8.6.3

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44578/

thehackerwire@mastodon.social at 2026-05-13T19:07:49.000Z ##

🟠 CVE-2026-44578 - High (8.6)

Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket...

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T19:07:49.000Z ##

🟠 CVE-2026-44578 - High (8.6)

Next.js is a React framework for building full-stack web applications. From 13.4.13 to before 15.5.16 and 16.2.5, self-hosted applications using the built-in Node.js server can be vulnerable to server-side request forgery through crafted WebSocket...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44578/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44579
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-13T18:17:16.127000

2 posts

Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST requests to a server action. In affected configurations, a malicious request can trigger a request-body handling deadlock that leaves connections open f

3 repos

https://github.com/iamfarzad/fbcounsulting_v2

https://github.com/iamfarzad/fbconsulting_v0_chat

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44579/

thehackerwire@mastodon.social at 2026-05-13T19:00:39.000Z ##

🟠 CVE-2026-44579 - High (7.5)

Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST...

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T19:00:39.000Z ##

🟠 CVE-2026-44579 - High (7.5)

Next.js is a React framework for building full-stack web applications. From to before 15.5.16 and 16.2.5, applications using Partial Prerendering through the Cache Components feature can be vulnerable to connection exhaustion through crafted POST...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44579/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44183
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-05-13T17:31:40.840000

2 posts

Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the X-Forwarded-For header as the client IP. That entry is attacker-controlled — X-Forwarded-For is append-only, so the leftmost value is whatever the origi

thehackerwire@mastodon.social at 2026-05-12T18:24:26.000Z ##

🔴 CVE-2026-44183 - Critical (9.8)

Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44183/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T18:24:26.000Z ##

🔴 CVE-2026-44183 - Critical (9.8)

Cleanuparr is a tool for automating the cleanup of unwanted or blocked files in Sonarr, Radarr, and supported download clients like qBittorrent. Prior to 2.9.10, TrustedNetworkAuthenticationHandler.ResolveClientIp parses the leftmost entry of the...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44183/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42315
(8.1 HIGH)

EPSS: 0.06%

updated 2026-05-13T17:26:28.013000

1 posts

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the set_package_data() API function call inside the data object with key "_folder", there is no sanitization at all, allowing a user with Perms.MODIFY to specify arbitrary directories as download locations for a package. This vulnerability is fixed in 0.5.0b3.dev100.

thehackerwire@mastodon.social at 2026-05-11T18:24:04.000Z ##

🟠 CVE-2026-42315 - High (8.1)

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, when passing a folder name in the set_package_data() API function call inside the data object with key "_folder", there is no sanitization at all, allowi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42315/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44574
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-13T17:25:25.693000

2 posts

Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, specially crafted query parameters can alter the dynamic route value seen by the page while leaving the visible path unchanged, which can allow protected co

1 repos

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44574/

thehackerwire@mastodon.social at 2026-05-13T17:38:19.000Z ##

🟠 CVE-2026-44574 - High (8.1)

Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, spe...

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:38:19.000Z ##

🟠 CVE-2026-44574 - High (8.1)

Next.js is a React framework for building full-stack web applications. From 15.4.0 to before 15.5.16 and 16.2.5, applications that rely on middleware to protect dynamic routes can be vulnerable to authorization bypass. In affected deployments, spe...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44574/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44289
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-13T17:01:38.423000

2 posts

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs could recurse without a depth limit while decoding nested protobuf data. This affected both skipping unknown group fields and generated decoding of nested message fields. A crafted protobuf binary payload could cause the JavaScript call stack to be exhausted during decoding. This vulnerabi

thehackerwire@mastodon.social at 2026-05-13T16:21:17.000Z ##

🟠 CVE-2026-44289 - High (7.5)

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs could recurse without a depth limit while decoding nested protobuf data. This affected both skipping unknown group fields and generated d...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44289/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T16:21:17.000Z ##

🟠 CVE-2026-44289 - High (7.5)

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs could recurse without a depth limit while decoding nested protobuf data. This affected both skipping unknown group fields and generated d...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44289/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42266
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:32:31.457000

4 posts

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions_uris) is not correctly enforced by JupyterLab. The PyPI Extension Manager was not contained to packages listed on the default PyPI index. This vulnerabi

thehackerwire@mastodon.social at 2026-05-13T17:53:41.000Z ##

🟠 CVE-2026-42266 - High (8.8)

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42266/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:50:24.000Z ##

🟠 CVE-2026-42266 - High (8.8)

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42266/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:53:41.000Z ##

🟠 CVE-2026-42266 - High (8.8)

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42266/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:50:24.000Z ##

🟠 CVE-2026-42266 - High (8.8)

jupyterlab is an extensible environment for interactive and reproducible computing, based on the Jupyter Notebook Architecture. From 4.0.0 to 4.5.6, the allow-list of extensions that can be installed from PyPI Extension Manager (allowed_extensions...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42266/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42945
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

4 posts

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond it

1 repos

https://github.com/DepthFirstDisclosures/Nginx-Rift

cR0w at 2026-05-13T19:14:51.554Z ##

RE: https://infosec.exchange/@cR0w/116568840324508660

Plenty of prerequisites but worth looking into.

https://my.f5.com/manage/s/article/K000161019

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, for systems with Address Space Layout Randomization (ASLR ) disabled, code execution is possible. (CVE-2026-42945)

##

thehackerwire@mastodon.social at 2026-05-13T17:49:48.000Z ##

🟠 CVE-2026-42945 - High (8.1)

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42945/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

cR0w@infosec.exchange at 2026-05-13T19:14:51.000Z ##

RE: https://infosec.exchange/@cR0w/116568840324508660

Plenty of prerequisites but worth looking into.

https://my.f5.com/manage/s/article/K000161019

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond its control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, for systems with Address Space Layout Randomization (ASLR ) disabled, code execution is possible. (CVE-2026-42945)

##

thehackerwire@mastodon.social at 2026-05-13T17:49:48.000Z ##

🟠 CVE-2026-42945 - High (8.1)

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42945/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40698
(8.7 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

2 posts

A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell (tmsh) resulting in privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

thehackerwire@mastodon.social at 2026-05-13T18:05:12.000Z ##

🟠 CVE-2026-40698 - High (8.7)

A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell (tmsh) resulting in p...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40698/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T18:05:12.000Z ##

🟠 CVE-2026-40698 - High (8.7)

A vulnerability exists in BIG-IP and BIG-IQ systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can create SNMP configuration objects through iControl REST or the TMOS shell (tmsh) resulting in p...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40698/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41227
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

2 posts

On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase in memory consumption causing the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

thehackerwire@mastodon.social at 2026-05-13T18:02:30.000Z ##

🟠 CVE-2026-41227 - High (7.5)

On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase in memory consumption causing the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have re...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41227/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T18:02:30.000Z ##

🟠 CVE-2026-41227 - High (7.5)

On an HTTP/2 virtual server with Layer 7 DoS Protection configured, undisclosed traffic can result in an increase in memory consumption causing the Traffic Management Microkernel (TMM) process to terminate. Note: Software versions which have re...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41227/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41218
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

2 posts

When BIG-IP PEM iRules are configured on a virtual server (iRules using commands starting with CLASSIFICATION::, CLASSIFY::, PEM::, PSC::, and the urlcatquery command), undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

thehackerwire@mastodon.social at 2026-05-13T17:58:59.000Z ##

🟠 CVE-2026-41218 - High (7.5)

When BIG-IP PEM iRules are configured on a virtual server (iRules using commands starting with CLASSIFICATION::, CLASSIFY::, PEM::, PSC::, and the urlcatquery command), undisclosed traffic can cause the Traffic Management Microkernel (TMM) to term...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41218/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:58:59.000Z ##

🟠 CVE-2026-41218 - High (7.5)

When BIG-IP PEM iRules are configured on a virtual server (iRules using commands starting with CLASSIFICATION::, CLASSIFY::, PEM::, PSC::, and the urlcatquery command), undisclosed traffic can cause the Traffic Management Microkernel (TMM) to term...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41218/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41217
(7.9 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

2 posts

A vulnerability exists in an undisclosed BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with resource administrator or administrator role to execute arbitrary system commands with higher privileges. In Appliance mode deployments, a successful exploit can allow the attacker to cross a security boundary. Note: Software versions which have reached End of Technical Support

thehackerwire@mastodon.social at 2026-05-13T17:58:46.000Z ##

🟠 CVE-2026-41217 - High (7.9)

A vulnerability exists in an undisclosed BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with resource administrator or administrator role to execute arbitrary system commands with higher privileges. In Appliance mode dep...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41217/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:58:46.000Z ##

🟠 CVE-2026-41217 - High (7.9)

A vulnerability exists in an undisclosed BIG-IP TMOS Shell (tmsh) command that may allow an authenticated attacker with resource administrator or administrator role to execute arbitrary system commands with higher privileges. In Appliance mode dep...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41217/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41957
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

2 posts

An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

thehackerwire@mastodon.social at 2026-05-13T17:58:33.000Z ##

🟠 CVE-2026-41957 - High (8.8)

An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41957/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:58:33.000Z ##

🟠 CVE-2026-41957 - High (8.8)

An authenticated remote code execution vulnerability through undisclosed vectors exists in the BIG-IP and BIG-IQ Configuration utility.

Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41957/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41953
(8.7 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

2 posts

A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalation. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

thehackerwire@mastodon.social at 2026-05-13T17:55:35.000Z ##

🟠 CVE-2026-41953 - High (8.7)

A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalation. Note: Software versions which have reac...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41953/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:55:35.000Z ##

🟠 CVE-2026-41953 - High (8.7)

A vulnerability exists in BIG-IP systems where a highly privileged, authenticated attacker with at least the Resource Administrator role can modify configuration objects resulting in privilege escalation. Note: Software versions which have reac...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41953/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42930
(8.7 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

2 posts

When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP system. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

thehackerwire@mastodon.social at 2026-05-13T17:50:21.000Z ##

🟠 CVE-2026-42930 - High (8.7)

When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP system.

Note: Software versions which have reached End of Technical Support (EoTS) are not...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42930/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:50:21.000Z ##

🟠 CVE-2026-42930 - High (8.7)

When running in Appliance mode, an authenticated attacker assigned the 'Administrator' role may be able to bypass Appliance mode restrictions on a BIG-IP system.

Note: Software versions which have reached End of Technical Support (EoTS) are not...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42930/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42920
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

2 posts

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.

thehackerwire@mastodon.social at 2026-05-13T17:50:07.000Z ##

🟠 CVE-2026-42920 - High (7.5)

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.
Note: Software versions which have reached End of Technical Su...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42920/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:50:07.000Z ##

🟠 CVE-2026-42920 - High (7.5)

When a Client SSL profile is configured with Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate.
Note: Software versions which have reached End of Technical Su...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42920/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-6282
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-13T16:27:11.127000

2 posts

A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device.

thehackerwire@mastodon.social at 2026-05-13T16:19:41.000Z ##

🟠 CVE-2026-6282 - High (8.1)

A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6282/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T16:19:41.000Z ##

🟠 CVE-2026-6282 - High (8.1)

A potential improper file path validation vulnerability was reported in some Lenovo Personal Cloud Storage devices that could allow a remote authenticated user to move or access files belonging to other users on the same device.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6282/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44167
(7.5 HIGH)

EPSS: 0.02%

updated 2026-05-13T16:27:01

2 posts

### Impact Anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc) ### Patches https://github.com/phpseclib/phpseclib/commit/d53d2021bcb9f6a04d5d44ec99e6bbef219a71bc ### Workarounds No. ### References https://github.com/phpseclib/phpseclib/commit/d53d2021bcb9f6a04d5d44ec99e6bbef219a71bc

thehackerwire@mastodon.social at 2026-05-12T18:24:16.000Z ##

🟠 CVE-2026-44167 - High (7.5)

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a bypass of CVE-2024-27355. This vulnerability is fi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44167/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T18:24:16.000Z ##

🟠 CVE-2026-44167 - High (7.5)

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a bypass of CVE-2024-27355. This vulnerability is fi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44167/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44258
(0 None)

EPSS: 0.05%

updated 2026-05-13T16:10:57.817000

2 posts

efw4.X is an Enterprise Framework for Web. Prior to 4.08.010, the elfinder_checkRisk function validates target and targets for path traversal and home containment, but does not validate the dst (destination) parameter used by elfinder_paste. An attacker can copy or move files from within the home directory to any arbitrary destination by setting dst to a base64-encoded traversal path. This bypasse

offseq at 2026-05-13T06:00:25.135Z ##

🚨 CVE-2026-44258: CRITICAL OS command injection in efwGrp efw4.X (<4.08.010). Attackers can copy/move files outside home dir, bypassing controls. Upgrade to 4.08.010+ ASAP! https://radar.offseq.com/threat/cve-2026-44258-cwe-78-improper-neutralization-of-s-147a3557 #OffSeq #CVE202644258 #infosec #patchnow

##

offseq@infosec.exchange at 2026-05-13T06:00:25.000Z ##

🚨 CVE-2026-44258: CRITICAL OS command injection in efwGrp efw4.X (<4.08.010). Attackers can copy/move files outside home dir, bypassing controls. Upgrade to 4.08.010+ ASAP! https://radar.offseq.com/threat/cve-2026-44258-cwe-78-improper-neutralization-of-s-147a3557 #OffSeq #CVE202644258 #infosec #patchnow

##

CVE-2026-8108
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-13T15:52:56.850000

2 posts

The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions.

thehackerwire@mastodon.social at 2026-05-13T12:25:06.000Z ##

🟠 CVE-2026-8108 - High (7.8)

The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8108/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T12:25:06.000Z ##

🟠 CVE-2026-8108 - High (7.8)

The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8108/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45185
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-05-13T15:52:25.637000

19 posts

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitr

1 repos

https://github.com/liamromanis101/Dead.Letter-CVE-2026-45185

secdb at 2026-05-13T12:27:34.938Z ##

🚨 CVE-2026-45185 (Dead.Letter)

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.

