🟠 CVE-2025-10990 - High (7.5)

A flaw was found in REXML. A remote attacker could exploit inefficient regular expression (regex) parsing when processing hex numeric character references (&#x...;) in XML documents. This could lead to a Regular Expression Denial of Service (ReDoS...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23750
(8.1 HIGH)

EPSS: 0.01%

updated 2026-02-27T15:16:29.433000

1 posts

Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fragment, then appends subsequent fragments using memcpy() without verifying that sufficient capacity remains. An adjacent BLE client can send unauthenticat

thehackerwire@mastodon.social at 2026-02-28T11:00:57.000Z ##

🟠 CVE-2026-23750 - High (8.1)

Golioth Pouch version 0.1.0, prior to commit 1b2219a1, contains a heap-based buffer overflow in BLE GATT server certificate handling. server_cert_write() allocates a heap buffer of size CONFIG_POUCH_SERVER_CERT_MAX_LEN when receiving the first fra...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25997
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-02-27T14:57:09.820000

1 posts

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipboard_format_equal` reads freed `lastSentFormats` memory because `xf_clipboard_formats_free` (called from the cliprdr channel thread during auto-reconnect) frees the array while the X11 event thread concurrently iterates it in `xf_clipboard_changed`, triggering a heap use after free. Version 3.23.0 fi

thehackerwire@mastodon.social at 2026-03-01T06:59:50.000Z ##

🔴 CVE-2026-25997 - Critical (9.8)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_clipboard_format_equal` reads freed `lastSentFormats` memory because `xf_clipboard_formats_free` (called from the cliprdr channel thread during auto-reco...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25954
(7.5 HIGH)

EPSS: 0.05%

updated 2026-02-27T14:56:16.663000

1 posts

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_local_move_size` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` returns an unprotected pointer from the `railWindows` hash table, and the main thread can concurrently delete the window (via a window delete order) while the RAIL channel thread is still using the pointer

thehackerwire@mastodon.social at 2026-03-01T07:01:24.000Z ##

🟠 CVE-2026-25954 - High (7.5)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_local_move_size` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` returns an unprotected pointer from the `railWindows...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25942
(7.5 HIGH)

EPSS: 0.05%

updated 2026-02-27T14:54:06.747000

1 posts

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_execute_result` indexes the global `error_code_names[]` array (7 elements, indices 0–6) with an unchecked `execResult->execResult` value received from the server, allowing an out-of-bounds read when the server sends an `execResult` value of 7 or greater. Version 3.23.0 fixes the issue.

thehackerwire@mastodon.social at 2026-03-01T06:59:59.000Z ##

🟠 CVE-2026-25942 - High (7.5)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_rail_server_execute_result` indexes the global `error_code_names[]` array (7 elements, indices 0–6) with an unchecked `execResult->execResult` value re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27498
(0 None)

EPSS: 0.59%

updated 2026-02-27T14:06:59.787000

1 posts

n8n is an open source workflow automation platform. Prior to versions 2.2.0 and 1.123.8, an authenticated user with permission to create or modify workflows could chain the Read/Write Files from Disk node with git operations to achieve remote code execution. By writing to specific configuration files and then triggering a git operation, the attacker could execute arbitrary shell commands on the n8

secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-21902
(9.8 CRITICAL)

EPSS: 0.25%

updated 2026-02-27T14:06:59.787000

3 posts

An Incorrect Permission Assignment for Critical Resource vulnerability in the On-Box Anomaly detection framework of Juniper Networks Junos OS Evolved on PTX Series allows an unauthenticated, network-based attacker to execute code as root. The On-Box Anomaly detection framework should only be reachable by other internal processes over the internal routing instance, but not over an externally expos

technadu@infosec.exchange at 2026-02-28T13:35:16.000Z ##

CVE-2026-21902 represents a high-impact infrastructure exposure.

Affected platform: Junos OS Evolved on PTX series routers.

Attack vector: Unauthenticated network access.
Privilege level: Root execution.
Service: On-Box Anomaly Detection, enabled by default.

Strategic risk:
• Traffic interception capability
• Policy manipulation
• Controller redirection
• Lateral pivoting
• Long-term foothold persistence
Although no exploitation has been observed, historically, high-performance routing infrastructure is a prime target due to its control-plane visibility and network centrality.

Recommended actions:
– Immediate patch validation
– Control-plane traffic monitoring
– Service exposure review
– Network segmentation validation
– Threat hunting for anomalous routing behavior
Are infrastructure devices integrated into your continuous detection engineering pipeline?

Source: securityweek.com/juniper-netwo

Engage below.
Follow TechNadu for high-signal vulnerability intelligence.
Repost to strengthen security awareness.

#Infosec #CVE2026 #Juniper #RouterSecurity #CriticalInfrastructure #ThreatModeling #DetectionEngineering #NetworkDefense #ZeroTrustArchitecture #CyberRisk #SecurityOperations #VulnerabilityManagement

##
beyondmachines1@infosec.exchange at 2026-02-27T15:01:11.000Z ##

Critical Root RCE Vulnerability Patched in Juniper PTX Series Routers

Juniper Networks patched a critical vulnerability (CVE-2026-21902) in Junos OS Evolved on PTX Series routers that allows unauthenticated attackers to gain root access via a framework that should have been internal but is publicly exposed and not authenticated.

**If you are using Junos OS Evolved, this is important. Either immediately patch your PTX Series routers or disable the 'On-Box Anomaly Detection' service. Depending on configuration, review if you can isolate the network devices from the public internet to mitigate the impact.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
jbhall56@infosec.exchange at 2026-02-27T13:56:43.000Z ##

The security issue is identified as CVE-2026-21902 and is caused by incorrect permission assignment in the ‘On-Box Anomaly Detection’ framework, which should be exposed to internal processes only over the internal routing interface. bleepingcomputer.com/news/security/critical-juniper-networks-ptx-flaw-allows-full-router-takeover/

##

CVE-2025-71057
(8.2 HIGH)

EPSS: 0.01%

updated 2026-02-27T14:06:37.987000

1 posts

Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.

thehackerwire@mastodon.social at 2026-02-28T11:59:50.000Z ##

🟠 CVE-2025-71057 - High (8.2)

Improper session management in D-Link Wireless N 300 ADSL2+ Modem Router DSL-124 ME_1.00 allows attackers to execute a session hijacking attack via spoofing the IP address of an authenticated user.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-50857
(9.8 CRITICAL)

EPSS: 0.58%

updated 2026-02-27T14:06:37.987000

1 posts

ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload

thehackerwire@mastodon.social at 2026-02-28T11:01:06.000Z ##

🔴 CVE-2025-50857 - Critical (9.8)

ZenTaoPMS v18.11 through v21.6.beta is vulnerable to Directory Traversal in /module/ai/control.php. This allows attackers to execute arbitrary code via a crafted file upload

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26682
(7.8 HIGH)

EPSS: 0.02%

updated 2026-02-27T14:06:37.987000

1 posts

An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component

thehackerwire@mastodon.social at 2026-02-28T11:00:47.000Z ##

🟠 CVE-2026-26682 - High (7.8)

An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1565
(8.8 HIGH)

EPSS: 0.28%

updated 2026-02-27T14:06:37.987000

1 posts

The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WPUF_Admin_Settings::check_filetype_and_ext' function and in the 'Admin_Tools::check_filetype_and_ext' function in all versions up to, and including, 4.2.8. This makes it possible for authe

thehackerwire@mastodon.social at 2026-02-28T10:10:51.000Z ##

🟠 CVE-2026-1565 - High (8.8)

The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to arbitrary file uploads due to incorrect file type validation in the 'WPUF_Admin_Settings::check_filetype_...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27449
(7.5 HIGH)

