## Updated at UTC 2026-07-18T11:45:38.795486

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-47871 8.8 0.00% 2 0 2026-07-18T09:17:08.960000 VMware Avi Load Balancer contains a directory traversal vulnerability. Flaws in
CVE-2026-47869 8.7 0.00% 2 0 2026-07-18T09:17:08.740000 VMware Avi Load Balancer contains a remote code execution vulnerability. A malic
CVE-2026-47868 7.8 0.00% 2 0 2026-07-18T09:17:08.627000 VMware Avi Load Balancer contains a local privilege escalation vulnerability. A
CVE-2026-47867 8.7 0.00% 2 0 2026-07-18T09:17:08.527000 VMware Avi Load Balancer contains a remote code execution vulnerability. A malic
CVE-2026-47866 8.3 0.00% 2 0 2026-07-18T09:17:08.413000 VMware Avi Load Balancer contains an authorization bypass vulnerability. A malic
CVE-2026-47865 9.8 0.00% 4 0 2026-07-18T09:17:08.287000 VMware Avi Load Balancer contains an authentication bypass vulnerability. A mali
CVE-2026-53359 8.8 0.18% 1 8 2026-07-18T08:16:36.620000 In the Linux kernel, the following vulnerability has been resolved: KVM: x86: F
CVE-2026-9734 4.3 0.00% 1 0 2026-07-18T06:32:02 The W3SC Elementor to Zoho CRM plugin for WordPress is vulnerable to Cross-Site
CVE-2026-63030 9.8 0.00% 10 12 template 2026-07-18T05:16:56.167000 WordPress 6.9.x before 6.9.5 and 7.0.x before 7.0.2 is affected by a REST API ba
CVE-2026-60137 5.9 0.00% 6 7 2026-07-18T05:16:54.427000 WordPress 6.8.x before 6.8.6, 6.9.x before 6.9.5, and 7.0.x before 7.0.2 does no
CVE-2026-55445 0 0.40% 1 0 2026-07-18T03:16:37.117000 Qinglong is a timed task management platform supporting Python3, JavaScript, She
CVE-2026-8505 9.8 0.00% 4 0 2026-07-18T00:16:48.433000 IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook
CVE-2026-56740 7.5 0.00% 3 0 2026-07-17T22:17:57.153000 JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, an
CVE-2026-9171 7.5 0.00% 2 0 2026-07-17T21:31:52 IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a
CVE-2026-9135 9.9 0.00% 2 0 2026-07-17T21:31:52 IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 9498
CVE-2026-54498 8.7 0.00% 2 0 2026-07-17T21:17:09.043000 view_component is a framework for building reusable, testable, and encapsulated
CVE-2026-48062 9.8 0.00% 2 0 2026-07-17T21:17:06.787000 CodeIgniter is a PHP full-stack web framework. Prior to 4.7.3, the ext_in upload
CVE-2026-44891 7.5 0.00% 2 0 2026-07-17T21:17:06.250000 Netty is a network application framework for development of protocol servers and
CVE-2026-13446 9.8 0.00% 4 0 2026-07-17T21:17:05.960000 IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a
CVE-2026-13445 8.1 0.00% 2 0 2026-07-17T21:17:05.473000 IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exp
CVE-2026-8635 9.9 0.00% 2 0 2026-07-17T20:17:31.527000 IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate pri
CVE-2026-13448 8.1 0.00% 1 0 2026-07-17T20:17:14.713000 IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated re
CVE-2025-20205 4.8 0.31% 1 0 2026-07-17T20:17:13.067000 Multiple vulnerabilities in the web-based management interface of Cisco Identity
CVE-2026-9103 9.8 0.00% 2 0 2026-07-17T19:17:19.277000 IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unau
CVE-2026-62241 9.1 0.39% 1 0 2026-07-17T19:17:18.647000 clawvet self-hosted API server (apps/api) before 0.7.5 hard-codes a fallback JWT
CVE-2026-44436 7.5 0.28% 1 0 2026-07-17T18:37:25.590000 Quicly is an IETF QUIC protocol implementation intended primarily for use within
CVE-2026-55173 8.1 3.43% 1 0 2026-07-17T18:36:41.143000 WWBN AVideo is an open source video platform. Versions 29.0 and below remain vul
CVE-2026-62232 7.4 0.28% 1 0 2026-07-17T15:44:29.553000 Grav before 2.0.4 contains a two-factor authentication bypass vulnerability in t
CVE-2026-11961 8.1 0.14% 1 0 2026-07-17T15:32:27 The User Registration & Membership WordPress plugin before 5.2.3 does not valid
CVE-2026-59117 7.5 0.45% 1 0 2026-07-17T15:01:06.447000 Integer overflow or wraparound in Windows Terminal allows an unauthorized attack
CVE-2026-15982 9.8 0.29% 2 0 2026-07-17T14:59:38.667000 The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Too
CVE-2026-63305 8.1 1.38% 1 0 2026-07-17T14:17:27.207000 AVideo through 29.0 contains an OS command injection vulnerability in the ffmpeg
CVE-2026-25089 9.8 36.13% 4 2 2026-07-17T05:16:38.687000 A improper neutralization of special elements used in an os command ('os command
CVE-2026-53412 9.8 0.51% 8 0 2026-07-17T00:32:18 Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client fo
CVE-2026-53409 7.8 0.15% 1 0 2026-07-16T21:30:46 Improper Privilege Management in Zoom Rooms for Windows before version 7.1.0 may
CVE-2026-62378 9.0 0.33% 1 0 2026-07-16T20:16:47.430000 RustFS Console is a web management console for the RustFS distributed file syste
CVE-2026-52870 7.6 0.23% 1 0 2026-07-16T19:56:14 ### Summary In affected versions, the default request handlers installed by the
CVE-2026-62312 8.8 0.72% 1 0 2026-07-16T19:16:51.010000 9Router is an AI router & token saver. Prior to 0.5.2, 9Router allows a remote a
CVE-2026-48352 7.5 0.41% 1 0 2026-07-16T19:04:00.603000 CAI Content Credentials is affected by an Improper Input Validation vulnerabilit
CVE-2026-48351 7.5 0.41% 1 0 2026-07-16T19:03:57.483000 CAI Content Credentials is affected by an Improper Input Validation vulnerabilit
CVE-2026-39808 9.8 84.16% 4 6 template 2026-07-16T18:32:24 A improper neutralization of special elements used in an os command ('os command
CVE-2026-58644 9.8 1.47% 8 0 2026-07-16T18:31:26 Deserialization of untrusted data in Microsoft Office SharePoint allows an unaut
CVE-2026-12525 8.8 0.24% 1 0 2026-07-16T18:16:41.633000 The Redux Framework WordPress plugin before 4.5.13 does not restrict which user
CVE-2026-49794 4.6 0.35% 1 0 2026-07-16T15:59:58.327000 Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an un
CVE-2026-46339 10.0 4.57% 1 0 template 2026-07-16T14:16:52.513000 9Router is an AI router & token saver. From 0.4.30 until 0.4.37, 9Router's src/p
CVE-2026-11386 9.0 0.32% 3 0 2026-07-16T14:16:48.040000 An input validation and injection vulnerability exists in Canonical ubuntu-pro-c
CVE-2026-52887 10.0 0.59% 1 0 2026-07-16T13:43:05.487000 NocoBase is an AI-powered no-code/low-code platform for building business applic
CVE-2026-22752 9.6 0.43% 1 0 2026-07-16T12:32:28 Authentication bypass by primary weakness vulnerability in Spring Security Sprin
CVE-2026-15013 9.8 0.30% 1 0 2026-07-16T06:31:33 The SAML Single Sign On – SSO Login plugin for WordPress is vulnerable to Authen
CVE-2026-56687 7.8 0.10% 1 0 2026-07-16T05:16:25.420000 Dell ThinOS 10, versions prior to 2605_10.2100, contain an Obsolete Feature in U
CVE-2026-50130 8.8 0.22% 1 0 2026-07-16T05:16:22.107000 Pi-hole is a DNS sinkhole that protects devices from unwanted content without in
CVE-2026-46817 9.8 1.04% 6 2 2026-07-16T05:16:20.290000 Vulnerability in the Oracle Payments product of Oracle E-Business Suite (compone
CVE-2026-20296 8.3 0.17% 1 0 2026-07-16T05:16:18.873000 In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splu
CVE-2026-15409 10.0 1.27% 12 5 2026-07-16T05:16:18.293000 A Server-side request forgery (SSRF) vulnerability has been identified in the SM
CVE-2026-13385 0 0.10% 1 0 2026-07-16T05:16:17.923000 An Improper Validation of Integrity Check Value and Improper Certificate Validat
CVE-2026-50525 7.5 0.62% 1 0 2026-07-15T23:16:50.270000 Allocation of resources without limits or throttling in .NET allows an unauthori
CVE-2026-50274 7.5 0.00% 2 0 2026-07-15T23:05:20 ### Impact Datadog tracing libraries that implement W3C baggage propagation pars
CVE-2026-50272 7.5 0.00% 2 0 2026-07-15T22:58:53 ### Impact Datadog tracing libraries that implement W3C baggage propagation pars
CVE-2026-50271 7.5 0.00% 2 0 2026-07-15T22:55:25 ### Impact Datadog tracing libraries that implement W3C baggage propagation pars
CVE-2026-15895 7.8 1.24% 1 0 2026-07-15T21:31:26 OS command injection in the npm package loading component in AWS jsii-diff befor
CVE-2026-53517 8.1 0.41% 1 0 2026-07-15T20:54:43.733000 Better Auth is an authentication and authorization library for TypeScript. From
CVE-2026-61835 7.7 0.25% 1 0 2026-07-15T20:49:59.560000 Directus is a real-time API and App dashboard for managing SQL database content.
CVE-2026-50148 10.0 0.44% 1 0 2026-07-15T20:35:56.207000 Metabase is an open-source business intelligence and embedded analytics tool. Fr
CVE-2026-62351 7.5 0.32% 1 0 2026-07-15T20:18:01.667000 TDengine is a time-series database optimized for Internet of Things devices. Pri
CVE-2026-62422 10.0 0.35% 1 0 2026-07-15T20:08:02.787000 In JetBrains YouTrack before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.
CVE-2026-46485 8.2 0.30% 1 0 2026-07-15T19:50:11.367000 Dashy is a self-hostable personal dashboard. Prior to 4.0.8, Dashy deployments u
CVE-2026-56434 6.5 0.39% 1 0 2026-07-15T19:18:04.890000 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssi_module
CVE-2026-20153 7.5 0.25% 1 0 2026-07-15T19:17:00.473000 As part of Cisco's ongoing commitment to proactive security and product quality,
CVE-2023-4346 7.5 0.85% 5 0 2026-07-15T18:32:50 KNX devices that use KNX Connection Authorization and support Option 1 are, depe
CVE-2026-20297 7.2 0.38% 1 0 2026-07-15T18:32:05 In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14,
CVE-2026-58658 8.2 0.39% 1 0 2026-07-15T18:32:05 GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated inf
CVE-2026-62389 7.5 0.45% 1 0 2026-07-15T18:32:05 ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js w
CVE-2026-59258 8.3 0.32% 1 0 2026-07-15T18:32:05 immich before 3.0.3 contains a broken access control vulnerability in the PUT /a
CVE-2026-20298 5.3 0.22% 1 0 2026-07-15T18:32:04 In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splu
CVE-2026-60005 8.2 0.61% 2 0 2026-07-15T18:31:58 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_slice_modu
CVE-2026-20150 8.8 0.22% 1 0 2026-07-15T18:31:58 As part of Cisco's ongoing commitment to proactive security and product quality,
CVE-2026-20146 5.5 0.34% 1 0 2026-07-15T18:31:58 A vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Id
CVE-2026-62685 8.1 0.32% 1 0 2026-07-15T18:15:13.373000 File Browser is a file managing interface for uploading, deleting, previewing, r
CVE-2026-48318 9.9 6.96% 1 0 2026-07-15T17:59:53.417000 ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted D
CVE-2026-15764 7.5 0.27% 1 0 2026-07-15T17:52:02.543000 Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowe
CVE-2026-13585 0 0.11% 1 1 2026-07-15T16:24:31.140000 Allocation of Resources Without Limits and Throttling and Sensitive Information
CVE-2026-42533 8.1 0.83% 2 1 2026-07-15T15:33:14 A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive
CVE-2026-56155 7.8 0.38% 5 0 2026-07-15T14:18:24.010000 Insufficient granularity of access control in Active Directory Federation Servic
CVE-2026-48309 7.8 0.17% 1 0 2026-07-15T13:51:52.543000 Audition is affected by an out-of-bounds write vulnerability that could result i
CVE-2026-9770 None 0.22% 1 0 2026-07-15T03:33:02 Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key st
CVE-2026-48334 9.3 0.43% 1 0 2026-07-15T00:31:51 Illustrator is affected by an Improper Input Validation vulnerability that could
CVE-2026-48336 7.8 0.14% 1 0 2026-07-15T00:31:50 Illustrator is affected by an out-of-bounds write vulnerability that could resul
CVE-2026-48337 7.8 0.14% 1 0 2026-07-15T00:31:43 Illustrator is affected by an out-of-bounds write vulnerability that could resul
CVE-2025-3248 9.8 99.99% 2 28 template 2026-07-14T23:17:27.010000 Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/
CVE-2026-56164 5.3 5.60% 7 1 2026-07-14T21:32:51 Missing authentication for critical function in Microsoft Office SharePoint allo
CVE-2026-48324 9.1 0.66% 1 0 2026-07-14T21:32:33 ColdFusion is affected by an Improper Neutralization of Special Elements used in
CVE-2026-48327 9.0 0.23% 1 0 2026-07-14T21:32:31 ColdFusion is affected by an Incorrect Authorization vulnerability that could re
CVE-2026-15765 7.5 0.27% 1 0 2026-07-14T21:32:28 Use after free in Ozone in Google Chrome prior to 150.0.7871.125 allowed a remot
CVE-2026-15410 7.2 1.49% 8 3 2026-07-14T21:32:21 Post-authentication improper control of generation of code ('Code Injection') vu
CVE-2026-13001 9.8 1.08% 2 2 2026-07-14T21:16:40.860000 The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary fi
CVE-2026-58528 6.8 0.42% 1 0 2026-07-14T20:35:32.720000 Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an un
CVE-2026-50453 6.1 0.37% 1 0 2026-07-14T20:35:12.370000 Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an un
CVE-2026-54052 9.9 0.39% 2 0 2026-07-14T19:07:15 ## Impact In multi-tenant HTTP deployments — where a single n8n-mcp server serv
CVE-2026-55040 9.1 0.67% 1 0 2026-07-14T18:32:38 Weak authentication in Microsoft Office SharePoint allows an unauthorized attack
CVE-2026-50454 7.8 0.40% 1 0 2026-07-14T18:32:32 Relative path traversal in Windows User Interface Core allows an authorized atta
CVE-2026-58635 7.8 0.22% 1 1 2026-07-14T18:32:12 Improper neutralization of special elements used in a command ('command injectio
CVE-2026-50663 8.8 0.65% 3 0 2026-07-14T18:32:06 Relative path traversal in Age of Empires II: Definitive Edition Game allows an
CVE-2026-10577 0 0.25% 1 0 2026-07-14T16:46:49.030000 A security issue exists within the 1715-AENTR EtherNet/IP Adapter. The affected
CVE-2026-53565 None 0.10% 1 0 2026-07-14T15:32:25 Improper Privilege Management vulnerability in Citrix Secure Access Client for W
CVE-2026-53566 None 0.11% 1 0 2026-07-14T15:32:24 Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windo
CVE-2026-15719 5.4 0.13% 1 0 2026-07-14T15:32:24 We are aware that exploit code for this is public however we are not aware of an
CVE-2026-15718 4.3 0.16% 1 0 2026-07-14T15:32:24 We are aware that exploit code for this is public however we are not aware of an
CVE-2026-6875 0 0.51% 3 0 2026-07-14T05:16:19.730000 ServiceNow has addressed a remote code execution vulnerability that was identifi
CVE-2026-15378 9.3 0.42% 1 0 2026-07-14T02:16:54.120000 A flaw was found in the `guardrails-detectors` component. This vulnerability all
CVE-2026-59208 6.8 0.14% 1 0 2026-07-14T01:16:18.827000 n8n is an open source workflow automation platform. Prior to 2.27.4 and from 2.2
CVE-2026-54159 10.0 0.00% 2 0 2026-07-10T20:36:58 ### Impact A PHP Object Injection vulnerability affects the PrestaShop module `
CVE-2026-59792 9.6 0.42% 1 0 2026-07-10T15:31:48 In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path trav
CVE-2026-56688 9.1 1.29% 1 0 2026-07-10T12:31:56 Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutral
CVE-2026-59826 9.1 0.39% 1 0 2026-07-10T05:16:38.427000 Metabase is an open-source business intelligence and embedded analytics tool. Fr
CVE-2026-49485 7.5 0.00% 2 0 2026-07-09T13:43:04 # Summary All implementations of FHIRPathEngine accept arbitrary FHIRPath expres
CVE-2026-43499 7.8 0.12% 4 35 2026-07-08T23:16:54.523000 In the Linux kernel, the following vulnerability has been resolved: rtmutex: Us
CVE-2026-49445 9.2 0.17% 1 0 2026-07-06T17:03:21 ### Impact When Cilium L7 functionality is enabled on a cluster, the Envoy inst
CVE-2026-45659 8.8 3.22% 4 1 2026-07-01T21:35:53 Deserialization of untrusted data in Microsoft Office SharePoint allows an autho
CVE-2026-9798 4.3 0.21% 1 0 2026-07-01T21:26:23 A flaw was found in Keycloak, an open-source identity and access management solu
CVE-2026-54458 9.6 0.30% 2 0 2026-06-22T14:36:04 # Unauthenticated Stored DOM XSS via `page_title` Broadcast in AVideo YPTSocket
CVE-2026-43088 5.5 0.12% 2 0 2026-06-19T13:16:28.160000 In the Linux kernel, the following vulnerability has been resolved: net: af_key
CVE-2026-55518 9.6 0.00% 3 0 2026-06-17T18:49:13 ## Summary A critical missing authorization flaw exists in Avo's association at
CVE-2026-46669 7.5 0.23% 1 0 2026-06-17T10:53:49.683000 OpenVM is a performant and modular zkVM framework built for customization and ex
CVE-2026-3891 9.8 0.84% 1 6 template 2026-06-17T10:44:23.283000 The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file upl
CVE-2026-3300 9.8 40.99% 1 2 template 2026-06-17T10:43:22.287000 The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Executio
CVE-2026-33482 8.1 2.06% 1 0 2026-06-17T10:37:34.483000 WWBN AVideo is an open source video platform. In versions up to and including 26
CVE-2026-32201 6.5 22.81% 4 1 2026-06-17T10:35:20.103000 Improper input validation in Microsoft Office SharePoint allows an unauthorized
CVE-2026-2701 9.1 48.81% 1 0 2026-06-17T10:31:33.987000 Authenticated user can upload a malicious file to the server and execute it, whi
CVE-2026-23744 9.8 43.67% 1 37 template 2026-06-17T10:22:02.160000 MCPJam inspector is the local-first development platform for MCP servers. Versio
CVE-2026-1541 4.3 0.27% 1 2 2026-06-17T10:16:02.020000 The Avada (Fusion) Builder plugin for WordPress is vulnerable to Sensitive Infor
CVE-2015-0004 0 3.55% 1 0 2026-06-17T00:19:24.390000 The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Win
CVE-2026-44182 None 0.35% 1 0 2026-06-03T21:37:18 ### Summary The environment variables used during the rendering of the Kubernet
CVE-2026-44023 8.6 0.29% 1 0 2026-06-03T21:16:26 ### Impact In versions `>= 1.5.0, < 2.74.1`, `docling-core` did not sufficiently
CVE-2026-45363 7.4 0.24% 1 0 2026-06-02T22:12:51 `JWT.decode(token, '', true, algorithm: 'HS256')` accepts an attacker-forged tok
CVE-2026-3220 8.8 0.32% 1 4 2026-05-18T15:30:37 The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin
CVE-2025-40949 9.1 0.54% 2 0 2026-05-12T12:32:14 A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.1
CVE-2026-38526 9.9 2.76% 1 8 2026-04-14T18:30:41 An authenticated arbitrary file upload vulnerability in the /admin/tinymce/uploa
CVE-2026-2699 9.8 49.42% 1 2 template 2026-04-02T15:31:40 Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthentica
CVE-2025-26529 8.3 0.48% 1 2 2025-02-24T22:02:54 Description information displayed in the site administration live log required a
CVE-2025-20204 4.8 0.31% 1 0 2025-02-05T18:34:46 A vulnerability in the web-based management interface of Cisco Identity Services
CVE-2026-56741 0 0.00% 2 0 N/A
CVE-2026-54523 0 0.00% 3 0 N/A
CVE-2026-39359 0 0.24% 1 0 N/A
CVE-2026-15899 0 0.00% 1 0 N/A
CVE-2026-14266 0 0.00% 1 1 N/A
CVE-2026-62314 0 0.27% 1 0 N/A
CVE-2026-59827 0 0.46% 1 1 N/A
CVE-2026-55234 0 0.24% 1 0 N/A
CVE-2026-55652 0 0.36% 1 0 N/A
CVE-2026-62349 0 0.40% 1 0 N/A
CVE-2026-62948 0 0.31% 1 0 N/A
CVE-2026-50147 0 0.20% 1 0 N/A
CVE-2026-55242 0 0.14% 1 0 N/A
CVE-2026-61836 0 0.28% 1 0 N/A
CVE-2026-61736 0 0.30% 1 0 N/A
CVE-2026-52886 0 0.00% 1 0 N/A
CVE-2026-57233 0 0.00% 1 0 N/A
CVE-2026-54758 0 0.00% 1 0 N/A
CVE-2026-54572 0 0.40% 1 0 N/A
CVE-2026-59733 0 0.55% 1 0 N/A
CVE-2026-50649 0 0.94% 1 0 N/A
CVE-2026-20896 0 0.78% 1 4 N/A

CVE-2026-47871
(8.8 HIGH)

EPSS: 0.00%

updated 2026-07-18T09:17:08.960000

2 posts

VMware Avi Load Balancer contains a directory traversal vulnerability. Flaws in file path validation allow malicious, authenticated network users to perform directory traversal attacks. Affected versions: 32.1.1 (fixed in 32.1.2) 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3) 30.1.1 through 30.2.6 (fixed in 30.2.7) 22.1.1 through 22.1.7 (fixed in 30.2.7)

thehackerwire@mastodon.social at 2026-07-18T10:01:16.000Z ##

🟠 CVE-2026-47871 - High (8.8)

VMware Avi Load Balancer contains a directory traversal vulnerability. Flaws in file path validation allow malicious, authenticated network users to perform directory traversal attacks.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 3...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T10:01:16.000Z ##

🟠 CVE-2026-47871 - High (8.8)