ℹ️ Additional info on ZEN SecDB https://secdb.nttzen.cloud/cve/detail/CVE-2026-45185

#nttdata #zen #secdb #infosec
#deadletter #cve202645185 #exim #gnutls

##

sekurakbot@mastodon.com.pl at 2026-05-13T08:25:00.000Z ##

Krytyczna podatność w Eximie – serwerze pocztowym obsługującym pół Internetu. Znaleziona ze wsparciem AI.

W 2023 roku około 59% publicznych serwerów pocztowych to właśnie Exim. Właśnie załatano oraz opublikowano szczegóły podatności o ksywce Dead Letter, dzięki której atakujący mogą wykonywać kod na serwerze (RCE), bez uwierzytelnienia, w pełni zdalnie. Luka CVE-2026-45185 otrzymała “wycenę” 9.8/10 w skali CVSS. Podatne są Eximy w wersjach od 4.97...

#WBiegu #Ai #Exim #Podatność #Rce

https://sekurak.pl/krytyczna-podatnosc-w-eximie-serwerze-pocztowym-obslugujacym-pol-internetu-znaleziona-ze-wsparciem-ai/

##

undercodenews@mastodon.social at 2026-05-12T23:45:48.000Z ##

Exim Security Shock: CVE-2026-45185 Patch Reveals Dangerous Use-After-Free Flaw in GnuTLS Builds

Critical Security Update Exposes Deep Flaws in Email Infrastructure A newly disclosed vulnerability in the Exim mail transfer agent has sent shockwaves through the cybersecurity community after researchers confirmed a serious use-after-free bug tied to BDAT handling in systems built with GnuTLS. The flaw, tracked as CVE-2026-45185, affects Exim versions 4.97 through 4.99.2…

https://undercodenews.com/exim-security-shock-cve-2026-45185-patch-reveals-dangerous-use-after-free-flaw-in-gnutls-builds/?utm_source=mastodon&utm_medium=jetpack_social

##

hn50@social.lansky.name at 2026-05-12T23:20:08.000Z ##

Dead.Letter (CVE-2026-45185) – How XBOW found an unauthenticated RCE on Exim

Link: https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim
Discussion: https://news.ycombinator.com/item?id=48111748

##

campuscodi@mastodon.social at 2026-05-12T21:44:54.000Z ##

XBOW's AI found an unauth RCE in Exim, bug is being called Dead.Letter

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

Patches are out: https://www.exim.org/static/doc/security/EXIM-Security-2026-05-01.1/EXIM-Security-2026-05-01.1.txt

##

newsycombinator@framapiaf.org at 2026-05-12T19:00:29.000Z ##

Dead.Letter (CVE-2026-45185) – How XBOW found an unauthenticated RCE on Exim
Link: https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim
Comments: https://news.ycombinator.com/item?id=48111748

##

hnbot@chrispelli.fun at 2026-05-12T18:02:35.000Z ##

Dead.letter (CVE-2026-45185) Humans vs. LLM for Unauthenticated RCE Race on Exim - https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

#hackernews

##

ngate@mastodon.social at 2026-05-12T18:01:21.000Z ##

🚀 Ah, another day, another #CVE nobody asked for. Humans vs. #AI in a race to exploit #Exim, because *obviously* that's what we need—Skynet learning to hack email servers. 😂 But hey, at least the buzzwords and pentest pitches are here to save us from the tedium of actual #security work. 📉
https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim #Skynet #Hacking #HackerNews #ngated

##

h4ckernews@mastodon.social at 2026-05-12T18:01:15.000Z ##

Dead.letter (CVE-2026-45185) Humans vs. LLM for Unauthenticated RCE Race on Exim

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

#HackerNews #DeadLetter #CVE202645185 #UnauthenticatedRCE #Exim #LLMVsHumans

##

CuratedHackerNews@mastodon.social at 2026-05-12T17:58:07.000Z ##

Dead.Letter (CVE-2026-45185) – How XBOW found an unauthenticated RCE on Exim

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

##

_r_netsec at 2026-05-12T17:43:05.743Z ##

Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

##

secdb@infosec.exchange at 2026-05-13T12:27:34.000Z ##

🚨 CVE-2026-45185 (Dead.Letter)

Exim before 4.99.3, in certain GnuTLS configurations, has a remotely reachable use-after-free in the BDAT body parsing path. It is triggered when a client sends a TLS close_notify mid-body during a CHUNKING transfer, followed by a final cleartext byte on the same TCP connection. This can lead to heap corruption. An unauthenticated network attacker exploiting this vulnerability could execute arbitrary code.

ℹ️ Additional info on ZEN SecDB https://secdb.nttzen.cloud/cve/detail/CVE-2026-45185

#nttdata #zen #secdb #infosec
#deadletter #cve202645185 #exim #gnutls

##

hn50@social.lansky.name at 2026-05-12T23:20:08.000Z ##

Dead.Letter (CVE-2026-45185) – How XBOW found an unauthenticated RCE on Exim

Link: https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim
Discussion: https://news.ycombinator.com/item?id=48111748

##

campuscodi@mastodon.social at 2026-05-12T21:44:54.000Z ##

XBOW's AI found an unauth RCE in Exim, bug is being called Dead.Letter

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

Patches are out: https://www.exim.org/static/doc/security/EXIM-Security-2026-05-01.1/EXIM-Security-2026-05-01.1.txt

##

newsycombinator@framapiaf.org at 2026-05-12T19:00:29.000Z ##

Dead.Letter (CVE-2026-45185) – How XBOW found an unauthenticated RCE on Exim
Link: https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim
Comments: https://news.ycombinator.com/item?id=48111748

##

ngate@mastodon.social at 2026-05-12T18:01:21.000Z ##

🚀 Ah, another day, another #CVE nobody asked for. Humans vs. #AI in a race to exploit #Exim, because *obviously* that's what we need—Skynet learning to hack email servers. 😂 But hey, at least the buzzwords and pentest pitches are here to save us from the tedium of actual #security work. 📉
https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim #Skynet #Hacking #HackerNews #ngated

##

h4ckernews@mastodon.social at 2026-05-12T18:01:15.000Z ##

Dead.letter (CVE-2026-45185) Humans vs. LLM for Unauthenticated RCE Race on Exim

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

#HackerNews #DeadLetter #CVE202645185 #UnauthenticatedRCE #Exim #LLMVsHumans

##

CuratedHackerNews@mastodon.social at 2026-05-12T17:58:07.000Z ##

Dead.Letter (CVE-2026-45185) – How XBOW found an unauthenticated RCE on Exim

https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

##

_r_netsec@infosec.exchange at 2026-05-12T17:43:05.000Z ##

Dead.Letter (CVE-2026-45185) How XBOW found an unauthenticated RCE on Exim https://xbow.com/blog/dead-letter-cve-2026-45185-xbow-found-rce-exim

##

CVE-2026-42062
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-13T15:47:10.327000

2 posts

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required.

thehackerwire@mastodon.social at 2026-05-13T15:56:00.000Z ##

🔴 CVE-2026-42062 - Critical (9.8)

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42062/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T15:56:00.000Z ##

🔴 CVE-2026-42062 - Critical (9.8)

ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42062/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8072
(0 None)

EPSS: 0.03%

updated 2026-05-13T15:36:46.970000

1 posts

Insecure generation of credentials in the local SAT (Technical Support) access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an attacker to carry out a privilege escalation.

offseq@infosec.exchange at 2026-05-12T10:30:31.000Z ##

🔴 CVE-2026-8072 (CRITICAL, 9.2): Ingeteam Ingecon Sun EMS Board uses weak hashing for SAT access credentials, risking privilege escalation. No mitigation yet — review access and monitor for updates. https://radar.offseq.com/threat/cve-2026-8072-cwe-327-use-of-a-broken-or-risky-cry-6e7aa5de #OffSeq #ICS #Vulnerability

##

CVE-2026-25705
(8.4 HIGH)

EPSS: 0.04%

updated 2026-05-13T15:35:35.267000

2 posts

A vulnerability has been identified in [Rancher's Extensions](https://ranchermanager.docs.rancher.com/integrations-in-rancher/rancher-extensions) where malicious code can be injected in Rancher through a path traversal in the `compressedEndpoint` field inside a `UIPlugin` deployment. A malicious UI extension could abuse that to: * Overwrite Rancher binaries or configuration to inject code. *

thehackerwire@mastodon.social at 2026-05-13T16:17:16.000Z ##

🟠 CVE-2026-25705 - High (8.4)

A vulnerability has been identified in [Rancher's Extensions](https://ranchermanager.docs.rancher.com/integrations-in-rancher/rancher-extensions) where malicious code can be injected in Rancher through a path traversal in the `compressedEndpoint` ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25705/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T16:17:16.000Z ##

🟠 CVE-2026-25705 - High (8.4)

A vulnerability has been identified in [Rancher's Extensions](https://ranchermanager.docs.rancher.com/integrations-in-rancher/rancher-extensions) where malicious code can be injected in Rancher through a path traversal in the `compressedEndpoint` ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25705/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32185
(5.5 MEDIUM)

EPSS: 0.04%

updated 2026-05-13T15:34:52.573000

1 posts

Files or directories accessible to external parties in Microsoft Teams allows an unauthorized attacker to perform spoofing locally.

undercodenews@mastodon.social at 2026-05-13T14:06:16.000Z ##

Microsoft Teams Android Vulnerability (CVE-2026-32185) Exposes Local Spoofing Risk in Enterprise Environments

Introduction A newly identified security vulnerability affecting Microsoft Teams on Android has raised significant concerns across enterprise IT and cybersecurity communities. Tracked as CVE-2026-32185, the flaw reveals how weaknesses in file and directory access handling can be exploited to spoof local devices. Although no active exploitation has been…

https://undercodenews.com/microsoft-teams-android-vulnerability-cve-2026-32185-exposes-local-spoofing-risk-in-enterprise-environments/?utm_source=mastodon&utm_medium=jetpack_social

##

CVE-2026-41089
(9.8 CRITICAL)

EPSS: 0.09%

updated 2026-05-13T15:34:52.573000

4 posts

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.

netsecio@mastodon.social at 2026-05-13T13:51:40.000Z ##

📰 Microsoft's May Patch Tuesday: 137 Flaws Fixed, Including Critical Netlogon RCE

Microsoft's May Patch Tuesday is huge: 137 vulnerabilities fixed, 30 critical. No zero-days for the first time in 22 months! 🚨 Key patches for critical RCEs in Netlogon (CVE-2026-41089) and DNS Client (CVE-2026-41096). Patch now! ✅ #PatchTuesday

https://captechgroup.com/about-us/threat-intelligence-center/may-2026-patch-tuesday-fixes-51-cves-across-window-36b2ed?utm_source=mastodon&utm_medium=social&utm_campaign=threat_intel&utm_content=may-2026-patch-tuesday-fixes-51-cves-across-windows-exchange-office

##

CapTechGroup@mastodon.social at 2026-05-13T12:48:36.000Z ##

May 2026 Patch Tuesday: 137 vulnerabilities across Windows, Office, Exchange, Azure. CVE-2026-41089 (Netlogon buffer overflow) grants SYSTEM on domain controllers with no auth required. CVE-2026-41096 (DNS Client) exploitable...

##

nyanbinary at 2026-05-12T19:03:17.144Z ##

checks notes ...

Windows Netlogon Remote Code Execution
Windows DNS Client Remote Code Execution

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41089

##

nyanbinary@infosec.exchange at 2026-05-12T19:03:17.000Z ##

checks notes ...

Windows Netlogon Remote Code Execution
Windows DNS Client Remote Code Execution

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41089

##

CVE-2026-41096
(9.8 CRITICAL)

EPSS: 0.07%

updated 2026-05-13T15:34:52.573000

5 posts

Heap-based buffer overflow in Microsoft Windows DNS allows an unauthorized attacker to execute code over a network.

netsecio@mastodon.social at 2026-05-13T13:51:40.000Z ##

📰 Microsoft's May Patch Tuesday: 137 Flaws Fixed, Including Critical Netlogon RCE

Microsoft's May Patch Tuesday is huge: 137 vulnerabilities fixed, 30 critical. No zero-days for the first time in 22 months! 🚨 Key patches for critical RCEs in Netlogon (CVE-2026-41089) and DNS Client (CVE-2026-41096). Patch now! ✅ #PatchTuesday

https://captechgroup.com/about-us/threat-intelligence-center/may-2026-patch-tuesday-fixes-51-cves-across-window-36b2ed?utm_source=mastodon&utm_medium=social&utm_campaign=threat_intel&utm_content=may-2026-patch-tuesday-fixes-51-cves-across-windows-exchange-office

##

CapTechGroup@mastodon.social at 2026-05-13T12:48:36.000Z ##

May 2026 Patch Tuesday: 137 vulnerabilities across Windows, Office, Exchange, Azure. CVE-2026-41089 (Netlogon buffer overflow) grants SYSTEM on domain controllers with no auth required. CVE-2026-41096 (DNS Client) exploitable...

##

jackc@kompost.cz at 2026-05-13T06:57:23.000Z ##

Microsoft Patch Tuesday 05/2026:
- opravy 120 zranitelností ve Windows, Officech, ale také třeba Malování(!)
- 17 kritických (z toho 14x RCE)
- krom toho mnoho (130+) oprav Edge nebo Teamsů

Velmi zajímavě vypadá zranitelnost CVE-2026-41096 ve Windows DNS klientovi(!), která umožňuje vzdálené spuštění kódu podstrčením připravených DNS odpovědí. S tím bych se vyloženě bál připojit se k sítím s cizím DNS.

#kybez

##

nyanbinary at 2026-05-12T19:03:17.144Z ##

checks notes ...

Windows Netlogon Remote Code Execution
Windows DNS Client Remote Code Execution

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41089

##

nyanbinary@infosec.exchange at 2026-05-12T19:03:17.000Z ##

checks notes ...

