| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-13486 | 7.3 | 0.00% | 2 | 0 | 2026-06-28T10:16:27.150000 | A vulnerability was determined in SourceCodester Class and Exam Timetabling Syst | |
| CVE-2026-46331 | 7.8 | 0.29% | 8 | 4 | 2026-06-28T08:16:21.240000 | In the Linux kernel, the following vulnerability has been resolved: net/sched: | |
| CVE-2026-13482 | 3.7 | 0.00% | 2 | 0 | 2026-06-28T05:16:21.200000 | A vulnerability was detected in skypilot-org skypilot up to 0.12.0. Impacted is | |
| CVE-2026-58053 | 9.9 | 0.00% | 4 | 0 | 2026-06-28T03:33:40 | Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow | |
| CVE-2026-58056 | 7.6 | 0.00% | 2 | 0 | 2026-06-28T02:16:32.860000 | RustDesk gates incoming control messages on per-capability flags rather than on | |
| CVE-2026-58050 | 7.0 | 0.00% | 2 | 0 | 2026-06-28T02:16:32.017000 | libssh2 through 1.11.1 reads an attacker-controlled 32-bit attribute count from | |
| CVE-2026-58049 | 8.6 | 0.00% | 2 | 0 | 2026-06-28T02:16:30.477000 | FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit r | |
| CVE-2026-8095 | 8.1 | 0.00% | 4 | 0 | 2026-06-28T00:16:25.180000 | The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authentic | |
| CVE-2026-10643 | 8.7 | 0.00% | 4 | 0 | 2026-06-28T00:16:24.637000 | Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet | |
| CVE-2026-9677 | 0 | 0.15% | 2 | 0 | 2026-06-27T06:16:34.783000 | The Shariff for WordPress Shariff for WordPress plugin through 1.0.11 does not s | |
| CVE-2026-12415 | 9.8 | 0.66% | 4 | 1 | 2026-06-27T05:16:41.620000 | The Invoice Generator plugin for WordPress is vulnerable to privilege escalation | |
| CVE-2026-11807 | 9.6 | 0.37% | 1 | 0 | 2026-06-27T05:16:41.450000 | A missing authorization vulnerability was found in the Event-Driven Ansible (EDA | |
| CVE-2026-57231 | 7.5 | 0.26% | 2 | 0 | 2026-06-27T04:17:52.313000 | Podman is a tool for managing OCI containers and pods. From 1.8.1 until 5.8.4, a | |
| CVE-2026-54352 | 9.6 | 0.47% | 3 | 0 | 2026-06-27T04:17:51.583000 | Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/pr | |
| CVE-2026-50136 | 7.4 | 0.33% | 1 | 0 | 2026-06-27T04:17:49.740000 | Budibase is an open-source low-code platform. Prior to 3.39.3, the application s | |
| CVE-2026-56414 | 7.2 | 0.40% | 2 | 0 | 2026-06-26T23:17:09.137000 | A vulnerability exists in H.View IP cameras certificate-related upload interface | |
| CVE-2026-55975 | 7.2 | 0.65% | 2 | 0 | 2026-06-26T23:17:08.997000 | A vulnerability exists in H.View IP cameras that could allow an authenticated us | |
| CVE-2026-33560 | 7.1 | 0.34% | 2 | 0 | 2026-06-26T23:17:08.847000 | The DMP-5000 file service exposes authenticated arbitrary file upload functional | |
| CVE-2026-31928 | 8.1 | 0.45% | 4 | 0 | 2026-06-26T23:17:08.697000 | The DMP-5000 devices are shipped with a default administrative web account with | |
| CVE-2026-28701 | 9.8 | 0.84% | 4 | 0 | 2026-06-26T23:17:08.537000 | Various versions of Daktronics Controller Firmware could allow authenticated and | |
| CVE-2026-55069 | 8.7 | 0.15% | 2 | 0 | 2026-06-26T22:16:33.093000 | Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, | |
| CVE-2026-53576 | 10.0 | 0.47% | 2 | 0 | 2026-06-26T22:16:32.840000 | Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 a | |
| CVE-2026-49984 | 7.7 | 0.37% | 2 | 0 | 2026-06-26T22:16:32.243000 | Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 a | |
| CVE-2026-49869 | 10.0 | 0.69% | 2 | 0 | 2026-06-26T22:16:32.113000 | Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 a | |
| CVE-2026-45807 | 7.7 | 0.37% | 2 | 0 | 2026-06-26T22:16:31.973000 | Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 a | |
| CVE-2026-54353 | 8.5 | 0.24% | 2 | 0 | 2026-06-26T21:16:35.417000 | Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated use | |
| CVE-2026-54351 | 8.2 | 0.41% | 2 | 0 | 2026-06-26T21:16:35.170000 | Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigg | |
| CVE-2026-54350 | 10.0 | 0.43% | 2 | 0 | 2026-06-26T21:16:35.040000 | Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthentica | |
| CVE-2026-48778 | 7.8 | 1.37% | 3 | 3 | 2026-06-26T21:16:34.167000 | Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the <G | |
| CVE-2026-8797 | 0 | 0.12% | 1 | 0 | 2026-06-26T20:23:02.513000 | An access control deficiency vulnerability exists in ExpressUpdate Agent for Win | |
| CVE-2026-55189 | 7.7 | 0.20% | 1 | 0 | 2026-06-26T20:20:22.420000 | RustFS is a distributed object storage system built in Rust. From 1.0.0-alpha.1 | |
| CVE-2026-52784 | 8.8 | 0.16% | 1 | 0 | 2026-06-26T20:20:22.420000 | OpenProject is open-source, web-based project management software. Prior to 17.3 | |
| CVE-2026-48933 | 7.5 | 0.57% | 1 | 0 | 2026-06-26T20:19:23.707000 | A flaw in Node.js WebCrypto implementation can crash the process if the input of | |
| CVE-2026-48618 | 6.5 | 0.61% | 1 | 0 | 2026-06-26T20:18:43.557000 | A flaw in Node.js TLS hostname handling can cause Node.js unicode dot separator | |
| CVE-2026-54317 | 7.6 | 0.19% | 1 | 0 | 2026-06-26T20:17:26.380000 | Home Assistant is open source home automation software that puts local control a | |
| CVE-2026-9222 | 8.1 | 0.24% | 1 | 0 | 2026-06-26T20:08:23.053000 | Setracker2 Android Companion App com.tgelec.setracker versions 3.1.5 and prior o | |
| CVE-2026-56876 | 8.1 | 0.32% | 1 | 0 | 2026-06-26T20:05:14.220000 | extract-zip does not validate symlink targets when extracting zip archives. When | |
| CVE-2026-55454 | 9.9 | 0.33% | 1 | 0 | 2026-06-26T19:50:41.937000 | Appsmith is a platform to build admin panels, internal tools, and dashboards. Pr | |
| CVE-2026-57915 | 7.3 | 0.26% | 1 | 0 | 2026-06-26T19:16:45.433000 | It is possible to bypass the Kerberos pre-authentication check in Apache Kerby b | |
| CVE-2026-56663 | 8.5 | 0.22% | 1 | 0 | 2026-06-26T19:16:44.880000 | AutoGPT is a workflow automation platform for creating, deploying, and managing | |
| CVE-2026-55200 | 8.1 | 0.92% | 3 | 1 | 2026-06-26T19:15:53.083000 | libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write | |
| CVE-2026-13311 | 7.5 | 0.36% | 1 | 0 | 2026-06-26T19:03:34.507000 | shell-quote prior to 1.8.5 finalizes parsed tokens in parse() using Array.protot | |
| CVE-2026-43503 | 8.8 | 0.13% | 4 | 6 | 2026-06-26T18:57:17.887000 | In the Linux kernel, the following vulnerability has been resolved: net: skbuff | |
| CVE-2026-57880 | 9.8 | 0.53% | 1 | 0 | 2026-06-26T18:17:04.987000 | An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in G | |
| CVE-2026-57881 | 9.8 | 0.38% | 1 | 0 | 2026-06-26T17:16:35.753000 | An unauthenticated stack-based buffer overflow vulnerability exists in vlsvr in | |
| CVE-2026-57879 | 9.8 | 0.53% | 1 | 0 | 2026-06-26T17:16:35.653000 | An unauthenticated stack-based buffer overflow vulnerability exists in ssvr in G | |
| CVE-2026-8380 | 6.5 | 0.34% | 1 | 1 | 2026-06-26T16:17:26.200000 | The Frontend File Manager Plugin WordPress plugin through 23.6 does not properly | |
| CVE-2026-54825 | 9.3 | 0.28% | 1 | 0 | 2026-06-26T15:32:21 | Unauthenticated SQL Injection in wpDataTables <= 7.4 versions. | |
| CVE-2026-20230 | 8.6 | 41.69% | 13 | 3 | 2026-06-26T14:58:43.440000 | A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco U | |
| CVE-2026-12569 | 9.8 | 1.11% | 7 | 1 | 2026-06-26T14:35:41.477000 | A critical remote code execution (RCE) vulnerability has been reported in PTC Wi | |
| CVE-2026-54158 | 9.9 | 0.29% | 1 | 0 | 2026-06-26T00:16:53.823000 | SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, t | |
| CVE-2026-23879 | 8.0 | 0.40% | 1 | 0 | 2026-06-25T20:21:19.853000 | py7zr is a Python-based library and utility to support 7zip archive compression, | |
| CVE-2026-53662 | 9.6 | 0.24% | 1 | 0 | 2026-06-25T20:18:11.603000 | immich is a high performance self-hosted photo and video management solution. Fr | |
| CVE-2026-10735 | 7.5 | 0.39% | 1 | 2 | 2026-06-25T19:07:56.657000 | Multiple Shapedsmart-post-show-pro WordPress plugin before 4.0.2, Real Testimoni | |
| CVE-2026-33612 | 7.5 | 0.12% | 1 | 0 | 2026-06-25T16:00:30.783000 | A malicious authoritative server can send a crafted zone via the ZoneToCache fun | |
| CVE-2026-50256 | 7.8 | 0.15% | 1 | 0 | 2026-06-25T15:31:44 | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. | |
| CVE-2026-55570 | 9.0 | 0.33% | 1 | 0 | 2026-06-25T15:16:39.423000 | SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, i | |
| CVE-2026-50551 | 9.9 | 0.44% | 1 | 0 | 2026-06-25T14:16:45.323000 | SiYuan is an open-source personal knowledge management system. Prior to 3.7.0, S | |
| CVE-2026-50264 | 7.8 | 0.14% | 2 | 0 | 2026-06-25T14:16:45.140000 | An out-of-bounds write flaw was found in the X.Org X server and Xwayland in DRIG | |
| CVE-2026-50263 | 5.5 | 0.14% | 1 | 0 | 2026-06-25T14:16:44.947000 | A use-after-free flaw was found in the X.Org X server and Xwayland in CreateSave | |
| CVE-2026-50262 | 5.5 | 0.13% | 1 | 0 | 2026-06-25T14:16:44.750000 | An out-of-bounds read flaw was found in the X.Org X server and Xwayland in __glX | |
| CVE-2026-50261 | 7.8 | 0.14% | 1 | 0 | 2026-06-25T14:16:44.510000 | A use-after-free flaw was found in the X.Org X server and Xwayland in SyncChange | |
| CVE-2026-50260 | 7.8 | 0.15% | 1 | 0 | 2026-06-25T14:16:43.427000 | A use-after-free flaw was found in the X.Org X server and Xwayland in FreeCounte | |
| CVE-2026-50259 | 7.8 | 0.16% | 1 | 0 | 2026-06-25T14:16:43.267000 | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. | |
| CVE-2026-50258 | 7.8 | 0.15% | 1 | 0 | 2026-06-25T14:16:43.110000 | A stack-based buffer overflow flaw was found in the X.Org X server and Xwayland. | |
| CVE-2026-50257 | 7.8 | 0.14% | 1 | 0 | 2026-06-25T14:16:42.940000 | A use-after-free flaw was found in the X.Org X server and Xwayland in miSyncDest | |
| CVE-2026-12416 | 9.8 | 0.36% | 1 | 2 | 2026-06-25T14:16:36.007000 | The Invoice Generator plugin for WordPress is vulnerable to Account Takeover via | |
| CVE-2026-12850 | 9.1 | 1.72% | 1 | 0 | 2026-06-25T14:02:35.347000 | Multiple OS command injection vulnerabilities exist in the libNetSetObj.so funct | |
| CVE-2026-12851 | 9.1 | 1.68% | 1 | 0 | 2026-06-25T14:02:35.347000 | Multiple OS command injection vulnerabilities exist in the libNetSetObj.so funct | |
| CVE-2026-9702 | 7.5 | 0.21% | 1 | 0 | 2026-06-25T13:28:35.737000 | The InPost PL WordPress plugin before 1.9.1 does not verify that the request ori | |
| CVE-2026-46752 | 0 | 0.40% | 1 | 0 | 2026-06-25T13:27:40.747000 | Redis Lua HEAP overflow in cjson library vulnerability in Apache Kvrocks. This | |
| CVE-2026-41566 | 0 | 0.29% | 1 | 0 | 2026-06-25T13:27:40.747000 | Improper Handling of Insufficient Permissions or Privileges vulnerability in Apa | |
| CVE-2026-12417 | 9.8 | 0.45% | 1 | 1 | 2026-06-25T13:26:11.740000 | The SignUp & SignIn plugin for WordPress is vulnerable to Authentication Bypass | |
| CVE-2026-56022 | 5.3 | 0.31% | 1 | 0 | 2026-06-24T21:16:58.237000 | Webmin accepts basic authentication without session cookies when an attacker pro | |
| CVE-2026-34908 | 10.0 | 2.45% | 6 | 1 | 2026-06-24T14:50:41.720000 | A malicious actor with access to the network could exploit an Improper Access Co | |
| CVE-2026-34909 | 10.0 | 2.27% | 4 | 0 | 2026-06-24T14:49:53.287000 | A malicious actor with access to the network could exploit a Path Traversal vuln | |
| CVE-2026-34910 | 10.0 | 78.55% | 4 | 0 | template | 2026-06-24T14:49:47.237000 | A malicious actor with access to the network could exploit an Improper Input Val |
| CVE-2025-67038 | 9.8 | 1.13% | 6 | 1 | 2026-06-24T05:17:25.670000 | An issue was discovered in Lantronix EDS5000 2.1.0.0R3. The HTTP RPC module exec | |
| CVE-2025-52465 | 7.2 | 0.35% | 1 | 0 | 2026-06-24T05:17:25.543000 | GeoServer is an open source server that allows users to share and edit geospatia | |