VMware Avi Load Balancer contains a directory traversal vulnerability. Flaws in file path validation allow malicious, authenticated network users to perform directory traversal attacks.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 3...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-47869
(8.7 HIGH)

EPSS: 0.00%

updated 2026-07-18T09:17:08.740000

2 posts

VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious authenticated user with network access may be able to inject and execute code. Affected versions: 32.1.1 (fixed in 32.1.2) 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3) 30.1.1 through 30.2.6 (fixed in 30.2.7) 22.1.1 through 22.1.7 (fixed in 30.2.7)

thehackerwire@mastodon.social at 2026-07-18T10:01:06.000Z ##

🟠 CVE-2026-47869 - High (8.7)

VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious authenticated user with network access may be able to inject and execute code.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2 (fixed in 31.2.2...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T10:01:06.000Z ##

🟠 CVE-2026-47869 - High (8.7)

VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious authenticated user with network access may be able to inject and execute code.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2 (fixed in 31.2.2...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-47868
(7.8 HIGH)

EPSS: 0.00%

updated 2026-07-18T09:17:08.627000

2 posts

VMware Avi Load Balancer contains a local privilege escalation vulnerability. A malicious user with local access may be able to escalate their privileges to run code as root. Affected versions: 32.1.1 (fixed in 32.1.2) 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3) 30.1.1 through 30.2.6 (fixed in 30.2.7) 22.1.1 through 22.1.7 (fixed in 30.2.7)

thehackerwire@mastodon.social at 2026-07-18T10:00:55.000Z ##

🟠 CVE-2026-47868 - High (7.8)

VMware Avi Load Balancer contains a local privilege escalation vulnerability. A malicious user with local access may be able to escalate their privileges to run code as root.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2 (fixe...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T10:00:55.000Z ##

🟠 CVE-2026-47868 - High (7.8)

VMware Avi Load Balancer contains a local privilege escalation vulnerability. A malicious user with local access may be able to escalate their privileges to run code as root.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2 (fixe...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-47867
(8.7 HIGH)

EPSS: 0.00%

updated 2026-07-18T09:17:08.527000

2 posts

VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious user with network access may be able to access the Avi Control plane and execute code remotely. Affected versions: 32.1.1 (fixed in 32.1.2) 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3) 30.1.1 through 30.2.6 (fixed in 30.2.7) 22.1.1 through 22.1.7 (fixed in 30.2.7)

thehackerwire@mastodon.social at 2026-07-18T10:00:20.000Z ##

🟠 CVE-2026-47867 - High (8.7)

VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious user with network access may be able to access the Avi Control plane and execute code remotely.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T10:00:20.000Z ##

🟠 CVE-2026-47867 - High (8.7)

VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious user with network access may be able to access the Avi Control plane and execute code remotely.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-47866
(8.3 HIGH)

EPSS: 0.00%

updated 2026-07-18T09:17:08.413000

2 posts

VMware Avi Load Balancer contains an authorization bypass vulnerability. A malicious actor on the network can access a limited subset of the Avi Control Plane without proper authorization. Affected versions: 32.1.1 (fixed in 32.1.2) 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3) 30.1.1 through 30.2.6 (fixed in 30.2.7) 22.1.1 through 22.1.7 (fixed in 30.2.7)

thehackerwire@mastodon.social at 2026-07-18T10:00:10.000Z ##

🟠 CVE-2026-47866 - High (8.3)

VMware Avi Load Balancer contains an authorization bypass vulnerability. A malicious actor on the network can access a limited subset of the Avi Control Plane without proper authorization.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 throug...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T10:00:10.000Z ##

🟠 CVE-2026-47866 - High (8.3)

VMware Avi Load Balancer contains an authorization bypass vulnerability. A malicious actor on the network can access a limited subset of the Avi Control Plane without proper authorization.

Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 throug...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-47865
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-07-18T09:17:08.287000

4 posts

VMware Avi Load Balancer contains an authentication bypass vulnerability. A malicious user with network access may be able to access the Avi Control plane by bypassing the authentication mechanism. Affected versions: 31.1.1 through 31.2.2 (fixed in 31.2.2-2p3) 30.1.1 through 30.2.6 (fixed in 30.2.7) 22.1.1 through 22.1.7 (fixed in 30.2.7)

thehackerwire@mastodon.social at 2026-07-18T10:00:01.000Z ##

🔴 CVE-2026-47865 - Critical (9.8)

VMware Avi Load Balancer contains an authentication bypass vulnerability. A malicious user with network access may be able to access the Avi Control plane by bypassing the authentication mechanism.

Affected versions:
31.1.1 through 31.2.2 (fixed ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T10:00:01.000Z ##

🔴 CVE-2026-47865 - Critical (9.8)

VMware Avi Load Balancer contains an authentication bypass vulnerability. A malicious user with network access may be able to access the Avi Control plane by bypassing the authentication mechanism.

Affected versions:
31.1.1 through 31.2.2 (fixed ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

beyondmachines1@infosec.exchange at 2026-07-15T11:01:29.000Z ##

Broadcom Patches Seven Critical and High-Severity Flaws in VMware Avi Load Balancer

Broadcom patched seven vulnerabilities in VMware Avi Load Balancer, including a critical authentication bypass (CVE-2026-47865) that allows unauthenticated network attackers to take over the control plane. The updates also fix flaws enabling remote code execution, privilege escalation, and directory traversal across multiple software versions.

**If you use VMware Avi Load Balancer, make sure its management interface is isolated from the internet and reachable only from trusted admin networks. A flaw lets attackers take it over without any password. Then update ASAP to the patched versions (32.1.2, 31.2.2-2p3, or 30.2.7).**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

security_crawler_carl@infosec.exchange at 2026-07-14T22:57:26.000Z ##

Broadcom patched seven severe flaws including CVE-2026-47865, a CVSS 9.8 authentication bypass letting any network-adjacent attacker waltz straight into your Avi control plane without credentials — think of it as the cursed skeleton key from Oblivion, except real and in your infrastructure.

Also afflicted: remote code execution, privilege escalation, and directory traversal bugs. (2/3)

##

CVE-2026-53359
(8.8 HIGH)

EPSS: 0.18%

updated 2026-07-18T08:16:36.620000

1 posts

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad ("KVM: x86: Fix shadow paging use-after-free due to unexpected GFN") fixed a shadow paging mismatch between stored and computed GFNs; the bug could be triggered by changing a PDE mapping from outside the guest, and then deleting a memslot. Th

8 repos

https://github.com/ndouglas-cloudsmith/CVE-2026-53359

https://github.com/x024n/kvm-kernelcare-januscape

https://github.com/0xBlackash/CVE-2026-53359

https://github.com/chuzhongyun/CVE-2026-53359-Kernel-Fix

https://github.com/x024n/almalinux-januscape-mitigation

https://github.com/Aoripus-LTD/Januscape-Hotfix

https://github.com/HORKimhab/CVE-2026-53359

https://github.com/xj2268-TA/KVM-Januscape

sigint@fosstodon.org at 2026-07-18T00:30:11.000Z ##

🐧 SIGINT // Linux Watch — 2026-07-18

A KVM bug that matters if you run nested virtualization anywhere near Ubuntu hosts. Check your patch levels before someone else checks them for you.

🔗 quasa.io/media/januscape-cve-2

#Linux #OpenSource #FOSS

##

CVE-2026-9734
(4.3 MEDIUM)

EPSS: 0.00%

updated 2026-07-18T06:32:02

1 posts

The W3SC Elementor to Zoho CRM plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.0. This is due to missing or incorrect nonce validation on the storeInfo function. This makes it possible for unauthenticated attackers to modify the plugin's Zoho CRM integration settings, replacing the configured data center, client ID, client secret, and user

hugovalters@mastodon.social at 2026-07-18T06:51:26.000Z ##

From now on all #CVe #CVEAlert additional to #yara #Sigma and #Suricate rules will have #Splunk #Wazuh rules all for FREE no tracking no registration, no payments! #cybersecurity #devsecops #devops #infosec #redteam #blueteam #github #gitlab #git #developers #developer info source and follow for more updates as there will be more EX: valtersit.com/cve/CVE-2026-973

##

CVE-2026-63030
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-07-18T05:16:56.167000

10 posts

WordPress 6.9.x before 6.9.5 and 7.0.x before 7.0.2 is affected by a REST API batch endpoint route confusion issue which, combined with the author__not_in WP_Query SQL Injection (CVE-2026-60137), could allow an attacker to perform SQL Injection and achieve Remote Code Execution.

Nuclei template

12 repos

https://github.com/tcyph3r/wp2shell-cve-2026-63030-root-cause

https://github.com/zeroc00I/CVE-2026-63030

https://github.com/ekomsSavior/wp2shell

https://github.com/Lutfifakee-Project/wp2shell

https://github.com/kulichr/wp2shell

https://github.com/47Cid/wp2shell-lab

https://github.com/Senanfurkan/wordpress-cve-2026-63030

https://github.com/attackercan/wp2shell-poc2

https://github.com/dinosn/wp2shell-lab

https://github.com/CybersecSpirit/CVE-2026-63030

https://github.com/ZephrFish/wp2shell-scanner

https://github.com/NULL200OK/WP2Shell

obivan at 2026-07-18T10:46:00.746Z ##

wp2shell (CVE-2026-63030 + CVE-2026-60137): Independent Root Cause Analysis github.com/tcyph3r/wp2shell-cv

##

Matchbook3469@mastodon.social at 2026-07-18T08:23:41.000Z ##

🔴 New security advisory:

CVE-2026-63030 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #VulnerabilityManagement #CyberSec

##

sayzard@mastodon.sayzard.org at 2026-07-18T02:45:49.000Z ##

Two critical SQLi vulnerabilities in WordPress

WordPress 7.0.2는 치명적 SQL 인젝션 취약점 1건과 고위험 보안 이슈 1건을 수정하는 긴급 보안 릴리스다. CVE-2026-60137은 촉진된 SQL 인젝션 문제이며, CVE-2026-63030은 REST API 배치 라우트 혼동을 악용한 SQL 인젝션으로 원격 코드 실행(RCE)까지 이어질 수 있다. 영향을 받는 6.9 계열은 6.9.5, 6.8 계열은 6.8.6으로 업데이트해야 하며, 7.1 beta도 beta2에서 수정됐다. WordPress 운영 환경이나 해당 CMS를 통한 AI 서비스·콘텐츠 파이프라인을 운영한다면 강제 자동 업데이트 여부를 확인하고 즉시 패치 및 노...

wordpress.org/news/2026/07/wor

##

DailyCyberSecurity at 2026-07-18T01:56:15.162Z ##

WordPress pre-auth RCE CVE-2026-63030 chains a REST batch bug with SQL injection. Details and a public PoC are out. Update to WordPress 7.0.2 now.

securityonline.info/wordpress-

##

DarkWebInformer at 2026-07-17T22:53:05.345Z ##

‼️🚨 CVE-2026-63030 // wp2shell-poc: Proof-of-concept for an unauthenticated SQL injection in WordPress core that chains to remote code execution, via REST batch route confusion.

PoC: github.com/Icex0/wp2shell-poc

##

christopherkunz@chaos.social at 2026-07-17T21:19:55.000Z ##

@shellsharks New fodder for vulnerability.garden: wp2shell is CVE-2026-63030 / github.com/WordPress/wordpress

##

obivan@infosec.exchange at 2026-07-18T10:46:00.000Z ##

wp2shell (CVE-2026-63030 + CVE-2026-60137): Independent Root Cause Analysis github.com/tcyph3r/wp2shell-cv

##

DailyCyberSecurity@infosec.exchange at 2026-07-18T01:56:15.000Z ##

WordPress pre-auth RCE CVE-2026-63030 chains a REST batch bug with SQL injection. Details and a public PoC are out. Update to WordPress 7.0.2 now.

#WordPress #PreAuthRCE #CVE202663030 #SQLInjection #wp2shell #WebSecurity #InfoSec

securityonline.info/wordpress-

##

DarkWebInformer@infosec.exchange at 2026-07-17T22:53:05.000Z ##

‼️🚨 CVE-2026-63030 // wp2shell-poc: Proof-of-concept for an unauthenticated SQL injection in WordPress core that chains to remote code execution, via REST batch route confusion.

PoC: github.com/Icex0/wp2shell-poc

##

christopherkunz@chaos.social at 2026-07-17T21:19:55.000Z ##

@shellsharks New fodder for vulnerability.garden: wp2shell is CVE-2026-63030 / github.com/WordPress/wordpress

##

CVE-2026-60137
(5.9 MEDIUM)

EPSS: 0.00%

updated 2026-07-18T05:16:54.427000

6 posts

WordPress 6.8.x before 6.8.6, 6.9.x before 6.9.5, and 7.0.x before 7.0.2 does not properly sanitise the author__not_in parameter of WP_Query, which could allow SQL Injection when a plugin or theme passes untrusted input to the parameter.

7 repos

https://github.com/ekomsSavior/wp2shell

https://github.com/kulichr/wp2shell

https://github.com/47Cid/wp2shell-lab

https://github.com/Senanfurkan/wordpress-cve-2026-63030

https://github.com/dinosn/wp2shell-lab

https://github.com/ZephrFish/wp2shell-scanner

https://github.com/NULL200OK/WP2Shell

obivan at 2026-07-18T10:46:00.746Z ##

wp2shell (CVE-2026-63030 + CVE-2026-60137): Independent Root Cause Analysis github.com/tcyph3r/wp2shell-cv

##

ottoto2017@prattohome.com at 2026-07-18T05:33:26.000Z ##

「WordPressコアに新たなwp2shellの脆弱性が発見され、認証されていない攻撃者がコードを実行できるようになった。 」: #TheHackerNews

「匿名HTTPリクエストによって、WordPressサイト上でコードを実行できる脆弱性が発見されました。このバグはコア部分に存在するため、プラグインを一切インストールしていない状態でも悪用可能です。WordPressが6.9.5と7.0.2をリリースし、自動更新システムによる強制更新機能を有効にした金曜日までは、6.9および7.0バージョンのすべてのサイトが影響を受けていました。

wp2shell は1つのバグではなく、2つのバグから成り立っており、どちらにもCVE IDが付与されています。CVE -2026-63030 はREST APIのバッチルーティングの混同に関する脆弱性、 CVE-2026-60137 はWordPressコアにおけるSQLインジェクションの脆弱性です。 」

thehackernews.com/2026/07/new-

#prattohome

##

sayzard@mastodon.sayzard.org at 2026-07-18T02:45:49.000Z ##

Two critical SQLi vulnerabilities in WordPress

WordPress 7.0.2는 치명적 SQL 인젝션 취약점 1건과 고위험 보안 이슈 1건을 수정하는 긴급 보안 릴리스다. CVE-2026-60137은 촉진된 SQL 인젝션 문제이며, CVE-2026-63030은 REST API 배치 라우트 혼동을 악용한 SQL 인젝션으로 원격 코드 실행(RCE)까지 이어질 수 있다. 영향을 받는 6.9 계열은 6.9.5, 6.8 계열은 6.8.6으로 업데이트해야 하며, 7.1 beta도 beta2에서 수정됐다. WordPress 운영 환경이나 해당 CMS를 통한 AI 서비스·콘텐츠 파이프라인을 운영한다면 강제 자동 업데이트 여부를 확인하고 즉시 패치 및 노...

wordpress.org/news/2026/07/wor

##

EUVD_Bot@mastodon.social at 2026-07-17T21:00:26.000Z ##

🚨 EUVD-2026-45280

📊 Score: n/a
📦 Product: WordPress, WordPress
🏢 Vendor: WordPress
📅 Updated: 2026-07-17

📝 WordPress 6.9.x before 6.9.5 and 7.0.x before 7.0.2 is affected by a REST API batch endpoint route confusion issue which, combined with the author__not_in WP_Query SQL Injection (CVE-2026-60137), could allow an attacker to perform SQL Injection and achieve R...

🔗 euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##

obivan@infosec.exchange at 2026-07-18T10:46:00.000Z ##

wp2shell (CVE-2026-63030 + CVE-2026-60137): Independent Root Cause Analysis github.com/tcyph3r/wp2shell-cv

##

ottoto2017@prattohome.com at 2026-07-18T05:33:26.000Z ##

「WordPressコアに新たなwp2shellの脆弱性が発見され、認証されていない攻撃者がコードを実行できるようになった。 」: #TheHackerNews

「匿名HTTPリクエストによって、WordPressサイト上でコードを実行できる脆弱性が発見されました。このバグはコア部分に存在するため、プラグインを一切インストールしていない状態でも悪用可能です。WordPressが6.9.5と7.0.2をリリースし、自動更新システムによる強制更新機能を有効にした金曜日までは、6.9および7.0バージョンのすべてのサイトが影響を受けていました。

wp2shell は1つのバグではなく、2つのバグから成り立っており、どちらにもCVE IDが付与されています。CVE -2026-63030 はREST APIのバッチルーティングの混同に関する脆弱性、 CVE-2026-60137 はWordPressコアにおけるSQLインジェクションの脆弱性です。 」

thehackernews.com/2026/07/new-

#prattohome

##

CVE-2026-55445
(0 None)

EPSS: 0.40%

updated 2026-07-18T03:16:37.117000

1 posts

Qinglong is a timed task management platform supporting Python3, JavaScript, Shell, and Typescript. Prior to 2.20.1, the init guard middleware in back/loaders/express.ts checks /api/user/init but not /open/user/init, while rewrite('/open/*', '/api/$1') rewrites the whitelisted /open/* path after JWT authentication and the guard have passed; an unauthenticated attacker can send PUT /open/user/init

offseq@infosec.exchange at 2026-07-16T01:30:25.000Z ##

CVE-2026-55445: Qinglong <2.20.1 has a CRITICAL improper authentication bug (CVSS 9.3). Attackers can reset admin credentials on initialized systems via /open/user/init. Upgrade to 2.20.1 ASAP. radar.offseq.com/threat/cve-20 #OffSeq #CVE202655445 #Vuln #Qinglong

##

CVE-2026-8505
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-07-18T00:16:48.433000

4 posts

IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication logic allows unauthenticated users to trigger the execution of any flow. The system incorrectly bypasses API key validation when the WEBHOOK_AUTH_ENABLE configuration is set to False (which is the default setting). This allows a remote attacker who knows a flow's UUID to execute it as if they were the ow

thehackerwire@mastodon.social at 2026-07-18T11:00:27.000Z ##

🔴 CVE-2026-8505 - Critical (9.8)

IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication logic allows unauthenticated users to trigger the execution of any flow. The system incorrectly bypasses API key validation when the WEBHOOK_AUTH_ENABLE...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-07-18T10:30:27.022Z ##

CRITICAL (CVSS 9.8): CVE-2026-8505 in IBM Langflow OSS 1.0.0 – 1.10.0 enables unauthenticated RCE via default webhook auth config. Set WEBHOOK_AUTH_ENABLE=True to mitigate until official fix. Details: radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-07-18T11:00:27.000Z ##

🔴 CVE-2026-8505 - Critical (9.8)

IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication logic allows unauthenticated users to trigger the execution of any flow. The system incorrectly bypasses API key validation when the WEBHOOK_AUTH_ENABLE...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-07-18T10:30:27.000Z ##

CRITICAL (CVSS 9.8): CVE-2026-8505 in IBM Langflow OSS 1.0.0 – 1.10.0 enables unauthenticated RCE via default webhook auth config. Set WEBHOOK_AUTH_ENABLE=True to mitigate until official fix. Details: radar.offseq.com/threat/cve-20 #OffSeq #CVE20268505 #RCE #IBM

##

CVE-2026-56740
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-17T22:17:57.153000

3 posts

JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not limit the number of environment variables a client may inject via the Telnet NEW-ENVIRON option, and TelnetIO.readNEVariables() in TelnetIO.java:1127-1180 stores each variable pair in a HashMap held by ConnectionData, allowing an unauthenticated attacker t

hugovalters@mastodon.social at 2026-07-18T09:09:28.000Z ##

CVE-2026-56740 - DoS in JLine Telnet server. Unauthenticated attackers can flood env variables to exhaust JVM heap memory. CVSS 7.5. No patch yet - disable telnet module if possible. #CVE #infosec #Java

valtersit.com/cve/CVE-2026-567

##

thehackerwire@mastodon.social at 2026-07-18T05:00:10.000Z ##

🟠 CVE-2026-56740 - High (7.5)

JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not limit the number of environment variables a client may inject via the Telnet NEW-ENVIRON option, and Te...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T05:00:10.000Z ##

🟠 CVE-2026-56740 - High (7.5)

JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not limit the number of environment variables a client may inject via the Telnet NEW-ENVIRON option, and Te...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9171
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-17T21:31:52

2 posts

IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.

thehackerwire@mastodon.social at 2026-07-17T20:00:35.000Z ##

🟠 CVE-2026-9171 - High (7.5)

IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-17T20:00:35.000Z ##

🟠 CVE-2026-9171 - High (7.5)

IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9135
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-07-17T21:31:52

2 posts

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component's ToolGuard integration that bypasses the allow_custom_components=false security control. The vulnerability exists because the validation mechanism only checks the main component source code in node_template["code"]["

thehackerwire@mastodon.social at 2026-07-17T20:00:24.000Z ##

🔴 CVE-2026-9135 - Critical (9.9)

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component's ToolGuard integration that bypasses the allow_custom_component...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-17T20:00:24.000Z ##

🔴 CVE-2026-9135 - Critical (9.9)

IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component's ToolGuard integration that bypasses the allow_custom_component...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-54498
(8.7 HIGH)

EPSS: 0.00%

updated 2026-07-17T21:17:09.043000

2 posts

view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 4.0.0 until 4.12.0, ViewComponent::Base#around_render can return HTML-unsafe strings that bypass the escaping behavior applied to normal #call return values. This creates an XSS risk when downstream applications use around_render to wrap, replace, instrument, or conditionally retu

thehackerwire@mastodon.social at 2026-07-17T22:00:10.000Z ##

🟠 CVE-2026-54498 - High (8.7)

view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 4.0.0 until 4.12.0, ViewComponent::Base#around_render can return HTML-unsafe strings that bypass the escaping behavior applied t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-17T22:00:10.000Z ##

🟠 CVE-2026-54498 - High (8.7)

view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 4.0.0 until 4.12.0, ViewComponent::Base#around_render can return HTML-unsafe strings that bypass the escaping behavior applied t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48062
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-07-17T21:17:06.787000

2 posts

CodeIgniter is a PHP full-stack web framework. Prior to 4.7.3, the ext_in upload validation rule in system/Validation/StrictRules/FileRules.php checked the MIME-derived guessed extension instead of the client-provided filename extension. As a result, an uploaded file named shell.php containing GIF-like content could pass validation such as uploaded[avatar]|is_image[avatar]|mime_in[avatar,image/gif

thehackerwire@mastodon.social at 2026-07-18T09:00:20.000Z ##

🔴 CVE-2026-48062 - Critical (9.8)

CodeIgniter is a PHP full-stack web framework. Prior to 4.7.3, the ext_in upload validation rule in system/Validation/StrictRules/FileRules.php checked the MIME-derived guessed extension instead of the client-provided filename extension. As a resu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T09:00:20.000Z ##