Windows Netlogon Remote Code Execution
Windows DNS Client Remote Code Execution

https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41096
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-41089

##

CVE-2026-40361
(8.4 HIGH)

EPSS: 0.06%

updated 2026-05-13T15:34:52.573000

2 posts

Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

bontchev at 2026-05-13T08:27:06.230Z ##

updated 2026-05-13T14:54:50.290000

4 posts

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the upload_wasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink target, file size, or file format. This vulnerability is fixed in 0.x.y-security-1.

thehackerwire@mastodon.social at 2026-05-12T17:26:58.000Z ##

🟠 CVE-2026-43989 - High (8.5)

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the upload_wasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink targe...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-43989/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:21:22.000Z ##

🟠 CVE-2026-43989 - High (8.5)

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the upload_wasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink targe...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-43989/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:26:58.000Z ##

🟠 CVE-2026-43989 - High (8.5)

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the upload_wasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink targe...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-43989/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:21:22.000Z ##

🟠 CVE-2026-43989 - High (8.5)

JunoClaw is an agentic AI platform built on Juno Network. Prior to 0.x.y-security-1, the upload_wasm MCP tool accepted a filesystem path from the agent and uploaded whatever bytes the path resolved to, with no validation of location, symlink targe...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-43989/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42860
(8.5 HIGH)

EPSS: 0.03%

updated 2026-05-13T14:50:59.870000

1 posts

The Open edx Enterprise Service app provides enterprise features to the Open edX platform. From 7.0.2 to 7.0.4, the sync_provider_data endpoint in SAMLProviderDataViewSet fetches SAML metadata from a URL stored in SAMLProviderConfig.metadata_source. An authenticated user with the Enterprise Admin role can set this field to an arbitrary URL via the SAMLProviderConfigViewSet PATCH endpoint, then tri

thehackerwire@mastodon.social at 2026-05-11T18:17:42.000Z ##

🟠 CVE-2026-42860 - High (8.5)

The Open edx Enterprise Service app provides enterprise features to the Open edX platform. From 7.0.2 to 7.0.4, the sync_provider_data endpoint in SAMLProviderDataViewSet fetches SAML metadata from a URL stored in SAMLProviderConfig.metadata_sourc...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42860/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8159
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-13T14:44:31.283000

2 posts

multiparty@4.2.3 and lower versions are vulnerable to denial of service via regular expression backtracking in the Content-Disposition filename parameter parser. A crafted multipart upload with a long header value can cause regex matching to take seconds, blocking the event loop. Impact: any service accepting multipart uploads via multiparty is affected. Workarounds: limiting upload sizes at the p

thehackerwire@mastodon.social at 2026-05-12T11:59:16.000Z ##

🟠 CVE-2026-8159 - High (7.5)

multiparty@4.2.3 and lower versions are vulnerable to denial of service via regular expression backtracking in the Content-Disposition filename parameter parser. A crafted multipart upload with a long header value can cause regex matching to take ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8159/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:59:16.000Z ##

🟠 CVE-2026-8159 - High (7.5)

multiparty@4.2.3 and lower versions are vulnerable to denial of service via regular expression backtracking in the Content-Disposition filename parameter parser. A crafted multipart upload with a long header value can cause regex matching to take ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8159/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8162
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-13T14:43:47.950000

4 posts

multiparty@4.2.3 and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename* parameter contains a malformed percent-encoding, the parser invokes decodeURI on the value without try/catch. The resulting URIError propagates as an uncaught exception and crashes the process. Impact: any service

thehackerwire@mastodon.social at 2026-05-12T12:18:54.000Z ##

🟠 CVE-2026-8162 - High (7.5)

multiparty@4.2.3 and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename* parameter contains a malformed percent-encoding, the parser ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8162/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:59:01.000Z ##

🟠 CVE-2026-8162 - High (7.5)

multiparty@4.2.3 and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename* parameter contains a malformed percent-encoding, the parser ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8162/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T12:18:54.000Z ##

🟠 CVE-2026-8162 - High (7.5)

multiparty@4.2.3 and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename* parameter contains a malformed percent-encoding, the parser ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8162/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:59:01.000Z ##

🟠 CVE-2026-8162 - High (7.5)

multiparty@4.2.3 and lower versions are vulnerable to denial of service via uncaught exception. By sending a multipart/form-data request with a Content-Disposition header whose filename* parameter contains a malformed percent-encoding, the parser ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8162/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42882
(9.4 CRITICAL)

EPSS: 0.12%

updated 2026-05-13T14:19:06

1 posts

## Background The original concern is functional: a resource pattern should treat a percent-encoded segment like some%2Fvalue as a single opaque token rather than splitting it into two path segments at the decoded /. Investigation into why %2F was being decoded and how routes matched against the result surfaced three related security issues, documented below. Rather than landing a fix directly,

offseq@infosec.exchange at 2026-05-12T06:00:28.000Z ##

🚨 CVE-2026-42882 (CRITICAL): oxyno-zeta s3-proxy <5.0.0 has a path traversal bug, letting unauthenticated attackers bypass auth to access or modify protected S3 objects. Patch to v5.0.0 now! https://radar.offseq.com/threat/cve-2026-42882-cwe-22-improper-limitation-of-a-pat-5be1c7df #OffSeq #CVE202642882 #CloudSecurity #Vuln

##

CVE-2026-42864
(9.9 CRITICAL)

EPSS: 0.05%

updated 2026-05-13T14:18:25

2 posts

### Impact The `POST /api/v2/firefighter/raid/jira_bot` endpoint (`CreateJiraBotView`) is reachable without authentication (`permission_classes = [permissions.AllowAny]`). Its `attachments` payload is fetched server-side via `httpx.get()` with no URL validation, then uploaded as an attachment on the Jira ticket that gets created. An unauthenticated caller able to reach the ingress can c

offseq@infosec.exchange at 2026-05-12T07:30:31.000Z ##

🔥 CVE-2026-42864: CRITICAL vuln in ManoManoTech firefighter-incident (<0.0.54). Missing auth lets attackers fetch arbitrary URLs & exfil AWS creds if IMDSv2 not enforced. Update to 0.0.54+ & check your cloud configs! https://radar.offseq.com/threat/cve-2026-42864-cwe-306-missing-authentication-for--60c5ba57 #OffSeq #CVE202642864 #CloudSecurity

##

thehackerwire@mastodon.social at 2026-05-11T20:01:49.000Z ##

🔴 CVE-2026-42864 - Critical (9.9)

FireFighter is an incident management application. Prior to 0.0.54, the POST /api/v2/firefighter/raid/jira_bot endpoint (CreateJiraBotView) is reachable without authentication (permission_classes = [permissions.AllowAny]). Its attachments payload ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42864/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42313
(8.3 HIGH)

EPSS: 0.04%

updated 2026-05-13T14:17:50

1 posts

### Summary The `set_config_value()` API method (`@permission(Perms.SETTINGS)`) in `src/pyload/core/api/__init__.py` gates security-sensitive options behind a hand-maintained allowlist `ADMIN_ONLY_CORE_OPTIONS`. The allowlist contains `("proxy", "username")` and `("proxy", "password")` — which protect the proxy credentials — but it does **not** include `("proxy", "enabled")`, `("proxy", "host")`,

thehackerwire@mastodon.social at 2026-05-11T18:24:36.000Z ##

🟠 CVE-2026-42313 - High (8.3)

pyLoad is a free and open-source download manager written in Python. Prior to 0.5.0b3.dev100, the set_config_value() API method (@Permission(Perms.SETTINGS)) in src/pyload/core/api/__init__.py gates security-sensitive options behind a hand-maintai...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42313/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2291
(7.3 HIGH)

EPSS: 0.03%

updated 2026-05-13T14:17:14.120000

2 posts

dnsmasqs extract_name() function can be abused to cause a heap buffer overflow, allowing an attacker to inject false DNS cache entries, which could result in DNS lookups to redirect to an attacker-controlled IP address, or to cause a DoS.

michelin@hachyderm.io at 2026-05-13T19:23:12.000Z ##

If you use #dnsmasq on @fedora or @centos Stream - be aware that there are recently disclosed CVEs - https://www.kb.cert.org/vuls/id/471747

@SUSE at least rates one of them a 9.2 on the CVSS 4.0 scale

https://www.suse.com/security/cve/CVE-2026-2291.html

Fedora updates for stable releases are about to hit testing: https://bodhi.fedoraproject.org/updates/?search=dnsmasq-2.92rel2

and if you have the #CentOSHyperscale repo enabled you can `sudo dnf install centos-release-hyperscale-testing && sudo dnf update 'dnsmasq*'`

Please give feedback for the Fedora builds and for the Hyperscale ones if you give them a spin!

https://gitlab.com/CentOS/Hyperscale/rpms/dnsmasq/-/work_items/1

As of the time of posting there is no advisory from #RedHat yet

#Fedora
#CentOS
#CentOS_Stream

##

michelin@hachyderm.io at 2026-05-13T19:23:12.000Z ##

If you use #dnsmasq on @fedora or @centos Stream - be aware that there are recently disclosed CVEs - https://www.kb.cert.org/vuls/id/471747

@SUSE at least rates one of them a 9.2 on the CVSS 4.0 scale

https://www.suse.com/security/cve/CVE-2026-2291.html

Fedora updates for stable releases are about to hit testing: https://bodhi.fedoraproject.org/updates/?search=dnsmasq-2.92rel2

and if you have the #CentOSHyperscale repo enabled you can `sudo dnf install centos-release-hyperscale-testing && sudo dnf update 'dnsmasq*'`

Please give feedback for the Fedora builds and for the Hyperscale ones if you give them a spin!

https://gitlab.com/CentOS/Hyperscale/rpms/dnsmasq/-/work_items/1

As of the time of posting there is no advisory from #RedHat yet

#Fedora
#CentOS
#CentOS_Stream

##

CVE-2026-42613
(9.4 CRITICAL)

EPSS: 0.05%

updated 2026-05-13T13:52:16

1 posts

# Bug Report: Registration Privilege Escalation via Missing Server-Side Validation of groups/access ## Summary The `Login::register()` method in the Login plugin accepts attacker-controlled `groups` and `access` fields from the registration POST data without server-side validation. When registration is enabled and `groups` or `access` are included in the configured allowed fields list, an unauth

offseq@infosec.exchange at 2026-05-12T01:30:27.000Z ##

⚠️ CRITICAL: Grav CMS Login plugin (<2.0.0-beta.2) has a flaw in input validation — unauthenticated attackers can self-register as admin.super if registration is enabled. Patch to 2.0.0-beta.2+ or disable registration! CVE-2026-42613 https://radar.offseq.com/threat/cve-2026-42613-cwe-20-improper-input-validation-in-0960c87a #OffSeq #Grav #Infosec

##

CVE-2026-28910
(3.3 LOW)

EPSS: 0.01%

updated 2026-05-13T00:49:16

2 posts

This issue was addressed with improved permissions checking. This issue is fixed in macOS Tahoe 26.4. A malicious app may be able to access arbitrary files.

mysk@mastodon.social at 2026-05-13T15:35:14.000Z ##

@winterknight1337 It seems to be rubbish. The vector doesn't reflect the attack at all. For example, the attack needs user interaction, but the vector doesn't include it. Anyhow, we will publish the blog and videos soon (targeting Friday).

https://www.tenable.com/cve/CVE-2026-28910

##

mysk@mastodon.social at 2026-05-13T15:35:14.000Z ##

@winterknight1337 It seems to be rubbish. The vector doesn't reflect the attack at all. For example, the attack needs user interaction, but the vector doesn't include it. Anyhow, we will publish the blog and videos soon (targeting Friday).

https://www.tenable.com/cve/CVE-2026-28910

##

CVE-2026-41712
(7.5 HIGH)

EPSS: 0.03%

updated 2026-05-12T21:31:33

4 posts

Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users.

thehackerwire@mastodon.social at 2026-05-12T12:18:44.000Z ##

🟠 CVE-2026-41712 - High (7.5)

Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41712/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:52.000Z ##

🟠 CVE-2026-41712 - High (7.5)

Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41712/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T12:18:44.000Z ##

🟠 CVE-2026-41712 - High (7.5)

Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41712/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:52.000Z ##

🟠 CVE-2026-41712 - High (7.5)

Spring AI's chat memory component contained a problematic default that, when not explicitly overridden, could result in unintended data exposure between users.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41712/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44277
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-05-12T18:57:02.307000

6 posts

A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attacker to execute unauthorized code or commands via <insert attack vector here>

1 repos

https://github.com/0xBlackash/CVE-2026-44277

beyondmachines1 at 2026-05-13T11:01:07.371Z ##

Fortinet Patches Critical Remote Code Execution Flaws in FortiAuthenticator and FortiSandbox

Fortinet patched two critical vulnerabilities, CVE-2026-44277 and CVE-2026-26083, which allow unauthenticated attackers to execute remote code on FortiAuthenticator and FortiSandbox systems.