| CVE-2026-53753 | 9.8 | 0.45% | 1 | 0 | 2026-06-23T20:16:48.907000 | Crawl4AI is an open-source LLM friendly web crawler & scraper. Prior to 0.8.7, t | |
| CVE-2026-12957 | 7.8 | 0.12% | 2 | 0 | 2026-06-23T19:36:18.347000 | Improper trust boundary enforcement in Language Servers for AWS before version 1 | |
| CVE-2026-12958 | 7.8 | 0.14% | 1 | 0 | 2026-06-23T19:36:18.347000 | Missing symlink validation in Language Servers for AWS may allow an arbitrary fi | |
| CVE-2026-11940 | None | 0.60% | 2 | 0 | 2026-06-23T18:31:51 | tarfile.extractall() with the 'data' or 'tar' filter could be bypassed by a cra | |
| CVE-2026-28496 | 0 | 1.89% | 1 | 0 | template | 2026-06-23T16:16:59.350000 | FOSSBilling is a free, open-source billing and client management system. Version |
| CVE-2026-49494 | 7.5 | 0.54% | 1 | 0 | 2026-06-23T15:16:35.747000 | Xcitium Client Security (XCS) before 13.8.2.10019 and Comodo Internet Security ( | |
| CVE-2026-8461 | 8.8 | 0.39% | 19 | 5 | 2026-06-22T20:31:03.510000 | An out-of-bounds write vulnerability in FFmpeg's libavcodec library, specificall | |
| CVE-2026-41950 | 6.5 | 0.33% | 1 | 0 | 2026-06-22T18:16:37.293000 | Dify before version 1.14.0 contains an authorization bypass vulnerability that a | |
| CVE-2026-41948 | 9.4 | 0.51% | 1 | 0 | 2026-06-22T18:16:37.033000 | Dify version 1.14.1 and prior contain a path traversal vulnerability that allows | |
| CVE-2026-41947 | 9.1 | 0.45% | 1 | 0 | 2026-06-22T18:16:36.883000 | Dify before version 1.14.2 contains an authorization bypass vulnerability that a | |
| CVE-2026-6637 | 8.8 | 0.38% | 1 | 0 | 2026-06-17T11:01:08.343000 | Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged datab | |
| CVE-2026-49103 | 0 | 0.30% | 1 | 0 | 2026-06-17T10:55:30.553000 | Webmin before 2.640 does not safely construct a filename for saving of an attach | |
| CVE-2026-46243 | 7.1 | 0.31% | 1 | 4 | 2026-06-17T10:53:23.893000 | In the Linux kernel, the following vulnerability has been resolved: smb: client | |
| CVE-2026-45504 | 8.8 | 0.46% | 1 | 1 | 2026-06-17T10:52:10.200000 | Server-side request forgery (ssrf) in Microsoft Exchange Server allows an author | |
| CVE-2026-42508 | 9.1 | 0.37% | 1 | 0 | 2026-06-17T10:47:57.267000 | Previously, a revoked 'SignatureKey' belonging to a CA was not correctly checked | |
| CVE-2026-39830 | 9.1 | 0.39% | 1 | 0 | 2026-06-17T10:42:39.483000 | A malicious SSH peer could send unsolicited global request responses to fill an | |
| CVE-2026-35373 | 3.3 | 0.12% | 2 | 0 | 2026-06-17T10:40:28.933000 | A logic error in the ln utility of uutils coreutils causes the program to reject | |
| CVE-2026-34926 | 6.7 | 12.68% | 2 | 1 | 2026-06-17T10:39:49.727000 | A directory traversal vulnerability in the Apex One (on-premise) server could al | |
| CVE-2026-33017 | 9.8 | 98.41% | 2 | 11 | template | 2026-06-17T10:36:47.177000 | Langflow is a tool for building and deploying AI-powered agents and workflows. I |
| CVE-2026-28910 | 3.3 | 0.12% | 1 | 0 | 2026-06-17T10:29:19.940000 | This issue was addressed with improved permissions checking. This issue is fixed | |
| CVE-2026-22678 | 5.4 | 0.17% | 1 | 0 | 2026-06-17T10:20:13.247000 | Webmin before 2.641 contains a stored cross-site scripting vulnerability in the | |
| CVE-2026-20971 | 7.8 | 0.13% | 4 | 0 | 2026-06-17T10:18:08.213000 | Use After Free in PROCA driver prior to SMR Jan-2026 Release 1 allows local atta | |
| CVE-2026-20245 | 7.8 | 9.92% | 6 | 3 | 2026-06-17T10:17:19.370000 | A vulnerability in the CLI of Cisco Catalyst SD-WAN Controller, formerly SD-WAN | |
| CVE-2026-20175 | 6.1 | 0.18% | 1 | 0 | 2026-06-17T10:17:15.950000 | A vulnerability in Cisco Finesse could allow an unauthenticated, remote attacker | |
| CVE-2026-20045 | 8.2 | 4.31% | 1 | 1 | 2026-06-17T10:16:58.097000 | A vulnerability in Cisco Unified Communications Manager (Unified CM), Cisco Unif | |
| CVE-2024-2658 | 0 | 0.41% | 1 | 2 | 2026-06-17T07:24:59.037000 | A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 | |
| CVE-2018-13818 | 9.8 | 6.99% | 2 | 0 | 2026-06-17T01:40:13.793000 | Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the search se | |
| CVE-2014-0160 | 7.5 | 100.00% | 1 | 74 | template | 2026-06-17T00:02:24.467000 | The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not p |
| CVE-2026-10646 | 0 | 0.00% | 2 | 0 | N/A | ||
| CVE-2026-45408 | 0 | 0.23% | 2 | 0 | N/A | ||
| CVE-2026-47729 | 0 | 0.00% | 3 | 1 | N/A | ||
| CVE-2026-11705 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-20896 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-8932 | 0 | 0.00% | 2 | 1 | N/A | ||
| CVE-2026-50000 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-50160 | 0 | 0.00% | 1 | 0 | N/A |
updated 2026-06-28T10:16:27.150000
2 posts
CVE-2026-13486 | SQL injection in SourceCodester Class and Exam Timetabling System (v1.0/6.php). MEDIUM severity. Exploit public for /preview6.php — remote attackers can target course_year_section param. Monitor & mitigate. https://radar.offseq.com/threat/cve-2026-13486-sql-injection-in-sourcecodester-cla-1dca720c361e2250 #OffSeq #Vuln #SQLi #AppSec
##CVE-2026-13486 | SQL injection in SourceCodester Class and Exam Timetabling System (v1.0/6.php). MEDIUM severity. Exploit public for /preview6.php — remote attackers can target course_year_section param. Monitor & mitigate. https://radar.offseq.com/threat/cve-2026-13486-sql-injection-in-sourcecodester-cla-1dca720c361e2250 #OffSeq #Vuln #SQLi #AppSec
##updated 2026-06-28T08:16:21.240000
8 posts
4 repos
https://github.com/sgkdev/packet_edit_meme
https://github.com/HORKimhab/CVE-2026-46331
Linux Kernel Pedit COW Vulnerability Grants Root Access via Page Cache Poisoning
The Linux kernel "pedit COW" vulnerability (CVE-2026-46331) allows local attackers to gain root access by poisoning the in-memory page cache of privileged binaries.
**This flaw lets attackers hide in your server memory without ever touching the files on your disk. You should patch and reboot your Linux systems ASAP to clear any potential memory poisoning. If you can't patch right away, disable the act_pedit module or restrict unprivileged user namespaces as a temporary fix.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/linux-kernel-pedit-cow-vulnerability-grants-root-access-via-page-cache-poisoning-x-3-v-q-e/gD2P6Ple2L
Linux té un exploit que dona root mentre els file-integrity checks diuen "tot bé" ✨
**pedit COW** (CVE-2026-46331): OOB write a `act_pedit` que enverina la page cache de binaris setuid. PoC en 24h. RHEL 10 i Debian 13 afectats.
Mitigació: `echo 'install act_pedit /bin/true' > /etc/modprobe.d/disable.conf`
https://thehackernews.com/2026/06/new-linux-pedit-cow-exploit-enables.html
#Linux #CVE #seguridad #sysadmin
Uma nova vulnerabilidade no kernel do Linux, a pedit COW (CVE-2026-46331), permite a um utilizador local sem privilégios obter acesso root em máquinas afetadas. O exploit público está disponível desde junho de 2026. 🚨
🔗 https://tugatech.com.pt/t86365-protege-o-teu-sistema-linux-contra-a-nova-falha-critica-pedit-cow
##Linux Kernel Pedit COW Vulnerability Grants Root Access via Page Cache Poisoning
The Linux kernel "pedit COW" vulnerability (CVE-2026-46331) allows local attackers to gain root access by poisoning the in-memory page cache of privileged binaries.
**This flaw lets attackers hide in your server memory without ever touching the files on your disk. You should patch and reboot your Linux systems ASAP to clear any potential memory poisoning. If you can't patch right away, disable the act_pedit module or restrict unprivileged user namespaces as a temporary fix.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/linux-kernel-pedit-cow-vulnerability-grants-root-access-via-page-cache-poisoning-x-3-v-q-e/gD2P6Ple2L
Linux té un exploit que dona root mentre els file-integrity checks diuen "tot bé" ✨
**pedit COW** (CVE-2026-46331): OOB write a `act_pedit` que enverina la page cache de binaris setuid. PoC en 24h. RHEL 10 i Debian 13 afectats.
Mitigació: `echo 'install act_pedit /bin/true' > /etc/modprobe.d/disable.conf`
https://thehackernews.com/2026/06/new-linux-pedit-cow-exploit-enables.html
#Linux #CVE #seguridad #sysadmin
Uma nova vulnerabilidade no kernel do Linux, a pedit COW (CVE-2026-46331), permite a um utilizador local sem privilégios obter acesso root em máquinas afetadas. O exploit público está disponível desde junho de 2026. 🚨
🔗 https://tugatech.com.pt/t86365-protege-o-teu-sistema-linux-contra-a-nova-falha-critica-pedit-cow
##https://thecybersecguru.com/news/linux-lpe-pedit-cow-dirtyclone-cve-2026-46331-cve-2026-43503/
##updated 2026-06-28T05:16:21.200000
2 posts
CVE-2026-13482 affects skypilot-org skypilot ≤0.12.0: MEDIUM severity due to weak hash in username.encode (User ID Handler). Remote attack possible, exploit is public, but complex. Review exposure. https://radar.offseq.com/threat/cve-2026-13482-use-of-weak-hash-in-skypilot-org-sk-84e3e218c6191951 #OffSeq #Vulnerability #AppSec #CVE202613482
##CVE-2026-13482 affects skypilot-org skypilot ≤0.12.0: MEDIUM severity due to weak hash in username.encode (User ID Handler). Remote attack possible, exploit is public, but complex. Review exposure. https://radar.offseq.com/threat/cve-2026-13482-use-of-weak-hash-in-skypilot-org-sk-84e3e218c6191951 #OffSeq #Vulnerability #AppSec #CVE202613482
##updated 2026-06-28T03:33:40
4 posts
🔴 CVE-2026-58053 - Critical (9.9)
Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging opt...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-58053/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-58053 (CRITICAL, CVSS 9.9) in Gitea act_runner: Improper privilege management lets workflow users escape Docker containers to host as root. Restrict workflow rights & watch for patches. https://radar.offseq.com/threat/cve-2026-58053-improper-privilege-management-in-gi-9dae0ab1a83a7575 #OffSeq #CVE202658053 #Gitea #containers #security
##🔴 CVE-2026-58053 - Critical (9.9)
Gitea act_runner with the Docker backend (through act 0.262.0) passes a workflow's container.options string to the Docker job container's HostConfig and, when configured with privileged: false, forces only the Privileged flag off while merging opt...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-58053/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-58053 (CRITICAL, CVSS 9.9) in Gitea act_runner: Improper privilege management lets workflow users escape Docker containers to host as root. Restrict workflow rights & watch for patches. https://radar.offseq.com/threat/cve-2026-58053-improper-privilege-management-in-gi-9dae0ab1a83a7575 #OffSeq #CVE202658053 #Gitea #containers #security
##updated 2026-06-28T02:16:32.860000
2 posts
🟠 CVE-2026-58056 - High (7.6)
RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. A peer holding only a valid FileTransfer authorization can inject key...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-58056/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-58056 - High (7.6)
RustDesk gates incoming control messages on per-capability flags rather than on the session's authorized connection type, and a file-transfer session does not clear those flags. A peer holding only a valid FileTransfer authorization can inject key...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-58056/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-28T02:16:32.017000
2 posts
Researchers publicly disclosed a libssh2 vulnerability, CVE-2026-58050, with PoC code. A malicious SSH server can corrupt a client's heap. Patch now.
#libssh2 #CVE202658050 #SSH #HeapOverflow #PoC #Cybersecurity #Infosec
##Researchers publicly disclosed a libssh2 vulnerability, CVE-2026-58050, with PoC code. A malicious SSH server can corrupt a client's heap. Patch now.