🔴 CVE-2026-48062 - Critical (9.8)

CodeIgniter is a PHP full-stack web framework. Prior to 4.7.3, the ext_in upload validation rule in system/Validation/StrictRules/FileRules.php checked the MIME-derived guessed extension instead of the client-provided filename extension. As a resu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44891
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-17T21:17:06.250000

2 posts

Netty is a network application framework for development of protocol servers and clients. Prior to 4.1.136.Final and 4.2.16.Final, io.netty.handler.codec.stomp.StompSubframeDecoder fails to limit the total number of headers or their cumulative size per frame, and the maxLineLength parameter only restricts individual header lines. An attacker can send a large number of short headers that are accumu

thehackerwire@mastodon.social at 2026-07-18T09:00:09.000Z ##

🟠 CVE-2026-44891 - High (7.5)

Netty is a network application framework for development of protocol servers and clients. Prior to 4.1.136.Final and 4.2.16.Final, io.netty.handler.codec.stomp.StompSubframeDecoder fails to limit the total number of headers or their cumulative siz...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T09:00:09.000Z ##

🟠 CVE-2026-44891 - High (7.5)

Netty is a network application framework for development of protocol servers and clients. Prior to 4.1.136.Final and 4.2.16.Final, io.netty.handler.codec.stomp.StompSubframeDecoder fails to limit the total number of headers or their cumulative siz...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-13446
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-07-17T21:17:05.960000

4 posts

IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

thehackerwire@mastodon.social at 2026-07-18T11:00:14.000Z ##

🔴 CVE-2026-13446 - Critical (9.8)

IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-07-18T09:00:36.253Z ##

CVE-2026-13446: IBM Langflow OSS 1.0.0 – 1.10.1 contains hard-coded credentials (CRITICAL, CVSS 9.8). Total system compromise possible. No patch yet — restrict access, monitor activity. More: radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-07-18T11:00:14.000Z ##

🔴 CVE-2026-13446 - Critical (9.8)

IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-07-18T09:00:36.000Z ##

CVE-2026-13446: IBM Langflow OSS 1.0.0 – 1.10.1 contains hard-coded credentials (CRITICAL, CVSS 9.8). Total system compromise possible. No patch yet — restrict access, monitor activity. More: radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Cybersecurity #IBM

##

CVE-2026-13445
(8.1 HIGH)

EPSS: 0.00%

updated 2026-07-17T21:17:05.473000

2 posts

IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user's uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the attacker's workflow reads victim file contents, appends attacker-controlled data, and uploads a copy containing victim data to the attacker's namespace (c

thehackerwire@mastodon.social at 2026-07-18T09:00:32.000Z ##

🟠 CVE-2026-13445 - High (8.1)

IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user's uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T09:00:32.000Z ##

🟠 CVE-2026-13445 - High (8.1)

IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user's uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8635
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-07-17T20:17:31.527000

2 posts

IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.

thehackerwire@mastodon.social at 2026-07-18T11:00:39.000Z ##

🔴 CVE-2026-8635 - Critical (9.9)

IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T11:00:39.000Z ##

🔴 CVE-2026-8635 - Critical (9.9)

IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-13448
(8.1 HIGH)

EPSS: 0.00%

updated 2026-07-17T20:17:14.713000

1 posts

IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated remote code execution vulnerability in the public flow build endpoint ( /api/v1/build_public_tmp/{flow_id}/flow ). The vulnerability stems from an incomplete denylist in the validate_public_flow_no_code_execution() function that fails to block several code-execution agent components including OpenDsStarAgent, CodeActAgen

hugovalters@mastodon.social at 2026-07-18T05:13:42.000Z ##

CVE-2026-13448 - Unauthenticated RCE in IBM Langflow OSS 1.0.0-1.10.1. Incomplete denylist allows code execution via build endpoint. CVSS 8.1. No patch available. Disable or restrict access immediately. #CVE #IBM #infosec

valtersit.com/cve/CVE-2026-134

##

CVE-2025-20205
(4.8 MEDIUM)

EPSS: 0.31%

updated 2026-07-17T20:17:13.067000

1 posts

Multiple vulnerabilities in the web-based management interface of Cisco Identity Services Engine (ISE) guest portals could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.&nbsp; These vulnerabilities are due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attac

AAKL@infosec.exchange at 2026-07-17T15:51:07.000Z ##

Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th support.broadcom.com/web/ecx/s

Cisco:

Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi @TalosSecurity

And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:

CISA:

CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

And a Microsoft vulnerability:

CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability cve.org/CVERecord?id=CVE-2026- #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom

##

CVE-2026-9103
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-07-17T19:17:19.277000

2 posts

IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authentication when the AUTO_LOGIN configuration is enabled (enabled by default), which may allow an unauthenticated network attacker to obtain full administr

thehackerwire@mastodon.social at 2026-07-17T20:00:13.000Z ##

🔴 CVE-2026-9103 - Critical (9.8)

IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authe...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-17T20:00:13.000Z ##

🔴 CVE-2026-9103 - Critical (9.8)

IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authe...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-62241
(9.1 CRITICAL)

EPSS: 0.39%

updated 2026-07-17T19:17:18.647000

1 posts

clawvet self-hosted API server (apps/api) before 0.7.5 hard-codes a fallback JWT secret ('clawvet-dev-secret-change-me') in auth.ts and ships it as the default in .env.example. Because GET /api/v1/scans returns scan records containing userId values without authentication, a remote unauthenticated attacker can harvest a victim's userId, forge a valid HS256 cg_session cookie offline using the known

offseq@infosec.exchange at 2026-07-17T01:30:25.000Z ##

MohibShaikh clawvet API server <0.7.5 (CVE-2026-62241) suffers a CRITICAL flaw: hard-coded JWT secret enables unauthenticated user data access and session cookie forgery. Change secrets & limit endpoint access. radar.offseq.com/threat/cve-20 #OffSeq #CVE202662241 #vuln

##

CVE-2026-44436
(7.5 HIGH)

EPSS: 0.28%

updated 2026-07-17T18:37:25.590000

1 posts

Quicly is an IETF QUIC protocol implementation intended primarily for use within the H2O HTTP server. Prior to commit 8b178e6, Quicly is vulnerable to a Denial of Service attack through connection state corruption. In QUIC Invariants, the maximum length of a Connection ID is 255 bytes, while QUIC version 1 further restricts the maximum to 20 bytes. Quicly implements QUIC version 1 and therefore it

hugovalters@mastodon.social at 2026-07-17T14:05:09.000Z ##

CVE-2026-44436 - High-severity DoS in Quicly (H2O HTTP server). Connection ID handling flaw can corrupt state. CVSS 7.5. No patch available yet. Monitor for updates. #CVE #infosec #cybersecurity

valtersit.com/cve/CVE-2026-444

##

CVE-2026-55173
(8.1 HIGH)

EPSS: 3.43%

updated 2026-07-17T18:36:41.143000

1 posts

WWBN AVideo is an open source video platform. Versions 29.0 and below remain vulnerable to OS command injection because the fix for CVE-2026-33482 was incomplete and still does not neutralize a single & ( the shell background operator). CVE-2026-33482 reported that sanitizeFFmpegCommand() (plugin/API/standAlone/functions.php) failed to strip $(...) command substitution, allowing OS command injecti

thehackerwire@mastodon.social at 2026-07-16T22:01:24.000Z ##

🟠 CVE-2026-55173 - High (8.1)

WWBN AVideo is an open source video platform. Versions 29.0 and below remain vulnerable to OS command injection because the fix for CVE-2026-33482 was incomplete and still does not neutralize a single & ( the shell background operator). CVE-2026-...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-62232
(7.4 HIGH)

EPSS: 0.28%

updated 2026-07-17T15:44:29.553000

1 posts

Grav before 2.0.4 contains a two-factor authentication bypass vulnerability in the login plugin where the regenerate2FASecret task checks only user existence, not authorization, during the pending TOTP challenge window. Attackers who know the victim's password can call this task without a CSRF nonce to overwrite the 2FA secret with an attacker-chosen value, compute a valid TOTP code, and complete

offseq@infosec.exchange at 2026-07-17T03:00:30.000Z ##

CVE-2026-62232 (CRITICAL): getgrav Grav <2.0.4 has a 2FA bypass flaw — attackers knowing a user's password can overwrite the 2FA secret, reducing protection to password-only. Monitor & restrict access. Patch status pending. radar.offseq.com/threat/cve-20 #OffSeq #CVE202662232 #2FA #infosec

##

CVE-2026-11961
(8.1 HIGH)

EPSS: 0.14%

updated 2026-07-17T15:32:27

1 posts

The User Registration & Membership WordPress plugin before 5.2.3 does not validate that the membership tier submitted during public registration is one of the tiers allowed by the registration form before assigning that tier's associated user role, allowing unauthenticated users to register into an arbitrary published membership tier and obtain its role — up to administrator when such a tier exis

offseq@infosec.exchange at 2026-07-17T09:00:29.000Z ##

CVE-2026-11961 (CRITICAL): User Registration & Membership plugin (pre-5.2.3) allows unauthenticated users to assign arbitrary membership tiers, including admin, during signup. Disable or restrict registration until fixed. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #CVE2026

##

CVE-2026-59117
(7.5 HIGH)

EPSS: 0.45%

updated 2026-07-17T15:01:06.447000

1 posts

Integer overflow or wraparound in Windows Terminal allows an unauthorized attacker to execute code over a network.

hugovalters@mastodon.social at 2026-07-17T17:13:08.000Z ##

CVE-2026-59117 - Integer overflow in Wraparound Windows Terminal enables network-based RCE. CVSS 7.5. No patch available. Monitor systems and restrict network access. #CVE #infosec #cybersecurity

valtersit.com/cve/CVE-2026-591

##

CVE-2026-15982
(9.8 CRITICAL)

EPSS: 0.29%

updated 2026-07-17T14:59:38.667000

2 posts

The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'aiomatic_call_google_ai_function' function. This makes it possible for unauthenticated attackers to leverage the 'aimogen_wp_god_mode' tool to clear funct

thehackerwire@mastodon.social at 2026-07-17T09:59:48.000Z ##

🔴 CVE-2026-15982 - Critical (9.8)

The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-07-17T06:00:27.000Z ##

CVE-2026-15982 | CodeRevolution Aimogen Pro (≤2.8.4) has a CRITICAL privilege escalation flaw — attackers can leverage missing capability checks to create admin accounts. Urgent patching advised. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Vulnerability #Infosec

##

CVE-2026-63305
(8.1 HIGH)

EPSS: 1.38%

updated 2026-07-17T14:17:27.207000

1 posts

AVideo through 29.0 contains an OS command injection vulnerability in the ffmpeg.json.php endpoint where notifyCode and callback parameters are concatenated into a shell command without escaping. Attackers who can craft a valid encrypted payload can inject arbitrary shell metacharacters into these fields to execute OS commands as the web-server user.

offseq@infosec.exchange at 2026-07-16T13:30:27.000Z ##

CRITICAL: CVE-2026-63305 impacts WWBN AVideo ≤29.0. OS command injection in ffmpeg.json.php allows arbitrary command execution as the web-server user. No patch yet — restrict access & monitor logs. Details: radar.offseq.com/threat/cve-20 #OffSeq #Vuln #WWBN #CVE202663305

##

CVE-2026-25089
(9.8 CRITICAL)

EPSS: 36.13%

updated 2026-07-17T05:16:38.687000

4 posts

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP req

2 repos

https://github.com/HORKimhab/CVE-2026-25089

https://github.com/0xBlackash/CVE-2026-25089

AAKL@infosec.exchange at 2026-07-17T15:51:07.000Z ##

Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th support.broadcom.com/web/ecx/s

Cisco:

Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi @TalosSecurity

And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:

CISA:

CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

And a Microsoft vulnerability:

CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability cve.org/CVERecord?id=CVE-2026- #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom

##

DailyCyberSecurity@infosec.exchange at 2026-07-17T01:41:11.000Z ##

CISA KEV catalog adds three actively exploited flaws: FortiSandbox CVE-2026-25089, CVE-2026-39808, and SharePoint CVE-2026-58644. Patch by July 19.

#CISA #KEV #Fortinet #FortiSandbox #SharePoint #CVE202658644 #ActivelyExploited #CyberSecurity

securityonline.info/cisa-kev-f

##

secdb@infosec.exchange at 2026-07-16T19:00:11.000Z ##

🚨 [CISA-2026:0716] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-25089 (secdb.nttzen.cloud/cve/detail/)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: fortiguard.fortinet.com/psirt/ ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-39808 (secdb.nttzen.cloud/cve/detail/)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: fortiguard.fortinet.com/psirt/ ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-58644 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint
- Notes: msrc.microsoft.com/update-guid ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260716 #cisa20260716 #cve_2026_25089 #cve_2026_39808 #cve_2026_58644 #cve202625089 #cve202639808 #cve202658644

##

cisakevtracker@mastodon.social at 2026-07-16T18:01:14.000Z ##

CVE ID: CVE-2026-25089
Vendor: Fortinet
Product: FortiSandbox
Date Added: 2026-07-16
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-53412
(9.8 CRITICAL)

EPSS: 0.51%

updated 2026-07-17T00:32:18

8 posts

Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an account takeover via network access.

cyberveille@mastobot.ping.moi at 2026-07-17T22:30:20.000Z ##

📢 Zoom : vulnérabilité critique CVE-2026-53412 permettant la prise de contrôle de comptes
📝 ## 🔍 Contexte

Source : BleepingComputer — publié le 15 juillet 2026.
📖 cyberveille : cyberveille.ch/posts/2026-07-1
🌐 source : bleepingcomputer.com/news/secu
#CVE_2026_53409 #CVE_2026_53410 #Cyberveille

##

DailyCyberSecurity@infosec.exchange at 2026-07-17T08:01:37.000Z ##

A Zoom critical vulnerability (CVE-2026-53412, CVSS 9.8) lets attackers hijack accounts on Windows with no user interaction. Update your client now.

#Zoom #CVE202653412 #Vulnerability #CyberSecurity #Windows #AccountTakeover

securityexpress.info/cve-2026-

##

oversecurity@mastodon.social at 2026-07-17T06:50:27.000Z ##

Zoom Patches Critical Windows Flaw Enabling Account Takeover

Zoom has released security updates to fix CVE-2026-53412, a critical Improper Input Validation vulnerability affecting its Windows software, which...

🔗️ [Thecyberexpress] link.is.it/17cS6R

##

teezeh@ieji.de at 2026-07-16T09:43:29.000Z ##

"Zoom is warning of a critical vulnerability in its desktop client and software development kit for Windows that could be exploited by an unauthenticated party to hijack accounts.

Discovered internally, the security issue is tracked as CVE-2026-53412 and received a severity score of 9.8 out of 10.

In an advisory this week, the messaging platform says that the flaw affects Zoom Workplace for Windows before version 7.0.0, the Windows VDI Client before versions 7.0.10, 6.6.15, and 6.5.18, and the Meeting SDK for Windows before version 7.0.0."

bleepingcomputer.com/news/secu

##

nono2357@infosec.exchange at 2026-07-16T09:11:31.000Z ##

Zoom Fixes CVE-2026-53412, a Critical Account Takeover Bug
securityaffairs.com/195454/sec

##

ottoto2017@prattohome.com at 2026-07-16T05:38:31.000Z ##

「Zoomがアカウント乗っ取りの重大な脆弱性について警告 」: #BLEEPINGCOMPUTER

「Zoomは、Windows向けデスクトップクライアントおよびソフトウェア開発キットに重大な脆弱性が存在すると警告している。この脆弱性を悪用すれば、認証されていない第三者がアカウントを乗っ取る可能性がある。

社内で発見されたこのセキュリティ問題は、CVE-2026-53412として追跡されており、深刻度スコアは10点満点中9.8点と評価されています。

今週発表された勧告によると、この脆弱性は、Windows版Zoom Workplaceのバージョン7.0.0未満、Windows VDI Clientのバージョン7.0.10未満、6.6.15未満、6.5.18未満、およびWindows版Meeting SDKのバージョン7.0.0未満に影響するとのことです。 」

bleepingcomputer.com/news/secu

#prattohome

##

ai6yr@m.ai6yr.org at 2026-07-15T20:58:40.000Z ##

Oh my

Zoom Workplace for Windows - Improper Input Validation

Bulletin: ZSB-26014
CVEID: CVE-2026-53412
CVSS Severity: Critical
CVSS Score: 9.8

Description:

Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an account takeover via network access.

zoom.com/en/trust/security-bul

#zoom #cybersecurity

##

DailyCyberSecurity@infosec.exchange at 2026-07-15T13:34:43.000Z ##

Zoom vulnerability CVE-2026-53412 (CVSS 9.8) allows unauthenticated account takeover over the network. Update Zoom Workplace for Windows to 7.0.0 now.

#Zoom #CVE202653412 #AccountTakeover #Windows #CyberSecurity

securityonline.info/zoom-accou

##

CVE-2026-53409
(7.8 HIGH)

EPSS: 0.15%

updated 2026-07-16T21:30:46

1 posts

Improper Privilege Management in Zoom Rooms for Windows before version 7.1.0 may allow an authenticated user to conduct an escalation of privilege via local access.

thehackerwire@mastodon.social at 2026-07-16T22:01:13.000Z ##

🟠 CVE-2026-53409 - High (7.8)

Improper Privilege Management in Zoom Rooms for Windows before version 7.1.0 may allow an authenticated user to conduct an escalation of privilege via local access.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-62378
(9.0 CRITICAL)

EPSS: 0.33%

updated 2026-07-16T20:16:47.430000

1 posts

RustFS Console is a web management console for the RustFS distributed file system. From 0.1.7 until 0.1.10, the RustFS Console components/object/preview-modal.tsx and components/object/pdf-viewer.tsx extension-based PDF preview path can render HTML content uploaded as .pdf, allowing stored cross-site scripting in the management console and exposure of administrator AccessKeyId, SecretAccessKey, an

thehackerwire@mastodon.social at 2026-07-15T18:00:00.000Z ##

🔴 CVE-2026-62378 - Critical (9)

RustFS Console is a web management console for the RustFS distributed file system. From 0.1.7 until 0.1.10, the RustFS Console components/object/preview-modal.tsx and components/object/pdf-viewer.tsx extension-based PDF preview path can render HTM...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-52870
(7.6 HIGH)

EPSS: 0.23%

updated 2026-07-16T19:56:14

1 posts

### Summary In affected versions, the default request handlers installed by the experimental tasks feature (`server.experimental.enable_tasks()`) did not check which session created a task before acting on it. On a server with more than one connected client, any client could observe, read results from, and cancel tasks belonging to other clients. ### Am I affected? Only if the developer's applica

thehackerwire@mastodon.social at 2026-07-15T21:00:08.000Z ##

🟠 CVE-2026-52870 - High (7.6)

The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol (MCP). From 1.23.0 until 1.27.2, default handlers installed by server.experimental.enable_tasks() for tasks/list, tasks/get, tasks/result, and tasks/c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-62312
(8.8 HIGH)

EPSS: 0.72%

updated 2026-07-16T19:16:51.010000

1 posts

9Router is an AI router & token saver. Prior to 0.5.2, 9Router allows a remote authenticated attacker to achieve arbitrary code execution on the host operating system by combining a Host header bypass of localhost-only routes with unvalidated MCP plugin args passed to child_process.spawn(), allowing malicious custom plugins to execute commands through /api/mcp//sse. This issue is fixed in version

thehackerwire@mastodon.social at 2026-07-15T22:00:01.000Z ##

🟠 CVE-2026-62312 - High (8.8)

9Router is an AI router & token saver. Prior to 0.5.2, 9Router allows a remote authenticated attacker to achieve arbitrary code execution on the host operating system by combining a Host header bypass of localhost-only routes with unvalidated MCP ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48352
(7.5 HIGH)

EPSS: 0.41%

updated 2026-07-16T19:04:00.603000

1 posts

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

thehackerwire@mastodon.social at 2026-07-14T23:01:29.000Z ##

🟠 CVE-2026-48352 - High (7.5)

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service conditio...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48351
(7.5 HIGH)

EPSS: 0.41%

updated 2026-07-16T19:03:57.483000

1 posts

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service condition. Exploitation of this issue does not require user interaction.

thehackerwire@mastodon.social at 2026-07-14T23:01:17.000Z ##

🟠 CVE-2026-48351 - High (7.5)

CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service conditio...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-39808
(9.8 CRITICAL)

EPSS: 84.16%

updated 2026-07-16T18:32:24

4 posts

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.8 may allow attacker to execute unauthorized code or commands via <insert attack vector here>

Nuclei template

6 repos

https://github.com/error-inside/CVE-2026-39808

https://github.com/0xBlackash/CVE-2026-39808

https://github.com/Lechansky/CVE-2026-39808

https://github.com/ynsmroztas/FortiSandbox-RCE-Exploit-CVE-2026-39808

https://github.com/samu-delucas/CVE-2026-39808

https://github.com/HORKimhab/CVE-2026-39808

AAKL@infosec.exchange at 2026-07-17T15:51:07.000Z ##

Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th support.broadcom.com/web/ecx/s

Cisco:

Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi @TalosSecurity

And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:

CISA:

CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

And a Microsoft vulnerability:

CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability cve.org/CVERecord?id=CVE-2026- #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom

##

DailyCyberSecurity@infosec.exchange at 2026-07-17T01:41:11.000Z ##

CISA KEV catalog adds three actively exploited flaws: FortiSandbox CVE-2026-25089, CVE-2026-39808, and SharePoint CVE-2026-58644. Patch by July 19.

#CISA #KEV #Fortinet #FortiSandbox #SharePoint #CVE202658644 #ActivelyExploited #CyberSecurity

securityonline.info/cisa-kev-f

##

secdb@infosec.exchange at 2026-07-16T19:00:11.000Z ##

🚨 [CISA-2026:0716] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-25089 (secdb.nttzen.cloud/cve/detail/)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: fortiguard.fortinet.com/psirt/ ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-39808 (secdb.nttzen.cloud/cve/detail/)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: fortiguard.fortinet.com/psirt/ ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-58644 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint
- Notes: msrc.microsoft.com/update-guid ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260716 #cisa20260716 #cve_2026_25089 #cve_2026_39808 #cve_2026_58644 #cve202625089 #cve202639808 #cve202658644

##

cisakevtracker@mastodon.social at 2026-07-16T18:01:30.000Z ##

CVE ID: CVE-2026-39808
Vendor: Fortinet
Product: FortiSandbox
Date Added: 2026-07-16
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-58644
(9.8 CRITICAL)

EPSS: 1.47%

updated 2026-07-16T18:31:26

8 posts

Deserialization of untrusted data in Microsoft Office SharePoint allows an unauthorized attacker to execute code over a network.

youranonnewsirc@nerdculture.de at 2026-07-18T04:26:09.000Z ##

Latest 24-hour summary:

Geopolitical: US strikes Iran for a sixth night, escalating conflict and impacting the Strait of Hormuz.
Technology: IBM unveils a sub-1nm chip, Japan achieves 6G, and AI chip demand surges amidst a deepening tech selloff.
Cybersecurity: CISA warns of an actively exploited SharePoint RCE zero-day (CVE-2026-58644), urging immediate patching. New BL4CK SP1D3R ransomware threats are also detected.