**Plan a very quick patch to these products, Fortinet products are constant targets of hackers. Upgrade FortiAuthenticator to 8.0.3, 6.6.9, or 6.5.7, and FortiSandbox to 5.0.2 or 4.4.9.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/fortinet-patches-critical-remote-code-execution-flaws-in-fortiauthenticator-and-fortisandbox-e-d-3-q-c/gD2P6Ple2L

##

undercodenews@mastodon.social at 2026-05-13T07:31:33.000Z ##

Fortinet Releases Emergency Security Fixes for FortiAuthenticator and FortiSandbox Remote Code Execution Flaws

Introduction Cybersecurity giant Fortinet has released urgent security patches for two critical vulnerabilities affecting its widely deployed enterprise products, FortiAuthenticator and FortiSandbox. The flaws, identified as CVE-2026-44277 and CVE-2026-26083, could allow attackers to execute arbitrary commands or malicious code on vulnerable systems without…

https://undercodenews.com/fortinet-releases-emergency-security-fixes-for-fortiauthenticator-and-fortisandbox-remote-code-execution-flaws/?utm_source=mastodon&utm_medium=jetpack_social

##

Analyst207@mastodon.social at 2026-05-12T18:28:32.000Z ##

Fortinet Disrupts Critical RCE Flaws in FortiSandbox, FortiAuthenticator

Fortinet has patched a critical remote code execution vulnerability in its FortiAuthenticator and FortiSandbox products, which could have allowed unauthenticated attackers to run unauthorized code or commands. The company has released fixed builds to address the flaw, tracked as CVE-2026-44277, and…

https://osintsights.com/fortinet-disrupts-critical-rce-flaws-in-fortisandbox-fortiauthenticator?utm_source=mastodon&utm_medium=social

#RemoteCodeExecution #Fortiauthenticator #Cve202644277 #Fortinet #IdentityAndAccessManagement

##

thehackerwire@mastodon.social at 2026-05-12T18:24:07.000Z ##

🔴 CVE-2026-44277 - Critical (9.8)

A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attacker to execute unauthorized code or commands via

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44277/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

beyondmachines1@infosec.exchange at 2026-05-13T11:01:07.000Z ##

Fortinet Patches Critical Remote Code Execution Flaws in FortiAuthenticator and FortiSandbox

Fortinet patched two critical vulnerabilities, CVE-2026-44277 and CVE-2026-26083, which allow unauthenticated attackers to execute remote code on FortiAuthenticator and FortiSandbox systems.

**Plan a very quick patch to these products, Fortinet products are constant targets of hackers. Upgrade FortiAuthenticator to 8.0.3, 6.6.9, or 6.5.7, and FortiSandbox to 5.0.2 or 4.4.9.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/fortinet-patches-critical-remote-code-execution-flaws-in-fortiauthenticator-and-fortisandbox-e-d-3-q-c/gD2P6Ple2L

##

thehackerwire@mastodon.social at 2026-05-12T18:24:07.000Z ##

🔴 CVE-2026-44277 - Critical (9.8)

A improper access control vulnerability in Fortinet FortiAuthenticator 8.0.2, FortiAuthenticator 8.0.0, FortiAuthenticator 6.6.0 through 6.6.8, FortiAuthenticator 6.5.0 through 6.5.6 may allow attacker to execute unauthorized code or commands via

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44277/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26083
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-05-12T18:30:45

3 posts

A missing authorization vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.1, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox Cloud 5.0.2 through 5.0.5, FortiSandbox PaaS 23.4 all versions, FortiSandbox PaaS 23.3 all versions, FortiSandbox PaaS 23.1 all versions, FortiSandbox PaaS 22.2 all versions, FortiSandbox PaaS 22.1 all versions, FortiSandbox PaaS 21.4 all versions, FortiSandbox PaaS 21

beyondmachines1 at 2026-05-13T11:01:07.371Z ##

Fortinet Patches Critical Remote Code Execution Flaws in FortiAuthenticator and FortiSandbox

Fortinet patched two critical vulnerabilities, CVE-2026-44277 and CVE-2026-26083, which allow unauthenticated attackers to execute remote code on FortiAuthenticator and FortiSandbox systems.

**Plan a very quick patch to these products, Fortinet products are constant targets of hackers. Upgrade FortiAuthenticator to 8.0.3, 6.6.9, or 6.5.7, and FortiSandbox to 5.0.2 or 4.4.9.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/fortinet-patches-critical-remote-code-execution-flaws-in-fortiauthenticator-and-fortisandbox-e-d-3-q-c/gD2P6Ple2L

##

undercodenews@mastodon.social at 2026-05-13T07:31:33.000Z ##

Fortinet Releases Emergency Security Fixes for FortiAuthenticator and FortiSandbox Remote Code Execution Flaws

Introduction Cybersecurity giant Fortinet has released urgent security patches for two critical vulnerabilities affecting its widely deployed enterprise products, FortiAuthenticator and FortiSandbox. The flaws, identified as CVE-2026-44277 and CVE-2026-26083, could allow attackers to execute arbitrary commands or malicious code on vulnerable systems without…

https://undercodenews.com/fortinet-releases-emergency-security-fixes-for-fortiauthenticator-and-fortisandbox-remote-code-execution-flaws/?utm_source=mastodon&utm_medium=jetpack_social

##

beyondmachines1@infosec.exchange at 2026-05-13T11:01:07.000Z ##

Fortinet Patches Critical Remote Code Execution Flaws in FortiAuthenticator and FortiSandbox

Fortinet patched two critical vulnerabilities, CVE-2026-44277 and CVE-2026-26083, which allow unauthenticated attackers to execute remote code on FortiAuthenticator and FortiSandbox systems.

**Plan a very quick patch to these products, Fortinet products are constant targets of hackers. Upgrade FortiAuthenticator to 8.0.3, 6.6.9, or 6.5.7, and FortiSandbox to 5.0.2 or 4.4.9.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/fortinet-patches-critical-remote-code-execution-flaws-in-fortiauthenticator-and-fortisandbox-e-d-3-q-c/gD2P6Ple2L

##

CVE-2025-35979(CVSS UNKNOWN)

EPSS: 0.01%

updated 2026-05-12T18:30:44

1 posts

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution for some Intel(R) Processors within VMX non-root (guest) operation may allow an information disclosure. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable data exposure. This result may potentially occur via local access

justingarrison.com@bsky.brid.gy at 2026-05-13T17:20:54.814Z ##

Your hardware's software has CVEs too! www.cve.org/CVERecord?id...

cve.org/CVERecord?id=C...

##

CVE-2026-28972
(6.5 MEDIUM)

EPSS: 0.04%

updated 2026-05-12T18:30:37

2 posts

An out-of-bounds write issue was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, visionOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination or write kernel memory.

xint at 2026-05-12T16:26:15.798Z ##

Here is a brief overview of two kernel-level vulnerabilities uncovered by Xint Code in iOS and iPadOS and now patched: CVE-2026-28972 and CVE-2026-28986
https://xint.io/blog/kernel-vulnerabilities-ios-ipados

##

xint@infosec.exchange at 2026-05-12T16:26:15.000Z ##

Here is a brief overview of two kernel-level vulnerabilities uncovered by Xint Code in iOS and iPadOS and now patched: CVE-2026-28972 and CVE-2026-28986
https://xint.io/blog/kernel-vulnerabilities-ios-ipados

##

CVE-2026-6722
(9.8 CRITICAL)

EPSS: 0.23%

updated 2026-05-12T17:48:21.643000

2 posts

In PHP versions 8.2.* before 8.2.31, 8.3.* before 8.3.31, 8.4.* before 8.4.21, and 8.5.* before 8.5.6, the SOAP extension's object deduplication mechanism stores pointers to PHP objects in a global map without incrementing their reference counts. When an apache:Map node contains duplicate keys, processing the second entry overwrites the first in the temporary result map, freeing the original PHP o

beyondmachines1 at 2026-05-13T08:01:07.919Z ##

Critical PHP SOAP Extension Vulnerabilities Enable Remote Code Execution

PHP released emergency updates to fix five vulnerabilities, including two critical use-after-free flaws (CVE-2026-6722 and CVE-2026-7261) that allow unauthenticated remote code execution via the SOAP extension.

**If you run PHP on your web servers, update immediately to version 8.2.31, 8.3.31, 8.4.21, or 8.5.6. If you can't patch right away, disable the SOAP extension as a temporary measure until the update is applied.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-php-soap-extension-vulnerabilities-enable-remote-code-execution-g-4-t-d-9/gD2P6Ple2L

##

beyondmachines1@infosec.exchange at 2026-05-13T08:01:07.000Z ##

Critical PHP SOAP Extension Vulnerabilities Enable Remote Code Execution

PHP released emergency updates to fix five vulnerabilities, including two critical use-after-free flaws (CVE-2026-6722 and CVE-2026-7261) that allow unauthenticated remote code execution via the SOAP extension.

**If you run PHP on your web servers, update immediately to version 8.2.31, 8.3.31, 8.4.21, or 8.5.6. If you can't patch right away, disable the SOAP extension as a temporary measure until the update is applied.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-php-soap-extension-vulnerabilities-enable-remote-code-execution-g-4-t-d-9/gD2P6Ple2L

##

CVE-2026-8177
(7.5 HIGH)

EPSS: 0.02%

updated 2026-05-12T16:48:58.260000

1 posts

XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences. A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the end of the input string into adjacent heap memory. Any Perl process that passes attacker controlled strings to XML::LibXML's DOM node-name methods can r

thehackerwire@mastodon.social at 2026-05-11T18:24:47.000Z ##

🟠 CVE-2026-8177 - High (7.5)

XML::LibXML versions through 2.0210 for Perl read out-of-bounds heap memory when parsing XML node names containing truncated UTF-8 byte sequences.

A node name ending in the middle of a multi byte UTF-8 sequence causes the parser to read past the ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8177/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-6001
(8.8 HIGH)

EPSS: 0.04%

updated 2026-05-12T16:47:58.570000

2 posts

Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers. This issue affects BAPSİS: before v.202604152042.

thehackerwire@mastodon.social at 2026-05-12T11:59:07.000Z ##

🟠 CVE-2026-6001 - High (8.8)

Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers.

This issue affects BAPSİS: before v.202604152042.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6001/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:59:07.000Z ##

🟠 CVE-2026-6001 - High (8.8)

Authorization bypass through User-Controlled key vulnerability in ABIS Technology Ltd. Co. BAPSİS allows Exploitation of Trusted Identifiers.

This issue affects BAPSİS: before v.202604152042.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6001/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8043
(9.6 CRITICAL)

EPSS: 0.09%

updated 2026-05-12T16:38:24.040000

4 posts

External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side attacks.

nyanbinary at 2026-05-12T16:22:52.138Z ##

til that Ivanti doesn't just make insecure endpoint management software. they also make insecure reporting software :neobot_giggle:

https://nvd.nist.gov/vuln/detail/cve-2026-8043

##

thehackerwire@mastodon.social at 2026-05-12T15:24:31.000Z ##

🔴 CVE-2026-8043 - Critical (9.6)

External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8043/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

nyanbinary@infosec.exchange at 2026-05-12T16:22:52.000Z ##

til that Ivanti doesn't just make insecure endpoint management software. they also make insecure reporting software :neobot_giggle:

https://nvd.nist.gov/vuln/detail/cve-2026-8043

##

thehackerwire@mastodon.social at 2026-05-12T15:24:31.000Z ##

🔴 CVE-2026-8043 - Critical (9.6)

External control of a file name in Ivanti Xtraction before version 2026.2 allows a remote authenticated attacker to read sensitive files and write arbitrary HTML files to a web directory, leading to information disclosure and possible client-side ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8043/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28986
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-12T15:32:40

2 posts

A race condition was addressed with additional validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, iOS 26.5 and iPadOS 26.5, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5, tvOS 26.5, watchOS 26.5. An app may be able to cause unexpected system termination.

xint at 2026-05-12T16:26:15.798Z ##

Here is a brief overview of two kernel-level vulnerabilities uncovered by Xint Code in iOS and iPadOS and now patched: CVE-2026-28972 and CVE-2026-28986
https://xint.io/blog/kernel-vulnerabilities-ios-ipados

##

xint@infosec.exchange at 2026-05-12T16:26:15.000Z ##

Here is a brief overview of two kernel-level vulnerabilities uncovered by Xint Code in iOS and iPadOS and now patched: CVE-2026-28972 and CVE-2026-28986
https://xint.io/blog/kernel-vulnerabilities-ios-ipados

##

CVE-2026-8111
(8.8 HIGH)

EPSS: 0.32%

updated 2026-05-12T15:31:52

2 posts

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.

thehackerwire@mastodon.social at 2026-05-12T15:24:13.000Z ##

🟠 CVE-2026-8111 - High (8.8)

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8111/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:24:13.000Z ##

🟠 CVE-2026-8111 - High (8.8)

SQL injection in the web console of Ivanti Endpoint Manager before version 2024 SU6 allows a remote authenticated attacker to achieve remote code execution.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8111/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8110
(7.8 HIGH)

EPSS: 0.02%

updated 2026-05-12T15:31:49

4 posts

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.

thehackerwire@mastodon.social at 2026-05-12T16:35:38.000Z ##

🟠 CVE-2026-8110 - High (7.8)

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8110/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:25:49.000Z ##

🟠 CVE-2026-8110 - High (7.8)

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8110/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T16:35:38.000Z ##

🟠 CVE-2026-8110 - High (7.8)

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8110/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:25:49.000Z ##

🟠 CVE-2026-8110 - High (7.8)

Incorrect permissions assignment in the agent of Ivanti Endpoint Manager before version 2024 SU6 allows a local authenticated attacker to escalate their privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8110/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-35071
(8.2 HIGH)

EPSS: 0.03%

updated 2026-05-12T15:31:49

2 posts

Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.

thehackerwire@mastodon.social at 2026-05-12T15:00:28.000Z ##

🟠 CVE-2026-35071 - High (8.2)

Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit t...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-35071/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:00:28.000Z ##

🟠 CVE-2026-35071 - High (8.2)

Dell PowerScale InsightIQ, versions 6.0.0 through 6.2.0, contains an improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit t...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-35071/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-7432
(7.8 HIGH)

EPSS: 0.03%

updated 2026-05-12T15:31:48

2 posts

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM

thehackerwire@mastodon.social at 2026-05-12T15:24:22.000Z ##

🟠 CVE-2026-7432 - High (7.8)

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7432/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:24:22.000Z ##

🟠 CVE-2026-7432 - High (7.8)

A race condition in Ivanti Secure Access Client before 22.8R6 allows a locally authenticated user to escalate privileges to SYSTEM

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7432/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-31431
(7.8 HIGH)