EPSS: 0.05%

updated 2026-02-27T14:06:37.987000

1 posts

Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The affected endpoints can be accessed directly over the network without requiring a valid session or user credentials. By supplying a user-controlled identifie

thehackerwire@mastodon.social at 2026-02-28T10:00:47.000Z ##

🟠 CVE-2026-27449 - High (7.5)

Umbraco Engage is a business intelligence platform. A vulnerability has been identified in Umbraco Engage prior to versions 16.2.1 and 17.1.1 where certain API endpoints are exposed without enforcing authentication or authorization checks. The aff...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-0980
(8.3 HIGH)

EPSS: 0.22%

updated 2026-02-27T14:06:37.987000

1 posts

A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious username for the BMC interface. This could lead to remote code execution (RCE) on the system.

thehackerwire@mastodon.social at 2026-02-28T08:19:49.000Z ##

🟠 CVE-2026-0980 - High (8.3)

A flaw was found in rubyipmi, a gem used in the Baseboard Management Controller (BMC) component of Red Hat Satellite. An authenticated attacker with host creation or update permissions could exploit this vulnerability by crafting a malicious usern...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28211
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-27T14:06:37.987000

1 posts

The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitrary code execution when a user reads it with log reader commands. The log reading command process speech log entries in an unsafe manner. Python expressio

thehackerwire@mastodon.social at 2026-02-27T08:00:54.000Z ##

🟠 CVE-2026-28211 - High (7.8)

The NVDA Dev & Test Toolbox is an NVDA add-on for gathering tools to help NVDA development and testing. A vulnerability exists in versions 2.0 through 8.0 in the Log Reader feature of this add-on. A maliciously crafted log file can lead to arbitra...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-12981
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-02-27T14:06:37.987000

1 posts

The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly sanitize the user_role parameter. This makes it possible for unauthenticated attackers to register as Administrator by manipulating the user_role parameter dur

thehackerwire@mastodon.social at 2026-02-27T07:20:42.000Z ##

🔴 CVE-2025-12981 - Critical (9.8)

The Listee theme for WordPress is vulnerable to privilege escalation in all versions up to, and including, 1.1.6. This is due to a broken validation check in the bundled listee-core plugin's user registration function that fails to properly saniti...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24689
(8.0 HIGH)

EPSS: 0.22%

updated 2026-02-27T14:06:37.987000

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the devices field of the firmware update apply action.

thehackerwire@mastodon.social at 2026-02-27T06:19:08.000Z ##

🟠 CVE-2026-24689 - High (8)

An OS command injection

vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the devices field of the firmware update
ap...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25195
(8.0 HIGH)

EPSS: 0.22%

updated 2026-02-27T14:06:37.987000

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by supplying a crafted firmware update file via the firmware update route.

thehackerwire@mastodon.social at 2026-02-27T05:36:30.000Z ##

🟠 CVE-2026-25195 - High (8)

An OS command injection

vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
supplying a crafted firmware update file via the firmware update route.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25109
(8.0 HIGH)

EPSS: 0.22%

updated 2026-02-27T14:06:37.987000

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the devices field when accessing the get setup route, leading to remote code execution.

thehackerwire@mastodon.social at 2026-02-27T05:20:33.000Z ##

🟠 CVE-2026-25109 - High (8)

An OS command injection

vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the devices field when accessing the get
s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1442
(7.8 HIGH)

EPSS: 0.01%

updated 2026-02-27T14:06:37.987000

1 posts

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker (or anyone paying attention), the firmware updates may be altered by an unauthorized user, and then trusted by a Unitree product, such as the Unitree Go2 and other models. This issue appears to affect all of Unitree’s current offerings as of February 26, 2026, and so shou

thehackerwire@mastodon.social at 2026-02-27T05:20:23.000Z ##

🟠 CVE-2026-1442 - High (7.8)

Since the encryption algorithm used to protect firmware updates is itself encrypted using key material available to an attacker (or anyone paying attention), the firmware updates may be altered by an unauthorized user, and then trusted by a Unitre...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24695
(8.0 HIGH)

EPSS: 0.22%

updated 2026-02-27T14:06:37.987000

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into OpenSSL argument fields within requests sent to the utility route, leading to remote code execution.

thehackerwire@mastodon.social at 2026-02-27T05:02:48.000Z ##

🟠 CVE-2026-24695 - High (8)

An OS command injection

vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into OpenSSL argument fields within requests
...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2251
(9.8 CRITICAL)

EPSS: 0.05%

updated 2026-02-27T09:30:35

2 posts

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7. Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on - https://www.support.xerox.com/en-us/product/core/downloads

thehackerwire@mastodon.social at 2026-02-28T08:03:02.000Z ##

🔴 CVE-2026-2251 - Critical (9.8)

Improper limitation of a pathname to a restricted directory (Path Traversal) vulnerability in Xerox FreeFlow Core allows unauthorized path traversal leading to RCE.
This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.

...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-02-27T09:00:35.000Z ##

🚨 CRITICAL: CVE-2026-2251 in Xerox FreeFlow Core (≤8.0.7) allows unauthenticated RCE via path traversal. Patch to 8.1.0 urgently! Full system compromise possible. Details: radar.offseq.com/threat/cve-20 #OffSeq #Infosec #CVE20262251 #PrintSecurity

##

CVE-2026-2252
(7.5 HIGH)

EPSS: 0.04%

updated 2026-02-27T09:30:35

1 posts

An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references. This issue affects Xerox FreeFlow Core versions up to and including 8.0.7.  Please consider upgrading to FreeFlow Core version 8.1.0 via the software available on -  https://www.support.xerox.com/en-us/product/core/d

thehackerwire@mastodon.social at 2026-02-28T08:02:53.000Z ##

🟠 CVE-2026-2252 - High (7.5)

An XML External Entity (XXE) vulnerability allows malicious user to perform Server-Side Request Forgery (SSRF) via crafted XML input containing malicious external entity references.

This issue affects Xerox FreeFlow Core versions up to and includ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24663
(9.1 CRITICAL)

EPSS: 1.35%

updated 2026-02-27T03:30:33

2 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an unauthenticated attacker to achieve remote code execution on the system by sending a crafted request to the libraries installation route and injecting malicious input into the request body.

secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##
thehackerwire@mastodon.social at 2026-02-27T06:00:13.000Z ##

🔴 CVE-2026-24663 - Critical (9)

An OS command injection vulnerability exists in XWEB Pro version 1.12.1
and prior, enabling an unauthenticated attacker to achieve remote code
execution on the system by sending a crafted request to the libraries
installation route and injectin...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27028
(9.4 CRITICAL)

EPSS: 0.18%

updated 2026-02-27T03:30:33

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required,

beyondmachines1@infosec.exchange at 2026-02-27T10:01:19.000Z ##

Critical Authentication and Session Flaws Discovered in Mobility46 EV Charging Stations

Mobility46's EV charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-27028), that allow attackers to impersonate charging stations and seize administrative control. The vendor has not responded with a patch.