#libssh2 #CVE202658050 #SSH #HeapOverflow #PoC #Cybersecurity #Infosec
##updated 2026-06-28T02:16:30.477000
2 posts
🟠 CVE-2026-58049 - High (8.6)
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes at the row cursor before the NEXT_LINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-58049/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-58049 - High (8.6)
FFmpeg's RASC video decoder (decode_dlta in libavcodec/rasc.c) performs 32-bit reads and writes at the row cursor before the NEXT_LINE row-boundary check and validates the DLTA region in pixel rather than byte units, so a DLTA run on a PAL8 frame ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-58049/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-28T00:16:25.180000
4 posts
🟠 CVE-2026-8095 - High (8.1)
The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23.6. This is due to a case-sensitive bypass of the wpfm_dir_path parameter sanitization in the wpfm_file_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8095/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-8095: nmedia Frontend File Manager Plugin (WordPress) HIGH severity vuln (CVSS 8.1) allows Subscriber+ users to delete arbitrary files 🛡️. Patch ASAP and monitor for unauthorized deletions. https://radar.offseq.com/threat/cve-2026-8095-cwe-73-external-control-of-file-name-2b96707b1c289da8 #OffSeq #WordPress #Vuln #Infosec
##🟠 CVE-2026-8095 - High (8.1)
The Frontend File Manager Plugin plugin for WordPress is vulnerable to Authenticated Arbitrary File Deletion in versions up to and including 23.6. This is due to a case-sensitive bypass of the wpfm_dir_path parameter sanitization in the wpfm_file_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8095/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-8095: nmedia Frontend File Manager Plugin (WordPress) HIGH severity vuln (CVSS 8.1) allows Subscriber+ users to delete arbitrary files 🛡️. Patch ASAP and monitor for unauthorized deletions. https://radar.offseq.com/threat/cve-2026-8095-cwe-73-external-control-of-file-name-2b96707b1c289da8 #OffSeq #WordPress #Vuln #Infosec
##updated 2026-06-28T00:16:24.637000
4 posts
🟠 CVE-2026-10643 - High (8.7)
Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()) validated the user-supplied ancillary (msg_control) buffer using only the payload length (msg-msg_controllen < pktinfo_len) before writing a f...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-10643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-10643: Zephyr (3.6.0 – 4.4.0) HIGH severity bug enables out-of-bounds kernel heap writes via recvmsg() with IP_PKTINFO. Local users can exploit for memory corruption or escalation. Patch pending — check advisories. https://radar.offseq.com/threat/cve-2026-10643-bounds-in-zephyrproject-zephyr-e3c8c9055812b105 #OffSeq #Zephyr #CVE202610643 #infosec
##🟠 CVE-2026-10643 - High (8.7)
Zephyr's IP socket recvmsg() implementation (subsys/net/lib/sockets/sockets_inet.c, insert_pktinfo()) validated the user-supplied ancillary (msg_control) buffer using only the payload length (msg-msg_controllen < pktinfo_len) before writing a f...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-10643/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-10643: Zephyr (3.6.0 – 4.4.0) HIGH severity bug enables out-of-bounds kernel heap writes via recvmsg() with IP_PKTINFO. Local users can exploit for memory corruption or escalation. Patch pending — check advisories. https://radar.offseq.com/threat/cve-2026-10643-bounds-in-zephyrproject-zephyr-e3c8c9055812b105 #OffSeq #Zephyr #CVE202610643 #infosec
##updated 2026-06-27T06:16:34.783000
2 posts
CVE-2026-9677: HIGH severity stored XSS in Shariff for WordPress (<=1.0.11). Unsanitized shariff_infourl allows high privilege users to inject persistent scripts — risk increases in multisite setups. Restrict admin access. https://radar.offseq.com/threat/cve-2026-9677-cwe-79-cross-site-scripting-xss-in-s-101a28f25d1f6f06 #OffSeq #WordPress #XSS #Infosec
##CVE-2026-9677: HIGH severity stored XSS in Shariff for WordPress (<=1.0.11). Unsanitized shariff_infourl allows high privilege users to inject persistent scripts — risk increases in multisite setups. Restrict admin access. https://radar.offseq.com/threat/cve-2026-9677-cwe-79-cross-site-scripting-xss-in-s-101a28f25d1f6f06 #OffSeq #WordPress #XSS #Infosec
##updated 2026-06-27T05:16:41.620000
4 posts
1 repos
https://github.com/xxconi/CVE-2026-12415-or-CVE-2026-12416.py
🔴 CVE-2026-12415 - Critical (9.8)
The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravel_invoice_edit_account() AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wp_ajax_nopriv_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-12415/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-12415: pravel Invoice Generator ≤1.0.0 suffers CRITICAL privilege escalation — unauthenticated users can reset any account, incl. admins, via exposed AJAX handler. Disable plugin or restrict access ASAP. https://radar.offseq.com/threat/cve-2026-12415-cwe-269-improper-privilege-manageme-3c4b296b228a674f #OffSeq #WordPress #Vuln #Infosec
##🔴 CVE-2026-12415 - Critical (9.8)
The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravel_invoice_edit_account() AJAX action in versions up to, and including, 1.0.0. The handler is exposed via wp_ajax_nopriv_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-12415/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-12415: pravel Invoice Generator ≤1.0.0 suffers CRITICAL privilege escalation — unauthenticated users can reset any account, incl. admins, via exposed AJAX handler. Disable plugin or restrict access ASAP. https://radar.offseq.com/threat/cve-2026-12415-cwe-269-improper-privilege-manageme-3c4b296b228a674f #OffSeq #WordPress #Vuln #Infosec
##updated 2026-06-27T05:16:41.450000
1 posts
CVE-2026-11807 (CRITICAL, CVSS 9.6) affects Red Hat Ansible Automation Platform 2.5: missing authorization in EDA websocket API lets any authenticated user access plaintext credentials. Patch immediately. https://radar.offseq.com/threat/cve-2026-11807-missing-authorization-in-red-hat-re-1c4967af375a0bf5 #OffSeq #RedHat #Ansible #Vuln
##updated 2026-06-27T04:17:52.313000
2 posts
We treat containers as a boundary: the image runs, the host stays private. CVE-2026-57231 punched through that for Podman before 5.8.4, letting a crafted image read the host's own environment variables by shipping malformed Env entries, even via glob patterns. Environments are where registry tokens and CI secrets usually sit. Now that 5.8.4 is out, how fast can you roll it across your build fleet?
#containers #security
Podman 5.8.4 closes CVE-2026-57231. A malicious image could ship malformed Env entries that, when the container started, leaked the host's environment variables into it, including through glob operators that grab multiple variables without knowing their names. The release also updates golang.org/x/crypto to v0.53.0 for CVE-2026-39830 and CVE-2026-42508. When you pull a public image, do you think about what its metadata can read from your host?
#containers #security
updated 2026-06-27T04:17:51.583000
3 posts
🔴 CVE-2026-54352 - Critical (9.6)
Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packages/server/src/api/routes/static.ts:24 accepts a builder-uploaded .zip, extracts it with extract-zip@2.0.1 into a temp directory, then for each entr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54352/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-54352 - Critical Path Traversal in Budibase. Symlink extraction allows reading arbitrary files. CVSS 9.6. Unpatched - limit builder access immediately. #CVE #Budibase #infosec
##🔴 CVE-2026-54352 - Critical (9.6)
Budibase is an open-source low-code platform. Prior to 3.39.9, `POST /api/pwa/process-zip` at packages/server/src/api/routes/static.ts:24 accepts a builder-uploaded .zip, extracts it with extract-zip@2.0.1 into a temp directory, then for each entr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54352/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-27T04:17:49.740000
1 posts
CVE-2026-50136 - Supply Chain Attack in Budibase. Unauthenticated endpoint exposes S3 presigned URLs. CVSS 7.4. No known patch. Mitigate immediately. #CVE #Budibase #infosec
##updated 2026-06-26T23:17:09.137000
2 posts
CVE-2026-56414: H.VIEW HV-500S6 IP Camera has a HIGH-severity vuln (CVSS 7.2) allowing authenticated users to upload arbitrary files via certificate upload, risking persistent compromise. Restrict admin access & monitor uploads. https://radar.offseq.com/threat/cve-2026-56414-cwe-434-in-hview-hv-500s6-ip-camera-2fc4d58c6ce82381 #OffSeq #IoTSecurity #CVE #Vulnerability
##CVE-2026-56414: H.VIEW HV-500S6 IP Camera has a HIGH-severity vuln (CVSS 7.2) allowing authenticated users to upload arbitrary files via certificate upload, risking persistent compromise. Restrict admin access & monitor uploads. https://radar.offseq.com/threat/cve-2026-56414-cwe-434-in-hview-hv-500s6-ip-camera-2fc4d58c6ce82381 #OffSeq #IoTSecurity #CVE #Vulnerability
##updated 2026-06-26T23:17:08.997000
2 posts
H.VIEW HV-500S6 IP Camera has a HIGH severity bug (CVE-2026-55975, CVSS 7.2): Authenticated users may inject commands using unsanitized XML in cert generation. Restrict access, monitor activity, and check for patches. https://radar.offseq.com/threat/cve-2026-55975-cwe-78-in-hview-hv-500s6-ip-camera-32fd47fcf53b8f7c #OffSeq #Vulnerability #IoTSecurity 🔒
##H.VIEW HV-500S6 IP Camera has a HIGH severity bug (CVE-2026-55975, CVSS 7.2): Authenticated users may inject commands using unsanitized XML in cert generation. Restrict access, monitor activity, and check for patches. https://radar.offseq.com/threat/cve-2026-55975-cwe-78-in-hview-hv-500s6-ip-camera-32fd47fcf53b8f7c #OffSeq #Vulnerability #IoTSecurity 🔒
##updated 2026-06-26T23:17:08.847000
2 posts
Daktronics VFC-DMP-5000 is affected by CVE-2026-33560 (HIGH, CVSS 7.1) — authenticated users can upload any file type, risking code execution. No patch yet; restrict permissions, monitor uploads. Details: https://radar.offseq.com/threat/cve-2026-33560-cwe-434-in-daktronics-vfc-dmp-5000-1fa9852c2479abf9 #OffSeq #Vulnerability #Daktronics #CVE202633560
##Daktronics VFC-DMP-5000 is affected by CVE-2026-33560 (HIGH, CVSS 7.1) — authenticated users can upload any file type, risking code execution. No patch yet; restrict permissions, monitor uploads. Details: https://radar.offseq.com/threat/cve-2026-33560-cwe-434-in-daktronics-vfc-dmp-5000-1fa9852c2479abf9 #OffSeq #Vulnerability #Daktronics #CVE202633560
##updated 2026-06-26T23:17:08.697000
4 posts
🟠 CVE-2026-31928 - High (8.1)
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31928/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-31928 (HIGH, CVSS 8.1) affects Daktronics VFC-DMP-5000: default admin creds + weak auth allow full device takeover via web interface. No patch yet — change creds & restrict access now. https://radar.offseq.com/threat/cve-2026-31928-cwe-798-in-daktronics-vfc-dmp-5000-1b5c53a213436e5b
#OffSeq #Cybersecurity #Vulnerability #CVE202631928
🟠 CVE-2026-31928 - High (8.1)
The DMP-5000 devices are shipped with a default administrative web account with weak authentication controls, which are not required to be changed during initial configuration or operation. Using these accounts provides full system access.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31928/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-31928 (HIGH, CVSS 8.1) affects Daktronics VFC-DMP-5000: default admin creds + weak auth allow full device takeover via web interface. No patch yet — change creds & restrict access now. https://radar.offseq.com/threat/cve-2026-31928-cwe-798-in-daktronics-vfc-dmp-5000-1b5c53a213436e5b
#OffSeq #Cybersecurity #Vulnerability #CVE202631928
updated 2026-06-26T23:17:08.537000
4 posts
🔴 CVE-2026-28701 - Critical (9.8)
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28701/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Daktronics VFC-DMP-5000 firmware has a CRITICAL vuln (CVE-2026-28701, CVSS 9.8): remote attackers can traverse directories & enumerate file paths — no auth needed. No patch yet. Restrict network access & monitor closely. https://radar.offseq.com/threat/cve-2026-28701-cwe-22-in-daktronics-vfc-dmp-5000-fcca115843b7a100 #OffSeq #CVE #Infosec #IoT
##🔴 CVE-2026-28701 - Critical (9.8)
Various versions of Daktronics Controller Firmware could allow authenticated and unauthenticated remote users to escape the intended directory and enumerate arbitrary file system paths.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28701/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Daktronics VFC-DMP-5000 firmware has a CRITICAL vuln (CVE-2026-28701, CVSS 9.8): remote attackers can traverse directories & enumerate file paths — no auth needed. No patch yet. Restrict network access & monitor closely. https://radar.offseq.com/threat/cve-2026-28701-cwe-22-in-daktronics-vfc-dmp-5000-fcca115843b7a100 #OffSeq #CVE #Infosec #IoT
##updated 2026-06-26T22:16:33.093000
2 posts
🟠 CVE-2026-55069 - High (8.7)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the Postgre...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-55069/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-55069 - High (8.7)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.3.24, this vulnerability exists in the BasicAuth authentication component of the Kestra OSS workflow orchestration platform. An attacker who gains read access to the Postgre...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-55069/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-26T22:16:32.840000
2 posts
🔴 CVE-2026-53576 - Critical (10)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@filter("/api/v1/**")) treats any request whose path ends in /configs as the public instance-config endpoint and...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-53576/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-53576 - Critical (10)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, the authentication filter for the REST API (@filter("/api/v1/**")) treats any request whose path ends in /configs as the public instance-config endpoint and...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-53576/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-26T22:16:32.243000
2 posts
🟠 CVE-2026-49984 - High (7.7)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attack...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-49984/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-49984 - High (7.7)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.23, the local internal-storage backend validates user-supplied paths for .. traversal before it converts Windows-style backslashes to forward slashes. An attack...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-49984/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-26T22:16:32.113000
2 posts
🔴 CVE-2026-49869 - Critical (10)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath().endsWith("/configs") to whitelist the public configuration endpoint from Basic Auth. Because the c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-49869/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-49869 - Critical (10)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.45 and 1.3.21, AuthenticationFilter in Kestra OSS uses request.getPath().endsWith("/configs") to whitelist the public configuration endpoint from Basic Auth. Because the c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-49869/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-26T22:16:31.973000
2 posts
🟠 CVE-2026-45807 - High (7.7)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45807/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-45807 - High (7.7)
Kestra is an open-source, event-driven orchestration platform. Prior to 1.0.43 and 1.3.19, several Kestra API endpoints accept a kestra:// URI from the client and pass it through StorageInterface.parentTraversalGuard before reading the underlying ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45807/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-26T21:16:35.417000
2 posts
🟠 CVE-2026-54353 - High (8.5)
Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automation permissions can bypass Budibase's SSRF blacklist through DNS rebinding. The outbound fetch flow validates a hostname against the blacklist before th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54353/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-54353 - High (8.5)
Budibase is an open-source low-code platform. Prior to 3.39.9, authenticated users with automation permissions can bypass Budibase's SSRF blacklist through DNS rebinding. The outbound fetch flow validates a hostname against the blacklist before th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54353/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-26T21:16:35.170000
2 posts
🟠 CVE-2026-54351 - High (8.2)
Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Budibase is publicly accessible and passes the full HTTP request body into automation execution parameters. A mass assignment vulnerability in externalT...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54351/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-54351 - High (8.2)
Budibase is an open-source low-code platform. Prior to 3.39.9, the webhook trigger endpoint in Budibase is publicly accessible and passes the full HTTP request body into automation execution parameters. A mass assignment vulnerability in externalT...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54351/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-26T21:16:35.040000
2 posts
🔴 CVE-2026-54350 - Critical (10)
Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body collection and,...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54350/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-54350 - Critical (10)
Budibase is an open-source low-code platform. Prior to 3.39.12, an unauthenticated visitor of any published Budibase app reads every document of the backing MongoDB, CouchDB, Elasticsearch, DynamoDB-PartiQL, or REST-with-JSON-body collection and,...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54350/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-26T21:16:34.167000
3 posts
3 repos
https://github.com/kavin-jindal/CVE-2026-48778-PoC
🟠 CVE-2026-48778 - High (7.8)
Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value() (Parameters.cpp:6430) and stored in _nppGUI._commandLineInterpreter without any validation, whitelist, or digital signature...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48778/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-48778 - Supply chain attack in Notepad++ pre-8.9.6.1. Unsanitized config.xml input leads to arbitrary command execution via File > Open Containing Folder > cmd. CVSS 7.8. No patch available. Disable feature or isolate. #CVE #Notepad #infosec
##🟠 CVE-2026-48778 - High (7.8)
Notepad++ is a free and open-source source code editor. Prior to 8.9.6.1, the tag in config.xml is read by NppXml::value() (Parameters.cpp:6430) and stored in _nppGUI._commandLineInterpreter without any validation, whitelist, or digital signature...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48778/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-26T20:23:02.513000
1 posts
HIGH severity: CVE-2026-8797 impacts NEC ExpressUpdate Agent for Windows. Exposed IOCTL enables local privilege escalation to SYSTEM. No patch yet — restrict local access, monitor activity. Details: https://radar.offseq.com/threat/cve-2026-8797-cwe-782-exposed-ioctl-with-insuffici-3ae62ec0cc5d59d0 #OffSeq #Vulnerability #Windows #PrivilegeEscalation
##updated 2026-06-26T20:20:22.420000
1 posts
CVE-2026-55189 - Unauthorized data access in Rustfs FTP frontend. IAM bypass allows read/stat operations on restricted objects. CVSS 7.7. Unpatched - disable FTP or restrict network access immediately. #CVE #rustfs #infosec
##updated 2026-06-26T20:20:22.420000
1 posts
CVE-2026-52784 - Critical CSRF in OpenProject. Attackers can escalate privileges via /users/:id. CVSS 8.8. Update to 17.3.3 or 17.4.1 immediately. #CVE #OpenProject #infosec
##updated 2026-06-26T20:19:23.707000
1 posts
Node.js WebCrypto in v22.22.3, v24.16.0, v26.3.0 is affected by CVE-2026-48933 (HIGH). Integer overflow in subtle.encrypt() can crash processes with inputs ≥ 2 GiB, causing DoS. Avoid large inputs while awaiting a fix. 🔐 https://radar.offseq.com/threat/cve-2026-48933-cwe-190-integer-overflow-in-nodejs--5c33db78fed81dbe #OffSeq #Nodejs #Vuln
##updated 2026-06-26T20:18:43.557000
1 posts
CVE-2026-48618: Node.js HIGH severity vuln in TLS hostname handling (Unicode dot normalization flaw). Affects 22.22.3, 24.16.0, 26.3.0. No patch yet — restrict use & monitor vendor advisory. https://radar.offseq.com/threat/cve-2026-48618-cwe-176-improper-handling-of-unicod-6526a729870e7650 #OffSeq #NodeJS #Vulnerability #TLS #Security
##updated 2026-06-26T20:17:26.380000
1 posts
CVE-2026-54317 - Authentication Bypass in Home Assistant. Konnected integration exposes an unauthenticated HTTP endpoint allowing unauthorized write requests. CVSS 7.6. Update to 2026.6.0 immediately. #CVE #HomeAssistant #infosec
##updated 2026-06-26T20:08:23.053000
1 posts
Setracker2 Android app (com.tgelec.setracker) hit by CRITICAL vuln (CVE-2026-9222, CVSS 9.2): uses password hash for authentication. Anyone with the hash can access backend services. Update guidance pending. https://radar.offseq.com/threat/cve-2026-9222-cwe-836-use-of-password-hash-instead-9894d1554efb5333 #OffSeq #AndroidSec #CVE20269222
##updated 2026-06-26T20:05:14.220000
1 posts
CVE-2026-56876 - Path Traversal in Extract-zip. Symlink handling flaw allows arbitrary file read/write via malicious zip. CVSS 8.1. No patch available. Avoid untrusted archives. #CVE #infosec #cybersecurity
##updated 2026-06-26T19:50:41.937000
1 posts
CVE-2026-55454: CRITICAL (CVSS 9.9) vuln in appsmithorg Appsmith <2.1. Unauth Caddy admin API inside container can be exploited via SSRF by low-priv users to control reverse proxy. Upgrade to 2.1+ ASAP. https://radar.offseq.com/threat/cve-2026-55454-cwe-749-exposed-dangerous-method-or-64dab1aa9059ef90 #OffSeq #infosec #CVE202655454 #appsmith
##updated 2026-06-26T19:16:45.433000
1 posts
Apache Kerby, the Java implementation of Kerberos, shipped a fix for CVE-2026-57915: an authentication bypass where an attacker could skip pre-authentication by sending PA-DATA with an unrecognized or unsupported type. The severity is rated important, and the fix is in Kerby 2.1.2. How many Kerberos stacks silently accept PA-DATA types they do not understand, and how many of those are known to operators?