#AnonNews_irc #Cybersecurity #News

##

youranonnewsirc@nerdculture.de at 2026-07-18T04:26:09.000Z ##

Latest 24-hour summary:

Geopolitical: US strikes Iran for a sixth night, escalating conflict and impacting the Strait of Hormuz.
Technology: IBM unveils a sub-1nm chip, Japan achieves 6G, and AI chip demand surges amidst a deepening tech selloff.
Cybersecurity: CISA warns of an actively exploited SharePoint RCE zero-day (CVE-2026-58644), urging immediate patching. New BL4CK SP1D3R ransomware threats are also detected.

#AnonNews_irc #Cybersecurity #News

##

AAKL@infosec.exchange at 2026-07-17T15:51:07.000Z ##

Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th support.broadcom.com/web/ecx/s

Cisco:

Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi @TalosSecurity

And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:

CISA:

CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

And a Microsoft vulnerability:

CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability cve.org/CVERecord?id=CVE-2026- #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom

##

offseq@infosec.exchange at 2026-07-17T07:30:26.000Z ##

CVE-2026-58644: CRITICAL RCE in Microsoft SharePoint enables remote, authenticated Site Owners to execute code via deserialization. Exploited in the wild — patch now (July 2026 updates). Details: radar.offseq.com/threat/fresh- #OffSeq #SharePoint #Vuln #KEV #Infosec

##

DailyCyberSecurity@infosec.exchange at 2026-07-17T01:41:11.000Z ##

CISA KEV catalog adds three actively exploited flaws: FortiSandbox CVE-2026-25089, CVE-2026-39808, and SharePoint CVE-2026-58644. Patch by July 19.

#CISA #KEV #Fortinet #FortiSandbox #SharePoint #CVE202658644 #ActivelyExploited #CyberSecurity

securityonline.info/cisa-kev-f

##

secdb@infosec.exchange at 2026-07-16T19:00:11.000Z ##

🚨 [CISA-2026:0716] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-25089 (secdb.nttzen.cloud/cve/detail/)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: fortiguard.fortinet.com/psirt/ ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-39808 (secdb.nttzen.cloud/cve/detail/)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: fortiguard.fortinet.com/psirt/ ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-58644 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint
- Notes: msrc.microsoft.com/update-guid ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260716 #cisa20260716 #cve_2026_25089 #cve_2026_39808 #cve_2026_58644 #cve202625089 #cve202639808 #cve202658644

##

cisakevtracker@mastodon.social at 2026-07-16T18:00:57.000Z ##

CVE ID: CVE-2026-58644
Vendor: Microsoft
Product: SharePoint
Date Added: 2026-07-16
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

beyondmachines1@infosec.exchange at 2026-07-15T12:01:29.000Z ##

CISA Issues Urgent Warning on SharePoint Server Exploitation

CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.

**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

CVE-2026-12525
(8.8 HIGH)

EPSS: 0.24%

updated 2026-07-16T18:16:41.633000

1 posts

The Redux Framework WordPress plugin before 4.5.13 does not restrict which user meta keys can be written when saving custom profile fields, allowing users with at least the Subscriber role to escalate their privileges to Administrator by submitting a crafted value while updating their own profile, on sites where the Redux Framework WordPress plugin before 4.5.13's user-profile (Users extension) fe

offseq@infosec.exchange at 2026-07-16T09:00:28.000Z ##

CVE-2026-12525: Redux Framework <4.5.13 (WordPress) allows Subscribers to escalate to Admin by abusing the user-profile extension. Severity: CRITICAL. Disable the feature or restrict editing until a patch lands. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #CVE202612525 #PrivilegeEscalation

##

CVE-2026-49794
(4.6 MEDIUM)

EPSS: 0.35%

updated 2026-07-16T15:59:58.327000

1 posts

Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an unauthorized attacker to disclose information with a physical attack.

clueax@infosec.exchange at 2026-07-14T19:59:26.000Z ##

@jerry Microsoft may be doing some creative counting on vulnerabilities. To what end, I dunno.
Example: I looked at the 3 "Windows USB Audio Class Driver Information Disclosure" vulnerabilities.
CVE-2026-58528
CVE-2026-50453
CVE-2026-49794
All three are:
Information disclosure only
Max severity = important
Exploitation assessment = exploitation less likely
weakness = CWE-125: Out-of-bounds Read
require physical access
exploit code maturity = unproven
Acknowledgement to Jonghoi Kim at Patchpoint.io
Sure, they could be 3 totally unique ways to exploit USB audio all found by the same researcher in the same month... but that definitely feels like they're all three the same core issue and could have been a single CVE.

##

CVE-2026-46339
(10.0 CRITICAL)

EPSS: 4.57%

updated 2026-07-16T14:16:52.513000

1 posts

9Router is an AI router & token saver. From 0.4.30 until 0.4.37, 9Router's src/proxy.js middleware did not protect /api/cli-tools/* and /api/mcp/*, allowing unauthenticated registration of customPlugins through src/app/api/cli-tools/cowork-settings/route.js and command execution through the MCP bridge. This vulnerability is fixed in 0.4.37.

Nuclei template

offseq@infosec.exchange at 2026-07-16T03:00:24.000Z ##

CRITICAL: CVE-2026-46339 impacts decolua 9Router (<0.4.37). OS command injection via exposed API lets unauth attackers gain full control. Patch to 0.4.37 now! radar.offseq.com/threat/cve-20 #OffSeq #CVE202646339 #infosec #security

##

CVE-2026-11386
(9.0 CRITICAL)

EPSS: 0.32%

updated 2026-07-16T14:16:48.040000

3 posts

An input validation and injection vulnerability exists in Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools). The client constructs APT source files (such as /etc/apt/sources.list.d/ubuntu-.list or their DEB822 equivalents) using data received directly from the contract server response via the directives.suites[] and directives.aptURL fields. Because the client utilizes Python's str.for

DailyCyberSecurity at 2026-07-18T08:31:41.998Z ##

Ubuntu Pro Client vulnerability CVE-2026-11386 (CVSS 9.0) lets a spoofed contract server inject APT sources and run code with root privileges.

securityonline.info/ubuntu-pro

##

DailyCyberSecurity@infosec.exchange at 2026-07-18T08:31:41.000Z ##

Ubuntu Pro Client vulnerability CVE-2026-11386 (CVSS 9.0) lets a spoofed contract server inject APT sources and run code with root privileges.

#Ubuntu #UbuntuPro #CVE202611386 #Canonical #RCE #Linux #CyberSecurity

securityonline.info/ubuntu-pro

##

offseq@infosec.exchange at 2026-07-17T00:00:36.000Z ##

CRITICAL vuln in ubuntu-pro-client <37.2ubuntu~22.04.1: contract server manipulation can inject malicious APT config & install arbitrary packages as root. Preinstalled on Ubuntu Pro images. Patch status TBD. Details: radar.offseq.com/threat/ubuntu #OffSeq #Ubuntu #LinuxSec #Vulnerability

##

CVE-2026-52887
(10.0 CRITICAL)

EPSS: 0.59%

updated 2026-07-16T13:43:05.487000

1 posts

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filter[latestMsgReceiveTimestamp][$lt] value was inserted into a Sequelize.literal() template string without escaping or parameter binding, allowing a signed-up authen

thehackerwire@mastodon.social at 2026-07-15T22:00:11.000Z ##

🔴 CVE-2026-52887 - Critical (10)

NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filter[latestM...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22752
(9.6 CRITICAL)

EPSS: 0.43%

updated 2026-07-16T12:32:28

1 posts

Authentication bypass by primary weakness vulnerability in Spring Security Spring Authorization Server. This issue affects Spring Authorization Server: from 7.0.0 through 7.0.4, from 1.5.0 through 1.5.6, from 1.4.0 through 1.4.9, from 1.3.0 through 1.3.10.

offseq@infosec.exchange at 2026-07-16T10:30:27.000Z ##

CVE-2026-22752: CRITICAL auth bypass in Spring Authorization Server (CVSS 9.6). Low-priv attackers can fully compromise confidentiality & integrity. No patch or workaround — monitor vendor updates. radar.offseq.com/threat/cve-20 #OffSeq #SpringSecurity #CVE202622752 #infosec

##

CVE-2026-15013
(9.8 CRITICAL)

EPSS: 0.30%

updated 2026-07-16T06:31:33

1 posts

The SAML Single Sign On – SSO Login plugin for WordPress is vulnerable to Authentication Bypass via SAML Signature Algorithm Confusion in all versions up to, and including, 5.4.3. The vulnerability exists because `Mo_SAML_Utilities::mo_saml_cast_key()` reads the `SignatureMethod` Algorithm attribute directly from the attacker-controlled `SAMLResponse` parameter rather than enforcing the locally co

offseq@infosec.exchange at 2026-07-16T06:00:26.000Z ##

CVE-2026-15013 | CRITICAL vuln in cyberlord92 SAML SSO Login (≤5.4.3): Signature verification flaw enables authentication bypass & admin account takeover. Disable plugin until patched. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #CVE202615013 #SAML #Vuln

##

CVE-2026-56687
(7.8 HIGH)

EPSS: 0.10%

updated 2026-07-16T05:16:25.420000

1 posts

Dell ThinOS 10, versions prior to 2605_10.2100, contain an Obsolete Feature in UI vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

thehackerwire@mastodon.social at 2026-07-15T19:02:03.000Z ##

🟠 CVE-2026-56687 - High (7.8)

Dell ThinOS 10, versions prior to 2605_10.2100, contain an Obsolete Feature in UI vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-50130
(8.8 HIGH)

EPSS: 0.22%

updated 2026-07-16T05:16:22.107000

1 posts

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to 6.4.2, a user with code execution as the unprivileged pihole user can escalate to root by replacing /etc/pihole/logrotate. The replacement is laundered to root:root ownership by pihole-FTL-prestart.sh and then parsed as root by the daily pihole flush cron, executing firsta

thehackerwire@mastodon.social at 2026-07-14T23:00:26.000Z ##

🟠 CVE-2026-50130 - High (8.8)

Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to 6.4.2, a user with code execution as the unprivileged pihole user can escalate to root by replacing /etc/pihole/logrotat...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-46817
(9.8 CRITICAL)

EPSS: 1.04%

updated 2026-07-16T05:16:20.290000

6 posts

Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnerability can result in takeover of Oracle Payments. CVSS 3.1 Base Score 9.8 (Con

2 repos

https://github.com/0xBlackash/CVE-2026-46817

https://github.com/HORKimhab/CVE-2026-46817

thecybermind@infosec.exchange at 2026-07-16T18:40:00.000Z ##

⚠️ CRITICAL ALERT: CVE-2026-46817 allows unauthenticated takeover of Oracle E-Business Suite. With active exploitation verified, your perimeter is at risk. Get the forensic indicators, detection queries, and hardening playbooks you need to secure your infrastructure. thecybermind.co/k8ae

#CyberSecurity #Oracle #TCM

##

offseq@infosec.exchange at 2026-07-16T12:00:26.000Z ##

Oracle E-Business Suite flaw (CVE-2026-46817, CRITICAL) enables unauthenticated takeover of Oracle Payments via HTTP. Exploited in the wild — patches available since May 2026. CISA requires federal patching by 7/18/26. Details: radar.offseq.com/threat/cisa-o #OffSeq #Oracle #Infosec #CVE202646817

##

DailyCyberSecurity@infosec.exchange at 2026-07-16T02:32:14.000Z ##

CISA KEV catalog now lists CVE-2026-46817, a critical Oracle E-Business Suite flaw, and CVE-2023-4346 in KNX devices. Both are exploited in the wild.

#CISA #KEV #CVE202646817 #Oracle #KNX

securityonline.info/cisa-kev-c

##

secdb@infosec.exchange at 2026-07-15T19:00:11.000Z ##

🚨 [CISA-2026:0715] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2023-4346 (secdb.nttzen.cloud/cve/detail/)
- Name: KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: KNX Association
- Product: KNX Protocol Connection Authorization Option 1
- Notes: cisa.gov/news-events/ics-advis ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-46817 (secdb.nttzen.cloud/cve/detail/)
- Name: Oracle E-Business Suite Improper Privilege Management Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Oracle
- Product: E-Business Suite
- Notes: oracle.com/security-alerts/csp ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260715 #cisa20260715 #cve_2023_4346 #cve_2026_46817 #cve20234346 #cve202646817

##

AAKL@infosec.exchange at 2026-07-15T18:33:04.000Z ##

CISA has updated the KEV catalogue:

- CVE-2023-4346: KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability cve.org/CVERecord?id=CVE-2023-

- CVE-2026-46817: Oracle E-Business Suite Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

Press release:

CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With Security Researchers cisa.gov/news-events/news/cisa

Here's the guidance: cisa.gov/sites/default/files/2 #CISA #infosec #vulnerability

##

cisakevtracker@mastodon.social at 2026-07-15T17:00:59.000Z ##

CVE ID: CVE-2026-46817
Vendor: Oracle
Product: E-Business Suite
Date Added: 2026-07-15
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-20296
(8.3 HIGH)

EPSS: 0.17%

updated 2026-07-16T05:16:18.873000

1 posts

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.7, 10.3.2512.16, 10.2.2510.18, and 10.1.2507.24, an attacker could trick a user that holds a role with the `list_deployment_server` capability into running arbitrary Search Processing Language (SPL) searches on their behalf as `splunk-system-user`, allowing for ac

DailyCyberSecurity@infosec.exchange at 2026-07-16T02:12:06.000Z ##

Splunk patched three Splunk Enterprise vulnerabilities: CVE-2026-20296 CSRF, CVE-2026-20297 path traversal, and CVE-2026-20298 credential exposure.

#Splunk #CVE202620296 #CSRF #Vulnerability #InfoSec

securityonline.info/splunk-ent

##

CVE-2026-15409
(10.0 CRITICAL)

EPSS: 1.27%

updated 2026-07-16T05:16:18.293000

12 posts

A Server-side request forgery (SSRF) vulnerability has been identified in the SMA1000 Appliance Work Place interface. A remote unauthenticated attacker could potentially cause the appliance to make requests to unintended location.

5 repos

https://github.com/HORKimhab/CVE-2026-15409

https://github.com/remmons-r7/rapid7-CVE-2026-15409

https://github.com/tc4dy/CVE-2026-15409-15410-Framework

https://github.com/MrRawBit/SonicWall-SMA1000-Zero-Day-IoC-Check

https://github.com/0xBlackash/CVE-2026-15409

threatnoir@infosec.exchange at 2026-07-17T03:06:03.000Z ##

⚠️ CRITICAL: Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands

Two zero-day vulnerabilities in SonicWall SMA 1000 appliances are actively exploited in the wild. CVE-2026-15409 is an SSRF flaw, while CVE-2026-15410 allows unauthenticated attackers to execute arbitrary commands as admin. Organizations using these devices face immediate risk of full appliance com…

threatnoir.com/focus

#infosec #cybersecurity

##

DarkWebInformer@infosec.exchange at 2026-07-16T20:32:41.000Z ##

‼️ CVE-2026-15409: PoC exploit for CVE-2026-15409 that achieves non-root remote code execution on SonicWall SMA 1000 appliances.

GitHub: github.com/remmons-r7/rapid7-C

##

DailyCyberSecurity@infosec.exchange at 2026-07-16T12:50:34.000Z ##

SonicWall SMA1000 vulnerability CVE-2026-15409 (CVSS 10.0) is exploited in the wild. Public PoC enables remote code execution patch now.

#SonicWall #SMA1000 #CVE202615409 #RCE #ZeroDay #CyberSecurity

securityonline.info/sonicwall-

##

AAKL@infosec.exchange at 2026-07-15T17:40:08.000Z ##

SonicWall has addressed a critical vulnerability. This was posted yesterday:

CVE-2026-15409 and CVE-2026-15410 psirt.global.sonicwall.com/vul #infosec #SonicWall #vulnerability

##

cert_fr@social.numerique.gouv.fr at 2026-07-15T14:21:04.000Z ##

⚠️Alerte CERT-FR⚠️

Les vulnérabilités CVE-2026-15409 et CVE-2026-15410 affectent les SMA 1000 et permettent une SSRF ainsi que d'exécuter du code arbitraire à distance.
Elles sont activement exploitées.

cert.ssi.gouv.fr/alerte/CERTFR

##

bsi@social.bund.de at 2026-07-15T10:25:56.000Z ##

⚠️ 📢 Sicherheitshinweis: Am 14. Juli 2026 veröffentlichte das Unternehmen #SonicWall ein Advisory zu seiner SMA1000-Produktserie und führte darin aus, dass die Modelle 6210, 7210 und 8200v durch zwei neu entdeckte Zero-Day #Schwachstellen (CVE-2026-15409, CVE-2026-1541) verwundbar sind.

❗️ Das Unternehmen verweist im Advisory darauf, dass "zahlreiche Fälle" vorliegen, die auf eine Ausnutzung der Schwachstellen schließen lassen.

Mehr dazu hier: ➡️ bsi.bund.de/dok/1203248

@certbund

##

oversecurity@mastodon.social at 2026-07-15T10:01:29.000Z ##

CISA Adds SonicWall SMA1000 Vulnerabilities to KEV Catalog Following Active Exploitation

Security researchers have identified two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting SonicWall SMA1000 Series...

🔗️ [Thecyberexpress] link.is.it/dwrlPe

##

rxerium@infosec.exchange at 2026-07-15T06:52:49.000Z ##

🚨 Two actively exploited zero-days affecting SonicWall SMA1000 appliances: CVE-2026-15409 (CVSS 10.0) and CVE-2026-15410 (CVSS 7.2)

I’ve created vulnerability detection templates here (with confidence levels):
CVE-2026-15409: github.com/rxerium/rxerium-tem
CVE-2026-15410: github.com/rxerium/rxerium-tem

CVE-2026-15409 is remotely exploitable without authentication, while CVE-2026-15410 requires an authenticated administrator.

##

security_crawler_carl@infosec.exchange at 2026-07-15T02:14:33.000Z ##

🏆 New Achievement! Step Right Up and Get Exploited!

Ladies and gentlemen, gather round and feast your eyes on the most ASTONISHING spectacle of unpatched network appliances this side of the midway! SonicWall — yes, THAT SonicWall — is hollering from the rooftops that threat actors are actively exploiting not one but TWO zero-day vulnerabilities in SMA1000 appliances, CVE-2026-15409 and CVE-2026-15410, in the wild, right now, as you read this! (1/2)

##

DailyCyberSecurity@infosec.exchange at 2026-07-15T00:02:34.000Z ##

SonicWall SMA1000 SSRF flaw CVE-2026-15409 (CVSS 10.0) is exploited in the wild. Upgrade to hotfix 12.4.3-03453 or 12.5.0-02835 now.

#SonicWall #SMA1000 #SSRF #CVE202615409 #CyberSecurity

securityonline.info/sonicwall-

##

oversecurity@mastodon.social at 2026-07-14T22:00:17.000Z ##

SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now

SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day...

🔗️ [Bleepingcomputer] link.is.it/KLZmPI

##

cisakevtracker@mastodon.social at 2026-07-14T20:00:49.000Z ##

CVE ID: CVE-2026-15409
Vendor: SonicWall
Product: SMA1000 Appliances
Date Added: 2026-07-14
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-13385
(0 None)

EPSS: 0.10%

updated 2026-07-16T05:16:17.923000

1 posts

An Improper Validation of Integrity Check Value and Improper Certificate Validation in certain ASUS router models allows a remote man-in-the-middle(MITM) user to make the router download and execute arbitrary command via a spoofed server. Refer to the '  Security Update for ASUS Router Firmware  ' section on the ASUS Security Advisory for more information.

offseq@infosec.exchange at 2026-07-15T03:00:26.000Z ##

ASUS routers face CRITICAL risk (CVE-2026-13385, CVSS 9.5) due to improper integrity and certificate checks. MITM attackers can execute arbitrary commands. No patch yet — monitor ASUS advisories. radar.offseq.com/threat/cve-20 #OffSeq #ASUS #infosec #CVE #vuln

##

CVE-2026-50525
(7.5 HIGH)

EPSS: 0.62%

updated 2026-07-15T23:16:50.270000

1 posts

Allocation of resources without limits or throttling in .NET allows an unauthorized attacker to deny service over a network.

us@newsbeep.org at 2026-07-14T21:40:09.000Z ##

Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

Tag
CVE ID
CVE Title
Severity
.NET
CVE-2026-50649
.NET Remote Code Execution Vulnerability
Important
.NET
CVE-2026-50525
.NET Denial…
#NewsBeep #News #US #USA #UnitedStates #UnitedStatesOfAmerica #Technology
newsbeep.com/us/763025/

##

CVE-2026-50274
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-15T23:05:20

2 posts

### Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DD_TRACE_BAGGAGE_MAX_ITEMS (default 64) and DD_TRACE_BAGGAGE_MAX_BYTES (default 8192) limits were applied only to baggage injection, not extraction. A remote, unauthenticated attacker can send a request whose bagga

thehackerwire@mastodon.social at 2026-07-18T05:01:18.000Z ##

🟠 CVE-2026-50274 - High (7.5)

Datadog dd-trace-go is a Go client library for Datadog application performance monitoring, profiling, and security monitoring. Prior to 2.8.1, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers wit...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T05:01:18.000Z ##

🟠 CVE-2026-50274 - High (7.5)

Datadog dd-trace-go is a Go client library for Datadog application performance monitoring, profiling, and security monitoring. Prior to 2.8.1, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers wit...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-50272
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-15T22:58:53

2 posts

### Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DD_TRACE_BAGGAGE_MAX_ITEMS (default 64) and DD_TRACE_BAGGAGE_MAX_BYTES (default 8192) limits were applied only to baggage injection, not extraction. A remote, unauthenticated attacker can send a request whose bagga

thehackerwire@mastodon.social at 2026-07-18T05:01:08.000Z ##

🟠 CVE-2026-50272 - High (7.5)

dd-trace is the Datadog APM client for Node.js. Prior to 5.100.0, W3C baggage propagation in packages/dd-trace/src/baggage.js and packages/dd-trace/src/opentracing/propagation/text_map.js parsed incoming baggage HTTP headers without enforcing DD_T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T05:01:08.000Z ##

🟠 CVE-2026-50272 - High (7.5)

dd-trace is the Datadog APM client for Node.js. Prior to 5.100.0, W3C baggage propagation in packages/dd-trace/src/baggage.js and packages/dd-trace/src/opentracing/propagation/text_map.js parsed incoming baggage HTTP headers without enforcing DD_T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-50271
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-15T22:55:25