**If you operate Mobility46 charging stations, make sure that the systems are isolated from the internet and accessible only from trusted networks or VPN.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
thehackerwire@mastodon.social at 2026-02-27T05:02:38.000Z ##

🔴 CVE-2026-27028 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21389
(8.1 HIGH)

EPSS: 0.20%

updated 2026-02-27T03:30:33

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the request body sent to the contacts import route.

thehackerwire@mastodon.social at 2026-02-27T06:20:14.000Z ##

🟠 CVE-2026-21389 - High (8)

An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the request body sent to the contacts
import...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20910
(8.1 HIGH)

EPSS: 0.20%

updated 2026-02-27T03:30:33

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into the devices field of the firmware update update action to achieve remote code execution.

thehackerwire@mastodon.social at 2026-02-27T06:20:03.000Z ##

🟠 CVE-2026-20910 - High (8)

An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into the devices field of the firmware update
upd...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24517
(8.1 HIGH)

EPSS: 0.22%

updated 2026-02-27T03:30:33

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the firmware update route.

thehackerwire@mastodon.social at 2026-02-27T06:00:02.000Z ##

🟠 CVE-2026-24517 - High (8)

An OS command injection

vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into requests sent to the firmware update
route.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24445
(7.5 HIGH)

EPSS: 0.06%

updated 2026-02-27T03:30:33

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-02-27T05:59:53.000Z ##

🟠 CVE-2026-24445 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25111
(8.1 HIGH)

EPSS: 0.22%

updated 2026-02-27T03:30:33

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the restore route.

thehackerwire@mastodon.social at 2026-02-27T05:36:21.000Z ##

🟠 CVE-2026-25111 - High (8)

An OS command injection
vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into requests sent to the restore route.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25085
(8.6 HIGH)

EPSS: 0.07%

updated 2026-02-27T03:30:33

1 posts

A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in which an unexpected return value from the authentication routine is later on processed as a legitimate value, resulting in an authentication bypass.

thehackerwire@mastodon.social at 2026-02-27T05:02:57.000Z ##

🟠 CVE-2026-25085 - High (8.6)

A vulnerability exists in Copeland XWEB Pro version 1.12.1 and prior, in
which an unexpected return value from the authentication routine is
later on processed as a legitimate value, resulting in an authentication
bypass.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20742
(8.1 HIGH)

EPSS: 0.20%

updated 2026-02-27T03:30:32

1 posts

An OS command injection vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an authenticated attacker to achieve remote code execution on the system by injecting malicious input into requests sent to the templates route.

thehackerwire@mastodon.social at 2026-02-27T06:19:17.000Z ##

🟠 CVE-2026-20742 - High (8)

An OS command injection

vulnerability exists in XWEB Pro version 1.12.1 and prior, enabling an
authenticated attacker to achieve remote code execution on the system by
injecting malicious input into requests sent to the templates route.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22553
(9.8 CRITICAL)

EPSS: 1.26%

updated 2026-02-27T03:15:54.487000

1 posts

All versions of InSAT MasterSCADA BUK-TS are susceptible to OS command injection through a field in its MMadmServ web interface. Malicious users that use the vulnerable endpoint are potentially able to cause remote code execution.

secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-25851
(9.4 CRITICAL)

EPSS: 0.13%

updated 2026-02-27T00:31:52

2 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required,

beyondmachines1@infosec.exchange at 2026-02-27T12:01:19.000Z ##

Multiple Vulnerabilities Discovered in Chargemap Platform

Chargemap's charging platform contains four vulnerabilities, including a critical authentication bypass (CVE-2026-25851), that allow unauthenticated attackers to impersonate charging stations and gain administrative control.

**Make sure your Chargemap station management is isolated from the internet and behind a firewall or VPN. Since the vendor has not released a patch that's your only defense until the vendor does something or you replace these systems.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
thehackerwire@mastodon.social at 2026-02-27T06:59:54.000Z ##

🔴 CVE-2026-25851 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24731
(9.4 CRITICAL)

EPSS: 0.13%

updated 2026-02-27T00:31:52

1 posts

WebSocket endpoints lack proper authentication mechanisms, enabling attackers to perform unauthorized station impersonation and manipulate data sent to the backend. An unauthenticated attacker can connect to the OCPP WebSocket endpoint using a known or discovered charging station identifier, then issue or receive OCPP commands as a legitimate charger. Given that no authentication is required,

thehackerwire@mastodon.social at 2026-02-27T07:00:59.000Z ##

🔴 CVE-2026-24731 - Critical (9.4)

WebSocket endpoints lack proper authentication mechanisms, enabling
attackers to perform unauthorized station impersonation and manipulate
data sent to the backend. An unauthenticated attacker can connect to the
OCPP WebSocket endpoint using a ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25945
(7.5 HIGH)

EPSS: 0.06%

updated 2026-02-27T00:31:52

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-02-27T07:00:03.000Z ##

🟠 CVE-2026-25945 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25113
(7.5 HIGH)

EPSS: 0.06%

updated 2026-02-27T00:31:51

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-02-27T07:01:09.000Z ##

🟠 CVE-2026-25113 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25114
(7.5 HIGH)

EPSS: 0.06%

updated 2026-02-27T00:31:51

1 posts

The WebSocket Application Programming Interface lacks restrictions on the number of authentication requests. This absence of rate limiting may allow an attacker to conduct denial-of-service attacks by suppressing or mis-routing legitimate charger telemetry, or conduct brute-force attacks to gain unauthorized access.

thehackerwire@mastodon.social at 2026-02-27T06:59:44.000Z ##

🟠 CVE-2026-25114 - High (7.5)

The WebSocket Application Programming Interface lacks restrictions on
the number of authentication requests. This absence of rate limiting may
allow an attacker to conduct denial-of-service attacks by suppressing
or mis-routing legitimate charg...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28136
(7.6 HIGH)

EPSS: 0.03%

updated 2026-02-26T21:32:34

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through <= 6.9.12.

thehackerwire@mastodon.social at 2026-02-28T12:00:00.000Z ##

🟠 CVE-2026-28136 - High (7.6)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs WP SMS wp-sms allows SQL Injection.This issue affects WP SMS: from n/a through &lt;= 6.9.12.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26938
(8.6 HIGH)

EPSS: 0.04%

updated 2026-02-26T21:31:39

1 posts

Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery (SSRF) via Code Injection (CAPEC-242). This requires an authenticated user who has the workflowsManagement:executeWorkflow privilege.

thehackerwire@mastodon.social at 2026-02-28T10:11:00.000Z ##

🟠 CVE-2026-26938 - High (8.6)

Improper Neutralization of Special Elements Used in a Template Engine (CWE-1336) exists in Workflows in Kibana which could allow an attacker to read arbitrary files from the Kibana server filesystem, and perform Server-Side Request Forgery (SSRF) ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27888(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-02-26T19:55:35

1 posts

### Impact An attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the `xfa` property of a reader or writer and the corresponding stream being compressed using `/FlateDecode`. ### Patches This has been fixed in [pypdf==6.7.3](https://github.com/py-pdf/pypdf/releases/tag/6.7.3). ### Workarounds If projects cannot upgrade yet, conside

thehackerwire@mastodon.social at 2026-03-01T05:01:18.000Z ##

🟠 CVE-2026-27888 - High (7.5)

pypdf is a free and open-source pure-python PDF library. Prior to 6.7.3, an attacker who uses this vulnerability can craft a PDF which leads to the RAM being exhausted. This requires accessing the `xfa` property of a reader or writer and the corre...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-40552
(9.8 CRITICAL)

EPSS: 5.22%

updated 2026-02-26T19:30:48.133000

1 posts

SolarWinds Web Help Desk was found to be susceptible to an authentication bypass vulnerability that if exploited, would allow a malicious actor to execute actions and methods that should be protected by authentication.