#Kerberos #security
updated 2026-06-26T19:16:44.880000
1 posts
CVE-2026-56663 - SSRF bypass in AutoGPT allows authenticated users to access internal networks. CVSS 8.5. No patch available. Block special-use IPs and restrict access immediately. #CVE #AutoGPT #infosec
##updated 2026-06-26T19:15:53.083000
3 posts
1 repos
Just saw there is an exploit example for that libssh2 vuln. Has anyone given it a try yet? I might be too lazy to get my laptop out.
##"No way to prevent this" say users of only language where this regularly happens
https://xeiaso.net/shitposts/no-way-to-prevent-this/memory-safety/CVE-2026-55200/
"No way to prevent this" say u...
"No way to prevent this" say users of only language where this regularly happens
##updated 2026-06-26T19:03:34.507000
1 posts
ljharb shell-quote <=1.8.4 is impacted by CVE-2026-13311 (HIGH). Inefficient parsing can let attackers trigger DoS by blocking the Node.js event loop. Patch to 1.8.5+ now! 🛡️ https://radar.offseq.com/threat/cve-2026-13311-cwe-407-inefficient-algorithmic-com-ed9f913ba365deea #OffSeq #InfoSec #NodeJS #CVE202613311
##updated 2026-06-26T18:57:17.887000
4 posts
6 repos
https://github.com/sec0x/CVE-2026-43503
https://github.com/0xBlackash/CVE-2026-43503
https://github.com/gl1tch0x1/DirtyClone
https://github.com/aexdyhaxor/CVE-2026-43503-DirtyClone
Nova vulnerabilidade DirtyClone no Linux permite controlo total do sistema. A falha, conhecida como CVE-2026-43503, permite a um utilizador local com poucos privilégios corromper a memória suportada por ficheiros através de um pacote de rede clonado, obtendo acesso de administrador. 🛡️
##Nova vulnerabilidade DirtyClone no Linux permite controlo total do sistema. A falha, conhecida como CVE-2026-43503, permite a um utilizador local com poucos privilégios corromper a memória suportada por ficheiros através de um pacote de rede clonado, obtendo acesso de administrador. 🛡️
##https://thecybersecguru.com/news/linux-lpe-pedit-cow-dirtyclone-cve-2026-46331-cve-2026-43503/
##updated 2026-06-26T18:17:04.987000
1 posts
GeoVision GV-LPC2011/2211 devices (≤1.12) face CRITICAL CVE-2026-57880: stack-based buffer overflow in RTSP auth enables remote, unauthenticated DoS or code execution. Restrict RTSP access, monitor traffic. Patch status unknown. https://radar.offseq.com/threat/cve-2026-57880-cwe-121-stack-based-buffer-overflow-1d88eee9b47ed7bb #OffSeq #Vuln #IoTSecurity #CVE
##updated 2026-06-26T17:16:35.753000
1 posts
GeoVision GV-LPC2011/2211 (<=1.12) hit by CVE-2026-57881: CRITICAL stack-based buffer overflow in vlsvr enables unauthenticated RCE or DoS. No patch yet — restrict access & monitor activity. https://radar.offseq.com/threat/cve-2026-57881-cwe-121-stack-based-buffer-overflow-0de9014b0e3f1945 #OffSeq #Vuln #IoTSecurity #CVE202657881
##updated 2026-06-26T17:16:35.653000
1 posts
GeoVision GV-LPC2011/2211 (≤v1.12) affected by CVE-2026-57879: CRITICAL stack-based buffer overflow in ssvr (CVSS 9.8). Remote, unauthenticated code execution possible via crafted RTSP. Restrict RTSP & monitor. https://radar.offseq.com/threat/cve-2026-57879-cwe-121-stack-based-buffer-overflow-92b9e3b3fdb94e2a #OffSeq #CVE202657879 #infosec #IoT
##updated 2026-06-26T16:17:26.200000
1 posts
1 repos
CVE-2026-8380: HIGH severity in Frontend File Manager Plugin (≤23.6) for WordPress. Author+ users can delete any post/page; guest deletion possible if enabled. Disable 'Allow guest uploads' until patched. https://radar.offseq.com/threat/cve-2026-8380-cwe-73-external-control-of-file-name-aa5b0eb592b68479 #OffSeq #WordPress #Vuln #BlueTeam
##updated 2026-06-26T15:32:21
1 posts
CVE-2026-54825 - SQL Injection in wpDataTables <=7.4. Unauthenticated exploit. CVSS 9.3. No patch yet. Disable plugin or restrict access immediately. #CVE #WordPress #infosec
##updated 2026-06-26T14:58:43.440000
13 posts
3 repos
🛡️ The patch window has collapsed. This week's Cyber Mind Brief breaks down CISA's emergency Cisco SSRF (CVE-2026-20230) mandate, the 2026 Verizon DBIR shift to machine-speed exploits, and tactical moves to harden your Zero Trust perimeter. Read the full operational intel: https://thecybermind.co/5ee6
##CVE-2026-20230 (Cisco UCM) and CVE-2026-12569 (PTC Windchill/FlexPLM) are actively exploited. The Cisco flaw is unauthenticated SSRF enabling arbitrary file writes; PTC involves unsafe deserialization leading to RCE....
##CISA confirms active zero-day exploitation of Cisco Unified CM (CVE-2026-20230), introducing a critical SSRF vector that allows threat actors to bypass internal security boundaries. Access our complete executive risk mitigation framework and boardroom governance strategy: https://thecybermind.co/ptus
##🛡️ The patch window has collapsed. This week's Cyber Mind Brief breaks down CISA's emergency Cisco SSRF (CVE-2026-20230) mandate, the 2026 Verizon DBIR shift to machine-speed exploits, and tactical moves to harden your Zero Trust perimeter. Read the full operational intel: https://thecybermind.co/5ee6
##CISA confirms active zero-day exploitation of Cisco Unified CM (CVE-2026-20230), introducing a critical SSRF vector that allows threat actors to bypass internal security boundaries. Access our complete executive risk mitigation framework and boardroom governance strategy: https://thecybermind.co/ptus
##🚨 [CISA-2026:0625] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0625)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2026-12569 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-12569)
- Name: PTC Windchill and FlexPLM Improper Input Validation Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: PTC
- Product: Windchill and FlexPLM
- Notes: https://www.ptc.com/en/support/article/CS473270 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-12569
⚠️ CVE-2026-20230 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20230)
- Name: Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: Unified Communications Manager
- Notes: https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-cucm-ssrf-cXPnHcW.html ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-20230
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260625 #cisa20260625 #cve_2026_12569 #cve_2026_20230 #cve202612569 #cve202620230
##CVE ID: CVE-2026-20230
Vendor: Cisco
Product: Unified Communications Manager
Date Added: 2026-06-25
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-20230
Cisco unter Beschuss
Es ist alles nicht so schlimm wie es aussieht, es ist alles viel viel schlimmer. Nicht nur werden in schöner (?) Regelmäßigkeit gefährliche Sicherheitslücken in Cisco-Produkten gefunden, sondern sie werden auch sofort für Angriffe ausgenutzt - manche schon vor der Veröffentlichung (Zero-Day). Eine kleine Historie füge ich unten an. Beginnen wir mit CVE-2026-20230 (8,6 von 10), über die ich noch nicht explizit berichtet hatte. Am Anfang Juni hatte Cisco Flicken gegen diese Sicherheitslücke veröffentlicht. Damals vermeldete die Firma, dass ein PoC Exploit vorläge. Anscheinend haben unbekannte Hacker den PoC gleich in einen
https://www.pc-fluesterer.info/wordpress/2026/06/25/cisco-unter-beschuss/
#0day #backdoor #cybercrime #exploits #hersteller #politik #privacy #sicherheit #spionage #UnplugTrump #wissen #zeroday
##Critical zero-day alert: Cisco CUCM WebDialer SSRF (CVE-2026-20230) allows unauthenticated remote root file-writes. We map out the Tomcat log baselines, JSP shell indicators, and edge isolation steps in our latest TSUITE Runbook. Protect your voice network: mike@thecybermind.co. #Infosec
##Active Exploitation of Cisco Unified Communications Manager Vulnerabilities Grants Root Access
Cisco Unified Communications Manager is facing active exploitation of two vulnerabilities, CVE-2026-20230 and CVE-2026-20045, which allow unauthenticated attackers to gain root access and deploy webshells.
**Apply the latest software updates, including Unified CM 14SU6 and 15SU5, immediately. If patching is not possible, disable the Cisco WebDialer Web Service to sever the attack path, and aggressively audit your /platform-services/ directory for unusual .jsp files or unauthorized webshells.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/active-exploitation-of-cisco-unified-communications-manager-vulnerabilities-grants-root-access-w-x-c-7-n/gD2P6Ple2L
#Cisco #UnifiedCM flaw CVE-2026-20230 now exploited in attacks
##Falha crítica em servidores da Cisco está a ser ativamente explorada. A vulnerabilidade CVE-2026-20230 afeta o Unified Communications Manager e a Session Management Edition, exigindo ação imediata dos administradores de sistemas em Portugal. ⚠️
##Cisco Unified CM flaw CVE-2026-20230 now exploited in attacks
A high-severity SSRF vulnerability, tracked as CVE-2026-20230, in Cisco Unified Communications Manager Server is now being exploited in attacks.
🔗️ [Bleepingcomputer] https://link.is.it/Y4BXYl
##updated 2026-06-26T14:35:41.477000
7 posts
1 repos
CVE-2026-20230 (Cisco UCM) and CVE-2026-12569 (PTC Windchill/FlexPLM) are actively exploited. The Cisco flaw is unauthenticated SSRF enabling arbitrary file writes; PTC involves unsafe deserialization leading to RCE....
##PTC Windchill and FlexPLM Under Active Exploitation via Critical RCE Flaw
PTC issued emergency patches for a critical RCE vulnerability in Windchill and FlexPLM that attackers are actively exploiting to deploy web shells and steal intellectual property. The flaw, tracked as CVE-2026-12569, allows unauthenticated remote code execution and has prompted emergency warnings from international security agencies.
**Consider this as urgent advisory. If possible, make sure all Windchill and FlexPLM servers are isolated from the internet and reachable only from trusted internal networks. Immediately apply PTC's latest patches for your affected version, block IP 5.180.41.35 at your perimeter, and check for compromise by scanning for suspicious 16-character hex-named .jsp files in the codebase/login directory and a flst.txt file in /tmp.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/ptc-windchill-and-flexplm-under-active-exploitation-via-critical-rce-flaw-4-m-b-f-6/gD2P6Ple2L
PTC Windchill and FlexPLM Under Active Exploitation via Critical RCE Flaw
PTC issued emergency patches for a critical RCE vulnerability in Windchill and FlexPLM that attackers are actively exploiting to deploy web shells and steal intellectual property. The flaw, tracked as CVE-2026-12569, allows unauthenticated remote code execution and has prompted emergency warnings from international security agencies.