2 posts

### Impact Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing item-count or byte-size limits on the extract path. The DD_TRACE_BAGGAGE_MAX_ITEMS (default 64) and DD_TRACE_BAGGAGE_MAX_BYTES (default 8192) limits were applied only to baggage injection, not extraction. A remote, unauthenticated attacker can send a request whose bagga

thehackerwire@mastodon.social at 2026-07-17T22:00:49.000Z ##

🟠 CVE-2026-50271 - High (7.5)

Datadog dd-trace-py is the Datadog Python APM client. Prior to 4.8.2, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing DD_TRACE_BAGGAGE_MAX_ITEMS or DD_TRACE_BAGGAGE_MAX_BYTES l...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-17T22:00:49.000Z ##

🟠 CVE-2026-50271 - High (7.5)

Datadog dd-trace-py is the Datadog Python APM client. Prior to 4.8.2, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing DD_TRACE_BAGGAGE_MAX_ITEMS or DD_TRACE_BAGGAGE_MAX_BYTES l...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-15895
(7.8 HIGH)

EPSS: 1.24%

updated 2026-07-15T21:31:26

1 posts

OS command injection in the npm package loading component in AWS jsii-diff before 1.131.0 might allow context-dependent attackers to execute arbitrary commands via crafted package specifiers passed to the npm: source argument. To mitigate this issue, users should upgrade to jsii-diff v1.131.0 or later.

awssecurityfeed@infosec.exchange at 2026-07-16T17:45:01.000Z ##

CVE-2026-15895: OS command injection in jsii-diff in AWS jsii

Bulletin ID: 2026-057-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/15/2026 12:00 PM PDT
Description:
jsii-diff is a command line tool to compare the API differences between two jsii assemblies...

aws.amazon.com/security/securi

#aws #security

##

CVE-2026-53517
(8.1 HIGH)

EPSS: 0.41%

updated 2026-07-15T20:54:43.733000

1 posts

Better Auth is an authentication and authorization library for TypeScript. From 1.4.8-beta.7 until 1.6.11, the @better-auth/oauth-provider POST /oauth2/token endpoint on the refresh_token grant performs a non-atomic read, validate, revoke, and mint sequence on the oauthRefreshToken row, allowing concurrent requests with the same parent refresh token to pass the revoked check and create forked refr

thehackerwire@mastodon.social at 2026-07-15T19:01:52.000Z ##

🟠 CVE-2026-53517 - High (8.1)

Better Auth is an authentication and authorization library for TypeScript. From 1.4.8-beta.7 until 1.6.11, the @better-auth/oauth-provider POST /oauth2/token endpoint on the refresh_token grant performs a non-atomic read, validate, revoke, and min...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-61835
(7.7 HIGH)

EPSS: 0.25%

updated 2026-07-15T20:49:59.560000

1 posts

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, the SSRF protection on Directus's file-import-from-URL feature can be bypassed using the address 0.0.0.0 because api/src/request/is-denied-ip.ts treats 0.0.0.0 as a keyword for local interfaces but never blocks the literal address itself. On Linux and macOS, connecting to 0.0.0.0 reaches localhost, so

thehackerwire@mastodon.social at 2026-07-15T16:00:28.000Z ##

🟠 CVE-2026-61835 - High (7.7)

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, the SSRF protection on Directus's file-import-from-URL feature can be bypassed using the address 0.0.0.0 because api/src/request/is-denied-ip.ts trea...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-50148
(10.0 CRITICAL)

EPSS: 0.44%

updated 2026-07-15T20:35:56.207000

1 posts

Metabase is an open-source business intelligence and embedded analytics tool. From 1.54.0 until 1.54.24, 1.55.24, 1.56.25, 1.57.19, 1.58.14, 1.59.10, and 1.60.4, a Metabase user with permission to add or edit a database connection can achieve remote code execution on the Metabase server by configuring a Snowflake connection to an attacker-controlled server, because a flaw in the Snowflake JDBC dri

thehackerwire@mastodon.social at 2026-07-15T17:01:06.000Z ##

🔴 CVE-2026-50148 - Critical (10)

Metabase is an open-source business intelligence and embedded analytics tool. From 1.54.0 until 1.54.24, 1.55.24, 1.56.25, 1.57.19, 1.58.14, 1.59.10, and 1.60.4, a Metabase user with permission to add or edit a database connection can achieve remo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-62351
(7.5 HIGH)

EPSS: 0.32%

updated 2026-07-15T20:18:01.667000

1 posts

TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, source/libs/transport/src/transComm.c transDecompressMsg() read STransCompMsg.contLen when pHead->comp == 1 without first validating that the RPC packet contained the 8-byte STransCompMsg structure, causing an unauthenticated out-of-bounds read, uncontrolled allocation, integer underflow, and server cra

thehackerwire@mastodon.social at 2026-07-15T19:59:59.000Z ##

🟠 CVE-2026-62351 - High (7.5)

TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, source/libs/transport/src/transComm.c transDecompressMsg() read STransCompMsg.contLen when pHead->comp == 1 without first validating that the RPC packe...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-62422
(10.0 CRITICAL)

EPSS: 0.35%

updated 2026-07-15T20:08:02.787000

1 posts

In JetBrains YouTrack before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible

DailyCyberSecurity@infosec.exchange at 2026-07-15T13:03:35.000Z ##

JetBrains vulnerabilities patched: CVE-2026-62422 (CVSS 10) YouTrack authentication bypass, IntelliJ IDEA RCE CVE-2026-59792, and four TeamCity flaws.

#JetBrains #YouTrack #IntelliJIDEA #TeamCity #CVE

securityonline.info/jetbrains-

##

CVE-2026-46485
(8.2 HIGH)

EPSS: 0.30%

updated 2026-07-15T19:50:11.367000

1 posts

Dashy is a self-hostable personal dashboard. Prior to 4.0.8, Dashy deployments using OIDC can allow unauthenticated users or non-admin authenticated users to write changes to the main config.yaml through the config-saving functionality despite configured permissions, allowing unauthorized modification of dashboard configuration and potential service disruption. This issue is fixed in version 4.0.8

thehackerwire@mastodon.social at 2026-07-15T20:00:12.000Z ##

🟠 CVE-2026-46485 - High (8.2)

Dashy is a self-hostable personal dashboard. Prior to 4.0.8, Dashy deployments using OIDC can allow unauthenticated users or non-admin authenticated users to write changes to the main config.yaml through the config-saving functionality despite con...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-56434
(6.5 MEDIUM)

EPSS: 0.39%

updated 2026-07-15T19:18:04.890000

1 posts

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssi_module module. This vulnerability may exist when the Server-Side Includes (SSI), proxy_pass, and proxy_buffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle (MITM) ability to control responses from an upstream server may be able to cause a use-after-free in the N

DailyCyberSecurity@infosec.exchange at 2026-07-16T02:05:45.000Z ##

F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.

#NGINX #CVE202642533 #CodeExecution #F5 #Vulnerability

securityonline.info/nginx-code

##

CVE-2026-20153
(7.5 HIGH)

EPSS: 0.25%

updated 2026-07-15T19:17:00.473000

1 posts

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The vulnerabilities tracked by CVE-2026-20153 are related to improper input validation that are grouped under

AAKL@infosec.exchange at 2026-07-15T17:11:13.000Z ##

Broadcom has a long list of advisories addressing several critical vulnerabilities, among others not quite as privileged socket.dev/blog/11-malicious-n

Don't forget Cisco:

Cisco: High severity: CVE-2026-20150 and CVE-2026-20153: Cisco RoomOS Security Hardening Release: July 2026 sec.cloudapps.cisco.com/securi

Midium Severity: CVE-2026-20146: Cisco Identity Services Engine Path Traversal Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #Cisco #infosec #vulnerability #Broadcom

##

CVE-2023-4346
(7.5 HIGH)

EPSS: 0.85%

updated 2026-07-15T18:32:50

5 posts

KNX devices that use KNX Connection Authorization and support Option 1 are, depending on the implementation, vulnerable to being locked and users being unable to reset them to gain access to the device. The BCU key feature on the devices can be used to create a password for the device, but this password can often not be reset without entering the current password. If the device is configured to in

thecybermind@infosec.exchange at 2026-07-16T23:24:59.000Z ##

🚨 ALERT: CVE-2023-4346 allows attackers to purge and lock KNX industrial control devices. If you manage building automation, your perimeter is at risk. Get the forensic indicators and hardening playbooks you need to secure your assets. thecybermind.co/m6eo

#CyberSecurity #ICS #KNX #TCM #IndustrialSecurity

##

DailyCyberSecurity@infosec.exchange at 2026-07-16T02:32:14.000Z ##

CISA KEV catalog now lists CVE-2026-46817, a critical Oracle E-Business Suite flaw, and CVE-2023-4346 in KNX devices. Both are exploited in the wild.

#CISA #KEV #CVE202646817 #Oracle #KNX

securityonline.info/cisa-kev-c

##

secdb@infosec.exchange at 2026-07-15T19:00:11.000Z ##

🚨 [CISA-2026:0715] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2023-4346 (secdb.nttzen.cloud/cve/detail/)
- Name: KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: KNX Association
- Product: KNX Protocol Connection Authorization Option 1
- Notes: cisa.gov/news-events/ics-advis ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-46817 (secdb.nttzen.cloud/cve/detail/)
- Name: Oracle E-Business Suite Improper Privilege Management Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Oracle
- Product: E-Business Suite
- Notes: oracle.com/security-alerts/csp ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260715 #cisa20260715 #cve_2023_4346 #cve_2026_46817 #cve20234346 #cve202646817

##

AAKL@infosec.exchange at 2026-07-15T18:33:04.000Z ##

CISA has updated the KEV catalogue:

- CVE-2023-4346: KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability cve.org/CVERecord?id=CVE-2023-

- CVE-2026-46817: Oracle E-Business Suite Improper Privilege Management Vulnerability cve.org/CVERecord?id=CVE-2026-

Press release:

CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With Security Researchers cisa.gov/news-events/news/cisa

Here's the guidance: cisa.gov/sites/default/files/2 #CISA #infosec #vulnerability

##

cisakevtracker@mastodon.social at 2026-07-15T17:01:14.000Z ##

CVE ID: CVE-2023-4346
Vendor: KNX Association
Product: KNX Protocol Connection Authorization Option 1
Date Added: 2026-07-15
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-20297
(7.2 HIGH)

EPSS: 0.38%

updated 2026-07-15T18:32:05

1 posts

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.2.2510.18, and 10.1.2507.24, a user who holds a role that contains the `edit_local_apps` and `install_apps` capabilities could cause a legitimate app installation to write files outside the intended app directory, into `$SPLUNK_HOME/etc/` and its sub

DailyCyberSecurity@infosec.exchange at 2026-07-16T02:12:06.000Z ##

Splunk patched three Splunk Enterprise vulnerabilities: CVE-2026-20296 CSRF, CVE-2026-20297 path traversal, and CVE-2026-20298 credential exposure.

#Splunk #CVE202620296 #CSRF #Vulnerability #InfoSec

securityonline.info/splunk-ent

##

CVE-2026-58658
(8.2 HIGH)

EPSS: 0.39%

updated 2026-07-15T18:32:05

1 posts

GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /serveLogs and /debug endpoints on the worker port. Attackers can enumerate model instance IDs to stream serving logs containing prompts and completions, c

thehackerwire@mastodon.social at 2026-07-15T19:02:15.000Z ##

🟠 CVE-2026-58658 - High (8.2)

GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-62389
(7.5 HIGH)

EPSS: 0.45%

updated 2026-07-15T18:32:05

1 posts

ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket messages. Attackers can send a text frame with FIN=0 followed by continuation frames without completing the sequence, causing each fragment to be stored as a se

thehackerwire@mastodon.social at 2026-07-15T19:00:55.000Z ##

🟠 CVE-2026-62389 - High (7.5)

ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket message...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-59258
(8.3 HIGH)

EPSS: 0.32%

updated 2026-07-15T18:32:05

1 posts

immich before 3.0.3 contains a broken access control vulnerability in the PUT /albums/:id/user/:userId endpoint that allows shared album editors to modify member roles without owner-only restrictions. Attackers with editor access can demote the album owner to editor and promote themselves to owner in sequential requests, gaining full control including deletion and eviction capabilities.

thehackerwire@mastodon.social at 2026-07-15T19:00:45.000Z ##

🟠 CVE-2026-59258 - High (8.3)

immich before 3.0.3 contains a broken access control vulnerability in the PUT /albums/:id/user/:userId endpoint that allows shared album editors to modify member roles without owner-only restrictions. Attackers with editor access can demote the al...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20298
(5.3 MEDIUM)

EPSS: 0.22%

updated 2026-07-15T18:32:04

1 posts

In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splunk Cloud Platform versions below 10.5.2605.0, 10.4.2604.6, 10.3.2512.15, 10.2.2510.18, and 10.1.2507.24, a low-privileged user that does not hold the 'admin' or 'power' Splunk roles could view stored credential hashes when they access the `/servicesNS/-/-/storage/passwords` REST endpoint through the `|rest` Search Proc

DailyCyberSecurity@infosec.exchange at 2026-07-16T02:12:06.000Z ##

Splunk patched three Splunk Enterprise vulnerabilities: CVE-2026-20296 CSRF, CVE-2026-20297 path traversal, and CVE-2026-20298 credential exposure.

#Splunk #CVE202620296 #CSRF #Vulnerability #InfoSec

securityonline.info/splunk-ent

##

CVE-2026-60005
(8.2 HIGH)

EPSS: 0.61%

updated 2026-07-15T18:31:58

2 posts

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_slice_module module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause uninitialized memory access in the NGINX worker process, leading to limited disclosure of memory or a restart. Impact: This vulnerability m

DailyCyberSecurity@infosec.exchange at 2026-07-16T02:05:45.000Z ##

F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.

#NGINX #CVE202642533 #CodeExecution #F5 #Vulnerability

securityonline.info/nginx-code

##

thehackerwire@mastodon.social at 2026-07-15T17:00:09.000Z ##

🟠 CVE-2026-60005 - High (8.2)

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_slice_module module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20150
(8.8 HIGH)

EPSS: 0.22%

updated 2026-07-15T18:31:58

1 posts

As part of Cisco's ongoing commitment to proactive security and product quality, the Cisco RoomOS engineering team has conducted a comprehensive internal security review. This review resulted in a software hardening release that addresses multiple internally discovered vulnerabilities. The vulnerabilities tracked by CVE-2026-20150 are related to improper access control&nbsp;that are grouped under

AAKL@infosec.exchange at 2026-07-15T17:11:13.000Z ##

Broadcom has a long list of advisories addressing several critical vulnerabilities, among others not quite as privileged socket.dev/blog/11-malicious-n

Don't forget Cisco:

Cisco: High severity: CVE-2026-20150 and CVE-2026-20153: Cisco RoomOS Security Hardening Release: July 2026 sec.cloudapps.cisco.com/securi

Midium Severity: CVE-2026-20146: Cisco Identity Services Engine Path Traversal Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #Cisco #infosec #vulnerability #Broadcom

##

CVE-2026-20146
(5.5 MEDIUM)

EPSS: 0.34%

updated 2026-07-15T18:31:58

1 posts

A vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Identity Connector (ISE-PIC) could allow an authenticated, remote attacker to perform path traversal attacks on the underlying operating system to either read or delete arbitrary files. To exploit this vulnerability, the attacker must have valid administrative credentials.&nbsp; This vulnerability is due to improper val

AAKL@infosec.exchange at 2026-07-15T17:11:13.000Z ##

Broadcom has a long list of advisories addressing several critical vulnerabilities, among others not quite as privileged socket.dev/blog/11-malicious-n

Don't forget Cisco:

Cisco: High severity: CVE-2026-20150 and CVE-2026-20153: Cisco RoomOS Security Hardening Release: July 2026 sec.cloudapps.cisco.com/securi

Midium Severity: CVE-2026-20146: Cisco Identity Services Engine Path Traversal Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #Cisco #infosec #vulnerability #Broadcom

##

CVE-2026-62685
(8.1 HIGH)

EPSS: 0.32%

updated 2026-07-15T18:15:13.373000

1 posts

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.17, File Browser builds new user scopes from usernames passed through cleanUsername() when Signup=true and CreateUserDir=true, but the many-to-one normalization can collapse usernames such as team/one, team one, and team-one to the same home directo

thehackerwire@mastodon.social at 2026-07-15T16:59:59.000Z ##

🟠 CVE-2026-62685 - High (8.1)

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.17, File Browser builds new user scopes from usernames passed through cleanUsername() when Signu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48318
(9.9 CRITICAL)

EPSS: 6.96%

updated 2026-07-15T17:59:53.417000

1 posts

ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary file system read. An attacker could exploit this vulnerability to access sensitive files and directories outside the intended access scope. Exploitation of this issue does not require user interaction. Scope is changed.

offseq@infosec.exchange at 2026-07-15T07:30:27.000Z ##

Adobe ColdFusion 2025 is affected by a CRITICAL path traversal vuln (CVE-2026-48318, CVSS 9.9). Attackers can read arbitrary files — no user interaction. Restrict ColdFusion access & monitor logs until a patch is released. Details: radar.offseq.com/threat/cve-20 #OffSeq #CVE202648318 #ColdFusion #Infosec

##

CVE-2026-15764
(7.5 HIGH)

EPSS: 0.27%

updated 2026-07-15T17:52:02.543000

1 posts

Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

DailyCyberSecurity@infosec.exchange at 2026-07-15T01:46:48.000Z ##

Google's Chrome security update 150.0.7871.124 fixes 15 flaws, including critical use-after-free bugs CVE-2026-15764 and CVE-2026-15765. Update now.

#Chrome #GoogleChrome #CVE #BrowserSecurity #CyberSecurity

securityonline.info/chrome-150

##

CVE-2026-13585
(0 None)

EPSS: 0.11%

updated 2026-07-15T16:24:31.140000

1 posts

Allocation of Resources Without Limits and Throttling and Sensitive Information in Resource Not Removed Before Reuse in the ASUS System Control Interface driver and ASUS Business Manager allow a local administrator to disclose sensitive information via crafted IOCTL requests, which, in severe cases, may lead to a Denial of Service (DoS) on the system. Refer to the '  Security Update for ASUS Syste

1 repos

https://github.com/416rehman/asus-bsitf-0-day-poc

_r_netsec@infosec.exchange at 2026-07-16T06:28:05.000Z ##

ASUS bsitf.sys (CVE-2026-13585): Arbitrary Physical Memory Mapping via Unvalidated IOCTL blog.ahmadz.ai/asus_bsitf_0_da

##

CVE-2026-42533
(8.1 HIGH)

EPSS: 0.83%

updated 2026-07-15T15:33:14

2 posts

A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable in a string expression under certain conditions. An unauthenticated attacker along with conditions beyon

1 repos

https://github.com/0xCyberstan/CVE-2026-42533-Config-Scanner

DailyCyberSecurity@infosec.exchange at 2026-07-16T02:05:45.000Z ##

F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.

#NGINX #CVE202642533 #CodeExecution #F5 #Vulnerability

securityonline.info/nginx-code

##

cR0w@infosec.exchange at 2026-07-15T16:49:35.000Z ##

That's a lot of Fixes introduced in: NONE.

my.f5.com/manage/s/article/K00

A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable in a string expression under certain conditions. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. (CVE-2026-42533)

my.f5.com/manage/s/article/K00

##

CVE-2026-56155
(7.8 HIGH)

EPSS: 0.38%

updated 2026-07-15T14:18:24.010000

5 posts

Insufficient granularity of access control in Active Directory Federation Services (AD FS) allows an authorized attacker to elevate privileges locally.

thecybermind@infosec.exchange at 2026-07-17T15:05:01.000Z ##

Active exploitation of CVE-2026-56155 in Microsoft ADFS puts your identity perimeter at risk. Our latest TSUITE brief delivers the forensic indicators, detection queries, and compensating controls needed to neutralize this privilege escalation threat. Secure your architecture today. thecybermind.co/al3f

##

GossiTheDog@cyberplace.social at 2026-07-16T13:14:20.000Z ##

Regarding CVE-2026-56155, the in-the-wild ADFS vulnerability - the July patch just released does not fix the vulnerability.

Instead it adds an audit log. The changes to harden the service and enforce protection will only apply with October 2026’s update applied.

support.microsoft.com/en-us/se

##

DailyCyberSecurity@infosec.exchange at 2026-07-14T22:50:38.000Z ##

Microsoft's July 2026 Patch Tuesday fixes 570 flaws. Zero-days CVE-2026-56155 and CVE-2026-56164 are exploited in the wild. Patch now.

#PatchTuesday #Microsoft #ZeroDay #CVE #CyberSecurity

securityonline.info/july-2026-

##

cisakevtracker@mastodon.social at 2026-07-14T19:00:48.000Z ##

CVE ID: CVE-2026-56155
Vendor: Microsoft
Product: Active Directory Federation Services
Date Added: 2026-07-14
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

secdb@infosec.exchange at 2026-07-14T19:00:11.000Z ##

🚨 [CISA-2026:0714] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-56155 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Active Directory Federation Services
- Notes: msrc.microsoft.com/update-guid ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-56164 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint Server
- Notes: msrc.microsoft.com/update-guid ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260714 #cisa20260714 #cve_2026_56155 #cve_2026_56164 #cve202656155 #cve202656164

##

CVE-2026-48309
(7.8 HIGH)

EPSS: 0.17%

updated 2026-07-15T13:51:52.543000

1 posts

Audition is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

CVE-2026-9770(CVSS UNKNOWN)

EPSS: 0.22%

updated 2026-07-15T03:33:02

1 posts

Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key stored in a read-only filesystem that is shared across devices.  An attacker with access to the firmware image can extract the embedded key.  Successful exploitation may allow an unauthenticated attacker on the same network to use this key in the web management service, compromising the confidentiality of encry

DailyCyberSecurity@infosec.exchange at 2026-07-17T01:53:09.000Z ##

TP-Link Kasa vulnerability CVE-2026-9770 (CVSS 8.6) lets local attackers intercept admin credentials on EC70 and EC71 cameras. Update firmware now.

#TPLink #Kasa #IoTSecurity #CVE20269770 #InfoDisclosure

securityonline.info/tp-link-ka

##

CVE-2026-48334
(9.3 CRITICAL)

EPSS: 0.43%

updated 2026-07-15T00:31:51

1 posts

Illustrator is affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. Scope is changed.

offseq@infosec.exchange at 2026-07-15T04:30:26.000Z ##

CRITICAL: CVE-2026-48334 impacts Adobe Illustrator Desktop 2026 (CVSS 9.3). Improper input validation lets attackers run code if a user opens a malicious file. No patch — open only trusted files. radar.offseq.com/threat/cve-20 #OffSeq #Adobe #Vuln #CVE202648334

##

CVE-2026-48336
(7.8 HIGH)

EPSS: 0.14%

updated 2026-07-15T00:31:50

1 posts

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

hugovalters@mastodon.social at 2026-07-15T17:04:09.000Z ##

CVE-2026-48336 - High severity out-of-bounds write in Illustrator. Could lead to arbitrary code execution. CVSS 7.8. Update immediately. #CVE #Adobe #infosec

valtersit.com/cve/CVE-2026-483

##

CVE-2026-48337
(7.8 HIGH)

EPSS: 0.14%

updated 2026-07-15T00:31:43

1 posts

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

thehackerwire@mastodon.social at 2026-07-14T23:01:05.000Z ##

🟠 CVE-2026-48337 - High (7.8)

Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-3248
(9.8 CRITICAL)

EPSS: 99.99%

updated 2026-07-14T23:17:27.010000

2 posts

Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/v1/validate/code endpoint. A remote and unauthenticated attacker can send crafted HTTP requests to execute arbitrary code.