Nuclei template

1 repos

https://github.com/watchtowrlabs/watchTowr-vs-SolarWinds-WebHelpDesk-CVE-2025-40552-CVE-2025-40553

cyberveille@mastobot.ping.moi at 2026-03-02T22:30:12.000Z ##

📢 SolarWinds Web Help Desk: chaîne RCE pré-auth par désérialisation et doubles contournements (CVE-2025-40552/40553/40554)
📝 Source: watc...
📖 cyberveille : cyberveille.ch/posts/2026-03-0
🌐 source : labs.watchtowr.com/buy-a-help-
#IOC #RCE_pré_auth #Cyberveille

##

CVE-2026-27849
(9.8 CRITICAL)

EPSS: 0.05%

updated 2026-02-26T18:32:43

1 posts

Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network. This issue affects MR9600: 1.0.4.205530; MX4200: 1.0.13.210200.

thehackerwire@mastodon.social at 2026-03-01T08:00:03.000Z ##

🔴 CVE-2026-27849 - Critical (9.8)

Due to missing neutralization of special elements, OS commands can be injected via the update functionality of a TLS-SRP connection, which is normally used for configuring devices inside the mesh network.
This issue affects MR9600: 1.0.4.205530; M...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3201
(4.7 MEDIUM)

EPSS: 0.01%

updated 2026-02-26T14:49:01.050000

1 posts

USB HID protocol dissector memory exhaustion in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

netresec@infosec.exchange at 2026-03-02T10:00:13.000Z ##

RE: infosec.exchange/@geraldcombs/

#Wireshark 4.6.4 resolves 3 denial of service vulnerabilities in the following protocol dissectors:

The new release also includes a bug fix for #JA4 fingerprints of TLS handshakes with odd ALPN values as well as an important update of the #SOCKS parser, which now enables more reliable extraction of data from within SOCKS tunnels.

##

CVE-2026-3202
(4.7 MEDIUM)

EPSS: 0.02%

updated 2026-02-26T14:47:37.923000

1 posts

NTS-KE protocol dissector crash in Wireshark 4.6.0 to 4.6.3 allows denial of service

netresec@infosec.exchange at 2026-03-02T10:00:13.000Z ##

RE: infosec.exchange/@geraldcombs/

#Wireshark 4.6.4 resolves 3 denial of service vulnerabilities in the following protocol dissectors:

The new release also includes a bug fix for #JA4 fingerprints of TLS handshakes with odd ALPN values as well as an important update of the #SOCKS parser, which now enables more reliable extraction of data from within SOCKS tunnels.

##

CVE-2026-3203
(5.5 MEDIUM)

EPSS: 0.02%

updated 2026-02-26T14:41:13.870000

1 posts

RF4CE Profile protocol dissector crash in Wireshark 4.6.0 to 4.6.3 and 4.4.0 to 4.4.13 allows denial of service

netresec@infosec.exchange at 2026-03-02T10:00:13.000Z ##

RE: infosec.exchange/@geraldcombs/

#Wireshark 4.6.4 resolves 3 denial of service vulnerabilities in the following protocol dissectors:

The new release also includes a bug fix for #JA4 fingerprints of TLS handshakes with odd ALPN values as well as an important update of the #SOCKS parser, which now enables more reliable extraction of data from within SOCKS tunnels.

##

CVE-2025-70327
(9.8 CRITICAL)

EPSS: 2.05%

updated 2026-02-26T03:32:24

1 posts

TOTOLINK X5000R v9.1.0cu_2415_B20250515 contains an argument injection vulnerability in the setDiagnosisCfg handler of the /usr/sbin/lighttpd executable. The ip parameter is retrieved via websGetVar and passed to a ping command through CsteSystem without validating if the input starts with a hyphen (-). This allows remote authenticated attackers to inject arbitrary command-line options into the pi

secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2025-70328
(8.8 HIGH)

EPSS: 2.94%

updated 2026-02-26T03:31:18

1 posts

TOTOLINK X6000R v9.4.0cu.1498_B20250826 contains an OS command injection vulnerability in the NTPSyncWithHost handler of the /usr/sbin/shttpd executable. The host_time parameter is retrieved via sub_40C404 and passed to a date -s shell command through CsteSystem. While the first two tokens of the input are validated, the remainder of the string is not sanitized, allowing authenticated attackers to

secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-20127
(10.0 CRITICAL)

EPSS: 2.19%

updated 2026-02-25T18:31:45

2 posts

A vulnerability in the peering authentication in Cisco Catalyst SD-WAN Controller, formerly SD-WAN vSmart, and Cisco Catalyst SD-WAN Manager, formerly SD-WAN vManage, could allow an unauthenticated, remote attacker to bypass authentication and obtain administrative privileges on an affected system. This vulnerability exists because the peering authentication mechanism in an affected system is not

2 repos

https://github.com/bluefalconink/cisa-ed-26-03-tracker

https://github.com/Dimchuk/CVE-2026-20127-chain

secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##
AAKL@infosec.exchange at 2026-02-27T18:17:42.000Z ##

Cisco has an updated critical advisory:

CVE-2026-20127: Cisco Catalyst SD-WAN Controller Authentication Bypass Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #Cisco #infosec #vulnerability

##

CVE-2025-13942
(9.8 CRITICAL)

EPSS: 0.48%

updated 2026-02-25T18:13:10.563000

1 posts

A command injection vulnerability in the UPnP function of the Zyxel EX3510-B0 firmware versions through 5.17(ABUP.15.1)C0 could allow a remote attacker to execute operating system (OS) commands on an affected device by sending specially crafted UPnP SOAP requests.

hackmag@infosec.exchange at 2026-02-27T10:00:03.000Z ##

⚪️ Critical RCE Vulnerability Affects Over 10 Zyxel Router Models

🗨️ Zyxel developers have released patches that fix a critical vulnerability affecting more than ten router models. The bug allows unauthenticated attackers to remotely execute commands on the devices. The vulnerability is tracked as CVE-2025-13942 and is a command injection issue…

🔗 hackmag.com/news/zyxel-rce-3?u

#news

##

CVE-2026-25108
(8.8 HIGH)

EPSS: 18.59%

updated 2026-02-24T21:32:35

1 posts

FileZen contains an OS command injection vulnerability. When FileZen Antivirus Check Option is enabled, a logged-in user may send a specially crafted HTTP request to execute an arbitrary OS command.

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2025-64328
(7.2 HIGH)

EPSS: 24.83%

updated 2026-02-24T19:30:59.130000

1 posts

FreePBX Endpoint Manager is a module for managing telephony endpoints in FreePBX systems. In versions 17.0.2.36 and above before 17.0.3, the filestore module within the Administrative interface is vulnerable to a post-authentication command injection by an authenticated known user via the testconnection -> check_ssh_connect() function. An attacker can leverage this vulnerability to obtain remote a

1 repos

https://github.com/mcorybillington/CVE-2025-64328_FreePBX-framework-Command-Injection

beyondmachines1@infosec.exchange at 2026-03-02T08:01:11.000Z ##

Over 900 Sangoma FreePBX Instances Compromised via Command Injection Flaw

Sangoma FreePBX is under active attack via CVE-2025-64328. Over 900 instances compromised with installed web shells are detected online.

**If you use FreePBX, plan a very quick update to version 17.0.3 and make sure your admin panel is isolated from the internet. Your FreePBX is already attacked.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

CVE-2025-40541
(9.1 CRITICAL)

EPSS: 0.02%

updated 2026-02-24T18:32:04

1 posts

An Insecure Direct Object Reference (IDOR) vulnerability exists in Serv-U, which when exploited, gives a malicious actor the ability to execute native code as a privileged account. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privileged service accounts by default.

jbhall56@infosec.exchange at 2026-02-27T13:29:41.000Z ##

All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5. securityweek.com/solarwinds-pa

##

CVE-2025-40538
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-02-24T17:51:27.573000

1 posts

A broken access control vulnerability exists in Serv-U which when exploited, gives a malicious actor the ability to create a system admin user and execute arbitrary code as a privileged account via domain admin or group admin privileges. This issue requires administrative privileges to abuse. On Windows deployments, the risk is scored as a medium because services frequently run under less-privile

jbhall56@infosec.exchange at 2026-02-27T13:29:41.000Z ##

All four security defects, tracked as CVE-2025-40538 to CVE-2025-40541, have a CVSS score of 9.1, could result in remote code execution, and impact Serv-U version 15.5. securityweek.com/solarwinds-pa

##

CVE-2026-26331
(8.8 HIGH)

EPSS: 0.70%

updated 2026-02-24T16:08:36

1 posts

### Summary When yt-dlp's `--netrc-cmd` command-line option (or `netrc_cmd` Python API parameter) is used, an attacker could achieve arbitrary command injection on the user's system with a maliciously crafted URL. ### Impact yt-dlp maintainers assume the impact of this vulnerability to be high for anyone who uses `--netrc-cmd` in their command/configuration or `netrc_cmd` in their Python scripts.