**Consider this as urgent advisory. If possible, make sure all Windchill and FlexPLM servers are isolated from the internet and reachable only from trusted internal networks. Immediately apply PTC's latest patches for your affected version, block IP 5.180.41.35 at your perimeter, and check for compromise by scanning for suspicious 16-character hex-named .jsp files in the codebase/login directory and a flst.txt file in /tmp.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/ptc-windchill-and-flexplm-under-active-exploitation-via-critical-rce-flaw-4-m-b-f-6/gD2P6Ple2L
CISA adds CVE-2026-12569 to the KEV catalog as adversaries actively exploit PTC Windchill & FlexPLM platforms. This is an immediate threat to supply chain integrity and intellectual property. Access our complete executive risk mitigation framework for corporate leadership: https://thecybermind.co/lacm
##CISA adds CVE-2026-12569 to the KEV catalog as adversaries actively exploit PTC Windchill & FlexPLM input validation vulnerabilities. Lock down your supply chain assets. Full forensic indicators, lateral movement tracking, and active endpoint hardening protocols are live: https://thecybermind.co/y7tn
##🚨 [CISA-2026:0625] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0625)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2026-12569 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-12569)
- Name: PTC Windchill and FlexPLM Improper Input Validation Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: PTC
- Product: Windchill and FlexPLM
- Notes: https://www.ptc.com/en/support/article/CS473270 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-12569
⚠️ CVE-2026-20230 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-20230)
- Name: Cisco Unified Communications Manager Server-Side Request Forgery (SSRF) Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Cisco
- Product: Unified Communications Manager
- Notes: https://www.cisco.com/c/en/us/support/docs/csa/cisco-sa-cucm-ssrf-cXPnHcW.html ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-20230
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260625 #cisa20260625 #cve_2026_12569 #cve_2026_20230 #cve202612569 #cve202620230
##CVE ID: CVE-2026-12569
Vendor: PTC
Product: Windchill and FlexPLM
Date Added: 2026-06-25
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-12569
updated 2026-06-26T00:16:53.823000
1 posts
CVE-2026-54158: CRITICAL XSS in SiYuan (<3.7.0) allows persistent JS injection; on Electron clients, can escalate to RCE. Upgrade to 3.7.0+ ASAP. No active exploits reported. https://radar.offseq.com/threat/cve-2026-54158-cwe-79-improper-neutralization-of-i-cee0850f8d1e1264 #OffSeq #XSS #CVE202654158 #SiYuan
##updated 2026-06-25T20:21:19.853000
1 posts
CVE-2026-23879 - Critical RCE in Py7zr. Arbitrary file write via symbolic link chains allows escape from destination directory. CVSS 8.0. No patch available. Update or avoid extraction of untrusted 7z archives. #CVE #infosec #Python
##updated 2026-06-25T20:18:11.603000
1 posts
immich-app suffers CRITICAL reflected XSS (CVE-2026-53662) in /auth/login (commits 4ffa26c9 – 4eb1003). Exploitation = persistent account takeover via API key minting. Update to commit 4eb1003 or later. https://radar.offseq.com/threat/cve-2026-53662-cwe-79-improper-neutralization-of-i-088d09407e2bf58b #OffSeq #CVE202653662 #XSS #infosec
##updated 2026-06-25T19:07:56.657000
1 posts
2 repos
CVE-2026-10735 (CRITICAL): smart-post-show-pro 4.0.1 for WordPress shipped with malicious code via compromised update server. Unauth attackers can exfiltrate creds & control sites. Remove/disable affected plugin & monitor for IOCs. https://radar.offseq.com/threat/cve-2026-10735-cwe-912-hidden-functionality-in-sma-322a51684018935f #OffSeq #WordPress #SupplyChain
##updated 2026-06-25T16:00:30.783000
1 posts
CVE-2026-33612 (HIGH, CVSS 7.5) impacts PowerDNS Recursor ≤5.4.3. Crafted zones from malicious servers can trigger cache poisoning via ZoneToCache. Review deployments, monitor for patches: https://radar.offseq.com/threat/cve-2026-33612-acceptance-of-extraneous-untrusted--38801b1c47b57c99 #OffSeq #PowerDNS #vuln #dns
##updated 2026-06-25T15:31:44
1 posts
...
* glx: fix reversed length check in ChangeDrawableAttributes (CVE-2026-50262) (Closes: #1138680)
* saver: re-fetch screen private after CheckScreenPrivate in CreateSaverWindow (CVE-2026-50263) (Closes: #1138680)
* dix: increase XLFDMAXFONTNAMELEN to match libXfont2's MAXFONTNAMELEN (CVE-2026-50256) (Closes: #1138680)
* dri2: Use booleans for (fake) front buffer tracking in do_get_buffers (CVE-2026-50264) (Closes: #1138680)
...
updated 2026-06-25T15:16:39.423000
1 posts
CVE-2026-55570: CRITICAL XSS in SiYuan (<3.7.0) enables arbitrary HTML injection. On the desktop client, attackers can escalate to OS command execution due to nodeIntegration. Upgrade to 3.7.0+ now! https://radar.offseq.com/threat/cve-2026-55570-cwe-79-improper-neutralization-of-i-34ddb800ffc94efb #OffSeq #XSS #Vuln #SiYuan
##updated 2026-06-25T14:16:45.323000
1 posts
CVE-2026-50551: SiYuan (<3.7.0) suffers CRITICAL stored XSS in Attribute View, enabling RCE via Electron client. Upgrade to v3.7.0+ to mitigate. No workaround available. Details: https://radar.offseq.com/threat/cve-2026-50551-cwe-79-improper-neutralization-of-i-e91ef5b4d83fcdb8 #OffSeq #XSS #SiYuan #Cybersecurity
##updated 2026-06-25T14:16:45.140000
2 posts
...
* dri2: Deduplicate attachments in do_get_buffer (CVE-2026-50264) (Closes: #1138680)
...
* glx: fix reversed length check in ChangeDrawableAttributes (CVE-2026-50262) (Closes: #1138680)
* saver: re-fetch screen private after CheckScreenPrivate in CreateSaverWindow (CVE-2026-50263) (Closes: #1138680)
* dix: increase XLFDMAXFONTNAMELEN to match libXfont2's MAXFONTNAMELEN (CVE-2026-50256) (Closes: #1138680)
* dri2: Use booleans for (fake) front buffer tracking in do_get_buffers (CVE-2026-50264) (Closes: #1138680)
...
updated 2026-06-25T14:16:44.947000
1 posts
...
* glx: fix reversed length check in ChangeDrawableAttributes (CVE-2026-50262) (Closes: #1138680)
* saver: re-fetch screen private after CheckScreenPrivate in CreateSaverWindow (CVE-2026-50263) (Closes: #1138680)
* dix: increase XLFDMAXFONTNAMELEN to match libXfont2's MAXFONTNAMELEN (CVE-2026-50256) (Closes: #1138680)
* dri2: Use booleans for (fake) front buffer tracking in do_get_buffers (CVE-2026-50264) (Closes: #1138680)
...
updated 2026-06-25T14:16:44.750000
1 posts
...
* glx: fix reversed length check in ChangeDrawableAttributes (CVE-2026-50262) (Closes: #1138680)
* saver: re-fetch screen private after CheckScreenPrivate in CreateSaverWindow (CVE-2026-50263) (Closes: #1138680)
* dix: increase XLFDMAXFONTNAMELEN to match libXfont2's MAXFONTNAMELEN (CVE-2026-50256) (Closes: #1138680)
* dri2: Use booleans for (fake) front buffer tracking in do_get_buffers (CVE-2026-50264) (Closes: #1138680)
...
updated 2026-06-25T14:16:44.510000
1 posts
Ten CVEs fixed in patched xorg-xserver now available for Debian stable (trixie):
* sync: fix deletion of counters and fences (CVE-2026-50257, CVE-2026-50260) (Closes: #1138680)
* sync: restart trigger list iteration in SyncChangeCounter after TriggerFired (CVE-2026-50261) (Closes: #1138680)
* xkb: reject key types with num_levels exceeding XkbMaxShiftLevel (CVE-2026-50258) (Closes: #1138680)
* xkb: clamp nMaps to mapWidths buffer size in CheckKeyTypes (CVE-2026-50259) (Closes: #1138680)
...
updated 2026-06-25T14:16:43.427000
1 posts
Ten CVEs fixed in patched xorg-xserver now available for Debian stable (trixie):
* sync: fix deletion of counters and fences (CVE-2026-50257, CVE-2026-50260) (Closes: #1138680)
* sync: restart trigger list iteration in SyncChangeCounter after TriggerFired (CVE-2026-50261) (Closes: #1138680)
* xkb: reject key types with num_levels exceeding XkbMaxShiftLevel (CVE-2026-50258) (Closes: #1138680)
* xkb: clamp nMaps to mapWidths buffer size in CheckKeyTypes (CVE-2026-50259) (Closes: #1138680)
...
updated 2026-06-25T14:16:43.267000
1 posts
Ten CVEs fixed in patched xorg-xserver now available for Debian stable (trixie):
* sync: fix deletion of counters and fences (CVE-2026-50257, CVE-2026-50260) (Closes: #1138680)
* sync: restart trigger list iteration in SyncChangeCounter after TriggerFired (CVE-2026-50261) (Closes: #1138680)
* xkb: reject key types with num_levels exceeding XkbMaxShiftLevel (CVE-2026-50258) (Closes: #1138680)
* xkb: clamp nMaps to mapWidths buffer size in CheckKeyTypes (CVE-2026-50259) (Closes: #1138680)
...
updated 2026-06-25T14:16:43.110000
1 posts
Ten CVEs fixed in patched xorg-xserver now available for Debian stable (trixie):
* sync: fix deletion of counters and fences (CVE-2026-50257, CVE-2026-50260) (Closes: #1138680)
* sync: restart trigger list iteration in SyncChangeCounter after TriggerFired (CVE-2026-50261) (Closes: #1138680)
* xkb: reject key types with num_levels exceeding XkbMaxShiftLevel (CVE-2026-50258) (Closes: #1138680)
* xkb: clamp nMaps to mapWidths buffer size in CheckKeyTypes (CVE-2026-50259) (Closes: #1138680)
...
updated 2026-06-25T14:16:42.940000
1 posts
Ten CVEs fixed in patched xorg-xserver now available for Debian stable (trixie):
* sync: fix deletion of counters and fences (CVE-2026-50257, CVE-2026-50260) (Closes: #1138680)
* sync: restart trigger list iteration in SyncChangeCounter after TriggerFired (CVE-2026-50261) (Closes: #1138680)
* xkb: reject key types with num_levels exceeding XkbMaxShiftLevel (CVE-2026-50258) (Closes: #1138680)
* xkb: clamp nMaps to mapWidths buffer size in CheckKeyTypes (CVE-2026-50259) (Closes: #1138680)
...
updated 2026-06-25T14:16:36.007000
1 posts
2 repos
https://github.com/xxconi/CVE-2026-12415-or-CVE-2026-12416.py
CRITICAL (CVSS 9.8): CVE-2026-12416 impacts pravel Invoice Generator ≤1.0.0. Weak password reset lets unauthenticated attackers reset any user’s password, including admins. Restrict access or disable plugin. https://radar.offseq.com/threat/cve-2026-12416-cwe-640-weak-password-recovery-mech-e09858a3967d35a9 #OffSeq #WordPress #CVE #infosec
##updated 2026-06-25T14:02:35.347000
1 posts
CVE-2026-12850: CRITICAL OS command injection in GeoVision GV-I/O Box 4E v2.09 via libNetSetObj.so allows remote code execution. No patch — restrict access to DVRSearch & Network.cgi. Details: https://radar.offseq.com/threat/cve-2026-12850-cwe-78-improper-neutralization-of-s-4e66118ac7829bb3 #OffSeq #ICS #infosec #vulnerability
##updated 2026-06-25T14:02:35.347000
1 posts
CVE-2026-12851: CRITICAL OS command injection in GeoVision GV-I/O Box 4E v2.09 via DVRSearch/Network.cgi allows remote code execution. Patch status pending — restrict access & monitor endpoints. https://radar.offseq.com/threat/cve-2026-12851-cwe-78-improper-neutralization-of-s-3964552d83f5f479 #OffSeq #Vulnerability #IoTSecurity #CVE #Security
##updated 2026-06-25T13:28:35.737000
1 posts
HIGH severity: CVE-2026-9702 in InPost PL WordPress plugin (<1.9.1) lets unauthenticated attackers redirect WooCommerce order shipping. No patch yet — restrict access, monitor for changes. Details: https://radar.offseq.com/threat/cve-2026-9702-cwe-284-improper-access-control-in-i-050e346ad7520813 #OffSeq #WordPress #Vulnerability #Ecommerce
##updated 2026-06-25T13:27:40.747000
1 posts
CVE-2026-46752: CRITICAL heap-based buffer overflow in Apache Kvrocks (2.0.4 – 2.15.0) via Redis Lua cjson. RCE & DoS possible. Upgrade to 2.16.0 ASAP. https://radar.offseq.com/threat/cve-2026-46752-cwe-122-heap-based-buffer-overflow--87a83247c4a43c17 #OffSeq #Kvrocks #CVE202646752 #infosec
##updated 2026-06-25T13:27:40.747000
1 posts
CVE-2026-41566 (CRITICAL, CVSS 9.4) in Apache Kvrocks 2.8.0 allows privilege escalation via improper permission handling. Upgrade to 2.16.0 is required — no other mitigation. Details: https://radar.offseq.com/threat/cve-2026-41566-cwe-280-improper-handling-of-insuff-5835abc74e4991d0 #OffSeq #CVE202641566 #Kvrocks #Security
##updated 2026-06-25T13:26:11.740000
1 posts
1 repos
pravel SignUp & SignIn (<=1.0.0) has a CRITICAL flaw (CVE-2026-12417): unauthenticated attackers can reset any WordPress user password, including admins. Remove or disable plugin until patch. https://radar.offseq.com/threat/cve-2026-12417-cwe-640-weak-password-recovery-mech-5dce018195eb2855 #OffSeq #WordPress #Vuln #CVE202612417
##updated 2026-06-24T21:16:58.237000
1 posts
Webmin 2.641 Patches Root Takeover and 2FA Bypass Vulnerabilities
Webmin version 2.641 addresses multiple critical vulnerabilities, including a root-level stored XSS (CVE-2026-22678), a path traversal file overwrite (CVE-2026-49103), and a 2FA bypass (CVE-2026-56022). These flaws allow low-privileged users to compromise root accounts and bypass multi-factor authentication in multi-tenant hosting environments.
**Update your Webmin instances to version 2.641 immediately to prevent low-privileged users from taking over your root account. If you cannot patch today, restrict access to the mail and notification modules to only your most trusted administrators.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/webmin-2-641-patches-root-takeover-and-2fa-bypass-vulnerabilities-m-y-r-7-t/gD2P6Ple2L
updated 2026-06-24T14:50:41.720000
6 posts
1 repos
CISA Issues Alert on Actively Exploited Vulnerability in Ubiquiti UniFi OS #internet #cybersecurity
CISA warns of actively exploited vulnerabilities in Ubiquiti UniFi OS. The alert highlights CVE-2026-34908 (critical access control flaw) and related CVEs 34909 and 34910, with remediation guidance and BOD 26-04 deadlines. Read the full analysis and required mitigations here: https://ift.tt/6eMqVP4
Source: https://ift.tt/6eMqVP4 | Image: https://ift.tt/0lLnI6S
##CRITICAL UniFi OS vulnerabilities (CVE-2026-34908/09/10) allow remote, unauthenticated attackers to bypass auth and execute commands (pre-5.0.8). Exploited in the wild. Patch ASAP: https://radar.offseq.com/threat/critical-ubiquiti-vulnerabilities-in-attackers-cro-da638630474e46d7 #OffSeq #infosec #Ubiquiti #vulnerability
##CISA Repoers Active Exploitation of Three Critical Ubiquiti UniFi OS Vulnerabilities
CISA added three critical Ubiquiti UniFi OS vulnerabilities (CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910) to its Known Exploited Vulnerabilities Catalog due to active exploitation. These flaws allow unauthenticated attackers to gain full control over network gateways and consoles through command injection and improper access controls.