EPSS: 2.57%

updated 2026-05-12T15:31:18

1 posts

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just

100 repos

https://github.com/ExploitEoom/CVE-2026-31431

https://github.com/rvizx/CVE-2026-31431

https://github.com/iss4cf0ng/CVE-2026-31431-Linux-Copy-Fail

https://github.com/KanbaraAkihito/CVE-2026-31431-copyfail-rs

https://github.com/SilverRuler/copy-fail-CVE-2026-31431

https://github.com/Linux-zs/cve-2026-31431-mitigation

https://github.com/kvakirsanov/CVE-2026-31431-live-process-code-injection

https://github.com/ncmprbll/copy-fail-rs

https://github.com/Smarttfoxx/copyfail

https://github.com/Dabbleam/CVE-2026-31431-mitigation

https://github.com/lonelyor/CVE-2026-31431-exp

https://github.com/yxdm02/CVE-2026-31431

https://github.com/Percivalll/Copy-Fail-CVE-2026-31431-Statically-PoC

https://github.com/scriptzteam/Paranoid-Copy-Fail-CVE-2026-31431

https://github.com/wgnet/wg.copyfail.patch

https://github.com/atgreen/block-copyfail

https://github.com/Xerxes-2/CVE-2026-31431-rs

https://github.com/freelabz/CVE-2026-31431

https://github.com/pascal-gujer/CVE-2026-31431

https://github.com/cozystack/copy-fail-blocker

https://github.com/badsectorlabs/copyfail-go

https://github.com/samanzamani/copy-fail-checker

https://github.com/attaattaatta/CVE-2026-43500

https://github.com/Crihexe/copy-fail-tiny-elf-CVE-2026-31431

https://github.com/wuwu001/CVE-2026-31431-exploit

https://github.com/painoob/Copy-Fail-Exploit-CVE-2026-31431

https://github.com/pedromizz/copy-fail

https://github.com/bigwario/copy-fail-CVE-2026-31431-C

https://github.com/SeanRickerd/cve-2026-31431

https://github.com/gbonacini/CVE-2026-31431

https://github.com/wesmar/CVE-2026-31431

https://github.com/Huchangzhi/autorootlinux

https://github.com/infiniroot/ansible-mitigate-copyfail-dirtyfrag

https://github.com/EynaExp/Copy-Fail-CVE-2026-31431-modernized

https://github.com/darioomatos/cve-2026-31431-copyfail

https://github.com/mCub3/CVE-2026-31431

https://github.com/XsanFlip/CVE-2026-31431-Patch

https://github.com/tgies/copy-fail-c

https://github.com/Alfredooe/CVE-2026-31431

https://github.com/desultory/CVE-2026-31431

https://github.com/mahdi13830510/CVE-2026-31431-mitigation-suite

https://github.com/bootsareme/copyfail-deconstructed

https://github.com/rootsecdev/cve_2026_31431

https://github.com/ashok523/cve-2026-31431

https://github.com/qi4L/CVE-2026-31431-Container-Escape

https://github.com/diemoeve/copyfail-rs

https://github.com/G01d3nW01f/CVE-2026-31431

https://github.com/Sl4cK0TH/CVE-2026-31431-PoC

https://github.com/sudoytang/copyfail-arm64

https://github.com/krisiasty/vcheck

https://github.com/yandex-cloud-examples/yc-mk8s-copy-fail-mitigation

https://github.com/AdityaBhatt3010/CVE-2026-31431

https://github.com/Dullpurple-sloop726/CVE-2026-31431-Linux-Copy-Fail

https://github.com/suominen/CVE-2026-31431

https://github.com/KaraZajac/DIRTYFAIL

https://github.com/polyakovavv/copyfail

https://github.com/ben-slates/CVE-2026-31431-Exploit

https://github.com/adysec/cve-2026-31431

https://github.com/sgkdev/page_inject

https://github.com/sec17br/CVE-2026-31431-Copy-Fail

https://github.com/malwarekid/CVE-2026-31431

https://github.com/0xShe/CVE-2026-31431

https://github.com/cyber-joker/copy-fail-python

https://github.com/xn0kkx/CVE-2026-31431_CopyFail_LinuxKernel_LPE

https://github.com/toxy4ny/copy-fail-exploit-on-c-redteam

https://github.com/MartinPham/copy-fail-CVE-2026-31431-php

https://github.com/beatbeast007/Linux-CopyFail-C-Version-CVE-2026-31431

https://github.com/vishwanathakuthota/copy-fail-CVE-2026-31431

https://github.com/Boos4721/copyfail-rs

https://github.com/gagaltotal/cve-2026-31431-copy-fail

https://github.com/ochebotar/copy-fail-CVE-2026-31431-detection-probe

https://github.com/JuanBindez/CVE-2026-31431

https://github.com/0xBlackash/CVE-2026-31431

https://github.com/shadowabi/CVE-2026-31431-CopyFail-Universal-LPE

https://github.com/ZephrFish/CopyFail-CVE-2026-31431

https://github.com/M4xSec/CVE-2026-31431-RCE-Exploit

https://github.com/H1d3r/copy-fail_LPE_Interactive

https://github.com/abdullaabdullazade/CVE-2026-31431

https://github.com/AliHzSec/CVE-2026-31431

https://github.com/kadir/copy-fail-CVE-2026-31431-IOC

https://github.com/aestechno/cve-2026-31431-ansible

https://github.com/Percivalll/Copy-Fail-CVE-2026-31431-Kubernetes-PoC

https://github.com/professional-slacker/alg_check

https://github.com/ErdemOzgen/copy-fail-cve-2026-31431

https://github.com/theori-io/copy-fail-CVE-2026-31431

https://github.com/Sndav/CVE-2026-31431-Advanced-Exploit

https://github.com/jbnetwork-git/copy-fail-check

https://github.com/wvverez/CVE-2026-31431-Copy-Fail

https://github.com/0xN7y/CVE-2026-31431

https://github.com/philfry/cve-2026-31431-ftrace

https://github.com/liamromanis101/CVE-2026-31431-Copy-Fail---Vulnerability-Detection-Script

https://github.com/rfxn/copyfail

https://github.com/RoflSecurity/copy_fail

https://github.com/povzayd/CVE-2026-31431

https://github.com/b5null/CVE-2026-31431-C

https://github.com/sammwyy/copyfail-rs

https://github.com/mrunalp/block-copyfail

https://github.com/MrAriaNet/cPanel-Fix

https://github.com/Webhosting4U/Copy-Fail_Detect_and_mitigate_CVE-2026-31431

https://github.com/Shotafry/CopyFail-Exploits-CVE-2026-31431

linux@activitypub.awakari.com at 2026-05-12T08:00:00.000Z ## Copy Fail and Dirty Frag: Linux Page-Cache Exploits Target Every Major Distribution Two recent Linux kernel vulnerabilities have been disclosed: Copy Fail (CVE-2026-31431) on April 29, 2026, and Di...

#Linux #Security #Vulnerabilities #DevOps #news

Origin | Interest | Match ##

CVE-2026-7256
(8.8 HIGH)

EPSS: 0.83%

updated 2026-05-12T15:11:29.503000

2 posts

** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device by sending a crafted HTTP request.

thehackerwire@mastodon.social at 2026-05-12T17:30:08.000Z ##

🟠 CVE-2026-7256 - High (8.8)

** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7256/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:30:08.000Z ##

🟠 CVE-2026-7256 - High (8.8)

** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00(ABDV.3)C0 could allow an adjacent attacker on the LAN to execute operating system (OS) commands on a vulnerable device ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7256/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44295
(8.7 HIGH)

EPSS: 0.00%

updated 2026-05-12T15:06:24

2 posts

## Summary `pbjs` static code generation could emit unsafe JavaScript identifiers derived from schema-controlled names. When generating static JavaScript from a crafted schema or JSON descriptor, certain namespace, enum, service, or derived full names could be written into the generated output without sufficient sanitization. ## Impact An attacker who can provide or influence schemas passed to

thehackerwire@mastodon.social at 2026-05-13T16:19:51.000Z ##

🟠 CVE-2026-44295 - High (8.7)

protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.2.1 and 2.0.2, pbjs static code generation could emit unsafe JavaScript identifiers derived from schema-controlled names. When generating static JavaScript from a crafted schema...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44295/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T16:19:51.000Z ##

🟠 CVE-2026-44295 - High (8.7)

protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.2.1 and 2.0.2, pbjs static code generation could emit unsafe JavaScript identifiers derived from schema-controlled names. When generating static JavaScript from a crafted schema...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44295/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44291
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-12T15:01:25

2 posts

## Summary protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If `Object.prototype` had already been polluted, those lookup tables could resolve attacker-controlled inherited properties as valid protobuf type information. This could cause attacker-controlled strings to be emitted into generated JavaScript code.

thehackerwire@mastodon.social at 2026-05-13T16:21:35.000Z ##

🟠 CVE-2026-44291 - High (8.1)

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.pro...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44291/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T16:21:35.000Z ##

🟠 CVE-2026-44291 - High (8.1)

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs used plain objects with inherited prototypes for internal type lookup tables used by generated encode and decode functions. If Object.pro...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44291/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44290
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-12T15:01:15

2 posts

## Summary protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or JSON descriptor could cause option handling to write to properties on global JavaScript constructors, corrupting process-wide built-in functionality. ## Impact An attacker who can provide or influence protobuf schemas or JSON descriptors

thehackerwire@mastodon.social at 2026-05-13T16:21:26.000Z ##

🟠 CVE-2026-44290 - High (7.5)

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44290/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T16:21:26.000Z ##

🟠 CVE-2026-44290 - High (7.5)

protobufjs compiles protobuf definitions into JavaScript (JS) functions. Prior to 7.5.6 and 8.0.2, protobufjs allowed certain schema option paths to traverse through inherited object properties while applying options. A crafted protobuf schema or ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44290/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42290
(7.8 HIGH)

EPSS: 0.00%

updated 2026-05-12T14:59:46

2 posts

## Summary `pbts` invoked JSDoc by building a shell command string from input file paths and executing it through `child_process.exec`. File paths containing shell metacharacters could therefore be interpreted by the shell instead of being passed to JSDoc as plain arguments. ## Impact An attacker who can control file names or paths passed to `pbts` may be able to execute arbitrary shell command

thehackerwire@mastodon.social at 2026-05-13T17:50:32.000Z ##

🟠 CVE-2026-42290 - High (7.8)

protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.2.1 and 2.0.2, pbts invoked JSDoc by building a shell command string from input file paths and executing it through child_process.exec. File paths containing shell metacharacter...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42290/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:50:32.000Z ##

🟠 CVE-2026-42290 - High (7.8)

protobufjs-cli is the command line add-on for protobuf.js. Prior to 1.2.1 and 2.0.2, pbts invoked JSDoc by building a shell command string from input file paths and executing it through child_process.exec. File paths containing shell metacharacter...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42290/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25787
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-05-12T14:19:41.400000

3 posts

Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a benign user with appropriate rights accesses the "Motion Control Diagnostics" parameters pa

netsecio@mastodon.social at 2026-05-13T13:51:54.000Z ##

📰 Siemens Patches Critical Flaws in SIMATIC S7 PLCs, RUGGEDCOM Devices

Siemens drops 18 security advisories for ICS Patch Tuesday, fixing critical flaws in SIMATIC S7 PLCs and RUGGEDCOM devices. Key bugs (CVE-2026-25786, CVE-2026-25787) could lead to device takeover. 🏭 #ICSsecurity #OTsecurity #Siemens #PLC

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25787/

##

thehackerwire@mastodon.social at 2026-05-12T15:04:58.000Z ##

🔴 CVE-2026-25787 - Critical (9.1)

Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into ...

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:04:58.000Z ##

🔴 CVE-2026-25787 - Critical (9.1)

Affected devices do not properly validate and sanitize Technology Object (TO) name rendered on the "Motion Control Diagnostics" page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25787/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34260
(9.6 CRITICAL)

EPSS: 0.01%

updated 2026-05-12T14:19:41.400000

5 posts

SAP S/4HANA (SAP Enterprise Search for ABAP) contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user input into SQL queries, which are then passed to the underlying database without proper validation or sanitization. Upon successful exploitation, an attac

thehackerwire@mastodon.social at 2026-05-12T18:05:16.000Z ##

🔴 CVE-2026-34260 - Critical (9.6)

SAP S/4HANA (SAP Enterprise Search for ABAP) contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user i...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34260/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

beyondmachines1 at 2026-05-12T17:01:08.461Z ##

SAP Security Patch Day May 2026: Critical RCE and SQL Injection Flaws

SAP's May 2026 security update addresses 15 vulnerabilities, including two critical flaws (CVE-2026-34263 and CVE-2026-34260) that allow unauthenticated remote code execution and SQL injection.

**If you are using SAP products, review the advisory in detail. Prioritize patching the critical missing authentication check in SAP Commerce Cloud and the critical SQL injection vulnerability in SAP S/4HANA Enterprise Search for ABAP, followed by the high-severity OS command injection in SAP Forecasting & Replenishment. Then review the rest of the issues.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/sap-security-patch-day-may-2026-critical-rce-and-sql-injection-flaws-w-6-7-x-n/gD2P6Ple2L

##

thehackerwire@mastodon.social at 2026-05-12T18:05:16.000Z ##

🔴 CVE-2026-34260 - Critical (9.6)

SAP S/4HANA (SAP Enterprise Search for ABAP) contains a SQL injection vulnerability that allows an authenticated attacker to inject malicious SQL statements through user-controlled input. The application directly concatenates this malicious user i...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34260/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

beyondmachines1@infosec.exchange at 2026-05-12T17:01:08.000Z ##

SAP Security Patch Day May 2026: Critical RCE and SQL Injection Flaws

SAP's May 2026 security update addresses 15 vulnerabilities, including two critical flaws (CVE-2026-34263 and CVE-2026-34260) that allow unauthenticated remote code execution and SQL injection.