Nuclei template

28 repos

https://github.com/PuddinCat/CVE-2025-3248-POC

https://github.com/ynsmroztas/CVE-2025-3248-Langflow-RCE

https://github.com/min8282/CVE-2025-3248

https://github.com/b0ySie7e/CVE-2025-3248-POC

https://github.com/imbas007/CVE-2025-3248

https://github.com/Vip3rLi0n/CVE-2025-3248

https://github.com/dennisec/CVE-2025-3248

https://github.com/Atomics-hub/exposecheck

https://github.com/vigilante-1337/CVE-2025-3248

https://github.com/ill-deed/Langflow-CVE-2025-3248-Multi-target

https://github.com/zapstiko/CVE-2025-3248

https://github.com/tiemio/RCE-CVE-2025-3248

https://github.com/wand3rlust/CVE-2025-3248

https://github.com/xuemian168/CVE-2025-3248

https://github.com/0xgh057r3c0n/CVE-2025-3248

https://github.com/Praison001/CVE-2025-3248

https://github.com/nebari-playground/langflow-cve-2025-3248

https://github.com/get-xor/coreweave-demo-2026-05

https://github.com/r0otk3r/CVE-2025-3248

https://github.com/bambooqj/cve-2025-3248

https://github.com/0-d3y/langflow-rce-exploit

https://github.com/dennisec/Mass-CVE-2025-3248

https://github.com/Kiraly07/Demo_CVE-2025-3248

https://github.com/drackyjr/cve-2025-3248-exploit

https://github.com/12-test-12/CVE-2025-3248

https://github.com/EQSTLab/CVE-2025-3248

https://github.com/verylazytech/CVE-2025-3248

https://github.com/peiqiF4ck/WebFrameworkTools-5.5-enhance

relayshieldadmin at 2026-07-17T19:41:04.940Z ##

New from RelayShield: four checks for agents built with smolagents, published as an MCP server on @huggingface.

- MCP server reputation check before your agent connects
- Prompt-injection pattern detection on ingested content
- Tech-stack CVE monitoring (covers agent frameworks themselves — Langflow's CVE-2025-3248 was the initial-access vector in the first documented autonomous-agent ransomware op)
- Bulk identity-risk scoring

Self-serve, pay-per-call, no subscription.

huggingface.co/blog/relayshiel

##

relayshieldadmin@infosec.exchange at 2026-07-17T19:41:04.000Z ##

New from RelayShield: four #AIsecurity checks for agents built with smolagents, published as an MCP server on @huggingface.

- MCP server reputation check before your agent connects
- Prompt-injection pattern detection on ingested content
- Tech-stack CVE monitoring (covers agent frameworks themselves — Langflow's CVE-2025-3248 was the initial-access vector in the first documented autonomous-agent ransomware op)
- Bulk identity-risk scoring

Self-serve, pay-per-call, no subscription.

huggingface.co/blog/relayshiel

#InfoSec #MCP #AgentSecurity #ThreatIntel

##

CVE-2026-56164
(5.3 MEDIUM)

EPSS: 5.60%

updated 2026-07-14T21:32:51

7 posts

Missing authentication for critical function in Microsoft Office SharePoint allows an unauthorized attacker to elevate privileges over a network.

1 repos

https://github.com/sentinel-aidefense/CVE-2026-56164-EXP

AAKL@infosec.exchange at 2026-07-17T16:32:43.000Z ##

Symantec, posted yesterday: Spirals: New Stealthy Ransomware Deployed Against Asian IT Company security.com/threat-intelligen

Also from yesterday:

Tenable: CVE-2026-32201, CVE-2026-45659, CVE-2026-56164: Frequently Asked Questions About Active Exploitation of Microsoft SharePoint Server Vulnerabilities tenable.com/blog/cve-2026-3220 #threatresearch #Microsoft #ransomware #infosec #SharePoint

##

jbhall56@infosec.exchange at 2026-07-15T13:08:37.000Z ##

These security flaws (tracked as CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) affect all supported self-hosted SharePoint Server versions. bleepingcomputer.com/news/secu

##

beyondmachines1@infosec.exchange at 2026-07-15T12:01:29.000Z ##

CISA Issues Urgent Warning on SharePoint Server Exploitation

CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.

**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

DailyCyberSecurity@infosec.exchange at 2026-07-15T01:06:33.000Z ##

CISA warns SharePoint vulnerabilities CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164 are exploited in the wild. Patch and harden servers now.

#CISA #SharePoint #Microsoft #CVE #CyberSecurity

securityonline.info/cisa-share

##

DailyCyberSecurity@infosec.exchange at 2026-07-14T22:50:38.000Z ##

Microsoft's July 2026 Patch Tuesday fixes 570 flaws. Zero-days CVE-2026-56155 and CVE-2026-56164 are exploited in the wild. Patch now.

#PatchTuesday #Microsoft #ZeroDay #CVE #CyberSecurity

securityonline.info/july-2026-

##

cisakevtracker@mastodon.social at 2026-07-14T19:01:04.000Z ##

CVE ID: CVE-2026-56164
Vendor: Microsoft
Product: SharePoint Server
Date Added: 2026-07-14
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

secdb@infosec.exchange at 2026-07-14T19:00:11.000Z ##

🚨 [CISA-2026:0714] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-56155 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Active Directory Federation Services
- Notes: msrc.microsoft.com/update-guid ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-56164 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint Server
- Notes: msrc.microsoft.com/update-guid ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260714 #cisa20260714 #cve_2026_56155 #cve_2026_56164 #cve202656155 #cve202656164

##

CVE-2026-48324
(9.1 CRITICAL)

EPSS: 0.66%

updated 2026-07-14T21:32:33

1 posts

ColdFusion is affected by an Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

offseq@infosec.exchange at 2026-07-15T06:00:24.000Z ##

CVE-2026-48324 (CRITICAL, CVSS 9.1): Adobe ColdFusion 2025 suffers from an SQL Injection (CWE-89) allowing arbitrary code execution. No patch confirmed — restrict access & monitor SQL activity. radar.offseq.com/threat/cve-20 #OffSeq #ColdFusion #SQLInjection #Vuln

##

CVE-2026-48327
(9.0 None)

EPSS: 0.23%

updated 2026-07-14T21:32:31

1 posts

ColdFusion is affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

offseq@infosec.exchange at 2026-07-15T10:30:27.000Z ##

Adobe ColdFusion 2025 hit by CRITICAL CVE-2026-48327: Incorrect Authorization (CVSS 9.0) enables arbitrary code execution — no user interaction needed. Restrict network access & limit privileges until patch released. radar.offseq.com/threat/cve-20 #OffSeq #ColdFusion #CVE202648327 #Infosec

##

CVE-2026-15765
(7.5 HIGH)

EPSS: 0.27%

updated 2026-07-14T21:32:28

1 posts

Use after free in Ozone in Google Chrome prior to 150.0.7871.125 allowed a remote attacker who convinced a user to engage in specific UI gestures to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

DailyCyberSecurity@infosec.exchange at 2026-07-15T01:46:48.000Z ##

Google's Chrome security update 150.0.7871.124 fixes 15 flaws, including critical use-after-free bugs CVE-2026-15764 and CVE-2026-15765. Update now.

#Chrome #GoogleChrome #CVE #BrowserSecurity #CyberSecurity

securityonline.info/chrome-150

##

CVE-2026-15410
(7.2 HIGH)

EPSS: 1.49%

updated 2026-07-14T21:32:21

8 posts

Post-authentication improper control of generation of code ('Code Injection') vulnerability has been identified in the SMA1000 Appliance Management Console (AMC) which in specific conditions could potentially enable a remote authenticated attacker as administrator to execute arbitrary OS commands.

3 repos

https://github.com/MrRawBit/SonicWall-SMA1000-Zero-Day-IoC-Check

https://github.com/tc4dy/CVE-2026-15409-15410-Framework

https://github.com/HORKimhab/CVE-2026-15410

threatnoir@infosec.exchange at 2026-07-17T03:06:03.000Z ##

⚠️ CRITICAL: Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands

Two zero-day vulnerabilities in SonicWall SMA 1000 appliances are actively exploited in the wild. CVE-2026-15409 is an SSRF flaw, while CVE-2026-15410 allows unauthenticated attackers to execute arbitrary commands as admin. Organizations using these devices face immediate risk of full appliance com…

threatnoir.com/focus

#infosec #cybersecurity

##

AAKL@infosec.exchange at 2026-07-15T17:40:08.000Z ##

SonicWall has addressed a critical vulnerability. This was posted yesterday:

CVE-2026-15409 and CVE-2026-15410 psirt.global.sonicwall.com/vul #infosec #SonicWall #vulnerability

##

cert_fr@social.numerique.gouv.fr at 2026-07-15T14:21:04.000Z ##

⚠️Alerte CERT-FR⚠️

Les vulnérabilités CVE-2026-15409 et CVE-2026-15410 affectent les SMA 1000 et permettent une SSRF ainsi que d'exécuter du code arbitraire à distance.
Elles sont activement exploitées.

cert.ssi.gouv.fr/alerte/CERTFR

##

oversecurity@mastodon.social at 2026-07-15T10:01:29.000Z ##

CISA Adds SonicWall SMA1000 Vulnerabilities to KEV Catalog Following Active Exploitation

Security researchers have identified two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting SonicWall SMA1000 Series...

🔗️ [Thecyberexpress] link.is.it/dwrlPe

##

rxerium@infosec.exchange at 2026-07-15T06:52:49.000Z ##

🚨 Two actively exploited zero-days affecting SonicWall SMA1000 appliances: CVE-2026-15409 (CVSS 10.0) and CVE-2026-15410 (CVSS 7.2)

I’ve created vulnerability detection templates here (with confidence levels):
CVE-2026-15409: github.com/rxerium/rxerium-tem
CVE-2026-15410: github.com/rxerium/rxerium-tem

CVE-2026-15409 is remotely exploitable without authentication, while CVE-2026-15410 requires an authenticated administrator.

##

security_crawler_carl@infosec.exchange at 2026-07-15T02:14:33.000Z ##

🏆 New Achievement! Step Right Up and Get Exploited!

Ladies and gentlemen, gather round and feast your eyes on the most ASTONISHING spectacle of unpatched network appliances this side of the midway! SonicWall — yes, THAT SonicWall — is hollering from the rooftops that threat actors are actively exploiting not one but TWO zero-day vulnerabilities in SMA1000 appliances, CVE-2026-15409 and CVE-2026-15410, in the wild, right now, as you read this! (1/2)

##

oversecurity@mastodon.social at 2026-07-14T22:00:17.000Z ##

SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now

SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day...

🔗️ [Bleepingcomputer] link.is.it/KLZmPI

##

cisakevtracker@mastodon.social at 2026-07-14T20:01:06.000Z ##

CVE ID: CVE-2026-15410
Vendor: SonicWall
Product: SMA1000 Appliances
Date Added: 2026-07-14
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-13001
(9.8 CRITICAL)

EPSS: 1.08%

updated 2026-07-14T21:16:40.860000

2 posts

The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'podlove_handle_cache_files' function in all versions up to, and including, 4.5.1. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

2 repos

https://github.com/Raimu0x19/CVE-2026-13001

https://github.com/shinthink/CVE-2026-13001

darkpact@brettspiel.space at 2026-07-16T15:55:30.000Z ##

@brettagoge Ich hoffe du hast brav ein Backup.

Hier war ein Stelle von letzter Woche:

podlove.org/blog/security-rele

##

js@podcastindex.social at 2026-07-15T14:23:09.000Z ##

‘Podlove Publisher 4.5.2 fixes CVE-2026-13001, a critical vulnerability in the image cache that could allow unauthenticated remote code execution on affected installations.’

podlove.org/blog/security-rele

##

CVE-2026-58528
(6.8 MEDIUM)

EPSS: 0.42%

updated 2026-07-14T20:35:32.720000

1 posts

Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an unauthorized attacker to disclose information with a physical attack.

clueax@infosec.exchange at 2026-07-14T19:59:26.000Z ##

@jerry Microsoft may be doing some creative counting on vulnerabilities. To what end, I dunno.
Example: I looked at the 3 "Windows USB Audio Class Driver Information Disclosure" vulnerabilities.
CVE-2026-58528
CVE-2026-50453
CVE-2026-49794
All three are:
Information disclosure only
Max severity = important
Exploitation assessment = exploitation less likely
weakness = CWE-125: Out-of-bounds Read
require physical access
exploit code maturity = unproven
Acknowledgement to Jonghoi Kim at Patchpoint.io
Sure, they could be 3 totally unique ways to exploit USB audio all found by the same researcher in the same month... but that definitely feels like they're all three the same core issue and could have been a single CVE.

##

CVE-2026-50453
(6.1 MEDIUM)

EPSS: 0.37%

updated 2026-07-14T20:35:12.370000

1 posts

Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an unauthorized attacker to disclose information with a physical attack.

clueax@infosec.exchange at 2026-07-14T19:59:26.000Z ##

@jerry Microsoft may be doing some creative counting on vulnerabilities. To what end, I dunno.
Example: I looked at the 3 "Windows USB Audio Class Driver Information Disclosure" vulnerabilities.
CVE-2026-58528
CVE-2026-50453
CVE-2026-49794
All three are:
Information disclosure only
Max severity = important
Exploitation assessment = exploitation less likely
weakness = CWE-125: Out-of-bounds Read
require physical access
exploit code maturity = unproven
Acknowledgement to Jonghoi Kim at Patchpoint.io
Sure, they could be 3 totally unique ways to exploit USB audio all found by the same researcher in the same month... but that definitely feels like they're all three the same core issue and could have been a single CVE.

##

CVE-2026-54052
(9.9 CRITICAL)

EPSS: 0.39%

updated 2026-07-14T19:07:15

2 posts

## Impact In multi-tenant HTTP deployments — where a single n8n-mcp server serves several tenants — the locally stored workflow version history (the automatic backups taken before workflow updates) was not isolated per tenant. An authenticated tenant could read workflow version snapshots belonging to other tenants, and could delete or destroy other tenants' stored backups. A stored snapshot incl

offseq@infosec.exchange at 2026-07-16T04:30:26.000Z ##

CVE-2026-54052: CRITICAL auth bypass in czlonkowski n8n-mcp <2.56.1. Multi-tenant HTTP mode allows tenants to access/delete others’ sensitive workflow backups. Patch to 2.56.1 ASAP. radar.offseq.com/threat/cve-20 #OffSeq #CVE #infosec #vuln

##

thehackerwire@mastodon.social at 2026-07-15T22:00:21.000Z ##

🔴 CVE-2026-54052 - Critical (9.9)

n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.56.1, in HTTP mode with multi-tenancy enabled through ENABLE_MULTI_TENANT=true, n8n-mcp's local workflow version history ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-55040
(9.1 CRITICAL)

EPSS: 0.67%

updated 2026-07-14T18:32:38

1 posts

Weak authentication in Microsoft Office SharePoint allows an unauthorized attacker to bypass a security feature over a network.

beyondmachines1@infosec.exchange at 2026-07-15T12:01:29.000Z ##

CISA Issues Urgent Warning on SharePoint Server Exploitation

CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.

**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

CVE-2026-50454
(7.8 HIGH)

EPSS: 0.40%

updated 2026-07-14T18:32:32

1 posts

Relative path traversal in Windows User Interface Core allows an authorized attacker to elevate privileges locally.

_r_netsec@infosec.exchange at 2026-07-17T13:28:05.000Z ##

Windows AppResolver LPE: From AppContainer to SYSTEM. PoC linked to CVE-2026-50454 davidcarliez.github.io/blog/wi

##

CVE-2026-58635
(7.8 HIGH)

EPSS: 0.22%

updated 2026-07-14T18:32:12

1 posts

Improper neutralization of special elements used in a command ('command injection') in Windows Narrator Braille allows an authorized attacker to elevate privileges locally.

1 repos

https://github.com/DavidCarliez/CVE-2026-58635-PoC

DarkWebInformer@infosec.exchange at 2026-07-16T22:27:13.000Z ##

‼️ CVE-2026-58635: Windows Narrator Braille Local Privilege Escalation

PoC: github.com/DavidCarliez/CVE-20

##

CVE-2026-50663
(8.8 HIGH)

EPSS: 0.65%

updated 2026-07-14T18:32:06

3 posts

Relative path traversal in Age of Empires II: Definitive Edition Game allows an unauthorized attacker to execute code over a network.

benzogaga33@mamot.fr at 2026-07-16T15:40:03.000Z ##

Age of Empires II : une faille permettait de prendre le contrôle d’un PC via une partie multijoueur it-connect.fr/age-of-empires-i #ActuCybersécurité #Cybersécurité #Vulnérabilité #Microsoft

##

DarkWebInformer@infosec.exchange at 2026-07-15T20:18:06.000Z ##

Microsoft fixed an Age of Empires RCE from yesterday’s Patch Tuesday (CVE-2026-50663). Here is an example of how it was done.

Credit: x.com/rdjgr/status/20773314275

##

L2actual@infosec.exchange at 2026-07-14T20:37:36.000Z ##

I was scanning through the @sans_isc #PatchTuesday post (isc.sans.edu/diary/33154?n with another record breaking number of fixes!) and had to double take when I saw "Age of Empires II" ... I was playing that 25 years ago.

Here's the CVE:
nvd.nist.gov/vuln/detail/CVE-2

#Microsoft #AgeOfEmpiresII

##

CVE-2026-10577
(0 None)

EPSS: 0.25%

updated 2026-07-14T16:46:49.030000

1 posts

A security issue exists within the 1715-AENTR EtherNet/IP Adapter. The affected product exposes a network-accessible debug port that does not enforce proper privilege controls, allowing unauthenticated remote access to intrusive command-line interface (CLI) commands. If exploited, a threat actor could read or delete files, stop tasks, modify memory, and change I/O states, potentially impacting the

DailyCyberSecurity@infosec.exchange at 2026-07-15T07:34:41.000Z ##

Rockwell Automation vulnerability CVE-2026-10577 (CVSS 10) exposes an unauthenticated debug port in 1715 Redundant I/O modules. Update to firmware 3.011.

#RockwellAutomation #ICS #OTSecurity #CVE #CyberSecurity

securityonline.info/rockwell-1

##

CVE-2026-53565(CVSS UNKNOWN)

EPSS: 0.10%

updated 2026-07-14T15:32:25

1 posts

Improper Privilege Management vulnerability in Citrix Secure Access Client for Windows, Citrix Citrix Endpoint Analysis Client for Windows. This issue affects Secure Access Client for Windows: before 26.6.1.20; Citrix Endpoint Analysis Client for Windows: before 26. 5.1.7.

DailyCyberSecurity@infosec.exchange at 2026-07-17T13:02:49.000Z ##

Citrix patched CVE-2026-53565, a Citrix Secure Access vulnerability letting local users gain SYSTEM, plus the CVE-2026-53566 out-of-bounds read bug.

#Citrix #CVE202653565 #PrivilegeEscalation #Vulnerability #Windows

securityonline.info/citrix-sec

##

CVE-2026-53566(CVSS UNKNOWN)

EPSS: 0.11%

updated 2026-07-14T15:32:24

1 posts

Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windows. This issue affects Citrix Secure Access Client for Windows: before 26.6.1.20.

DailyCyberSecurity@infosec.exchange at 2026-07-17T13:02:49.000Z ##

Citrix patched CVE-2026-53565, a Citrix Secure Access vulnerability letting local users gain SYSTEM, plus the CVE-2026-53566 out-of-bounds read bug.

#Citrix #CVE202653565 #PrivilegeEscalation #Vulnerability #Windows

securityonline.info/citrix-sec

##

CVE-2026-15719
(5.4 MEDIUM)

EPSS: 0.13%

updated 2026-07-14T15:32:24

1 posts

We are aware that exploit code for this is public however we are not aware of any attacks in the wild abusing this flaw. This vulnerability was fixed in Firefox 152.0.6.

offseq@infosec.exchange at 2026-07-15T09:00:29.000Z ##

Firefox 152.0.6 and Chrome 150.0.7871.124/.125 resolve CRITICAL flaws. Firefox bugs (CVE-2026-15718, CVE-2026-15719) have public exploits, but no in-the-wild attacks. Patch ASAP. Chrome fixes 15 issues. radar.offseq.com/threat/critic #OffSeq #Vuln #PatchNow #BrowserSecurity

##

CVE-2026-15718
(4.3 MEDIUM)

EPSS: 0.16%

updated 2026-07-14T15:32:24

1 posts

We are aware that exploit code for this is public however we are not aware of any attacks in the wild abusing this flaw. This vulnerability was fixed in Firefox 152.0.6.

offseq@infosec.exchange at 2026-07-15T09:00:29.000Z ##

Firefox 152.0.6 and Chrome 150.0.7871.124/.125 resolve CRITICAL flaws. Firefox bugs (CVE-2026-15718, CVE-2026-15719) have public exploits, but no in-the-wild attacks. Patch ASAP. Chrome fixes 15 issues. radar.offseq.com/threat/critic #OffSeq #Vuln #PatchNow #BrowserSecurity

##

CVE-2026-6875
(0 None)

EPSS: 0.51%

updated 2026-07-14T05:16:19.730000

3 posts

ServiceNow has addressed a remote code execution vulnerability that was identified in the ServiceNow AI platform. This vulnerability could enable an unauthenticated user, in certain circumstances, to execute code within the ServiceNow platform. ServiceNow addressed this vulnerability by deploying a security update to hosted instances. Relevant security updates have also been provided to ServiceN

DailyCyberSecurity at 2026-07-18T11:03:37.085Z ##

Active Exploitation and Public PoC Disclosed for CVE-2026-6875 ServiceNow Sandbox Escape Remote Code Execution

securityonline.info/cve-2026-6

##

DailyCyberSecurity@infosec.exchange at 2026-07-18T11:03:37.000Z ##

Active Exploitation and Public PoC Disclosed for CVE-2026-6875 ServiceNow Sandbox Escape Remote Code Execution

securityonline.info/cve-2026-6

##

offseq@infosec.exchange at 2026-07-15T12:00:27.000Z ##

CRITICAL RCE in ServiceNow AI platform (CVE-2026-6875) allows unauthenticated code execution. Patched — no active exploitation. Ivanti & Fortinet also released key updates. Patch all affected systems promptly. radar.offseq.com/threat/vulner #OffSeq #Vuln #ServiceNow #Ivanti #Fortinet

##

CVE-2026-15378
(9.3 CRITICAL)

EPSS: 0.42%

updated 2026-07-14T02:16:54.120000

1 posts

A flaw was found in the `guardrails-detectors` component. This vulnerability allows a remote attacker to perform a blind Server-Side Request Forgery (SSRF) by submitting a specially crafted XML Schema Definition (XSD) string. This can lead to unauthorized access to sensitive information, including credentials from cloud metadata services, Kubernetes API, internal MinIO, and other internal network

DailyCyberSecurity@infosec.exchange at 2026-07-16T15:01:36.000Z ##

CVE-2026-15378 is a blind SSRF in Red Hat OpenShift AI. The guardrails-detectors flaw exposes cloud credentials and Kubernetes secrets.