**Now this advisory is urgent, since the flaws are actively exploited. Make sure all your UniFi devices (UDM, UNVR, UCG gateways, Cloud Keys, etc.) are isolated from the internet and accessible only from trusted networks. Immediately update UniFi OS to the latest patched version for your model (5.1.12+ for most hardware, 5.0.8 for UniFi OS Server, 4.0.14 for Express).**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-adds-three-critical-ubiquiti-unifi-os-vulnerabilities-to-kev-catalog-w-v-n-9-t/gD2P6Ple2L
CISA has updated the KEV catalogue:
- CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34908
- CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34909
- CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34910
- CVE-2025-67038:
Lantronix EDS5000 Code Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-67038 #CISA #infosec #vulnerability
🚨 [CISA-2026:0623] CISA Adds 4 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0623)
CISA has added 4 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-67038 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-67038)
- Name: Lantronix EDS5000 Code Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Lantronix
- Product: EDS5000
- Notes: https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/2538438657/Latest+Firmware+for+the+EDS5000+series+EDS5008+EDS5016+EDS5032 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2025-67038
⚠️ CVE-2026-34908 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34908)
- Name: Ubiquiti UniFi OS Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34908
⚠️ CVE-2026-34909 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34909)
- Name: Ubiquiti UniFi OS Path Traversal Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34909
⚠️ CVE-2026-34910 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34910)
- Name: Ubiquiti UniFi OS Improper Input Validation Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34910
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260623 #cisa20260623 #cve_2025_67038 #cve_2026_34908 #cve_2026_34909 #cve_2026_34910 #cve202567038 #cve202634908 #cve202634909 #cve202634910
##CVE ID: CVE-2026-34908
Vendor: Ubiquiti
Product: UniFi OS
Date Added: 2026-06-23
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-34908
updated 2026-06-24T14:49:53.287000
4 posts
CISA Repoers Active Exploitation of Three Critical Ubiquiti UniFi OS Vulnerabilities
CISA added three critical Ubiquiti UniFi OS vulnerabilities (CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910) to its Known Exploited Vulnerabilities Catalog due to active exploitation. These flaws allow unauthenticated attackers to gain full control over network gateways and consoles through command injection and improper access controls.
**Now this advisory is urgent, since the flaws are actively exploited. Make sure all your UniFi devices (UDM, UNVR, UCG gateways, Cloud Keys, etc.) are isolated from the internet and accessible only from trusted networks. Immediately update UniFi OS to the latest patched version for your model (5.1.12+ for most hardware, 5.0.8 for UniFi OS Server, 4.0.14 for Express).**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-adds-three-critical-ubiquiti-unifi-os-vulnerabilities-to-kev-catalog-w-v-n-9-t/gD2P6Ple2L
CISA has updated the KEV catalogue:
- CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34908
- CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34909
- CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34910
- CVE-2025-67038:
Lantronix EDS5000 Code Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-67038 #CISA #infosec #vulnerability
🚨 [CISA-2026:0623] CISA Adds 4 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0623)
CISA has added 4 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-67038 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-67038)
- Name: Lantronix EDS5000 Code Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Lantronix
- Product: EDS5000
- Notes: https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/2538438657/Latest+Firmware+for+the+EDS5000+series+EDS5008+EDS5016+EDS5032 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2025-67038
⚠️ CVE-2026-34908 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34908)
- Name: Ubiquiti UniFi OS Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34908
⚠️ CVE-2026-34909 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34909)
- Name: Ubiquiti UniFi OS Path Traversal Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34909
⚠️ CVE-2026-34910 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34910)
- Name: Ubiquiti UniFi OS Improper Input Validation Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34910
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260623 #cisa20260623 #cve_2025_67038 #cve_2026_34908 #cve_2026_34909 #cve_2026_34910 #cve202567038 #cve202634908 #cve202634909 #cve202634910
##CVE ID: CVE-2026-34909
Vendor: Ubiquiti
Product: UniFi OS
Date Added: 2026-06-23
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-34909
updated 2026-06-24T14:49:47.237000
4 posts
CISA Repoers Active Exploitation of Three Critical Ubiquiti UniFi OS Vulnerabilities
CISA added three critical Ubiquiti UniFi OS vulnerabilities (CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910) to its Known Exploited Vulnerabilities Catalog due to active exploitation. These flaws allow unauthenticated attackers to gain full control over network gateways and consoles through command injection and improper access controls.
**Now this advisory is urgent, since the flaws are actively exploited. Make sure all your UniFi devices (UDM, UNVR, UCG gateways, Cloud Keys, etc.) are isolated from the internet and accessible only from trusted networks. Immediately update UniFi OS to the latest patched version for your model (5.1.12+ for most hardware, 5.0.8 for UniFi OS Server, 4.0.14 for Express).**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-adds-three-critical-ubiquiti-unifi-os-vulnerabilities-to-kev-catalog-w-v-n-9-t/gD2P6Ple2L
CISA has updated the KEV catalogue:
- CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34908
- CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34909
- CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34910
- CVE-2025-67038:
Lantronix EDS5000 Code Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-67038 #CISA #infosec #vulnerability
🚨 [CISA-2026:0623] CISA Adds 4 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0623)
CISA has added 4 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-67038 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-67038)
- Name: Lantronix EDS5000 Code Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Lantronix
- Product: EDS5000
- Notes: https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/2538438657/Latest+Firmware+for+the+EDS5000+series+EDS5008+EDS5016+EDS5032 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2025-67038
⚠️ CVE-2026-34908 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34908)
- Name: Ubiquiti UniFi OS Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34908
⚠️ CVE-2026-34909 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34909)
- Name: Ubiquiti UniFi OS Path Traversal Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34909
⚠️ CVE-2026-34910 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34910)
- Name: Ubiquiti UniFi OS Improper Input Validation Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34910
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260623 #cisa20260623 #cve_2025_67038 #cve_2026_34908 #cve_2026_34909 #cve_2026_34910 #cve202567038 #cve202634908 #cve202634909 #cve202634910
##CVE ID: CVE-2026-34910
Vendor: Ubiquiti
Product: UniFi OS
Date Added: 2026-06-23
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-34910
updated 2026-06-24T05:17:25.670000
6 posts
1 repos
If you have any LuCI-based #Lantronix Serial-to-Ethernet device exposed on the internet, then you may want to kickoff your incident response plan.
My suspicion is that the unauthenticated Remote Code Execution vulnerability CVE-2025-67038 affects a lot more device types than just the EDS5000 that is mentioned in the advisory.
The vulnerable code path is in a modified OpenWRT LuCI RPC module that puts a user-controlled variable inside a Lua `os.execute` call. This vulnerable code is contained in a lot of device firmware versions released in or after 2023. Unfortunately, I do not have the devices to actually test exploitability. My analysis is based purely on patch diffing and grepping publicly released firmware versions. The incomplete list of device types that contain the vulnerable code: EDS5000, G520, G526, G526RP, G527, G528, X300, X300-WiFi, X303, X304. I also suspect E210 is on the incomplete list of vulnerable devices.
Back in April this vulnerability was published by Forescout as part of their BRIDGE:BREAK report on Serial-to-Ethernet adapters. Two days ago this vulnerability was added to the CISA KEV Catalog. Yesterday Forescout published a blogpost they first observed exploitation attempts on the 5th of April 2026. Attacks are attributed to a new cluster Chaya_006. It is unclear if Lantronix took the effort to check if any of their other devices are vulnerable given that they contain the same RPC module.
You want to look for POST requests to `/cgi-bin/luci/rpc/auth` in your logs. Forescout has a number 3 octet IP addresses as Indicator of Compromise here: https://www.forescout.com/blog/analyzing-active-exploitation-of-lantronix-and-openwrt-luci/ . The running theory is that these are supposed to be /24 CIDR ranges.
##CISA Reports Active Exploitation of Lantronix Flaws
CISA flagged an actively exploited critical flaw (CVE-2025-67038) in Lantronix EDS5000 v2.1.0.0R3 devices: an unauthenticated OS command injection in the HTTP RPC module that lets attackers gain root access and fully compromise the equipment.
**Make sure all Lantronix EDS5000 devices are isolated from the internet and accessible only from trusted networks, since this flaw lets attackers gain full root control without any login. Check your inventory for version 2.1.0.0R3, apply the latest firmware update from Lantronix, and because attackers can survive patches by creating rogue admin accounts, audit for unknown accounts and rotate any stored secrets after patching.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-adds-critical-ubiquiti-and-lantronix-flaws-to-kev-catalog-following-active-exploitation-o-d-j-f-r/gD2P6Ple2L
For the Boardroom: A critical unauthenticated code injection flaw (CVE-2025-67038) in Lantronix EDS5000 servers is under active exploitation. Read the full C-SUITE threat advisory on mitigating this operational risk. Ping the word 'ok' mike@thecybermind.co to upgrade your intel. https://thecybermind.co/jpul
#CyberSec #RiskManagement
CISA has updated the KEV catalogue:
- CVE-2026-34908: Ubiquiti UniFi OS Improper Access Control Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34908
- CVE-2026-34909: Ubiquiti UniFi OS Path Traversal Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34909
- CVE-2026-34910: Ubiquiti UniFi OS Improper Input Validation Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-34910
- CVE-2025-67038:
Lantronix EDS5000 Code Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2025-67038 #CISA #infosec #vulnerability
🚨 [CISA-2026:0623] CISA Adds 4 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0623)
CISA has added 4 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2025-67038 (https://secdb.nttzen.cloud/cve/detail/CVE-2025-67038)
- Name: Lantronix EDS5000 Code Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Lantronix
- Product: EDS5000
- Notes: https://ltrxdev.atlassian.net/wiki/spaces/LTRXTS/pages/2538438657/Latest+Firmware+for+the+EDS5000+series+EDS5008+EDS5016+EDS5032 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2025-67038
⚠️ CVE-2026-34908 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34908)
- Name: Ubiquiti UniFi OS Improper Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34908
⚠️ CVE-2026-34909 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34909)
- Name: Ubiquiti UniFi OS Path Traversal Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34909
⚠️ CVE-2026-34910 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-34910)
- Name: Ubiquiti UniFi OS Improper Input Validation Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Ubiquiti
- Product: UniFi OS
- Notes: https://community.ui.com/releases/Security-Advisory-Bulletin-064-064/84811c09-4cf4-42ab-bd61-cc994445963b ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-34910
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260623 #cisa20260623 #cve_2025_67038 #cve_2026_34908 #cve_2026_34909 #cve_2026_34910 #cve202567038 #cve202634908 #cve202634909 #cve202634910
##CVE ID: CVE-2025-67038
Vendor: Lantronix
Product: EDS5000
Date Added: 2026-06-23
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2025-67038
updated 2026-06-24T05:17:25.543000
1 posts
CVE-2025-52465 geoserver arbitrary file write vulnerability https://www.partywave.site/show/research/cve-2025-52465-geolocate-geoserver
##updated 2026-06-23T20:16:48.907000
1 posts
CVE-2026-53753: CRITICAL code injection in unclecode crawl4ai (<0.8.7). Unauthenticated RCE via /crawl POST request due to insufficient AST validation. Patch to 0.8.7 ASAP. https://radar.offseq.com/threat/cve-2026-53753-cwe-94-improper-control-of-generati-9d9fc678b9a0404e #OffSeq #CVE202653753 #infosec #vuln
##updated 2026-06-23T19:36:18.347000
2 posts
🚨 AWS Language Server Flaw!
CVE-2026-12957 allows zero-click command injection and cloud credential theft simply by opening a poisoned repository inside your IDE (affecting Amazon Q Developer).
https://denizhalil.com/2026/06/27/cve-2026-12957-aws-language-server-command-injection/
##CVE-2026-12957 and CVE-2026-12958 - Issues in Language Servers for AWS and Amazon Q Developer Plugins
Bulletin ID: 2026-047-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/23/2026 09:30 AM PDT
Description:
Language Servers for AWS provide the underlying language-server runtime that powers Amazon ...
https://aws.amazon.com/security/security-bulletins/rss/2026-047-aws/
##updated 2026-06-23T19:36:18.347000
1 posts
CVE-2026-12957 and CVE-2026-12958 - Issues in Language Servers for AWS and Amazon Q Developer Plugins
Bulletin ID: 2026-047-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/23/2026 09:30 AM PDT
Description:
Language Servers for AWS provide the underlying language-server runtime that powers Amazon ...
https://aws.amazon.com/security/security-bulletins/rss/2026-047-aws/
##updated 2026-06-23T18:31:51
2 posts
A new CPython tarfile vulnerability (CVE-2026-11940) allows directory escape attacks. Learn how this extraction filter bypass exposes systems.
##A new CPython tarfile vulnerability (CVE-2026-11940) allows directory escape attacks. Learn how this extraction filter bypass exposes systems.
##updated 2026-06-23T16:16:59.350000
1 posts
New.
"Today VulnCheck is disclosing CVE-2026-28496, an unauthenticated remote code execution chain in FOSSBilling, the open-source billing and client-management platform."