1 repos

https://github.com/dxlerYT/CVE-2026-26331

secdb@infosec.exchange at 2026-03-02T00:00:55.000Z ##

📈 CVE Published in last 7 days (2026-02-23 - 2026-03-02)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 974

Severity:
- Critical: 145
- High: 315
- Medium: 431
- Low: 49
- None: 34

Status:
- : 10
- Analyzed: 435
- Awaiting Analysis: 257
- Modified: 60
- Received: 119
- Rejected: 17
- Undergoing Analysis: 76

Top CNAs:
- GitHub, Inc.: 354
- VulDB: 131
- VulnCheck: 70
- Mozilla Corporation: 52
- ICS-CERT: 51
- MITRE: 34
- Wordfence: 34
- Red Hat, Inc.: 15
- Cisco Systems, Inc.: 15
- GitLab Inc.: 13

Top Affected Products:
- UNKNOWN: 459
- Mozilla Firefox: 52
- Mozilla Thunderbird: 50
- Imagemagick: 34
- Open-emr Openemr: 25
- Copeland Xweb 300d Pro Firmware: 15
- Freerdp: 15
- Copeland Xweb 500b Pro Firmware: 15
- Copeland Xweb 500d Pro Firmware: 15
- Tenda F453 Firmware: 10

Top EPSS Score:
- CVE-2026-3301 - 2.90 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70328 - 2.51 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20127 - 2.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2025-70327 - 1.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-24663 - 1.35 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22553 - 0.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26222 - 0.85 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-26331 - 0.60 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-27498 - 0.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-21658 - 0.59 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-2033
(8.1 HIGH)

EPSS: 15.58%

updated 2026-02-23T18:14:13.887000

1 posts

MLflow Tracking Server Artifact Handler Directory Traversal Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of MLflow Tracking Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of artifact file paths. The issue results from the lack of proper validat

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-2329
(9.8 CRITICAL)

EPSS: 41.14%

updated 2026-02-20T20:57:50.360000

1 posts

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-22769
(10.0 CRITICAL)

EPSS: 34.16%

updated 2026-02-18T18:30:35

1 posts

Dell RecoverPoint for Virtual Machines, versions prior to 6.0.3.1 HF1, contain a hardcoded credential vulnerability. This is considered critical as an unauthenticated remote attacker with knowledge of the hardcoded credential could potentially exploit this vulnerability leading to unauthorized access to the underlying operating system and root-level persistence. Dell recommends that customers upgr

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-0714
(6.8 MEDIUM)

EPSS: 0.01%

updated 2026-02-18T17:55:46.557000

2 posts

A physical attack vulnerability exists in certain Moxa industrial computers using TPM-backed LUKS full-disk encryption on Moxa Industrial Linux 3, where the discrete TPM is connected to the CPU via an SPI bus. Exploitation requires invasive physical access, including opening the device and attaching external equipment to the SPI bus to capture TPM communications. If successful, the captured data m

benzogaga33@mamot.fr at 2026-03-02T06:10:14.000Z ##

TPM-Sniffing LUKS Keys on an Embedded Linux Device [CVE-2026-0714] cyloq.se/en/research/cve-2026-

##
linux@activitypub.awakari.com at 2026-03-01T20:31:52.000Z ## TPM-Sniffing LUKS Keys on an Embedded Linux Device [CVE-2026-0714] Article URL: https://www.cyloq.se/en/research/cve-2026-0714-tpm-sniffing-luks-keys-on-an-embedded-device Comments URL: https://new...


Origin | Interest | Match ##

CVE-2026-1731
(9.8 CRITICAL)

EPSS: 60.92%

updated 2026-02-17T15:31:33

2 posts

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Nuclei template

5 repos

https://github.com/win3zz/CVE-2026-1731

https://github.com/richardpaimu34/CVE-2026-1731

https://github.com/jakubie07/CVE-2026-1731

https://github.com/cybrdude/cve-2026-1731-scanner

https://github.com/hexissam/CVE-2026-1731

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##
metasploit@infosec.exchange at 2026-02-27T20:32:32.000Z ##

Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).

Check out the wrap up at rapid7.com/blog/post/pt-metasp

##

CVE-2023-4911
(7.8 HIGH)

EPSS: 57.16%

updated 2026-02-13T18:31:22

1 posts

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launching binaries with SUID permission to execute code with elevated privileges.

Nuclei template

18 repos

https://github.com/chaudharyarjun/LooneyPwner

https://github.com/teraGL/looneyCVE

https://github.com/leesh3288/CVE-2023-4911

https://github.com/Aryan20057/CVE-2023-4911

https://github.com/NishanthAnand21/CVE-2023-4911-PoC

https://github.com/hadrian3689/looney-tunables-CVE-2023-4911

https://github.com/RickdeJager/CVE-2023-4911

https://github.com/Green-Avocado/CVE-2023-4911

https://github.com/puckiestyle/CVE-2023-4911

https://github.com/KernelKrise/CVE-2023-4911

https://github.com/ruycr4ft/CVE-2023-4911

https://github.com/silent6trinity/looney-tuneables

https://github.com/Diego-AltF4/CVE-2023-4911

https://github.com/KillReal01/CVE-2023-4911

https://github.com/Billar42/CVE-2023-4911

https://github.com/xiaoQ1z/CVE-2023-4911

https://github.com/guffre/CVE-2023-4911

https://github.com/snurkeburk/Looney-Tunables

certvde@infosec.exchange at 2026-03-02T07:01:23.000Z ##

#OT #Advisory VDE-2026-002
Endress+Hauser: buffer overflow in glibc ld.so leading to privilege escalation

A vulnerability has been identified in WAGO devices utilized in Endress+Hauser IoT solutions. WAGO has provided fixes for these vulnerabilities, which have been integrated into the solutions by Endress+Hauser.
#CVE CVE-2023-4911

certvde.com/en/advisories/vde-
#oCSAF
#CSAF endress-hauser.csaf-tp.certvde

##

CVE-2026-21513
(8.8 HIGH)

EPSS: 4.12%

updated 2026-02-10T21:31:29

4 posts

Protection mechanism failure in MSHTML Framework allows an unauthorized attacker to bypass a security feature over a network.

hackerworkspace at 2026-03-02T18:43:56.687Z ##

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

thehackernews.com/2026/03/apt2

##
undercodenews@mastodon.social at 2026-03-02T16:26:42.000Z ##

Russia-Linked APT28 Exploits High-Severity MSHTML Vulnerability Before Patch + Video

Introduction In early 2026, cybersecurity researchers uncovered a critical security breach targeting Microsoft’s MSHTML engine, revealing a sophisticated attack orchestrated by Russia-linked APT28. This zero-day vulnerability, later tracked as CVE-2026-21513 with a CVSS score of 8.8, allowed attackers to bypass Internet Explorer’s security controls and execute code remotely. The…

undercodenews.com/russia-linke

##
hackerworkspace@infosec.exchange at 2026-03-02T18:43:56.000Z ##

APT28 Tied to CVE-2026-21513 MSHTML 0-Day Exploited Before Feb 2026 Patch Tuesday

thehackernews.com/2026/03/apt2

#cybersecurity #threatintelligence #zeroday

##
thefinancialstandard@mastodon.social at 2026-03-02T11:32:08.000Z ##

Urgent APT28 Cyber Attack Tied to MSHTML 0-Day

APT28 linked to CVE-2026-21513 MSHTML 0-day exploit. Urgent action is needed to mitigate cyber attack risks and protect sensitive data.