**If you are using SAP products, review the advisory in detail. Prioritize patching the critical missing authentication check in SAP Commerce Cloud and the critical SQL injection vulnerability in SAP S/4HANA Enterprise Search for ABAP, followed by the high-severity OS command injection in SAP Forecasting & Replenishment. Then review the rest of the issues.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/sap-security-patch-day-may-2026-critical-rce-and-sql-injection-flaws-w-6-7-x-n/gD2P6Ple2L

##

offseq@infosec.exchange at 2026-05-12T04:30:30.000Z ##

🚨 CRITICAL: SQL injection (CVE-2026-34260, CVSS 9.6) in SAP S/4HANA (SAP_BASIS 751-816). Authenticated attackers can access sensitive data & crash apps. No patch yet — restrict access & monitor logs. https://radar.offseq.com/threat/cve-2026-34260-cwe-89-improper-neutralization-of-s-4864cd58 #OffSeq #SAP #Infosec #SQLInjection

##

CVE-2025-40946
(8.3 HIGH)

EPSS: 0.02%

updated 2026-05-12T14:19:41.400000

2 posts

A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 105 TL3 (All versions), blueplanet 105 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 110 TL3 (All versions), blueplanet 125 NX3 M11 (All versions), blueplanet 125 TL3 (All versions), blueplanet 125 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 137 TL3 (All ve

thehackerwire@mastodon.social at 2026-05-12T17:27:26.000Z ##

🟠 CVE-2025-40946 - High (8.3)

A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 105 TL3 (All versions), blueplanet 105 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 110 TL3 (All ver...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40946/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:27:26.000Z ##

🟠 CVE-2025-40946 - High (8.3)

A vulnerability has been identified in blueplanet 100 NX3 M8 (All versions), blueplanet 100 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 105 TL3 (All versions), blueplanet 105 TL3 GEN2 (All versions < V6.1.4.9), blueplanet 110 TL3 (All ver...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40946/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22924
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-05-12T14:19:41.400000

2 posts

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions. This could allow an attacker to disrupt normal operations or perform unauthorized actions, potentially impacting system availability and integrity.

thehackerwire@mastodon.social at 2026-05-12T17:21:36.000Z ##

🔴 CVE-2026-22924 - Critical (9.1)

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions.
This could allow an attacker to...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22924/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:21:36.000Z ##

🔴 CVE-2026-22924 - Critical (9.1)

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application does not properly restrict unauthenticated connections and is susceptible to resource exhaustion conditions.
This could allow an attacker to...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22924/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22925
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-12T14:19:41.400000

2 posts

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application is susceptible to resource exhaustion when subjected to high volume of TCP SYN packets This could allow an attacker to render the service unavailable and cause denial-of-service conditions by overwhelming system resources.

thehackerwire@mastodon.social at 2026-05-12T15:01:59.000Z ##

🟠 CVE-2026-22925 - High (7.5)

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application is susceptible to resource exhaustion when subjected to high volume of TCP SYN packets
This could allow an attacker to render the service un...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22925/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:01:59.000Z ##

🟠 CVE-2026-22925 - High (7.5)

A vulnerability has been identified in SIMATIC CN 4100 (All versions < V5.0). The affected application is susceptible to resource exhaustion when subjected to high volume of TCP SYN packets
This could allow an attacker to render the service un...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22925/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27662
(7.7 HIGH)

EPSS: 0.03%

updated 2026-05-12T14:19:41.400000

2 posts

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place. This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potentially enabling the discovery of backdoors, performing unauthorized actions, or exploiting misconfigurations that may lead to further system compromise.

thehackerwire@mastodon.social at 2026-05-12T15:01:38.000Z ##

🟠 CVE-2026-27662 - High (7.7)

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place.
This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potenti...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27662/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:01:38.000Z ##

🟠 CVE-2026-27662 - High (7.7)

Affected devices do not properly restrict access to the web browser via the Control Panel when no corresponding security mechanisms are in place.
This could allow an unauthenticated attacker to gain unauthorized access to the web browser, potenti...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27662/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44412
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-12T14:19:41.400000

2 posts

A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files. This could allow an attacker to execute code in the context of the current process.

thehackerwire@mastodon.social at 2026-05-12T13:05:16.000Z ##

🟠 CVE-2026-44412 - High (7.8)

A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected applications contain a stack based overflow vulnerability while parsing specially crafted PAR files.
This could allow an attacker to execut...

updated 2026-05-12T14:10:27.343000

1 posts

In the Linux kernel, the following vulnerability has been resolved: rust_binder: check ownership before using vma When installing missing pages (or zapping them), Rust Binder will look up the vma in the mm by address, and then call vm_insert_page (or zap_page_range_single). However, if the vma is closed and replaced with a different vma at the same address, this can lead to Rust Binder installin

thehackerwire@mastodon.social at 2026-05-11T18:00:36.000Z ##

🟠 CVE-2026-43434 - High (7.8)

In the Linux kernel, the following vulnerability has been resolved:

rust_binder: check ownership before using vma

When installing missing pages (or zapping them), Rust Binder will look
up the vma in the mm by address, and then call vm_insert_pag...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-43434/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43441
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-12T14:10:27.343000

1 posts

In the Linux kernel, the following vulnerability has been resolved: net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never initialized because inet6_init() exits before ndisc_init() is called which initializes it. If bonding ARP/NS validation is enabled, an IPv6 NS/NA packet received on a slave can reach bond_validate

thehackerwire@mastodon.social at 2026-05-11T18:00:12.000Z ##

🟠 CVE-2026-43441 - High (7.5)

In the Linux kernel, the following vulnerability has been resolved:

net: bonding: Fix nd_tbl NULL dereference when IPv6 is disabled

When booting with the 'ipv6.disable=1' parameter, the nd_tbl is never
initialized because inet6_init() exits befo...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-43441/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45213
(7.6 HIGH)

EPSS: 0.03%

updated 2026-05-12T14:03:52.757000

4 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through <= 1.1.7.1.

thehackerwire@mastodon.social at 2026-05-12T12:07:13.000Z ##

🟠 CVE-2026-45213 - High (7.6)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through <= 1.1.7.1.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45213/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:31.000Z ##

🟠 CVE-2026-45213 - High (7.6)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through <= 1.1.7.1.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45213/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T12:07:13.000Z ##

🟠 CVE-2026-45213 - High (7.6)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through <= 1.1.7.1.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45213/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:31.000Z ##

🟠 CVE-2026-45213 - High (7.6)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 BEAR woo-bulk-editor allows Blind SQL Injection.This issue affects BEAR: from n/a through <= 1.1.7.1.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45213/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42742
(8.5 HIGH)

EPSS: 0.03%

updated 2026-05-12T14:03:52.757000

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views for WPForms: from n/a through <= 3.4.6.

thehackerwire@mastodon.social at 2026-05-12T11:55:19.000Z ##

🟠 CVE-2026-42742 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views for WPForms: from n/a through <= 3.4.6.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42742/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:55:19.000Z ##

🟠 CVE-2026-42742 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Views for WPForms views-for-wpforms-lite allows Blind SQL Injection.This issue affects Views for WPForms: from n/a through <= 3.4.6.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42742/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2019-14192
(9.8 CRITICAL)

EPSS: 0.38%

updated 2026-05-12T12:32:32

4 posts

An issue was discovered in Das U-Boot through 2019.07. There is an unbounded memcpy when parsing a UDP packet due to a net_process_received_packet integer underflow during an nc_input_packet call.

allainyann@piaille.fr at 2026-05-13T13:25:12.000Z ##

@eshard Very clever write-up from @eshard team on adding a missing USB-Ethernet peripheral to QEMU (SMSC LAN9514) to enable Time Travel Analysis of CVE-2019-14192 on unmodified RPi 3B+ U-Boot firmware.

Using the U-Boot driver as the hardware spec is such an elegant trick. Sparked some ideas for things I'm working on. Thanks for sharing it !

https://www.eshard.com/blog/u-boot-cve-tta-qemu-part-2

##

eshard at 2026-05-13T11:44:35.273Z ##

Missing peripheral in QEMU? Adding it yourself is easier than you think.

We hit a wall analyzing CVE-2019-14192 on real Raspberry Pi 3B+ firmware, so we added the missing driver to #QEMU. Register by register, using U-Boot's own source as the spec.

🔗 http://www.eshard.com/blog/u-boot-cve-tta-qemu-part-2

#QEMU #Cybersecurity #firmware #uboot

##

allainyann@piaille.fr at 2026-05-13T13:25:12.000Z ##

@eshard Very clever write-up from @eshard team on adding a missing USB-Ethernet peripheral to QEMU (SMSC LAN9514) to enable Time Travel Analysis of CVE-2019-14192 on unmodified RPi 3B+ U-Boot firmware.

Using the U-Boot driver as the hardware spec is such an elegant trick. Sparked some ideas for things I'm working on. Thanks for sharing it !

https://www.eshard.com/blog/u-boot-cve-tta-qemu-part-2

##

eshard@infosec.exchange at 2026-05-13T11:44:35.000Z ##

Missing peripheral in QEMU? Adding it yourself is easier than you think.

We hit a wall analyzing CVE-2019-14192 on real Raspberry Pi 3B+ firmware, so we added the missing driver to #QEMU. Register by register, using U-Boot's own source as the spec.

🔗 http://www.eshard.com/blog/u-boot-cve-tta-qemu-part-2

#QEMU #Cybersecurity #firmware #uboot

##

CVE-2026-42741
(8.5 HIGH)

EPSS: 0.03%

updated 2026-05-12T12:32:23

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Ninja Forms Views – Display & Edit Ninja Forms Submissions on your site frontend views-for-ninja-forms allows Blind SQL Injection.This issue affects Ninja Forms Views – Display & Edit Ninja Forms Submissions on your site frontend: from n/a through <= 3.3.2.

thehackerwire@mastodon.social at 2026-05-12T11:55:09.000Z ##

🟠 CVE-2026-42741 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Ninja Forms Views – Display & Edit Ninja Forms Submissions on your site frontend views-for-ninja-forms allows Blind SQL Injection....

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42741/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:55:09.000Z ##

🟠 CVE-2026-42741 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Aman Ninja Forms Views – Display & Edit Ninja Forms Submissions on your site frontend views-for-ninja-forms allows Blind SQL Injection....

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42741/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25786
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-05-12T12:32:22

3 posts

Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface. This could allow an authenticated attacker who is authorized to download a TIA project into the product, to inject malicious scripts into the page. If a benign user with appropriate rights accesses the "communication" parameters page, the malicious code woul

netsecio@mastodon.social at 2026-05-13T13:51:54.000Z ##

📰 Siemens Patches Critical Flaws in SIMATIC S7 PLCs, RUGGEDCOM Devices

Siemens drops 18 security advisories for ICS Patch Tuesday, fixing critical flaws in SIMATIC S7 PLCs and RUGGEDCOM devices. Key bugs (CVE-2026-25786, CVE-2026-25787) could lead to device takeover. 🏭 #ICSsecurity #OTsecurity #Siemens #PLC

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25786/

##

thehackerwire@mastodon.social at 2026-05-12T15:04:48.000Z ##

🔴 CVE-2026-25786 - Critical (9.1)

Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface.
This could allow an authenticated attacker who is authorized to download a TIA project into the product,...

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:04:48.000Z ##

🔴 CVE-2026-25786 - Critical (9.1)

Affected devices do not properly validate and sanitize PLC/station name rendered on the "communication" parameters page of the web interface.
This could allow an authenticated attacker who is authorized to download a TIA project into the product,...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25786/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-40947
(7.5 HIGH)

EPSS: 0.23%

updated 2026-05-12T12:32:22

2 posts

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All vers

thehackerwire@mastodon.social at 2026-05-12T15:05:08.000Z ##

🟠 CVE-2025-40947 - High (7.5)

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGED...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40947/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:05:08.000Z ##

🟠 CVE-2025-40947 - High (7.5)

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGED...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40947/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33893
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-12T12:32:22

2 posts

A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All versions < V2506.0005), Teamcenter V2512 (All versions). The affected application contains hardcoded key which is used for obfuscation stored directly into the application. This could allow an attacker

thehackerwire@mastodon.social at 2026-05-12T15:01:49.000Z ##

🟠 CVE-2026-33893 - High (7.5)

A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All versions < V2506.0005), Teamcenter V...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33893/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:01:49.000Z ##

🟠 CVE-2026-33893 - High (7.5)

A vulnerability has been identified in Teamcenter V2312 (All versions < V2312.0014), Teamcenter V2406 (All versions < V2406.0012), Teamcenter V2412 (All versions < V2412.0009), Teamcenter V2506 (All versions < V2506.0005), Teamcenter V...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33893/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44411
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-12T12:32:22

2 posts

A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnerability to execute code in the context of the current process.

thehackerwire@mastodon.social at 2026-05-12T13:05:05.000Z ##

🟠 CVE-2026-44411 - High (7.8)

A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnera...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44411/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T13:05:05.000Z ##

🟠 CVE-2026-44411 - High (7.8)

A vulnerability has been identified in Solid Edge SE2026 (All versions < V226.0 Update 5). The affected application is vulnerable to uninitialized pointer access while parsing specially crafted PAR files. An attacker could leverage this vulnera...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44411/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41551
(9.1 CRITICAL)

EPSS: 0.05%

updated 2026-05-12T12:32:22

2 posts

A vulnerability has been identified in ROS# (All versions < V2.2.2). Affected versions contain a path traversal vulnerability because user input is not properly sanitized. This could allow a remote attacker to access arbitrary files on the device.

thehackerwire@mastodon.social at 2026-05-12T13:04:56.000Z ##

🔴 CVE-2026-41551 - Critical (9.1)

A vulnerability has been identified in ROS# (All versions < V2.2.2). Affected versions contain a path traversal vulnerability because user input is not properly sanitized.
This could allow a remote attacker to access arbitrary files on the dev...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41551/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T13:04:56.000Z ##

🔴 CVE-2026-41551 - Critical (9.1)

A vulnerability has been identified in ROS# (All versions < V2.2.2). Affected versions contain a path traversal vulnerability because user input is not properly sanitized.
This could allow a remote attacker to access arbitrary files on the dev...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41551/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2465
(8.8 HIGH)

EPSS: 0.04%

updated 2026-05-12T12:32:22

4 posts

Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation. This issue affects Turboard FOR-S: from 7.01.2026 before 18.02.2026.

thehackerwire@mastodon.social at 2026-05-12T12:07:33.000Z ##

🟠 CVE-2026-2465 - High (8.8)

Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation.