VulnCheck: CVE-2026-28496 - FOSSBilling Auth Bypass and Twig SSTI to Unauthenticated RCE https://www.vulncheck.com/blog/fossbilling-auth-bypass-ssti-rce @vulncheck #infosec #opensource #vulnerability
##updated 2026-06-23T15:16:35.747000
1 posts
I think it’s hilarious that I now have my first CVE because I got annoyed with an unresponsive vendor and just posted the zero day exploit I was trying to report to them on my GitHub 😆
##updated 2026-06-22T20:31:03.510000
19 posts
5 repos
https://github.com/Y5neKO/CVE-2026-8461-EXP
https://github.com/HORKimhab/CVE-2026-8461
https://github.com/anyanything/CVE-2026-8461-PoC
Pixelsmash: Eine 50‑KB‑Videodatei reicht, um per FFmpeg-Decoder (MagicYUV/libavcodec) zahlreiche Anwendungen zum Absturz zu bringen – teils sogar mit Codeausführung. Schwere Lücke: CVE-2026-8461 (CVSS 8,8). Patch: FFmpeg 8.1.2. https://www.golem.de/news/pixelsmash-luecke-in-ffmpeg-decoder-gefaehrdet-unzaehlige-systeme-2606-210068.html 🎥🛡️💥 #FFmpeg #Cybersecurity #CVE #Patch #Exploit
##🚨 FFmpeg’s MagicYUV decoder bug “PixelSmash” (CVE-2026-8461) can be triggered by a crafted AVI/MKV/MOV to achieve remote code execution on media open—per JFrog researchers. Affected apps include Jellyfin & Nextcloud. Fix: FFmpeg 8.1.2. https://cyberinsider.com/ffmpeg-pixelsmash-bug-triggers-code-execution-on-media-file-open/ #FFmpeg #CyberSecurity #RCE #CVE #Infosec
##Pixelsmash: Eine 50‑KB‑Videodatei reicht, um per FFmpeg-Decoder (MagicYUV/libavcodec) zahlreiche Anwendungen zum Absturz zu bringen – teils sogar mit Codeausführung. Schwere Lücke: CVE-2026-8461 (CVSS 8,8). Patch: FFmpeg 8.1.2. https://www.golem.de/news/pixelsmash-luecke-in-ffmpeg-decoder-gefaehrdet-unzaehlige-systeme-2606-210068.html 🎥🛡️💥 #FFmpeg #Cybersecurity #CVE #Patch #Exploit
##🚨 FFmpeg’s MagicYUV decoder bug “PixelSmash” (CVE-2026-8461) can be triggered by a crafted AVI/MKV/MOV to achieve remote code execution on media open—per JFrog researchers. Affected apps include Jellyfin & Nextcloud. Fix: FFmpeg 8.1.2. https://cyberinsider.com/ffmpeg-pixelsmash-bug-triggers-code-execution-on-media-file-open/ #FFmpeg #CyberSecurity #RCE #CVE #Infosec
###Mastodon v4.6.2 へ #update した。
CVE-2026-8461へのセキュリティ対応。
git fetch && git checkout v4.6.2
だけで完了。
"No way to prevent this" say users of only language where this regularly happens
https://xeiaso.net/shitposts/no-way-to-prevent-this/memory-safety/CVE-2026-8461/
"No way to prevent this" say u...
"No way to prevent this" say users of only language where this regularly happens
##I built FFmpeg 7.1.5 from source since Ubuntu is moving slowly on CVE-2026-8461, and leaving a Mastodon server that processes untrusted media all day long unpatched seems like a bad idea. So anyway, testing with a #Goose post.
##Looks like #ffmpeg leaks (CVE-2026-8461), #mastodon Docker images have all been updated with a fixed version.
###Sysadmin #Infosec #MastoAdmin am I reading correctly that Ubuntu is still triaging the lastest FFMPEG vulnerability and hasn't released a fix?
Running 24.04 LTS and I don't wanna get pwned
##RE: https://social.coop/@cwebber/116810673204863384
Every once in a while, we observe flaws in media players that allow exploits to be delivered by video files. These files often get free passes in security gateways.
Fortunately, it doesn't work by default. BleepingComputer wrote:
##the RCE exploit requires ASLR (Address Space Layout Randomization) to be disabled, and that CVE-2026-8461 alone does not bypass this memory protection.
In theory, a separate information-disclosure bug in FFmpeg's FlashSV decoder could be chained with PixelSmash to bypass ASLR.
@cwebber Ubuntu doesn't either: https://ubuntu.com/security/CVE-2026-8461#status
Does the ubuntu security team need to be briefed on how concerning this issue is?
####This release is made solely to update FFmpeg in our docker container images to fix CVE-2026-8461 (critical severity). It is critical to update if you use our docker container images. If you are not using our docker container images, please make...
##This release is made solely to update FFmpeg in our docker container images to fix CVE-2026-8461 (critical severity). It is critical to update if you use our docker container images. If you are not using our docker container images, please make...
##This release is made solely to update FFmpeg in our docker container images to fix CVE-2026-8461 (critical severity). It is critical to update if you use our docker container images. If you are not using our docker container images, please make...
##This release is made solely to update FFmpeg in our docker container images to fix CVE-2026-8461 (critical severity). It is critical to update if you use our docker container images. If you are not using our docker container images, please make...
🌿 站点更新完成:Mastodon 4.6.2
服务器花园完成了一轮快速修整!Somincola Social 已从 Mastodon 4.6.0 更新至 4.6.2,目前运行正常。🐘
本次更新包括:
• 修复 Emoji、下拉菜单、高级界面、个人资料字段及 LDAP 登录等问题
• 更新 Docker 镜像中的 FFmpeg,修复严重安全漏洞 CVE-2026-8461
• 本站的 5000 字符上限继续保留
大家无需进行额外操作。Tangerine UI 目前宣布停更,暂时移出了服务器花园。希望它在花园外能继续茁壮成长
感谢大家的等待!辛勤的园艺师傅已经扫完落叶,联邦小路继续开放啦。🌿
##@mastodon_releases
Mastodon v4.6.2 has been released, fixing critical FFmpeg vulnerability CVE-2026-8461.
Attackers can upload malicious videos to crash the service or execute arbitrary code. High risk.
Please update Mastodon/FFmpeg ASAP. Ensure your FFmpeg version is:
• 8.1.2
• 7.1.5
• 6.1.6
• 5.1.10
Mastodon 4.6.2
(manchmal kommen sie schnell hintereinander, diesmal wegen CVE-2026-8461)
updated 2026-06-22T18:16:37.293000
1 posts
⚠️ CRITICAL: Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps
Four critical vulnerabilities in Dify AI platform (CVE-2026-41947, CVE-2026-41948, CVE-2026-41950) enable unauthorized access to private chats, cross-tenant document theft, and lateral API calls across multi-tenant environments. The platform powers 1 million applications, making this a widespread s…
##updated 2026-06-22T18:16:37.033000
1 posts
⚠️ CRITICAL: Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps
Four critical vulnerabilities in Dify AI platform (CVE-2026-41947, CVE-2026-41948, CVE-2026-41950) enable unauthorized access to private chats, cross-tenant document theft, and lateral API calls across multi-tenant environments. The platform powers 1 million applications, making this a widespread s…
##updated 2026-06-22T18:16:36.883000
1 posts
⚠️ CRITICAL: Data Exposure Flaws Threaten Dify AI Platform Used by 1 Million Apps
Four critical vulnerabilities in Dify AI platform (CVE-2026-41947, CVE-2026-41948, CVE-2026-41950) enable unauthorized access to private chats, cross-tenant document theft, and lateral API calls across multi-tenant environments. The platform powers 1 million applications, making this a widespread s…
##updated 2026-06-17T11:01:08.343000
1 posts
AdvancedCLI, and multiple sensor/toolkit updates.
- **PostgreSQL updates**: Security patches (CVE-2026-6637), pg_qualstats 2.1.4, pg_stat_kcache 2.3.2, and PGDay.UK 2026 schedule.
- **Rust & Zig**: Dr.Jit 1.4, Mitsuba 3.9, and Mach Nominated Zig versions for gamedev.
- **Security vulnerabilities**: Squidbleed (CVE-2026-47729), NetBSD/pkgsrc CVEs, and TXE firmware flaws. [2/2]
updated 2026-06-17T10:55:30.553000
1 posts
Webmin 2.641 Patches Root Takeover and 2FA Bypass Vulnerabilities
Webmin version 2.641 addresses multiple critical vulnerabilities, including a root-level stored XSS (CVE-2026-22678), a path traversal file overwrite (CVE-2026-49103), and a 2FA bypass (CVE-2026-56022). These flaws allow low-privileged users to compromise root accounts and bypass multi-factor authentication in multi-tenant hosting environments.
**Update your Webmin instances to version 2.641 immediately to prevent low-privileged users from taking over your root account. If you cannot patch today, restrict access to the mail and notification modules to only your most trusted administrators.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/webmin-2-641-patches-root-takeover-and-2fa-bypass-vulnerabilities-m-y-r-7-t/gD2P6Ple2L
updated 2026-06-17T10:53:23.893000
1 posts
4 repos
https://github.com/cumakurt/linuxpi
https://github.com/Koshmare-Blossom/CIFSwitch-go
https://github.com/MrForkBomb/CIFSwitch-Checker-CVE-2026-46243
📰 19-Year-Old 'CIFSwitch' Linux Flaw (CVE-2026-46243) Gives Instant Root
🚨 CRITICAL FLAW: 'CIFSwitch' (CVE-2026-46243), a 19-year-old Linux kernel bug, allows instant root access on Ubuntu & RHEL with a single command. Patch immediately! This is the 5th Linux LPE this year. #Linux #infosec #CyberSecurity #CVE
🌐 cyber[.]netsecops[.]io
##updated 2026-06-17T10:52:10.200000
1 posts
1 repos
CVE-2026-45504 Microsoft Exchange SSRF via File Read https://hawktrace.com/blog/CVE-2026-45504/
##updated 2026-06-17T10:47:57.267000
1 posts
Podman 5.8.4 closes CVE-2026-57231. A malicious image could ship malformed Env entries that, when the container started, leaked the host's environment variables into it, including through glob operators that grab multiple variables without knowing their names. The release also updates golang.org/x/crypto to v0.53.0 for CVE-2026-39830 and CVE-2026-42508. When you pull a public image, do you think about what its metadata can read from your host?
#containers #security
updated 2026-06-17T10:42:39.483000
1 posts
Podman 5.8.4 closes CVE-2026-57231. A malicious image could ship malformed Env entries that, when the container started, leaked the host's environment variables into it, including through glob operators that grab multiple variables without knowing their names. The release also updates golang.org/x/crypto to v0.53.0 for CVE-2026-39830 and CVE-2026-42508. When you pull a public image, do you think about what its metadata can read from your host?
#containers #security
updated 2026-06-17T10:40:28.933000
2 posts
CVE-2026-35373 introduces a critical operational divergence in modern Linux system utilities, causing strict encoding enforcement to break automated backup and data migration pipelines. Access our strategic CSUITE briefing to audit system integrity: https://thecybermind.co/393z
##CVE-2026-35373 introduces a critical operational divergence in modern Linux system utilities, causing strict encoding enforcement to break automated backup and data migration pipelines. Access our strategic CSUITE briefing to audit system integrity: https://thecybermind.co/393z
##updated 2026-06-17T10:39:49.727000
2 posts
1 repos
CISA confirms active zero-day exploitation of Trend Micro Apex One (CVE-2026-34926), introducing critical directory traversal and code injection risks across the endpoint control plane. Access our full executive advisory on asset mitigation and strategic governance alignment: https://thecybermind.co/22mw
##CISA confirms active zero-day exploitation of Trend Micro Apex One (CVE-2026-34926), introducing critical directory traversal and code injection risks across the endpoint control plane. Access our full executive advisory on asset mitigation and strategic governance alignment: https://thecybermind.co/22mw
##updated 2026-06-17T10:36:47.177000
2 posts
11 repos
https://github.com/EQSTLab/CVE-2026-33017
https://github.com/r3nsi15/CVE-2026-33017-langflow-rce
https://github.com/0xBlackash/CVE-2026-33017
https://github.com/oscar-mine/CVE-2026-33017-Exploit
https://github.com/SimoesCTT/Sovereign-Echo-33017
https://github.com/masterwok/PoC-CVE-2026-33017
https://github.com/Jorrit-VM/CVE-2026-33017
https://github.com/omer-efe-curkus/CVE-2026-33017-Langflow-RCE-PoC
https://github.com/z4yd3/PoC-CVE-2026-33017
Langflow Cryptominer Malware Exploits CVE-2026-33017
At least 39 rival malware families appear on a kill list used by a new Langflow cryptominer malware campaign. Threat actors now target exposed artificial intelligence application endpoints to breach enterprise networks. They exploit CVE-2026-33017, which is a critical remote code execution vulnerability. Consequently, attackers hijack servers to mine cryptocurrency. At a glance Malware Family: Modified KORKERDS/MALXMR variant Threat Actor:
##Langflow Cryptominer Malware Exploits CVE-2026-33017
At least 39 rival malware families appear on a kill list used by a new Langflow cryptominer malware campaign. Threat actors now target exposed artificial intelligence application endpoints to breach enterprise networks. They exploit CVE-2026-33017, which is a critical remote code execution vulnerability. Consequently, attackers hijack servers to mine cryptocurrency. At a glance Malware Family: Modified KORKERDS/MALXMR variant Threat Actor:
##updated 2026-06-17T10:29:19.940000
1 posts
@0 Oh, I stopped dragging and dropping things in the Terminal since we published this:
##updated 2026-06-17T10:20:13.247000
1 posts
Webmin 2.641 Patches Root Takeover and 2FA Bypass Vulnerabilities
Webmin version 2.641 addresses multiple critical vulnerabilities, including a root-level stored XSS (CVE-2026-22678), a path traversal file overwrite (CVE-2026-49103), and a 2FA bypass (CVE-2026-56022). These flaws allow low-privileged users to compromise root accounts and bypass multi-factor authentication in multi-tenant hosting environments.
**Update your Webmin instances to version 2.641 immediately to prevent low-privileged users from taking over your root account. If you cannot patch today, restrict access to the mail and notification modules to only your most trusted administrators.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/webmin-2-641-patches-root-takeover-and-2fa-bypass-vulnerabilities-m-y-r-7-t/gD2P6Ple2L
updated 2026-06-17T10:18:08.213000
4 posts
🔒 Sicherheitslücke im Android-Kernel: Forscher von Lucid Bit Labs melden einen Use-after-free-Bug (CVE-2026-20971, CVSS 7,8) in Samsung-Proca/Knox. Betroffen: Galaxy S9–S25 u. a. Angriff möglich via bösartige App & Race-Condition. Patch: Januar 2026. https://www.golem.de/news/sicherheitsluecke-acht-jahre-alter-kernel-bug-gefaehrdet-samsung-smartphones-2606-210117.html #CyberSecurity #Samsung #Android #Vulnerability #Patch
##🔒 Sicherheitslücke im Android-Kernel: Forscher von Lucid Bit Labs melden einen Use-after-free-Bug (CVE-2026-20971, CVSS 7,8) in Samsung-Proca/Knox. Betroffen: Galaxy S9–S25 u. a. Angriff möglich via bösartige App & Race-Condition. Patch: Januar 2026. https://www.golem.de/news/sicherheitsluecke-acht-jahre-alter-kernel-bug-gefaehrdet-samsung-smartphones-2606-210117.html #CyberSecurity #Samsung #Android #Vulnerability #Patch
##CVE-2026-20971: Samsung Android kernel UAF affecting Galaxy S9-S25 https://lucidbitlabs.com/blog/when-defenses-become-attack-surface/
##La vulnerabilità UAF del kernel KNOX di Samsung espone milioni di dispositivi Galaxy.