Read more: api.thefinancialstandard.com/a

#finance #cybersecurity #fintech #news

##

CVE-2026-1603
(8.6 HIGH)

EPSS: 11.74%

updated 2026-02-10T18:30:49

1 posts

An authentication bypass in Ivanti Endpoint Manager before version 2024 SU5 allows a remote unauthenticated attacker to leak specific stored credential data.

Nuclei template

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2020-37088
(7.5 HIGH)

EPSS: 4.95%

updated 2026-02-10T17:03:53.480000

1 posts

School ERP Pro 1.0 contains a file disclosure vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the 'document' parameter in download.php. Attackers can access sensitive configuration files by supplying directory traversal paths to retrieve system credentials and configuration information.

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-1687
(7.3 HIGH)

EPSS: 5.42%

updated 2026-02-10T15:14:03.207000

1 posts

A weakness has been identified in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2020-37123
(9.8 CRITICAL)

EPSS: 12.89%

updated 2026-02-05T20:47:37.777000

1 posts

Pinger 1.0 contains a remote code execution vulnerability that allows attackers to inject shell commands through the ping and socket parameters. Attackers can exploit the unsanitized input in ping.php to write arbitrary PHP files and execute system commands by appending shell metacharacters.

Nuclei template

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-1207
(5.4 MEDIUM)

EPSS: 7.39%

updated 2026-02-04T17:34:46.147000

1 posts

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on ``RasterField`` (only implemented on PostGIS) allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series (such as 5.0.x, 4.1.x, and 3.2.x) were not evaluated and may also be affected. Django would like to thank Tarek Nakkouch for reporting this issue.

Nuclei template

secdb@infosec.exchange at 2026-03-01T00:01:35.000Z ##

📈 CVE Published in last 30 days (2026-01-30 - 2026-03-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs: 5003

Severity:
- Critical: 448
- High: 1563
- Medium: 2229
- Low: 226
- None: 537

Status:
- : 33
- Analyzed: 2258
- Awaiting Analysis: 2188
- Modified: 155
- Received: 89
- Rejected: 197
- Undergoing Analysis: 83

Top CNAs:
- GitHub, Inc.: 907
- VulnCheck: 572
- VulDB: 519
- Patchstack: 385
- Wordfence: 361
- kernel.org: 259
- MITRE: 217
- Fortinet, Inc.: 102
- Intel Corporation: 84
- Apple Inc.: 76

Top Affected Products:
- UNKNOWN: 2529
- Apple Macos: 64
- Mozilla Firefox: 54
- Mozilla Thunderbird: 51
- Apple Iphone Os: 49
- Apple Ipados: 49
- Openclaw: 35
- Imagemagick: 34
- Microsoft Windows Server 2025: 29
- Comodo Dome Firewall: 29

Top EPSS Score:
- CVE-2026-1731 - 61.83 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2329 - 41.14 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-22769 - 34.16 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25108 - 18.59 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-2033 - 15.58 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37123 - 12.89 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1603 - 11.74 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1687 - 5.42 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2020-37088 - 4.95 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-1207 - 4.78 % (secdb.nttzen.cloud/cve/detail/)

##

CVE-2026-21859
(5.8 MEDIUM)

EPSS: 1.13%

updated 2026-02-02T19:16:52.987000

1 posts

Mailpit is an email testing tool and API for developers. Versions 1.28.0 and below have a Server-Side Request Forgery (SSRF) vulnerability in the /proxy endpoint, allowing attackers to make requests to internal network resources. The /proxy endpoint validates http:// and https:// schemes, but it does not block internal IP addresses, enabling attackers to access internal services and APIs. This vul

Nuclei template

cyberveille@mastobot.ping.moi at 2026-03-03T00:30:12.000Z ##

📢 Mailpit: vulnérabilité SSRF critique (CVE-2026-21859) activement exploitée expose des réseaux internes
📝 Selon CrowdSec, une vague d’exploitation ciblée de la vulnérabilité critique CVE-2026-21859 affectant Ma...
📖 cyberveille : cyberveille.ch/posts/2026-03-0
🌐 source : crowdsec.net/vulntracking-repo
#CVE_2026_21859 #Mailpit #Cyberveille

##

CVE-2025-13348(CVSS UNKNOWN)

EPSS: 0.01%

updated 2026-02-02T03:31:18

2 posts

An improper access control vulnerability exists in ASUS Secure Delete Driver of ASUS Business Manager. This vulnerability can be triggered by a local user sending a specially crafted request, potentially leading to the creation of arbitrary files in a specified path. Refer to the "Security Update for ASUS Business Manager" section on the ASUS Security Advisory for more information.

AAKL at 2026-03-02T17:20:04.353Z ##

ASUS has a new security advisory relating to CVE-2025-13348, a high-severity vulnerability:

Security Update for ASUS Business Manager asus.com/security-advisory/

##
AAKL@infosec.exchange at 2026-03-02T17:20:04.000Z ##

ASUS has a new security advisory relating to CVE-2025-13348, a high-severity vulnerability:

Security Update for ASUS Business Manager asus.com/security-advisory/ #infosec #vulnerability #ASUS

##

CVE-2026-21852(CVSS UNKNOWN)

EPSS: 0.05%

updated 2026-01-21T21:40:20

1 posts

A vulnerability in Claude Code's project-load flow allowed malicious repositories to exfiltrate data including Anthropic API keys before users confirmed trust. If a user started Claude Code in an attacker-controller repository, and the repository included a settings file that set ANTHROPIC_BASE_URL to an attacker-controlled endpoint, Claude Code would issue API requests before showing the trust pr

2 repos

https://github.com/M0broot/CVE-Archive

https://github.com/atiilla/CVE-2026-21852-PoC

threatcodex@infosec.exchange at 2026-03-01T01:18:20.000Z ##

Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
research.checkpoint.com/2026/r

##

CVE-2026-0628
(8.8 HIGH)

EPSS: 0.02%

updated 2026-01-07T15:31:20

1 posts

Insufficient policy enforcement in WebView tag in Google Chrome prior to 143.0.7499.192 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High)

2 repos

https://github.com/sastraadiwiguna-purpleeliteteaming/Dissecting-CVE-2026-0628-Chromium-Extension-Privilege-Escalation

https://github.com/fevar54/CVE-2026-0628-POC

allsafeus@mastodon.social at 2026-03-02T15:22:29.000Z ##

Chrome Gemini Panel Hijack: Unpacking CVE-2026-0628 and the Agentic Browser Threat

In an increasingly interconnected digital landscape where browsers are evolving into sophisticated agents, a recent high-severity vulnerability (CVE-2026-0628) in Google Chrome's new Gemini panel has sent ripples through the cybersecurity community. Discovered and promptly patched by Google, this flaw allowed malicious extensions to hijack the AI-powered Gemini panel, leading to…

allsafeus.com/chrome-gemini-pa

##

CVE-2025-0282
(9.1 CRITICAL)

EPSS: 94.12%

updated 2025-10-22T00:34:17

1 posts

A stack-based buffer overflow in Ivanti Connect Secure before version 22.7R2.5, Ivanti Policy Secure before version 22.7R1.2, and Ivanti Neurons for ZTA gateways before version 22.7R2.3 allows a remote unauthenticated attacker to achieve remote code execution.