#OpenShiftAI #CVE202615378 #SSRF #RedHat #Kubernetes

securityonline.info/openshift-

##

CVE-2026-59208
(6.8 MEDIUM)

EPSS: 0.14%

updated 2026-07-14T01:16:18.827000

1 posts

n8n is an open source workflow automation platform. Prior to 2.27.4 and from 2.28.0 prior to 2.28.1, n8n instances configured with more than one trusted token-exchange issuer resolved external identities to local accounts using only the JWT sub claim and ignored the iss claim, allowing an attacker with a valid token from one trusted issuer and a sub matching a victim under another issuer to authen

CVE-2026-54159
(10.0 CRITICAL)

EPSS: 0.00%

updated 2026-07-10T20:36:58

2 posts

### Impact A PHP Object Injection vulnerability affects the PrestaShop module `ps_facetedsearch`. The module rebuilds the selected search filters from the request URL. The value of a slider filter (**price** or **weight**) is taken from the URL without sufficient validation, then stored in an internal filter-block cache where it is serialized and later read back with a raw native `unserialize()`

thehackerwire@mastodon.social at 2026-07-18T05:01:30.000Z ##

🔴 CVE-2026-54159 - Critical (10)

PrestaShop ps_facetedsearch is a module that adds layered navigation filters. From 3.0.0 until 4.0.4, the ps_facetedsearch module rebuilds selected search filters from the request URL, and the value of a slider filter, price or weight, is taken fr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T05:01:30.000Z ##

🔴 CVE-2026-54159 - Critical (10)

PrestaShop ps_facetedsearch is a module that adds layered navigation filters. From 3.0.0 until 4.0.4, the ps_facetedsearch module rebuilds selected search filters from the request URL, and the value of a slider filter, price or weight, is taken fr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-59792
(9.6 CRITICAL)

EPSS: 0.42%

updated 2026-07-10T15:31:48

1 posts

In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path traversal in project workspace ID handling was possible

DailyCyberSecurity@infosec.exchange at 2026-07-15T13:03:35.000Z ##

JetBrains vulnerabilities patched: CVE-2026-62422 (CVSS 10) YouTrack authentication bypass, IntelliJ IDEA RCE CVE-2026-59792, and four TeamCity flaws.

#JetBrains #YouTrack #IntelliJIDEA #TeamCity #CVE

securityonline.info/jetbrains-

##

CVE-2026-56688
(9.1 CRITICAL)

EPSS: 1.29%

updated 2026-07-10T12:31:56

1 posts

Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability during OS Repository processing to achieve arbitrary command execution as root, potentially leading to full appliance compromise and latera

DailyCyberSecurity@infosec.exchange at 2026-07-16T12:39:39.000Z ##

Dell patched CVE-2026-56688, a PowerFlex command execution bug. This OS command injection flaw lets a privileged attacker run code as root.

#DellPowerFlex #CVE202656688 #OSCommandInjection #RCE #Dell

securityonline.info/dell-power

##

CVE-2026-59826
(9.1 CRITICAL)

EPSS: 0.39%

updated 2026-07-10T05:16:38.427000

1 posts

Metabase is an open-source business intelligence and embedded analytics tool. From 1.55.0 until 1.58.15.1, 1.59.12, 1.60.6.3, and 1.61.2, Metabase did not validate unsafe H2 connection properties on one database-creation code path, allowing an authenticated administrator to register a crafted H2 database connection and execute arbitrary Java code on the Metabase server. This issue is fixed in vers

DailyCyberSecurity@infosec.exchange at 2026-07-16T14:04:39.000Z ##

Metabase patched CVE-2026-59827 (CVSS 9.9) and CVE-2026-59826 (CVSS 9.1). These flaws enable remote code execution via unsafe H2 deserialization.

#Metabase #RCE #CVE202659827 #Deserialization #H2Database

securityonline.info/metabase-h

##

CVE-2026-49485
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-09T13:43:04

2 posts

# Summary All implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input validation. The utility intended to secure this evaluation did so incorrectly, and did not fully cover all places in which evaluation was being done. An attacker can send a resource containing an evil regex pattern that causes catastrophic backtracking, exhausting system resources,

thehackerwire@mastodon.social at 2026-07-18T05:00:33.000Z ##

🟠 CVE-2026-49485 - High (7.5)

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.9 and 6.9.4.2, all implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input valida...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T05:00:33.000Z ##

🟠 CVE-2026-49485 - High (7.5)

HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.9 and 6.9.4.2, all implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input valida...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43499
(7.8 HIGH)

EPSS: 0.12%

updated 2026-07-08T23:16:54.523000

4 posts

In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in remove_waiter() remove_waiter() is used by the slowlock paths, but it is also used for proxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from futex_requeue(). In the latter case waiter::task is not current, but remove_waiter() operates on current for the dequeue oper

35 repos

https://github.com/0xBlackash/CVE-2026-43499

https://github.com/Linuxoid-cn/CVE-2026-43499-Poc-Analysis

https://github.com/onesmiledx/CVE-2026-43499

https://github.com/BuSung-dev/CVE-2026-43499-S25U

https://github.com/HORKimhab/CVE-2026-43499

https://github.com/ctnBobong32/auto_extract_offsets

https://github.com/tc3650/CVE-2026-43499-armv7

https://github.com/BuSung-dev/Root-My-Galaxy

https://github.com/2932796375github/CVE-2026-43499_OPPO-MT6835

https://github.com/HYCQAQ/Logitech-G-Cloud-GhostLock-CVE-2026-43499

https://github.com/x-spy/CVE-2026-43499-popsicle

https://github.com/PeronGH/ghostlock-selinux-disabler

https://github.com/ctnBobong32/CVE-2026-43499-so-build

https://github.com/Bartixxx32/CVE-2026-43499-OnePlus15

https://github.com/ayyy7128/CVE-2026-43499-jinghu

https://github.com/caspy123/CVE-2026-43499

https://github.com/sorrow404Null/CVE-2026-43499-RMX5200

https://github.com/Linuxoid-cn/Mi8E5-Unlocker-by-CVE-2026-43499

https://github.com/MiaPatsune/cve-2026-43499

https://github.com/joehquak/Mi8E5-Unlocker-by-CVE-2026-43499

https://github.com/Cxyofficial/x200-cve-2026-43499

https://github.com/inforcqb/CVE-2026-43499-pja110

https://github.com/qsvggff-spec/oppo-A5-PRO-5G-CVE-2026-43499

https://github.com/p2p3p/GhostLock-for-OnePlus

https://github.com/Yakayna/SpringPeace

https://github.com/JoinChang/ghostlock-oneplus

https://github.com/MobiusM/CVE-2026-43499

https://github.com/pubglite55/oppo-ghostlock

https://github.com/Thiasap/oppo-pgem10-ghostlock

https://github.com/dmcdtc/openvz-cve-patch-2026

https://github.com/Wtrwx/smt878u-ionstack-poc

https://github.com/CakesTwix/Android-CVE-2026-43499

https://github.com/SlightNeko/ghostlock-rothko

https://github.com/Colorful-glassblock/duchamp-root

https://github.com/justsoman/CyberMeowfia-ace3

sigint@fosstodon.org at 2026-07-17T23:45:06.000Z ##

🐧 SIGINT // Ubuntu Watch — 2026-07-18

A 15-year-old futex bug with a 97% reliable public root exploit is exactly the kind of thing that ruins a weekend. Check your kernel version on every box, containers included, and patch before someone else does it for you.

🔗 linuxjust4u.com/linux/ghostloc

#Ubuntu #Linux #infosec

##

bearstech@mamot.fr at 2026-07-15T20:45:14.000Z ##

Un bel article qui détaille GhostLock (CVE-2026-43499) : une vulnérabilité du noyau Linux présente depuis 2011 dans quasi toutes les distributions Linux.

👉 nebusec.ai/research/ionstack-p

##

BenjaminHCCarr@hachyderm.io at 2026-07-15T16:47:00.000Z ##

#AI Uncovers a 15-Year-Old #LinuxKernel Root #Vulnerability Hidden Since 2011
Security researchers at Nebula Security announced the discovery of #GhostLock (CVE-2026-43499), a critical local privilege escalation vulnerability that remained hidden in the Linux kernel for approximately 15 years before being identified by the company's AI-powered vulnerability research platform, VEGA
The vulnerability affects #Linux kernels dating back to version 2.6.39 (2011).
linuxjournal.com/content/ai-un

##

hackmag@infosec.exchange at 2026-07-15T16:30:03.000Z ##

⚪️ GhostLock vulnerability has existed since 2011 and affects major Linux distributions

🗨️ Researchers at Nebula Security have disclosed a vulnerability in the Linux kernel called GhostLock (CVE-2026-43499). This bug allows an unprivileged local user to escalate privileges to root and escape from a container. The issue has been present in the kernel…

🔗 hackmag.com/news/ghostlock?utm

#news

##

CVE-2026-49445
(9.2 CRITICAL)

EPSS: 0.17%

updated 2026-07-06T17:03:21

1 posts

### Impact When Cilium L7 functionality is enabled on a cluster, the Envoy instance supporting this functionality creates a world-accessible socket on cluster nodes. A local attacker would be able to access Envoy admin endpoints. Depending on deployment configuration, this can expose sensitive information or allow disruptive administrative operations, such as: - Exposing TLS secrets - Disrupting

thehackerwire@mastodon.social at 2026-07-15T21:00:17.000Z ##

🔴 CVE-2026-49445 - Critical (9.2)

Cilium is a networking, observability, and security solution. Prior to 1.17.14, 1.18.8, and 1.19.2, when Cilium L7 functionality is enabled, the embedded or standalone Envoy instance creates a world-accessible admin.sock on cluster nodes, allowing...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45659
(8.8 HIGH)

EPSS: 3.22%

updated 2026-07-01T21:35:53

4 posts

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

1 repos

https://github.com/HORKimhab/CVE-2026-45659

AAKL@infosec.exchange at 2026-07-17T16:32:43.000Z ##

Symantec, posted yesterday: Spirals: New Stealthy Ransomware Deployed Against Asian IT Company security.com/threat-intelligen

Also from yesterday:

Tenable: CVE-2026-32201, CVE-2026-45659, CVE-2026-56164: Frequently Asked Questions About Active Exploitation of Microsoft SharePoint Server Vulnerabilities tenable.com/blog/cve-2026-3220 #threatresearch #Microsoft #ransomware #infosec #SharePoint

##

jbhall56@infosec.exchange at 2026-07-15T13:08:37.000Z ##

These security flaws (tracked as CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) affect all supported self-hosted SharePoint Server versions. bleepingcomputer.com/news/secu

##

beyondmachines1@infosec.exchange at 2026-07-15T12:01:29.000Z ##

CISA Issues Urgent Warning on SharePoint Server Exploitation

CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.

**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

DailyCyberSecurity@infosec.exchange at 2026-07-15T01:06:33.000Z ##

CISA warns SharePoint vulnerabilities CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164 are exploited in the wild. Patch and harden servers now.

#CISA #SharePoint #Microsoft #CVE #CyberSecurity

securityonline.info/cisa-share

##

CVE-2026-9798
(4.3 MEDIUM)

EPSS: 0.21%

updated 2026-07-01T21:26:23

1 posts

A flaw was found in Keycloak, an open-source identity and access management solution. When a user account is temporarily locked due to repeated failed login attempts, an attacker with valid client credentials can exploit the Client-Initiated Backchannel Authentication (CIBA) flow to bypass this brute-force protection. This allows continued authentication attempts and token issuance even when the a

EUVD_Bot@mastodon.social at 2026-07-17T18:00:07.000Z ##

🚨 EUVD-2026-45225

📊 Score: 4.3/10 (CVSS v3.1)
📅 Updated: 2026-07-17

📝 A flaw was found in the keycloak-services component of Keycloak. This issue is an incomplete fix for CVE-2026-9798, where brute-force protection checks were added to the Client-Initiated Backchannel Authentication (CIBA) initiation handler but were omitted from the token redemption handler. Thi...

🔗 euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##

CVE-2026-54458
(9.6 CRITICAL)

EPSS: 0.30%

updated 2026-06-22T14:36:04

2 posts

# Unauthenticated Stored DOM XSS via `page_title` Broadcast in AVideo YPTSocket Plugin ## Summary A stored DOM Cross-Site Scripting vulnerability (CWE-79) in the AVideo YPTSocket plugin lets any unauthenticated remote attacker execute arbitrary JavaScript in the authenticated origin of every administrator currently viewing a page that renders the YPTSocket online-users debug panel. `plugin/YPTSo

offseq@infosec.exchange at 2026-07-16T00:00:41.000Z ##

CVE-2026-54458 (CRITICAL, CVSS 9.6): WWBN AVideo (<29.0) suffers stored DOM XSS in YPTSocket plugin. Unauthenticated attackers can hijack admin sessions. Patch now — upgrade to v29.0. radar.offseq.com/threat/cve-20 #OffSeq #XSS #WWBNA Video #infosec

##

thehackerwire@mastodon.social at 2026-07-15T23:00:39.000Z ##

🔴 CVE-2026-54458 - Critical (9.6)

WWBN AVideo is an open source video platform. Versions prior to 29.0 contain a stored DOM Cross-Site Scripting vulnerability in the YPTSocket plugin. Any unauthenticated remote attacker can execute arbitrary JavaScript in the authenticated origin ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43088
(5.5 MEDIUM)

EPSS: 0.12%

updated 2026-06-19T13:16:28.160000

2 posts

In the Linux kernel, the following vulnerability has been resolved: net: af_key: zero aligned sockaddr tail in PF_KEY exports PF_KEY export paths use `pfkey_sockaddr_size()` when reserving sockaddr payload space, so IPv6 addresses occupy 32 bytes on the wire. However, `pfkey_sockaddr_fill()` initializes only the first 28 bytes of `struct sockaddr_in6`, leaving the final 4 aligned bytes uninitial

bms48@mastodon.social at 2026-07-17T22:13:21.000Z ##

@kevin L4? Apple would like a word. About secure enclaves. Now, Mr Torvalds, about that PF_KEY CVE... dailycve.com/linux-kernel-unin

##

bms48@mastodon.social at 2026-07-17T22:13:21.000Z ##

@kevin L4? Apple would like a word. About secure enclaves. Now, Mr Torvalds, about that PF_KEY CVE... dailycve.com/linux-kernel-unin

##

CVE-2026-55518
(9.6 CRITICAL)

EPSS: 0.00%

updated 2026-06-17T18:49:13

3 posts

## Summary A critical missing authorization flaw exists in Avo's association attach workflow. The UI and `GET /resources/:resource/:id/:related/new` path can check `attach_<association>?`, but the actual write endpoint, `POST /resources/:resource/:id/:related`, does not run the same authorization check before mutating the association. As a result, an authenticated low-privileged Avo user can byp

hugovalters@mastodon.social at 2026-07-17T23:13:10.000Z ##

CVE-2026-55518 - Critical privilege escalation in Avo admin panel. Ruby on Rails users: authorization bypass in association attach workflow lets authenticated low-privilege users mutate associations. CVSS 9.6. No patch yet - monitor updates. #CVE #RubyOnRails #infosec

valtersit.com/cve/CVE-2026-555

##

thehackerwire@mastodon.social at 2026-07-17T22:00:26.000Z ##

🔴 CVE-2026-55518 - Critical (9.6)

Avo is a framework to create admin panels for Ruby on Rails apps. Prior to 3.32.1 and 4.0.0.beta.51, Avo's association attach workflow checks attach_? in the UI and GET /resources/:resource/:id/:related/new path, but the actual write endpoint, POS...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-17T22:00:26.000Z ##

🔴 CVE-2026-55518 - Critical (9.6)

Avo is a framework to create admin panels for Ruby on Rails apps. Prior to 3.32.1 and 4.0.0.beta.51, Avo's association attach workflow checks attach_? in the UI and GET /resources/:resource/:id/:related/new path, but the actual write endpoint, POS...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-46669
(7.5 HIGH)

EPSS: 0.23%

updated 2026-06-17T10:53:49.683000

1 posts

OpenVM is a performant and modular zkVM framework built for customization and extensibility. Prior to version 1.6.0, the openvm-pairing guest library's try_honest_pairing_check function invokes Theorem 3 of https://eprint.iacr.org/2024/640.pdf but does not check that the scaling factor s is in a proper subfield of Fp12. This allows incorrect results to the pairing check. This issue has been patche

sayzard@mastodon.sayzard.org at 2026-07-17T18:41:48.000Z ##

AI Meets Cryptography 2: What AI Found in OpenVM's ZkVM

OpenVM의 zkVM 게스트 라이브러리 `openvm-pairing`에서 임의의 pairing equality를 위조할 수 있는 치명적 건전성 취약점(CVE-2026-46669)이 발견됐으며, OpenVM 1.6.0에서 수정됐다. 최적화된 pairing 검증이 스케일링 인자 `u`/`s`가 올바른 Fp6 부분체에 속하는지 검사하지 않아, 공격자가 `c=1`, `u=f^-1`를 제공해 거짓 pairing 검증을 통과시킬 수 있었다. 영향 범위는 zkVM 증명 시스템 자체가 아니라 취약한 게스트 라이브러리를 사용하는 코드이지만, BLS12-381 기반 KZG opening proof·PLONK·BL...

blog.zksecurity.xyz/posts/open

##

CVE-2026-3891
(9.8 CRITICAL)

EPSS: 0.84%

updated 2026-06-17T10:44:23.283000

1 posts

The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing capability check and missing file type validation in the 'lkn_pix_for_woocommerce_c6_save_settings' function in all versions up to, and including, 1.5.0. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution

Nuclei template

6 repos

https://github.com/joshuavanderpoll/CVE-2026-3891

https://github.com/AnggaTechI/Mass-Scanner-CVE-2026-3891

https://github.com/m4sh-wacker/CVE-2026-3891-Pix-for-WooCommerce-Plugin-Exploit

https://github.com/shinthink/CVE-2026-3891

https://github.com/Nxploited/CVE-2026-3891

https://github.com/willygailo/CVE-2026-3891-Linux

DarkWebInformer@infosec.exchange at 2026-07-16T20:26:40.000Z ##

‼️ CVE-2026-3891: A critical Unauthenticated Arbitrary File Upload vulnerability found in the Pix for WooCommerce WordPress plugin in versions up to and including 1.5.0.

PoC: github.com/m4sh-wacker/CVE-202

##

CVE-2026-3300
(9.8 CRITICAL)

EPSS: 40.99%

updated 2026-06-17T10:43:22.287000

1 posts

The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions up to, and including, 1.9.12. This is due to the Calculation Addon's process_filter() function concatenating user-submitted form field values into a PHP code string without proper escaping before passing it to eval(). The sanitize_text_field() function applied to input does not

Nuclei template

2 repos

https://github.com/HORKimhab/CVE-2026-3300

https://github.com/adamshaikhma/CVE-2026-3300

sekurakbot@mastodon.com.pl at 2026-07-17T11:22:00.000Z ##

Krytyczna podatność RCE we wtyczce Everest Forms Pro (WordPress)

Badacze bezpieczeństwa z Wordfence ujawnili krytyczną podatność Remote Code Execution we wtyczce Everest Forms Pro przeznaczonej dla WordPressa. Luka ma być wciąż wykorzystywana do ataków na strony korzystające z tego rozszerzenia. Podatność dotyczy wszystkich wersji przed 1.9.13 i otrzymała ocenę 9.8 (krytyczna) w skali CVSS. TLDR: Podatność (CVE-2026-3300) pozwala nieuwierzytelnionemu...

#WBiegu #Podatność #Rce #Wordpress #Wtyczki

sekurak.pl/krytyczna-podatnosc

##

CVE-2026-33482
(8.1 HIGH)

EPSS: 2.06%

updated 2026-06-17T10:37:34.483000

1 posts

WWBN AVideo is an open source video platform. In versions up to and including 26.0, the `sanitizeFFmpegCommand()` function in `plugin/API/standAlone/functions.php` is designed to prevent OS command injection in ffmpeg commands by stripping dangerous shell metacharacters (`&&`, `;`, `|`, `` ` ``, `<`, `>`). However, it fails to strip `$()` (bash command substitution syntax). Since the sanitized com

thehackerwire@mastodon.social at 2026-07-16T22:01:24.000Z ##

🟠 CVE-2026-55173 - High (8.1)

WWBN AVideo is an open source video platform. Versions 29.0 and below remain vulnerable to OS command injection because the fix for CVE-2026-33482 was incomplete and still does not neutralize a single & ( the shell background operator). CVE-2026-...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32201
(6.5 MEDIUM)

EPSS: 22.81%

updated 2026-06-17T10:35:20.103000

4 posts

Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.

1 repos

https://github.com/B1tBit/CVE-2026-32201-exploit

AAKL@infosec.exchange at 2026-07-17T16:32:43.000Z ##

Symantec, posted yesterday: Spirals: New Stealthy Ransomware Deployed Against Asian IT Company security.com/threat-intelligen

Also from yesterday:

Tenable: CVE-2026-32201, CVE-2026-45659, CVE-2026-56164: Frequently Asked Questions About Active Exploitation of Microsoft SharePoint Server Vulnerabilities tenable.com/blog/cve-2026-3220 #threatresearch #Microsoft #ransomware #infosec #SharePoint

##

jbhall56@infosec.exchange at 2026-07-15T13:08:37.000Z ##

These security flaws (tracked as CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) affect all supported self-hosted SharePoint Server versions. bleepingcomputer.com/news/secu

##

beyondmachines1@infosec.exchange at 2026-07-15T12:01:29.000Z ##

CISA Issues Urgent Warning on SharePoint Server Exploitation

CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.

**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

DailyCyberSecurity@infosec.exchange at 2026-07-15T01:06:33.000Z ##

CISA warns SharePoint vulnerabilities CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164 are exploited in the wild. Patch and harden servers now.

#CISA #SharePoint #Microsoft #CVE #CyberSecurity

securityonline.info/cisa-share

##

CVE-2026-2701
(9.1 CRITICAL)

EPSS: 48.81%

updated 2026-06-17T10:31:33.987000

1 posts

Authenticated user can upload a malicious file to the server and execute it, which leads to remote code execution.

security_crawler_carl@infosec.exchange at 2026-07-16T05:50:28.000Z ##

🏆 New Achievement! Storage Zone, No Ozone!