La vulnerabilità KNOX di Samsung (CVE-2026-20971) è una UAF del kernel in PROCA/FIVE che può consentire la corruzione [della memoria] tramite una race condition; Samsung l'ha corretta nel gennaio 2026.
https://infosec.exchange/@securityaffairs/116801915008086780
##updated 2026-06-17T10:17:19.370000
6 posts
3 repos
https://github.com/HORKimhab/CVE-2026-20245
https://github.com/0xBlackash/CVE-2026-20245
https://github.com/fevar54/CVE-2026-20245---Cisco-SD-WAN-Privilege-Escalation-Exploit
Cisco SD-WAN zero-day CVE-2026-20245 exploited for two months before disclosure. Mandiant found the traces. Attacker had netadmin access, escalated to root, cleaned up config files. Inside for months.
https://thehackernews.com/2026/06/cisco-catalyst-sd-wan-zero-day-cve-2026.html
##Cisco SD-WAN Zero-Day Exploited in Attacks
At a glance Actor: Unknown threat actor Activity Type: Privilege escalation and zero-day exploitation Targets: Service provider infrastructure Scale: Unknown victim count Jurisdiction: Active investigation; no arrests reported Source: Mandiant TL;DR Attackers breached a service provider using a Cisco SD-WAN zero-day flaw. They exploited CVE-2026-20245 to gain root-level control over network systems. Therefore, administrators must upgrade their software immediately to block further intrusions.
https://securityonline.info/cisco-sd-wan-zero-day/?utm_source=mastodon&utm_medium=jetpack_social
##CVE-2026-20245 Zero-Day Exploited in Cisco Catalyst SD-WAN Manager to Gain Root Access
A newly disclosed zero-day vulnerability, CVE-2026-20245, has been exploited by a threat actor targeting Cisco Catalyst SD-WAN Manager. By exploiting
🔗️ [Thecyberexpress] https://link.is.it/YtDctR
##Mandiant reveals how Cisco SD-WAN zero-day attacks gained root access
New details have been revealed on how hackers exploited a Cisco Catalyst SD-WAN vulnerability tracked as CVE-2026-20245 in zero-day attacks to...
🔗️ [Bleepingcomputer] https://link.is.it/gbIA4V
##New.
Mandiant: Zero-Day Exploitation of Vulnerability (CVE-2026-20245) in Cisco Catalyst SD-WAN Manager https://cloud.google.com/blog/topics/threat-intelligence/zero-day-exploitation-cisco-catalyst-sd-wan-manager #Google
Microsoft:
StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them https://www.microsoft.com/en-us/security/blog/2026/06/24/stealc-and-amadey-breaking-down-infostealers-and-the-cybercrime-services-that-deliver-them/
Kaspersky:
StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader https://securelist.com/strikeshark-campaign/120326/ @Kaspersky
Symantec: Backdoor.Mistic: New Backdoor May be Linked to Ransomware Access Broker https://www.security.com/threat-intelligence/new-mistic-backdoor-modelorat
Picus:
The ShinyHunters Domino Effect: One Breach, Hundreds of Victims https://www.picussecurity.com/resource/blog/the-shinyhunters-domino-effect-one-breach-hundreds-of-victims
Proofpoint:
StealC You Later: Proofpoint and IBM X-Force Support Operation Endgame Disruptions https://www.proofpoint.com/us/blog/threat-insight/stealc-you-later-proofpoint-and-ibm-x-force-support-operation-endgame #threatresearch #cybercrime #Microsoft #infosec #threatintelligence #Cisco #vulnerability #zeroday #ransomware
##updated 2026-06-17T10:17:15.950000
1 posts
New advisory.
CVE-2026-20175, medium severity: Cisco Finesse Remote File Inclusion Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-finesse-rfi-gwpkdc89
From yesterday:
Cisco Advance Notification for Publication of July 1, 2026, Security Advisories https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-notice-vwL7b0S7 @TalosSecurity #Cisco #infosec #vulnerability
##updated 2026-06-17T10:16:58.097000
1 posts
1 repos
Active Exploitation of Cisco Unified Communications Manager Vulnerabilities Grants Root Access
Cisco Unified Communications Manager is facing active exploitation of two vulnerabilities, CVE-2026-20230 and CVE-2026-20045, which allow unauthenticated attackers to gain root access and deploy webshells.
**Apply the latest software updates, including Unified CM 14SU6 and 15SU5, immediately. If patching is not possible, disable the Cisco WebDialer Web Service to sever the attack path, and aggressively audit your /platform-services/ directory for unusual .jsp files or unauthorized webshells.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/active-exploitation-of-cisco-unified-communications-manager-vulnerabilities-grants-root-access-w-x-c-7-n/gD2P6Ple2L
updated 2026-06-17T07:24:59.037000
1 posts
2 repos
New and part promo.
Kaspersky:Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk https://securelist.com/tr/schneider-electric-cve-2024-2658-vulnerability/120436/ @Kaspersky #infosec #vulnerability
##updated 2026-06-17T01:40:13.793000
2 posts
RE: https://mastodon.social/@hrbrmstr/116821870776629693
Ok, getting sidetracked...
https://nvd.nist.gov/vuln/detail/CVE-2018-13818
ref: https://mobile.twitter.com/jameel_nabbo/status/1032593354704515072?s=20
lol, mobile. & included tracking query :neobot_giggle:
##RE: https://mastodon.social/@hrbrmstr/116821870776629693
Ok, getting sidetracked...
https://nvd.nist.gov/vuln/detail/CVE-2018-13818
ref: https://mobile.twitter.com/jameel_nabbo/status/1032593354704515072?s=20
lol, mobile. & included tracking query :neobot_giggle:
##updated 2026-06-17T00:02:24.467000
1 posts
74 repos
https://github.com/tomdevman/heartbleed-bug
https://github.com/0xinf0/bleeding_onions
https://github.com/marstornado/cve-2014-0160-Yunfeng-Jiang
https://github.com/obayesshelton/CVE-2014-0160-Scanner
https://github.com/undacmic/heartbleed-proof-of-concept
https://github.com/hybridus/heartbleedscanner
https://github.com/MrE-Fog/CVE-2014-0160-Chrome-Plugin
https://github.com/OffensivePython/HeartLeak
https://github.com/hreese/heartbleed-dtls
https://github.com/GuillermoEscobero/heartbleed
https://github.com/siddolo/knockbleed
https://github.com/xanas/heartbleed.py
https://github.com/a0726h77/heartbleed-test
https://github.com/fb1h2s/CVE-2014-0160
https://github.com/sammyfung/openssl-heartbleed-fix
https://github.com/proactiveRISK/heartbleed-extention
https://github.com/ArtemCyberLab/Project-Field-Analysis-and-Memory-Leak-Demonstration
https://github.com/iwaffles/heartbleed-test.crx
https://github.com/belmind/heartbleed
https://github.com/ingochris/heartpatch.us
https://github.com/cved-sources/cve-2014-0160
https://github.com/DisK0nn3cT/MaltegoHeartbleed
https://github.com/0xBlackash/CVE-2014-0160
https://github.com/WildfootW/CVE-2014-0160_OpenSSL_1.0.1f_Heartbleed
https://github.com/victoriacfigueiredo/heartbleed-lab
https://github.com/musalbas/heartbleed-masstest
https://github.com/waqasjamal-zz/HeartBleed-Vulnerability-Checker
https://github.com/sensepost/heartbleed-poc
https://github.com/FiloSottile/Heartbleed
https://github.com/yryz/heartbleed.js
https://github.com/GardeniaWhite/fuzzing
https://github.com/pierceoneill/bleeding-heart
https://github.com/titanous/heartbleeder
https://github.com/amerine/coronary
https://github.com/timsonner/cve-2014-0160-heartbleed
https://github.com/Xyl2k/CVE-2014-0160-Chrome-Plugin
https://github.com/mpgn/heartbleed-PoC
https://github.com/0x90/CVE-2014-0160
https://github.com/artofscripting-zz/cmty-ssl-heartbleed-CVE-2014-0160-HTTP-HTTPS
https://github.com/xlucas/heartbleed
https://github.com/caiqiqi/OpenSSL-HeartBleed-CVE-2014-0160-PoC
https://github.com/pblittle/aws-suture
https://github.com/takeshixx/ssl-heartbleed.nse
https://github.com/cheese-hub/heartbleed
https://github.com/ice-security88/CVE-2014-0160
https://github.com/22imer/CVE-2014-0160
https://github.com/iSCInc/heartbleed
https://github.com/Shayhha/HeartbleedAttack
https://github.com/h3x0v3rl0rd/CVE-2014-0160_Heartbleed
https://github.com/PinkP4nther/Heartbleed_PoC
https://github.com/cyphar/heartthreader
https://github.com/anthophilee/A2SV--SSL-VUL-Scan
https://github.com/roganartu/heartbleedchecker-chrome
https://github.com/hmlio/vaas-cve-2014-0160
https://github.com/ThanHuuTuan/Heartexploit
https://github.com/mozilla-services/Heartbleed
https://github.com/froyo75/Heartbleed_Dockerfile_with_Nginx
https://github.com/einaros/heartbleed-tools
https://github.com/yashfren/CVE-2014-0160-HeartBleed
https://github.com/indiw0rm/-Heartbleed-
https://github.com/Ryo-Soikutsu/Heartbleed
https://github.com/idkqh7/heatbleeding
https://github.com/isgroup/openmagic
https://github.com/indrajeetmp11/Heartbleed-PoC-Exploit-Script
https://github.com/rouze-d/heartbleed
https://github.com/Lekensteyn/pacemaker
https://github.com/zouguangxian/heartbleed
https://github.com/jdauphant/patch-openssl-CVE-2014-0160
https://github.com/DominikTo/bleed
https://github.com/Saymeis/HeartBleed
https://github.com/cbk914/heartbleed-checker
Exploit Heartbleed (CVE-2014-0160) with OpenSSL s_client: send a malformed heartbeat request with oversized payload length to extract up to 64KB of heap memory. Use -no_ssl3 -no_tls1 for TLS 1.0/1.1, -msg to capture leaked data. #cve #snippet #heartbleed #cve-2014-0160 #ValtersIT
https://www.valtersit.com/vault/heartbleed-memory-extraction-via-openssl-sclient-80ed4a/
##Zephyr 4.0.0 – 4.4.0 is affected by CVE-2026-10646 (HIGH, CVSS 7.4): use-after-free in getaddrinfo() can cause memory corruption via spoofed DNS responses. Patch pending — limit untrusted network access. https://radar.offseq.com/threat/cve-2026-10646-use-after-free-in-zephyrproject-zep-22335ff5e2d4e43d #OffSeq #Zephyr #CVE #Security
##Zephyr 4.0.0 – 4.4.0 is affected by CVE-2026-10646 (HIGH, CVSS 7.4): use-after-free in getaddrinfo() can cause memory corruption via spoofed DNS responses. Patch pending — limit untrusted network access. https://radar.offseq.com/threat/cve-2026-10646-use-after-free-in-zephyrproject-zep-22335ff5e2d4e43d #OffSeq #Zephyr #CVE #Security
##CVE-2026-45408 - Critical Command Injection in Dokku. CVSS 9.0. No patch available. Mitigations required. Limit git push access and review app name validation. #CVE #Dokku #infosec
##CVE-2026-45408 - Critical Command Injection in Dokku. CVSS 9.0. No patch available. Mitigations required. Limit git push access and review app name validation. #CVE #Dokku #infosec
##AdvancedCLI, and multiple sensor/toolkit updates.
- **PostgreSQL updates**: Security patches (CVE-2026-6637), pg_qualstats 2.1.4, pg_stat_kcache 2.3.2, and PGDay.UK 2026 schedule.
- **Rust & Zig**: Dr.Jit 1.4, Mitsuba 3.9, and Mach Nominated Zig versions for gamedev.
- **Security vulnerabilities**: Squidbleed (CVE-2026-47729), NetBSD/pkgsrc CVEs, and TXE firmware flaws. [2/2]
🛡️ Squidbleed: Eine seit 1997 in Squid klaffende Lücke (CVE-2026-47729) ermöglicht laut Forschern das unbemerkt mögliche Leaken von HTTP-Daten über Heap-Buffer-Overread. Besonders riskant bei Klartext-Traffic (HTTP/FTP). Fix seit Squid 7.6. Details: https://www.golem.de/news/squidbleed-29-jahre-alte-luecke-in-populaerer-proxy-software-entdeckt-2606-210022.html #Security #CyberSecurity #Squid #CVE #Vulnerability
##🛡️ Squidbleed: Eine seit 1997 in Squid klaffende Lücke (CVE-2026-47729) ermöglicht laut Forschern das unbemerkt mögliche Leaken von HTTP-Daten über Heap-Buffer-Overread. Besonders riskant bei Klartext-Traffic (HTTP/FTP). Fix seit Squid 7.6. Details: https://www.golem.de/news/squidbleed-29-jahre-alte-luecke-in-populaerer-proxy-software-entdeckt-2606-210022.html #Security #CyberSecurity #Squid #CVE #Vulnerability
##Arista Patches Critical Telemetry and Authentication Flaws in EOS Network Operating System
Arista Networks has patched six vulnerabilities in its EOS operating system, including a critical flaw (CVE-2026-11705) in the telemetry agent that allows attackers to modify system data. The updates also fix policy-based authentication bypass and internal credential exposure risks in data center and cloud environments.
**First, make sure all Arista EOS management interfaces and streaming telemetry is isolated from the internet and reachable only from trusted management networks. Then update affected devices (EOS 4.31 through 4.36) to version 4.36.1F or apply Arista's telemetry agent hotfixes; As a mitigation, ensure the telemetry agent isn't running from the /usr/bin/TerminAttrRW path and remove the -cveapimode=queued flag.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/arista-patches-critical-telemetry-and-authentication-flaws-in-eos-network-operating-system-i-r-w-6-b/gD2P6Ple2L
https://thecybersecguru.com/news/cve-2026-20896-gitea-authentication-bypass-dom-xss-ssrf/
##curl Patches 25-Year-Old Vulnerability and 17 Other Flaws
curl version 8.21.0 addresses 18 vulnerabilities, including a 25-year-old authentication bypass (CVE-2026-8932) and multiple memory safety issues. The flaws primarily affect libcurl, the library used by billions of devices for data transfer.
**Plan to update your curl and libcurl installations to version 8.21.0. Since libcurl is hidden inside many apps and devices, you should check your entire software stack for outdated versions.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/curl-patches-25-year-old-vulnerability-and-17-other-flaws-o-p-3-q-6/gD2P6Ple2L
CVE-2026-8932 is the oldest #curl vulnerability reported so far. 25.25 years old. Shipped in releases since curl version 7.7, released on March 22 2001
Still rather benign and it probably hurt about three users, at most.
##RE: https://social.freedom.press/@securedrop/116805553545070289
The low priority issue we disclosed today managed to get assigned CVE-2026-50000.
Didn't include this in the writeup, but just for the purpose of keeping score, this would likely not have happened if it was written in #Rust because mutability is part of the type system, so you don't end up accidentally mutating what should be an immutable object!
https://github.com/freedomofpress/securedrop/security/advisories/GHSA-78xq-8jf3-gpfx
##CVE-2026-50160: Four Independent Weaknesses Combine Into a CVSS 10.0 Full Compromise in Hoppscotch https://www.offgridsec.com/blog-hoppscotch-cve-2026-50160.html
##