Nuclei template

10 repos

https://github.com/absholi7ly/CVE-2025-0282-Ivanti-exploit

https://github.com/punitdarji/Ivanti-CVE-2025-0282

https://github.com/Hexastrike/Ivanti-Connect-Secure-Logs-Parser

https://github.com/rxwx/pulse-meter

https://github.com/AdaniKamal/CVE-2025-0282

https://github.com/watchtowrlabs/CVE-2025-0282

https://github.com/almanatra/CVE-2025-0282

https://github.com/gmh5225/Blackash-CVE-2025-0282

https://github.com/AnonStorks/CVE-2025-0282-Full-version

https://github.com/sfewer-r7/CVE-2025-0282

gtronix@infosec.exchange at 2026-02-27T18:01:26.000Z ##

"CISA warns that RESURGE malware can be dormant on Ivanti devices"

"[...] Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect Secure devices. The U.S."

bleepingcomputer.com/news/secu

#Cybersecurity

##

CVE-2025-11462
(7.8 HIGH)

EPSS: 0.04%

updated 2025-10-14T18:15:34.687000

2 posts

Improper Link Resolution Before File Access in the AWS VPN Client for macOS versions 1.3.2- 5.2.0 allows a local user to execute code with elevated privileges. Insufficient validation checks on the log destination directory during log rotation could allow a non-administrator user to create a symlink from a client log file to a privileged location. On log rotation, this could lead to code execution

awssecurityfeed at 2026-03-02T23:30:01.938Z ##

CVE-2025-11462 AWS ClientVPN macOS Client Local Privilege Escalation

Bulletin ID: AWS-2025-020 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/10/07 01:30 PM PDT
Description:
AWS Client VPN is a managed client-based VPN service that enables secure access to AWS and ...

aws.amazon.com/security/securi

##
awssecurityfeed@infosec.exchange at 2026-03-02T23:30:01.000Z ##

CVE-2025-11462 AWS ClientVPN macOS Client Local Privilege Escalation

Bulletin ID: AWS-2025-020 Scope: AWS Content Type: Important (requires attention) Publication Date: 2025/10/07 01:30 PM PDT
Description:
AWS Client VPN is a managed client-based VPN service that enables secure access to AWS and ...

aws.amazon.com/security/securi

#aws #security

##

CVE-2025-59536(CVSS UNKNOWN)

EPSS: 0.04%

updated 2025-10-03T14:16:36

1 posts

Due to a bug in the startup trust dialog implementation, Claude Code could be tricked to execute code contained in a project before the user accepted the startup trust dialog. Exploiting this requires a user to start Claude Code in an untrusted directory. Users on standard Claude Code auto-update will have received this fix automatically. Users performing manual updates are advised to update to

threatcodex@infosec.exchange at 2026-03-01T01:18:20.000Z ##

Caught in the Hook: RCE and API Token Exfiltration Through Claude Code Project Files | CVE-2025-59536 | CVE-2026-21852
#CVE_2025_59536 #CVE_2026_21852 #ClaudeCode
research.checkpoint.com/2026/r

##

CVE-2024-37032
(8.8 HIGH)

EPSS: 93.81%

updated 2025-05-01T14:01:44.767000

1 posts

Ollama before 0.1.34 does not validate the format of the digest (sha256 with 64 hex digits) when getting the model path, and thus mishandles the TestGetBlobsPath test cases such as fewer than 64 hex digits, more than 64 hex digits, or an initial ../ substring.

Nuclei template

3 repos

https://github.com/Bi0x/CVE-2024-37032

https://github.com/pankass/CVE-2024-37032_CVE-2024-45436

https://github.com/ahboon/CVE-2024-37032-scanner

metasploit@infosec.exchange at 2026-02-27T20:32:32.000Z ##

Latest Metasploit update is out with unauthenticated RCE for Grandstream GXP1600 VoIP devices, enabling credential harvesting and SIP interception. Also included is critical support for BeyondTrust PRA/RS command injection (CVE-2026-1731), plus a serious Ollama RCE (CVE-2024-37032).

Check out the wrap up at rapid7.com/blog/post/pt-metasp

##

CVE-2017-13089
(8.8 HIGH)

EPSS: 51.23%

updated 2025-04-20T01:37:25.860000

1 posts

The http.c:skip_short_body() function is called in some circumstances, such as when processing redirects. When the response is sent chunked in wget before 1.19.2, the chunk parser uses strtol() to read each chunk's length, but doesn't check that the chunk length is a non-negative number. The code then tries to skip the chunk in pieces of 512 bytes by using the MIN() macro, but ends up passing the

2 repos

https://github.com/r1b/CVE-2017-13089

https://github.com/mzeyong/CVE-2017-13089

hackmag@infosec.exchange at 2026-03-01T16:15:37.000Z ##

@oraclejmt you're not wrong - the article is all about CVE-2017-13089 :)

##

CVE-2023-4116
(4.3 MEDIUM)

EPSS: 25.35%

updated 2024-11-21T08:34:25.727000

1 posts

A vulnerability classified as problematic was found in PHP Jabbers Taxi Booking 2.0. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument index leads to cross site scripting. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-235963. NOTE: The vendor was contacted early about this disclosure but

Nuclei template

steelefortress@infosec.exchange at 2026-03-01T12:01:21.000Z ##

This week's biggest security fails include the emergence of Hot Dog Bots that can devour a 12-oz bun in under 8 minutes, but what's less funny is the alarming rate of exploited vulnerabilities like the recently patched CVE-2023-4116 in Windows Server.

Meanwhile,...

Read more: steelefortress.com/o629yr

#CyberDefense #Privacy #Encryption #Cybersecurity #InfoSec

##

CVE-2023-41772
(7.8 HIGH)

EPSS: 19.53%

updated 2024-04-04T08:32:52

1 posts

Win32k Elevation of Privilege Vulnerability

1 repos

https://github.com/R41N3RZUF477/CVE-2023-41772

R41N3RZUF477@infosec.exchange at 2026-03-01T18:13:23.000Z ##

@tiraniddo Finally, the post I waited for. Back in 2023 I searched for a UAC bypass that is compatible with "always notify" and Windows 10 upwards to complete my chain for any Windows UAC bypass. I used your token reading UAC bypass as a base for older Windows systems. Then I just found CVE-2023-41772 by accident. So this route was burned or at least I thought it was. Then I tried to find a UIAccess bypass and it worked again. That was the moment where I knew not auto-elevate but UIAccess is (and will be) the biggest weakness of UAC. Even without GetProcessHandleFromHwnd there are more options like CSRSS activation cache poisoning, COM injection, abusing WER, ...

As far as I have seen the newest version of administrator protection still has at least one bug, that let's you bypass it, but after the chaos of the first "release", I will rather wait for the full release.

Anyway the PPL bypass might be fixed, but I have another PPL bypass that is "fixed" in 24H2 but still works on 25H2 and preview. The bug is simple, but (unique) exploitation is so dumb, I don't know what to say ... 😅

##

CVE-2026-28286
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-02T17:19:27.000Z ##

🟠 CVE-2026-28286 - High (8.5)

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application enforces restrictions in the frontend/UI to prevent users from creating files or folders in internal OS paths. H...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T17:19:27.000Z ##

🟠 CVE-2026-28286 - High (8.5)

ZimaOS is a fork of CasaOS, an operating system for Zima devices and x86-64 systems with UEFI. In version 1.5.2-beta3, the application enforces restrictions in the frontend/UI to prevent users from creating files or folders in internal OS paths. H...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-50187
(0 None)

EPSS: 0.00%

4 posts

N/A

thehackerwire@mastodon.social at 2026-03-02T16:29:50.000Z ##

🔴 CVE-2025-50187 - Critical (9.8)

Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in version 1.11.28.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T16:00:20.000Z ##

🔴 CVE-2025-50187 - Critical (9.8)

Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in version 1.11.28.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T16:29:50.000Z ##

🔴 CVE-2025-50187 - Critical (9.8)

Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in version 1.11.28.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T16:00:20.000Z ##

🔴 CVE-2025-50187 - Critical (9.8)

Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in version 1.11.28.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-68615
(0 None)

EPSS: 0.05%

2 posts

N/A

1 repos

https://github.com/yt2w/CVE-2025-68615

beyondmachines1 at 2026-03-02T16:01:10.931Z ##

IBM Patches Critical Remote Code Execution Flaws in QRadar SIEM

IBM patched 11 vulnerabilities in QRadar SIEM 7.5.0, including a critical net-snmp flaw (CVE-2025-68615) that allows unauthenticated remote attackers to crash the system or execute arbitrary code.