This issue affects Turboard FOR-S: from 7.01.2026 before 18.02.2026.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2465/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:40.000Z ##

🟠 CVE-2026-2465 - High (8.8)

Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation.

This issue affects Turboard FOR-S: from 7.01.2026 before 18.02.2026.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2465/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T12:07:33.000Z ##

🟠 CVE-2026-2465 - High (8.8)

Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation.

This issue affects Turboard FOR-S: from 7.01.2026 before 18.02.2026.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2465/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:40.000Z ##

🟠 CVE-2026-2465 - High (8.8)

Incorrect Authorization vulnerability in E-Kalite Software Hardware Engineering Design and Internet Services Industry and Trade Ltd. Co. Turboard FOR-S allows Privilege Escalation.

This issue affects Turboard FOR-S: from 7.01.2026 before 18.02.2026.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2465/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45214
(8.5 HIGH)

EPSS: 0.03%

updated 2026-05-12T12:32:22

4 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through <= 1.5.1.

thehackerwire@mastodon.social at 2026-05-12T12:07:23.000Z ##

🟠 CVE-2026-45214 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through <= 1.5.1.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45214/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:42.000Z ##

🟠 CVE-2026-45214 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through <= 1.5.1.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45214/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T12:07:23.000Z ##

🟠 CVE-2026-45214 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through <= 1.5.1.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45214/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:42.000Z ##

🟠 CVE-2026-45214 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons allows Blind SQL Injection.This issue affects Xpro Elementor Addons: from n/a through <= 1.5.1.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45214/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41713
(8.2 HIGH)

EPSS: 0.03%

updated 2026-05-12T12:32:22

2 posts

A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns.

thehackerwire@mastodon.social at 2026-05-12T11:58:58.000Z ##

🟠 CVE-2026-41713 - High (8.2)

A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41713/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:58.000Z ##

🟠 CVE-2026-41713 - High (8.2)

A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41713/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45211
(8.5 HIGH)

EPSS: 0.03%

updated 2026-05-12T12:32:22

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a through <= 4.7.1.

thehackerwire@mastodon.social at 2026-05-12T11:58:21.000Z ##

🟠 CVE-2026-45211 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45211/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:58:21.000Z ##

🟠 CVE-2026-45211 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal APIExperts Square for WooCommerce woosquare allows Blind SQL Injection.This issue affects APIExperts Square for WooCommerce: from n/a ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45211/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45218
(7.7 HIGH)

EPSS: 0.03%

updated 2026-05-12T12:32:22

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through <= 11.4.0.

thehackerwire@mastodon.social at 2026-05-12T11:55:00.000Z ##

🟠 CVE-2026-45218 - High (7.7)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through <= 11.4.0.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45218/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T11:55:00.000Z ##

🟠 CVE-2026-45218 - High (7.7)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel WP Travel wp-travel allows Blind SQL Injection.This issue affects WP Travel: from n/a through <= 11.4.0.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45218/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-40833
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-12T12:32:21

2 posts

The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual restart is required to recover the system.

thehackerwire@mastodon.social at 2026-05-12T17:27:36.000Z ##

🟠 CVE-2025-40833 - High (7.5)

The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual restart is required to recover the system.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40833/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:27:36.000Z ##

🟠 CVE-2025-40833 - High (7.5)

The affected devices contain a null pointer dereference vulnerability while processing specially crafted IPv4 requests. This could allow an attacker to cause denial of service condition. A manual restart is required to recover the system.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40833/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-6577
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-05-12T12:32:14

2 posts

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows SQL Injection. This issue affects E-Commerce Website: before 4.5.001.

thehackerwire@mastodon.social at 2026-05-12T15:26:26.000Z ##

🔴 CVE-2025-6577 - Critical (9.8)

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows SQL Injection.

This issue affects E-Commerce Website: before 4.5.001.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-6577/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:26:26.000Z ##

🔴 CVE-2025-6577 - Critical (9.8)

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Akilli Commerce Software Technologies Ltd. Co. E-Commerce Website allows SQL Injection.

This issue affects E-Commerce Website: before 4.5.001.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-6577/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-40949
(9.1 CRITICAL)

EPSS: 0.17%

updated 2026-05-12T12:32:14

2 posts

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGEDCOM ROX RX1501 (All versions < V2.17.1), RUGGEDCOM ROX RX1510 (All versions < V2.17.1), RUGGEDCOM ROX RX1511 (All versions < V2.17.1), RUGGEDCOM ROX RX1512 (All vers

thehackerwire@mastodon.social at 2026-05-12T15:26:16.000Z ##

🔴 CVE-2025-40949 - Critical (9.1)

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGED...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40949/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T15:26:16.000Z ##

🔴 CVE-2025-40949 - Critical (9.1)

A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.17.1), RUGGEDCOM ROX MX5000RE (All versions < V2.17.1), RUGGEDCOM ROX RX1400 (All versions < V2.17.1), RUGGEDCOM ROX RX1500 (All versions < V2.17.1), RUGGED...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-40949/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2993
(7.5 HIGH)

EPSS: 0.10%

updated 2026-05-12T09:31:33

2 posts

The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.17 due to insufficient escaping on user supplied parameters and lack of sufficient preparation on the existing SQL query in the getListForTbl() function. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing que

thehackerwire@mastodon.social at 2026-05-12T17:27:46.000Z ##

🟠 CVE-2026-2993 - High (7.5)

The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.17 due to insufficient escaping on user supplied parameters and lack of sufficient preparation on the existing S...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2993/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:27:46.000Z ##

🟠 CVE-2026-2993 - High (7.5)

The AI Chatbot & Workflow Automation by AIWU plugin for WordPress is vulnerable to SQL Injection in versions up to, and including, 1.4.17 due to insufficient escaping on user supplied parameters and lack of sufficient preparation on the existing S...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2993/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-39432
(8.2 HIGH)

EPSS: 0.03%

updated 2026-05-12T09:31:31

3 posts

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Timetics: from n/a through 1.0.53.

thehackerwire@mastodon.social at 2026-05-12T17:29:58.000Z ##

🟠 CVE-2026-39432 - High (8.2)

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects Timetics: from n/a through 1.0.53.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-39432/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:29:58.000Z ##

🟠 CVE-2026-39432 - High (8.2)

Missing Authorization vulnerability in Arraytics Timetics allows Exploiting Incorrectly Configured Access Control Security Levels.

This issue affects Timetics: from n/a through 1.0.53.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-39432/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-05-12T09:00:33.000Z ##

🔍 HIGH severity: CVE-2026-39432 in Arraytics Timetics ≤1.0.53 — Missing authorization (CWE-862) enables potential data exposure. No patch available yet. Restrict access, monitor advisories. https://radar.offseq.com/threat/cve-2026-39432-cwe-862-missing-authorization-in-ar-e310bf2a #OffSeq #Cybersecurity #Vuln #CVE202639432

##

CVE-2026-7287
(7.5 HIGH)

EPSS: 0.26%

updated 2026-05-12T06:31:46

2 posts

** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions of the “webs” binary in Zyxel NWA1100-N customized firmware version 1.00(AACE.1)C0 could allow an attacker to trigger a denial-of-service (DoS) condition by sending a crafted HTTP request to a vulnerable device.

thehackerwire@mastodon.social at 2026-05-12T17:30:21.000Z ##

🟠 CVE-2026-7287 - High (7.5)

** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions of the “webs” binary in Zyxel NWA1100-N customized firmware version 1.00(AACE.1)C...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7287/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T17:30:21.000Z ##

🟠 CVE-2026-7287 - High (7.5)

** UNSUPPORTED WHEN ASSIGNED ** A buffer overflow vulnerability in the formWep(), formWlAc(), formPasswordSetup(), formUpgradeCert(), and formDelcert() functions of the “webs” binary in Zyxel NWA1100-N customized firmware version 1.00(AACE.1)C...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7287/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34259
(8.2 HIGH)

EPSS: 0.01%

updated 2026-05-12T03:31:33

2 posts

Due to an OS Command Execution vulnerability in SAP Forecasting & Replenishment, an authenticated attacker with administrative authorizations could abuse a non-remote-enabled function to execute arbitrary operating system commands. Successful exploitation could allow the attacker to read or modify any system data or shut down the system, resulting in a complete compromise of confidentiality, integ

thehackerwire@mastodon.social at 2026-05-12T18:05:05.000Z ##

🟠 CVE-2026-34259 - High (8.2)

Due to an OS Command Execution vulnerability in SAP Forecasting & Replenishment, an authenticated attacker with administrative authorizations could abuse a non-remote-enabled function to execute arbitrary operating system commands. Successful expl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34259/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T18:05:05.000Z ##

🟠 CVE-2026-34259 - High (8.2)

Due to an OS Command Execution vulnerability in SAP Forecasting & Replenishment, an authenticated attacker with administrative authorizations could abuse a non-remote-enabled function to execute arbitrary operating system commands. Successful expl...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34259/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34263
(9.6 CRITICAL)

EPSS: 0.02%

updated 2026-05-12T03:31:32

5 posts

Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perform malicious configuration upload and code injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentiality, Integrity, and Availability of the application.

thehackerwire@mastodon.social at 2026-05-12T18:05:27.000Z ##

🔴 CVE-2026-34263 - Critical (9.6)

Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perform malicious configuration upload and code injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentia...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34263/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

beyondmachines1 at 2026-05-12T17:01:08.461Z ##

SAP Security Patch Day May 2026: Critical RCE and SQL Injection Flaws

SAP's May 2026 security update addresses 15 vulnerabilities, including two critical flaws (CVE-2026-34263 and CVE-2026-34260) that allow unauthenticated remote code execution and SQL injection.

**If you are using SAP products, review the advisory in detail. Prioritize patching the critical missing authentication check in SAP Commerce Cloud and the critical SQL injection vulnerability in SAP S/4HANA Enterprise Search for ABAP, followed by the high-severity OS command injection in SAP Forecasting & Replenishment. Then review the rest of the issues.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/sap-security-patch-day-may-2026-critical-rce-and-sql-injection-flaws-w-6-7-x-n/gD2P6Ple2L

##

thehackerwire@mastodon.social at 2026-05-12T18:05:27.000Z ##

🔴 CVE-2026-34263 - Critical (9.6)

Due to improper Spring Security configuration, SAP Commerce cloud allows an unauthenticated user to perform malicious configuration upload and code injection, resulting in arbitrary server-side code execution, leading to high impact on Confidentia...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34263/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

beyondmachines1@infosec.exchange at 2026-05-12T17:01:08.000Z ##

SAP Security Patch Day May 2026: Critical RCE and SQL Injection Flaws

SAP's May 2026 security update addresses 15 vulnerabilities, including two critical flaws (CVE-2026-34263 and CVE-2026-34260) that allow unauthenticated remote code execution and SQL injection.

**If you are using SAP products, review the advisory in detail. Prioritize patching the critical missing authentication check in SAP Commerce Cloud and the critical SQL injection vulnerability in SAP S/4HANA Enterprise Search for ABAP, followed by the high-severity OS command injection in SAP Forecasting & Replenishment. Then review the rest of the issues.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/sap-security-patch-day-may-2026-critical-rce-and-sql-injection-flaws-w-6-7-x-n/gD2P6Ple2L

##

offseq@infosec.exchange at 2026-05-12T03:00:26.000Z ##

🚨 CRITICAL (CVSS 9.6): CVE-2026-34263 hits SAP Commerce Cloud (HY_COM 2205, COM_CLOUD 2211/JDK21). Unauthenticated attackers can upload configs & inject code — full server compromise risk. Monitor & restrict config uploads! https://radar.offseq.com/threat/cve-2026-34263-cwe-459-incomplete-cleanup-in-sapse-30ad114e #OffSeq #SAP #Vuln

##

CVE-2026-45223
(8.8 HIGH)

EPSS: 0.08%

updated 2026-05-11T21:31:46

1 posts

Crabbox before 0.9.0 contains an authentication bypass vulnerability in the coordinator user-token verification path where the verifyUserToken() function fails to reject payloads containing an admin claim, allowing attackers to escalate privileges. An attacker with access to the shared non-admin token can craft a user-token payload with admin: true, sign it using HMAC-SHA256, and present it to adm

thehackerwire@mastodon.social at 2026-05-11T20:01:39.000Z ##

🟠 CVE-2026-45223 - High (8.8)

Crabbox before 0.9.0 contains an authentication bypass vulnerability in the coordinator user-token verification path where the verifyUserToken() function fails to reject payloads containing an admin claim, allowing attackers to escalate privileges...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45223/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44413
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-11T18:31:59

2 posts

In JetBrains TeamCity before 2026.1 2025.11.5 authenticated users could expose server API to unauthorised access

netsecio@mastodon.social at 2026-05-12T16:44:10.000Z ##

📰 High-Severity Flaw in JetBrains TeamCity On-Premises Allows API Exposure (CVE-2026-44413)

updated 2026-05-11T17:53:48

1 posts

### Summary A command injection vulnerability exists in `@wdio/browserstack-service` that allows remote code execution (RCE) when processing git branch names in test orchestration. An attacker can exploit this by providing a malicious git repository with a branch name containing shell command injection payloads. ### Details _Give all details on the vulnerability. Pointing to the incriminated sour

netsecio@mastodon.social at 2026-05-13T13:51:57.000Z ##

📰 WebdriverIO Flaw (CVSS 9.8) Allows CI/CD Takeover via Malicious Git Branches

Critical 9.8 CVSS command injection flaw (CVE-2026-25244) found in WebdriverIO. Malicious git branch names can lead to CI/CD server takeover. If you use @wdio/browserstack-service, update immediately! 🚨 #CyberSecurity #SupplyChain #DevSecOps

https://github.com/attaattaatta/CVE-2026-43500

##

CVE-2026-43500
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-11T17:16:34.290000