Tonight's broadcast is brought to you by Deferred Patch Tuesdays — "Why upgrade today when v5.11 is running just fine?" Progress Software discovered two critical zero-days, CVE-2026-2699 and CVE-2026-2701, lurking in ShareFile Storage Zones Controller v5.x. Unauthenticated. Remote. Full system compromise. So catastrophic that customer-managed Storage Zone Controllers had to be emergency-shutdown entirely. (1/2)

##

CVE-2026-23744
(9.8 CRITICAL)

EPSS: 43.67%

updated 2026-06-17T10:22:02.160000

1 posts

MCPJam inspector is the local-first development platform for MCP servers. Versions 1.4.2 and earlier are vulnerable to remote code execution (RCE) vulnerability, which allows an attacker to send a crafted HTTP request that triggers the installation of an MCP server, leading to RCE. Since MCPJam inspector by default listens on 0.0.0.0 instead of 127.0.0.1, an attacker can trigger the RCE remotely v

Nuclei template

37 repos

https://github.com/avivyap/CVE-2026-23744

https://github.com/InzegoSec/CVE-2026-23744

https://github.com/CyLock11/CVE-2026-23744

https://github.com/sbouabid-sec/CVE-2026-23744-POC

https://github.com/ibreakthingsforaliving/CVE-2026-23744-PoC

https://github.com/alisster00/CVE-2026-23744-RCE

https://github.com/ctzisme/CVE-2026-23744

https://github.com/z4yd3/PoC-CVE-2026-23744

https://github.com/luiskrnr/exploit-CVE-2026-23744

https://github.com/d3vn0mi/CVE-2026-23744-POC

https://github.com/p1ctur3p3rf3ct/CVE-2026-23744

https://github.com/FrenzisRed/CVE-2026-23744

https://github.com/Dahalsamir/CVE-2026-23744-MCPJAM-RCE-exploit

https://github.com/Least-Significant-Bit/CVE-2026-23744

https://github.com/rohit-sundar/cve-2026-23744

https://github.com/MrR0b0t19/CVE-2026-23744-PoC

https://github.com/fckoo/mcpjaminspector-unauth-rce

https://github.com/thisisish/HTB-DevHub

https://github.com/timgad794/DevHub-HTB-Walkthrough

https://github.com/fcjaviergarcia/CVE-2026-23744-POC

https://github.com/rootdirective-sec/CVE-2026-23744-Lab

https://github.com/0x77FSec/CVE-2026-23744

https://github.com/CerberusMrXi/CVE-2026-23744-MCPJam-Exploit

https://github.com/kennedy-aikohi/mcpjam-cve-2026-23744-validator

https://github.com/H1sok444/CVE-2026-23744-PoC

https://github.com/daemoncibsec/mcpExec

https://github.com/jf-gondim/mcp-pwn

https://github.com/SrGinebras/CVE-2026-23744-RCE-for-MCPjam-inspector-v1.4.2

https://github.com/m2sousa/CVE-2026-23744

https://github.com/oryk0/CVE-2026-23744

https://github.com/diamorphine666/CVE-2026-23744-exploit

https://github.com/suljov/CVE-2026-23744-Remote-Code-Execution-POC

https://github.com/keeieb79/CVE-2026-23744-poc

https://github.com/afifudinmtop/MCPJam-Inspector-1.4.2-Remote-Code-Execution-CVE-2026-23744

https://github.com/ozcanpng/CVE-2026-23744

https://github.com/AhmadF77/CVE-2026-23744

https://github.com/0xg00se/CVE-2026-23744-script

DarkWebInformer@infosec.exchange at 2026-07-15T18:40:19.000Z ##

‼️ CVE-2026-23744: MCPJam Inspector RCE Exploit

GitHub: github.com/CerberusMrXi/CVE-20

Features:

▪️Multi-payload Support: Includes Bash, Python, Netcat, Perl, PHP, and Base64 payloads.
▪️Command Execution: Execute commands on the target system with output capture.
▪️Target Scanning: Scan multiple targets with configurable rate limiting.
▪️Session Management: Persistent session management for ongoing testing.
▪️Proxy Support: Integrate with proxies for anonymous or routed traffic.
▪️Target Fingerprinting: Identify target system characteristics.
▪️Auto-listener Setup: Automatically configure listeners for reverse shells.

##

CVE-2026-1541
(4.3 MEDIUM)

EPSS: 0.27%

updated 2026-06-17T10:16:02.020000

1 posts

The Avada (Fusion) Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.15.1. This is due to the plugin's `fusion_get_post_custom_field()` function failing to validate whether metadata keys are protected (underscore-prefixed). This makes it possible for authenticated attackers, with Subscriber-level access and above, to extract protec

2 repos

https://github.com/tc4dy/CVE-2026-15409-15410-Framework

https://github.com/HORKimhab/CVE-2026-15410

bsi@social.bund.de at 2026-07-15T10:25:56.000Z ##

⚠️ 📢 Sicherheitshinweis: Am 14. Juli 2026 veröffentlichte das Unternehmen #SonicWall ein Advisory zu seiner SMA1000-Produktserie und führte darin aus, dass die Modelle 6210, 7210 und 8200v durch zwei neu entdeckte Zero-Day #Schwachstellen (CVE-2026-15409, CVE-2026-1541) verwundbar sind.

❗️ Das Unternehmen verweist im Advisory darauf, dass "zahlreiche Fälle" vorliegen, die auf eine Ausnutzung der Schwachstellen schließen lassen.

Mehr dazu hier: ➡️ bsi.bund.de/dok/1203248

@certbund

##

CVE-2015-0004
(0 None)

EPSS: 3.55%

updated 2026-06-17T00:19:24.390000

1 posts

The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, and Windows RT Gold and 8.1 allows local users to gain privileges by conducting a junction attack to load another user's UsrClass.dat registry hive, aka MSRC ID 20674 or "Microsoft User Profile Se

beep@piefed.world at 2026-07-15T08:55:26.570Z ##

Nightmare-Eclipse just dropped "LegacyHive," a new Windows privilege-escalation zero-day PoC that targets the Windows User Profile Service, the component that loads a user's settings during sign-in

cross-posted from: https://piefed.world/c/tech/p/1263199/nightmare-eclipse-just-dropped-legacyhive-a-new-windows-privilege-escalation-zero-day-po

Announcement.

The PoC reportedly uses a carefully timed path-switching trick to make Windows mount another user’s Registry file, potentially an administrator’s, under a standard “helper” account.

Nightmare-Eclipse claims it works across supported Windows desktop and server builds patched through July 2026.

Nightmare-Eclipse says a private version could load arbitrary Registry hives, but that broader version has not been published.

Interestingly, Nightmare-Eclipse previously told us that vulnerability names are inspired by random events in his life. “LegacyHive” appears to break from that convention.

Deja vu: Microsoft patched this broad ProfSvc trust-boundary failure in 2015 as CVE-2015-0004, which also loaded another user’s hive. LegacyHive appears to use a new path-swap to revive that bug class.

As of writing: no CVE, no Microsoft advisory, no comment.

Text source: International Cyber Digest.

##

CVE-2026-44182(CVSS UNKNOWN)

EPSS: 0.35%

updated 2026-06-03T21:37:18

1 posts

### Summary The environment variables used during the rendering of the Kubernetes manifest allow YAML injection, enabling attackers to overwrite existing keys like `securityContext` and inject multi-document YAML to create additional unintended Kubernetes resources. ### Details The server interpolates untrusted environment variables (e.g., `KERNEL_XXX`) into Kubernetes manifests without YAML-aw

offseq@infosec.exchange at 2026-07-17T04:30:25.000Z ##

CVE-2026-44182: CRITICAL YAML injection in jupyter-server enterprise_gateway <3.3.0 🚨 Untrusted env vars in manifests can let attackers create/modify Kubernetes resources, incl. privileged pods. Upgrade to 3.3.0+ ASAP. radar.offseq.com/threat/cve-20 #OffSeq #CVE202644182 #Kubernetes

##

CVE-2026-44023
(8.6 HIGH)

EPSS: 0.29%

updated 2026-06-03T21:16:26

1 posts

### Impact In versions `>= 1.5.0, < 2.74.1`, `docling-core` did not sufficiently restrict remote request destinations and could resolve a server-provided `Content-Disposition` to a local path in an unsafe manner. In applications that accept untrusted URLs, this could allow SSRF attacks targeting local files outside the user-defined cache directory. ### Patches Patched in `docling-core` `2.74.1`.

thehackerwire@mastodon.social at 2026-07-16T22:01:01.000Z ##

🟠 CVE-2026-44023 - High (8.6)

Docling Core defines core data types and transformations for the document processing application Docling. In versions 1.5.0 and above, prior to 2.74.1, docling-core did not sufficiently restrict remote request destinations and could resolve a serv...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45363
(7.4 HIGH)

EPSS: 0.24%

updated 2026-06-02T22:12:51

1 posts

`JWT.decode(token, '', true, algorithm: 'HS256')` accepts an attacker-forged token. `OpenSSL::HMAC.digest('SHA256', '', payload)` returns a valid digest under an empty key, and no `raise InvalidKeyError if key.empty?` precondition exists in the HMAC algorithm. ``` JWT.decode(token, "", true, algorithm: 'HS256') -> JWA::Hmac.verify(verification_key: "", ...) -> OpenSSL::HMAC.digest('SHA256',

offseq@infosec.exchange at 2026-07-15T00:00:40.000Z ##

CVE-2026-45363: CRITICAL improper authentication in ruby-jwt (<2.10.3, <3.2.0) lets attackers forge JWTs with empty HMAC keys. Immediate upgrade required to 2.10.3/3.2.0. Impact: auth bypass, high integrity risk. radar.offseq.com/threat/cve-20 #OffSeq #CVE202645363 #ruby #jwt #infosec

##

CVE-2026-3220
(8.8 HIGH)

EPSS: 0.32%

updated 2026-05-18T15:30:37

1 posts

The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin before 2.4.2, Speed Optimizer WordPress plugin before 7.7.9 are vulnerable to unauthenticated Stored Cross-Site Scripting (XSS) due to a predictable replacement hash used during the HTML minification process and abusing a regular expression. This allows an attacker to inject arbitrary HTML attributes in the final HTML

4 repos

https://github.com/B1tBit/CVE-2026-32201-exploit

https://github.com/virus-or-not/CVE-2026-32202

https://github.com/solarlynxsqueeze/CVE-2026-32202

https://github.com/cloud2783/CVE-2026-32202

AAKL@infosec.exchange at 2026-07-17T16:32:43.000Z ##

Symantec, posted yesterday: Spirals: New Stealthy Ransomware Deployed Against Asian IT Company security.com/threat-intelligen

Also from yesterday:

Tenable: CVE-2026-32201, CVE-2026-45659, CVE-2026-56164: Frequently Asked Questions About Active Exploitation of Microsoft SharePoint Server Vulnerabilities tenable.com/blog/cve-2026-3220 #threatresearch #Microsoft #ransomware #infosec #SharePoint

##

CVE-2025-40949
(9.1 CRITICAL)

EPSS: 0.54%

updated 2026-05-12T12:32:14

2 posts

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All vers

security_crawler_carl at 2026-07-17T23:55:23.887Z ##

🏆 New Achievement! Rooted in Operational Technology!

PATCH NOTES v0.0.0 — KNOWN ISSUES: Siemens ROX II OT switches ship with a three-vulnerability zero-day chain, including CVE-2025-40949, that grants attackers persistent root access. This feature was not intentional. Unit 42 and Siemens have jointly confirmed it exists anyway.

ADDED: Full root on your industrial network by people who are not you. FIXED: Nothing, until you manually update to firmware V2.17.1. (1/2)

##

security_crawler_carl@infosec.exchange at 2026-07-17T23:55:23.000Z ##

🏆 New Achievement! Rooted in Operational Technology!

PATCH NOTES v0.0.0 — KNOWN ISSUES: Siemens ROX II OT switches ship with a three-vulnerability zero-day chain, including CVE-2025-40949, that grants attackers persistent root access. This feature was not intentional. Unit 42 and Siemens have jointly confirmed it exists anyway.

ADDED: Full root on your industrial network by people who are not you. FIXED: Nothing, until you manually update to firmware V2.17.1. (1/2)

##

DarkWebInformer@infosec.exchange at 2026-07-14T23:30:10.000Z ##

‼️Krayin CRM v2.2.x Authenticated Remote Code Execution Exploit (CVE-2026-38526)

PoC: github.com/CerberusMrXi/Krayin

##

CVE-2026-2699
(9.8 CRITICAL)

EPSS: 49.42%

updated 2026-04-02T15:31:40

1 posts

Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.

Nuclei template

2 repos

https://github.com/0xBlackash/CVE-2026-2699

https://github.com/watchtowrlabs/watchTowr-vs-Progress-ShareFile-CVE-2026-2699

security_crawler_carl@infosec.exchange at 2026-07-16T05:50:28.000Z ##

🏆 New Achievement! Storage Zone, No Ozone!

Tonight's broadcast is brought to you by Deferred Patch Tuesdays — "Why upgrade today when v5.11 is running just fine?" Progress Software discovered two critical zero-days, CVE-2026-2699 and CVE-2026-2701, lurking in ShareFile Storage Zones Controller v5.x. Unauthenticated. Remote. Full system compromise. So catastrophic that customer-managed Storage Zone Controllers had to be emergency-shutdown entirely. (1/2)

##

CVE-2025-26529
(8.3 HIGH)

EPSS: 0.48%

updated 2025-02-24T22:02:54

1 posts

Description information displayed in the site administration live log required additional sanitizing to prevent a stored XSS risk.

2 repos

https://github.com/hxuu/moodle-cve

https://github.com/Astroo18/PoC-CVE-2025-26529

CVE-2025-20204
(4.8 MEDIUM)

EPSS: 0.31%

updated 2025-02-05T18:34:46

1 posts

A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the interface.&nbsp; This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface of an affected system. An attacker could exploit this vulner

AAKL@infosec.exchange at 2026-07-17T15:51:07.000Z ##

Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th support.broadcom.com/web/ecx/s

Cisco:

Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities sec.cloudapps.cisco.com/securi @TalosSecurity

And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:

CISA:

CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability cve.org/CVERecord?id=CVE-2026-

And a Microsoft vulnerability:

CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability cve.org/CVERecord?id=CVE-2026- #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom

##

CVE-2026-56741
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-07-18T05:00:21.000Z ##

🟠 CVE-2026-56741 - High (7.5)

JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS option, and TelnetIO.handleNAW...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-18T05:00:21.000Z ##

🟠 CVE-2026-56741 - High (7.5)

JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS option, and TelnetIO.handleNAW...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-54523
(0 None)

EPSS: 0.00%

3 posts

N/A

DarkWebInformer at 2026-07-17T18:03:25.915Z ##

‼️ New Dark Web Informer Blog Post!

Title: One Namespace String to kube-system: Cross-Namespace Privilege Escalation in Kyverno (CVE-2026-54523)

Link: darkwebinformer.com/one-namesp

💥 Get early visibility into underground claims, including unblurred screenshots, before they turn into headlines: darkwebinformer.com/pricing

##

DarkWebInformer@infosec.exchange at 2026-07-17T18:03:25.000Z ##

‼️ New Dark Web Informer Blog Post!

Title: One Namespace String to kube-system: Cross-Namespace Privilege Escalation in Kyverno (CVE-2026-54523)

Link: darkwebinformer.com/one-namesp

💥 Get early visibility into underground claims, including unblurred screenshots, before they turn into headlines: darkwebinformer.com/pricing

##

DailyCyberSecurity@infosec.exchange at 2026-07-17T13:11:39.000Z ##

Kyverno vulnerability CVE-2026-54523 (CVSS 9.6) is public with PoC exploit code. It lets a tenant gain admin in any namespace. Update to v1.18.2.

#Kyverno #CVE202654523 #PrivilegeEscalation #Kubernetes #CyberSecurity

securityonline.info/kyverno-cv

##

CVE-2026-39359
(0 None)

EPSS: 0.24%

1 posts

N/A

CVE-2026-15899
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2026-14266
(0 None)

EPSS: 0.00%

1 posts

N/A

1 repos

https://github.com/hg0434hongzh0/CVE-2026-14266

DailyCyberSecurity@infosec.exchange at 2026-07-16T16:33:52.000Z ##

7-Zip vulnerability CVE-2026-14266 (CVSS 7.0) allows remote code execution via crafted XZ data. Update to 7-Zip 26.02. No exploitation confirmed.

#7Zip #CVE202614266 #RCE #BufferOverflow #ZDI #CyberSecurity

securityonline.info/7-zip-vuln

##

CVE-2026-62314
(0 None)

EPSS: 0.27%

1 posts

N/A

hrbrmstr@mastodon.social at 2026-07-16T15:48:13.000Z ##

Anubis is busted (CVE-2026-62314) and FWIW it rly doesn't stop the AI bots even when not busted — vulnerability.circl.lu/vuln/CV

##

CVE-2026-59827
(0 None)

EPSS: 0.46%

1 posts

N/A

1 repos

https://github.com/c0gnit00/CVE-2026-59827

DailyCyberSecurity@infosec.exchange at 2026-07-16T14:04:39.000Z ##

Metabase patched CVE-2026-59827 (CVSS 9.9) and CVE-2026-59826 (CVSS 9.1). These flaws enable remote code execution via unsafe H2 deserialization.

#Metabase #RCE #CVE202659827 #Deserialization #H2Database

securityonline.info/metabase-h

##

CVE-2026-55234
(0 None)

EPSS: 0.24%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-15T23:00:28.000Z ##

🟠 CVE-2026-55234 - High (8.5)

Wekan is open source kanban built with Meteor. Prior to 9.37, Wekan DDP update allow rules in server/permissions/cards.js, server/permissions/lists.js, and server/permissions/swimlanes.js authorize against the stored source boardId and do not vali...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-55652
(0 None)

EPSS: 0.36%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-15T23:00:17.000Z ##

🔴 CVE-2026-55652 - Critical (9.8)

Wekan is open source kanban built with Meteor. Prior to 9.46, header-login with HEADER_LOGIN_TRUSTED_IPS uses getRequestIp() in server/lib/headerLoginAuth.js to trust the client-supplied X-Forwarded-For header before the real socket address, allow...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-62349
(0 None)

EPSS: 0.40%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-15T19:59:49.000Z ##

🟠 CVE-2026-62349 - High (8.3)

TDengine is an open source, time-series database optimized for Internet of Things devices. In 3.4.1.6 and earlier, source/libs/parser/src/parUtil.c trimString() checks space for only one byte before processing SQL string escape sequences \%, \_, o...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-62948
(0 None)

EPSS: 0.31%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-15T19:00:31.000Z ##

🔴 CVE-2026-62948 - Critical (9.6)

OpenWrt is a Linux operating system targeting embedded devices. Prior to 25.12.5, odhcpd writes a DHCPv6 client FQDN option 39 hostname into /tmp/odhcpd.leases through src/statefiles.c statefiles_write_state6() and statefiles_write_state4() withou...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-50147
(0 None)

EPSS: 0.20%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-15T17:00:55.000Z ##

🟠 CVE-2026-50147 - High (7.6)

Metabase is an open-source business intelligence and embedded analytics tool. From 1.57.0 until 1.57.19.1, 1.58.14.1, 1.59.10, and 1.60.4, an attacker who can configure a Metabase database connection can read arbitrary files from the Metabase serv...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-55242
(0 None)

EPSS: 0.14%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-15T17:00:18.000Z ##

🟠 CVE-2026-55242 - High (8.8)

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.111.0 and 16.22.0, an authenticated user with a standard operational role can trigger server-side template injection through a configuration field, resulting in unaut...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-61836
(0 None)

EPSS: 0.28%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-15T16:00:38.000Z ##

🟠 CVE-2026-61836 - High (8.6)

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, when response caching is enabled, the cache-key derivation in api/src/utils/get-cache-key.ts includes version, path, query, and accountability.user b...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-61736
(0 None)

EPSS: 0.30%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-15T16:00:18.000Z ##

🔴 CVE-2026-61736 - Critical (9.3)

LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, the server defaults to CORS_ORIGINS=* combined with allow_credentials=True in lightrag/api/lightrag_server.py, causing Starlette CORSMiddleware to effectively whitel...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-52886
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-15T02:28:45.000Z ##

Notepad++ vulnerabilities now have public PoC exploit code. CVE-2026-52886, CVE-2026-54758, and CVE-2026-57233 are fixed in v8.9.7. Update now.

#NotepadPlusPlus #PathTraversal #ZipSlip #CVE #InfoSec

securityonline.info/notepad-pl

##

CVE-2026-57233
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-15T02:28:45.000Z ##

Notepad++ vulnerabilities now have public PoC exploit code. CVE-2026-52886, CVE-2026-54758, and CVE-2026-57233 are fixed in v8.9.7. Update now.

#NotepadPlusPlus #PathTraversal #ZipSlip #CVE #InfoSec

securityonline.info/notepad-pl

##

CVE-2026-54758
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-15T02:28:45.000Z ##

Notepad++ vulnerabilities now have public PoC exploit code. CVE-2026-52886, CVE-2026-54758, and CVE-2026-57233 are fixed in v8.9.7. Update now.

#NotepadPlusPlus #PathTraversal #ZipSlip #CVE #InfoSec

securityonline.info/notepad-pl

##

CVE-2026-54572
(0 None)

EPSS: 0.40%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-14T23:00:15.000Z ##

🟠 CVE-2026-54572 - High (7.5)

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Prior to 1.74.4, with -l/--links, rclone serializes symlinks as .rclonelink text objects and recreates them on a local destination withou...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-59733
(0 None)

EPSS: 0.55%

1 posts

N/A

thehackerwire@mastodon.social at 2026-07-14T23:00:04.000Z ##

🟠 CVE-2026-59733 - High (8.8)

Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Prior to 1.74.4, rclone serve restic --private-repos enforces authorization using the routed user path segment while building the backend...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-50649
(0 None)

EPSS: 0.94%

1 posts

N/A

us@newsbeep.org at 2026-07-14T21:40:09.000Z ##

Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days

Tag
CVE ID
CVE Title
Severity
.NET
CVE-2026-50649
.NET Remote Code Execution Vulnerability
Important
.NET
CVE-2026-50525
.NET Denial…
#NewsBeep #News #US #USA #UnitedStates #UnitedStatesOfAmerica #Technology
newsbeep.com/us/763025/

##

christin@lsbt.me at 2026-07-14T19:08:56.000Z ##

Ein Header genügt: Wie Gitea und Forgejo jedem Fremden die Admin-Rechte schenkten

Ein gefälschter HTTP-Header genügte monatelang, um sich in Gitea und Forgejo zum Admin zu machen, ganz ohne Passwort. CVE-2026-20896 hat einen CVSS-Wert von 9.8. Gitea ist seit dem 21. Juni gepatcht, Forgejo hängt weiter in der Luft. Was du an deiner Konfiguration sofort prüfen musst.

chrislo.de/blog/2026-07-14-20-

#chrislo #ITSicherheit #ServerInfrastruktur #Gitea #Forgejo #Docker #SelfHosting #CVE #ReverseProxy #OpenSource #Codeberg

##

Visit counter For Websites