**If you are using IBM QRadar 7.5.0 branch, review its exposure to untrusted networks, then plan a patch cycle. It's not urgent especially if your SIEM is properly isolated, but should not be ignored.**

beyondmachines.net/event_detai

##
beyondmachines1@infosec.exchange at 2026-03-02T16:01:10.000Z ##

IBM Patches Critical Remote Code Execution Flaws in QRadar SIEM

IBM patched 11 vulnerabilities in QRadar SIEM 7.5.0, including a critical net-snmp flaw (CVE-2025-68615) that allows unauthenticated remote attackers to crash the system or execute arbitrary code.

**If you are using IBM QRadar 7.5.0 branch, review its exposure to untrusted networks, then plan a patch cycle. It's not urgent especially if your SIEM is properly isolated, but should not be ignored.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2025-52482
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-02T16:00:25.000Z ##

🟠 CVE-2025-52482 - High (8.3)

Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-02T16:00:25.000Z ##

🟠 CVE-2025-52482 - High (8.3)

Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. This issue has ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23627
(0 None)

EPSS: 0.01%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-01T07:59:53.000Z ##

🟠 CVE-2026-23627 - High (8.8)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0, an SQL injection vulnerability in the Immunization module allows any authenticated user to execute arbitrary SQL queri...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25955
(0 None)

EPSS: 0.05%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-01T07:01:33.000Z ##

🔴 CVE-2026-25955 - Critical (9.8)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reuses a cached `XImage` whose `data` pointer references a freed RDPGFX surface buffer, because `gdi_DeleteSurface` frees `su...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25953
(0 None)

EPSS: 0.07%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-01T07:01:14.000Z ##

🔴 CVE-2026-25953 - Critical (9.8)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_AppUpdateWindowFromSurface` reads from a freed `xfAppWindow` because the RDPGFX DVC thread obtains a bare pointer via `xf_rail_get_window` without any li...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25952
(0 None)

EPSS: 0.07%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-01T07:00:09.000Z ##

🔴 CVE-2026-25952 - Critical (9.8)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_SetWindowMinMaxInfo` dereferences a freed `xfAppWindow` pointer because `xf_rail_get_window` in `xf_rail_server_min_max_info` returns an unprotected poin...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25959
(0 None)

EPSS: 0.06%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-01T06:00:13.000Z ##

🔴 CVE-2026-25959 - Critical (9.8)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, `xf_cliprdr_provide_data_` passes freed `pDstData` to `XChangeProperty` because the cliprdr channel thread calls `xf_cliprdr_server_format_data_response` whi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24680
(0 None)

EPSS: 0.02%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-01T05:59:53.000Z ##

🟠 CVE-2026-27950 - High (7.5)

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the fix for the heap-use-after-free described in CVE-2026-24680 is incomplete. While the vulnerable execution flow referenced in the advisory exists in the S...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27633
(0 None)

EPSS: 0.10%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-01T05:01:28.000Z ##

🟠 CVE-2026-27633 - High (7.5)

TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Versions prior to version 2.02 have a Denial of Service (DoS) vulnerability via memory exhaustion. Unauthenticated remote attackers can send an HTTP POST request to the server with...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28215
(0 None)

EPSS: 0.06%

1 posts

N/A

thehackerwire@mastodon.social at 2026-02-28T09:01:10.000Z ##

🔴 CVE-2026-28215 - Critical (9.1)

hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, an unauthenticated attacker can overwrite the entire infrastructure configuration of a self-hosted Hoppscotch instance including OAuth provider credentials and SMTP...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27947
(0 None)

EPSS: 0.30%

1 posts

N/A

offseq@infosec.exchange at 2026-02-28T06:00:27.000Z ##

🚨 CVE-2026-27947 (CRITICAL): Intermesh Group-Office RCE via TNEF attachment processing. Authenticated attackers can inject commands through crafted filenames. Patch to v26.0.9/25.0.87/6.8.154 ASAP! radar.offseq.com/threat/cve-20 #OffSeq #RCE #Vuln #GroupOffice

##

CVE-2026-28272
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-02-28T05:52:05.000Z ##

🟠 CVE-2026-28272 - High (8.1)

Kiteworks is a private data network (PDN). Prior to version 9.2.0, a vulnerability in Kiteworks Email Protection Gateway allows authenticated administrators to inject malicious scripts through a configuration interface. The stored script executes ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28400
(0 None)

EPSS: 0.02%

1 posts

N/A

thehackerwire@mastodon.social at 2026-02-28T05:16:11.000Z ##

🟠 CVE-2026-28400 - High (7.5)

Docker Model Runner (DMR) is software used to manage, run, and deploy AI models using Docker. Versions prior to 1.0.16 expose a POST `/engines/_configure` endpoint that accepts arbitrary runtime flags without authentication. These flags are pass...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28411
(0 None)

EPSS: 0.27%

2 posts

N/A

thehackerwire@mastodon.social at 2026-02-28T05:00:53.000Z ##

🔴 CVE-2026-28411 - Critical (9.8)

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, an unsafe use of the `extract()` function on the `$_REQUEST` superglobal allows an unauthenticated attacker to overwrite local variables in multiple PHP scripts. This vuln...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-02-28T00:00:42.000Z ##

🚨 CVE-2026-28411: CRITICAL auth bypass in LabRedesCefetRJ WeGIA (<3.6.5) via unsafe extract() on $_REQUEST. Full admin compromise risk. Upgrade to 3.6.5+ now! More: radar.offseq.com/threat/cve-20 #OffSeq #Vuln #WebAppSec #PHP

##

CVE-2026-28409
(0 None)

EPSS: 0.21%

2 posts

N/A

thehackerwire@mastodon.social at 2026-02-28T04:26:12.000Z ##

🔴 CVE-2026-28409 - Critical (10)

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, a critical Remote Code Execution (RCE) vulnerability exists in the WeGIA application's database restoration functionality. An attacker with administrative access (which ca...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-02-28T01:30:29.000Z ##

🚨 CVE-2026-28409: WeGIA <3.6.5 has a CRITICAL OS command injection flaw (CVSS 10). RCE possible via crafted backup filenames + admin access (can be gained with auth bypass). Upgrade to 3.6.5 ASAP! radar.offseq.com/threat/cve-20 #OffSeq #infosec #CVE202628409 #RCE

##

CVE-2026-28216
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-02-27T07:21:10.000Z ##

🟠 CVE-2026-28216 - High (8.3)

hoppscotch is an open source API development ecosystem. Prior to version 2026.2.0, any logged-in user can read, modify or delete another user's personal environment by ID. `user-environments.resolver.ts:82-109`, `updateUserEnvironment` mutation us...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28275
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-02-27T07:03:16.000Z ##

🟠 CVE-2026-28275 - High (8.1)

Initiative is a self-hosted project management platform. Versions of the application prior to 0.32.4 do not invalidate previously issued JWT access tokens after a user changes their password. As a result, older tokens remain valid until expiration...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
Visit counter For Websites