4 posts

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-o

13 repos

https://github.com/linnemanlabs/dirtyfrag-arm64

https://github.com/haydenjames/dirty-frag-check

https://github.com/AK777177/Dirty-Frag-Analysis

https://github.com/mym0us3r/DIRTY-FRAG-Detection-with-Wazuh-4.14.4

https://github.com/XRSecCD/202605_dirty_frag

https://github.com/metalx1993/dirtyfrag-patches

https://github.com/liamromanis101/DirtyFrag-Detector

https://github.com/KaraZajac/DIRTYFAIL

https://github.com/gagaltotal/CVE-2026-43284-CVE-2026-43500-scan

https://github.com/vorkampfer/dirty_frag_mitigation

https://github.com/0xlane/pagecache-guard

https://github.com/krisiasty/vcheck

lobsters@mastodon.social at 2026-05-12T21:15:09.000Z ##

Load-Bearing Assumptions: the rxrpc case (CVE-2026-43500) and the constraint that was never there https://lobste.rs/s/tuiapt #linux #security
https://www.linkedin.com/pulse/load-bearing-assumptions-rxrpc-case-cve-2026-43500-never-oldani-uzyae

##

knoppix95@mastodon.social at 2026-05-12T20:52:59.000Z ##

Linux 7.0.6 and 6.18.29 LTS patch the Dirty Frag local privilege flaw, fixing unsafe rxrpc decryption paths tied to CVE-2026-43500.
Fedora and Pop!_OS shipped fixes before release, reflecting rapid open-source patching and the need for timely user-controlled updates. 🔧

🔗 https://itsfoss.com/news/linux-fully-patches-dirty-frag-exploit/

#TechNews #Linux #DirtyFrag #Kernel #Fedora #PopOS #OpenSource #Cybersecurity #Privacy #Security #FOSS #SysAdmin #LTS #LinuxKernel #DirtyFrag #CopyFail #CVE #Fedora #PopOS #Ubuntu #Tech

##

lobsters@mastodon.social at 2026-05-12T21:15:09.000Z ##

Load-Bearing Assumptions: the rxrpc case (CVE-2026-43500) and the constraint that was never there https://lobste.rs/s/tuiapt #linux #security
https://www.linkedin.com/pulse/load-bearing-assumptions-rxrpc-case-cve-2026-43500-never-oldani-uzyae

##

knoppix95@mastodon.social at 2026-05-12T20:52:59.000Z ##

Linux 7.0.6 and 6.18.29 LTS patch the Dirty Frag local privilege flaw, fixing unsafe rxrpc decryption paths tied to CVE-2026-43500.
Fedora and Pop!_OS shipped fixes before release, reflecting rapid open-source patching and the need for timely user-controlled updates. 🔧

🔗 https://itsfoss.com/news/linux-fully-patches-dirty-frag-exploit/

#TechNews #Linux #DirtyFrag #Kernel #Fedora #PopOS #OpenSource #Cybersecurity #Privacy #Security #FOSS #SysAdmin #LTS #LinuxKernel #DirtyFrag #CopyFail #CVE #Fedora #PopOS #Ubuntu #Tech

##

CVE-2026-45109
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-11T16:21:19

2 posts

### Impact It was found that the fix addressing [CVE-2026-44575](https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f) did not apply to `middleware.ts` with Turbopack. Refer to [CVE-2026-44575](https://github.com/vercel/next.js/security/advisories/GHSA-267c-6grr-h53f) for further details. ### References - [CVE CVE-2026-44575](https://github.com/vercel/next.js/security/ad

thehackerwire@mastodon.social at 2026-05-13T19:00:17.000Z ##

🟠 CVE-2026-45109 - High (7.5)

Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing CVE-2026-44575 did not apply to middleware.ts with Turbopack. This vulnerability is fixed in 15.5...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45109/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T19:00:17.000Z ##

🟠 CVE-2026-45109 - High (7.5)

Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing CVE-2026-44575 did not apply to middleware.ts with Turbopack. This vulnerability is fixed in 15.5...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45109/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44575
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-11T15:55:27

4 posts

### Impact App Router applications that rely on middleware or proxy-based checks for authorization can allow unauthorized access through transport-specific route variants used for segment prefetching. In affected configurations, specially crafted `.rsc` and segment-prefetch URLs can resolve to the same page without being matched by the intended middleware rule, which can allow protected content t

1 repos

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45109/

thehackerwire@mastodon.social at 2026-05-13T19:00:17.000Z ##

🟠 CVE-2026-45109 - High (7.5)

Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing CVE-2026-44575 did not apply to middleware.ts with Turbopack. This vulnerability is fixed in 15.5...

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:38:31.000Z ##

🟠 CVE-2026-44575 - High (7.5)

Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.16 and 16.2.5, App Router applications that rely on middleware or proxy-based checks for authorization can allow unauthorized access through transpor...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44575/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T19:00:17.000Z ##

🟠 CVE-2026-45109 - High (7.5)

Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.18 and 16.2.6, it was found that the fix addressing CVE-2026-44575 did not apply to middleware.ts with Turbopack. This vulnerability is fixed in 15.5...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-45109/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:38:31.000Z ##

🟠 CVE-2026-44575 - High (7.5)

Next.js is a React framework for building full-stack web applications. From 15.2.0 to before 15.5.16 and 16.2.5, App Router applications that rely on middleware or proxy-based checks for authorization can allow unauthorized access through transpor...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44575/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44573
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-11T15:55:26

2 posts

### Impact Applications using the Pages Router with `i18n` configured and middleware/proxy-based authorization can allow unauthorized access to protected page data through locale-less `/_next/data/<buildId>/<page>.json` requests. In affected configurations, middleware does not run for the unprefixed data route, allowing an attacker to retrieve SSR JSON for protected pages without passing the inte

1 repos

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44573/

thehackerwire@mastodon.social at 2026-05-13T17:38:10.000Z ##

🟠 CVE-2026-44573 - High (7.5)

Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, Applications using the Pages Router with i18n configured and middleware/proxy-based authorization can allow unauthorized access to pro...

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T17:38:10.000Z ##

🟠 CVE-2026-44573 - High (7.5)

Next.js is a React framework for building full-stack web applications. From 12.2.0 to before 15.5.16 and 16.2.5, Applications using the Pages Router with i18n configured and middleware/proxy-based authorization can allow unauthorized access to pro...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44573/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43433
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-11T09:31:34

1 posts

In the Linux kernel, the following vulnerability has been resolved: rust_binder: avoid reading the written value in offsets array When sending a transaction, its offsets array is first copied into the target proc's vma, and then the values are read back from there. This is normally fine because the vma is a read-only mapping, so the target process cannot change the value under us. However, if t

thehackerwire@mastodon.social at 2026-05-11T18:00:23.000Z ##

🟠 CVE-2026-43433 - High (7.8)

In the Linux kernel, the following vulnerability has been resolved:

rust_binder: avoid reading the written value in offsets array

When sending a transaction, its offsets array is first copied into the
target proc's vma, and then the values are r...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-43433/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2024-27355
(7.5 HIGH)

EPSS: 0.33%

updated 2026-05-08T18:24:30

2 posts

### Impact Any application using that loads untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). ### Patches https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59 ### Workarounds No. ### Resources https://github.com/phpseclib/phpseclib/commit/e32531001b4d62c66c3d824ccef54ffad835eb59 https://www.usenix.org/system/files/conference/u

thehackerwire@mastodon.social at 2026-05-12T18:24:16.000Z ##

🟠 CVE-2026-44167 - High (7.5)

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a bypass of CVE-2024-27355. This vulnerability is fi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44167/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-12T18:24:16.000Z ##

🟠 CVE-2026-44167 - High (7.5)

phpseclib is a PHP secure communications library. Prior to 1.0.29, 2.0.54, and 3.0.52, anyone loading untrusted ASN1 files (eg. X509 certificates, RSA PKCS8 private or public keys, etc). This is a bypass of CVE-2024-27355. This vulnerability is fi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44167/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-7482
(9.1 CRITICAL)

EPSS: 0.10%

updated 2026-05-08T17:26:03

2 posts

Ollama before 0.17.1 contains a heap out-of-bounds read vulnerability in the GGUF model loader. The /api/create endpoint accepts an attacker-supplied GGUF file in which the declared tensor offset and size exceed the file's actual length; during quantization in fs/ggml/gguf.go and server/quantization.go (WriteTo()), the server reads past the allocated heap buffer. The leaked memory contents may inc

4 repos

https://github.com/msuiche/gguf_cve2026_7482

https://github.com/szybnev/CVE-2026-7482

https://github.com/0x0OZ/CVE-2026-7482-PoC

https://github.com/kaleth4/CVE-2026-7482

knoppix95@mastodon.social at 2026-05-13T07:04:45.000Z ##

Ollama fixed CVE-2026-7482 in v0.17.1, a critical out-of-bounds read flaw that could leak API keys, prompts, and chat data from exposed servers via crafted GGUF files. 🔓
Researchers also disclosed unpatched Windows update flaws enabling persistent code execution through unsigned updates and path traversal in Ollama 0.12.10–0.17.5. ⚠️

🔗 https://thehackernews.com/2026/05/ollama-out-of-bounds-read-vulnerability.html

#TechNews #Ollama #LLM #AI #Cybersecurity #OpenSource #FOSS #Privacy #Infosec #Windows #Linux #Security #Servers #DataBreach #Technology

##

knoppix95@mastodon.social at 2026-05-13T07:04:45.000Z ##

Ollama fixed CVE-2026-7482 in v0.17.1, a critical out-of-bounds read flaw that could leak API keys, prompts, and chat data from exposed servers via crafted GGUF files. 🔓
Researchers also disclosed unpatched Windows update flaws enabling persistent code execution through unsigned updates and path traversal in Ollama 0.12.10–0.17.5. ⚠️

🔗 https://thehackernews.com/2026/05/ollama-out-of-bounds-read-vulnerability.html

#TechNews #Ollama #LLM #AI #Cybersecurity #OpenSource #FOSS #Privacy #Infosec #Windows #Linux #Security #Servers #DataBreach #Technology

##

CVE-2026-41050
(9.9 CRITICAL)

EPSS: 0.04%

updated 2026-05-07T01:26:07

4 posts

### Impact Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitRepo`. **Helm `lookup` bypass:** The Helm template engine ran Kubernetes API queries with the fleet-agent's cluster-admin credentials instead

thehackerwire@mastodon.social at 2026-05-13T16:17:25.000Z ##

🔴 CVE-2026-41050 - Critical (9.9)

Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitR...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41050/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-05-13T09:00:30.108Z ##

🔥 CRITICAL: SUSE Rancher Fleet Helm deployer (0.11.0 – 0.15.0) has a major auth flaw (CVE-2026-41050). Tenants with git push access can read secrets from any namespace in downstream clusters. Restrict access & monitor closely! https://radar.offseq.com/threat/cve-2026-41050-cwe-863-incorrect-authorization-in--5c35f924 #OffSeq #SUSE #Kubernetes

##

thehackerwire@mastodon.social at 2026-05-13T16:17:25.000Z ##

🔴 CVE-2026-41050 - Critical (9.9)

Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their `GitR...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41050/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-05-13T09:00:30.000Z ##

🔥 CRITICAL: SUSE Rancher Fleet Helm deployer (0.11.0 – 0.15.0) has a major auth flaw (CVE-2026-41050). Tenants with git push access can read secrets from any namespace in downstream clusters. Restrict access & monitor closely! https://radar.offseq.com/threat/cve-2026-41050-cwe-863-incorrect-authorization-in--5c35f924 #OffSeq #SUSE #Kubernetes

##

CVE-2026-25243
(8.8 HIGH)

EPSS: 0.09%

updated 2026-05-06T16:16:41.060000

2 posts

Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may lead to remote code execution. A workaround is to restrict access to the RESTORE command with ACL rules.

1 repos

https://github.com/mgiay/CVE-2026-25589-25588-25243-23631-23479-REDIS

redis_release_watcher@kodesumber.com at 2026-05-13T12:50:36.000Z ##

8.6.3

Update urgency: SECURITY: There are security fixes in the release. Security fixes (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code...

##

redis_release_watcher@kodesumber.com at 2026-05-13T12:50:36.000Z ##

8.6.3

Update urgency: SECURITY: There are security fixes in the release. Security fixes (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code...

https://github.com/0xBlackash/CVE-2026-41940

##

CVE-2026-41940
(9.8 CRITICAL)

EPSS: 74.24%

updated 2026-05-04T18:09:42.300000

9 posts

cPanel and WHM versions after 11.40 contain an authentication bypass vulnerability in the login flow that allows unauthenticated remote attackers to gain unauthorized access to the control panel.

Nuclei template

67 repos

https://github.com/mahfuzreham/cpanel-cve-2026-41940

https://github.com/assetnote/cpanel2shell-scanner

https://github.com/Andrei-Dr/cpanel-cve-2026-41940-ioc

https://github.com/XsanFlip/poc-cpanel-cve-2026-41940

https://github.com/SreejaPuthan/cpanel-control-plane-exposure-check

https://github.com/kmaruthisrikar/CVE-2026-41940-cPanel-Auth-Bypass-Exploit

https://github.com/unteikyou/CVE-2026-41940-AuthBypass-Detector

https://github.com/habibkaratas/sorry-ransomware-analysis

https://github.com/Wesuiliye/CVE-2026-41940

https://github.com/Ishanoshada/CVE-2026-41940-Exploit-PoC

https://github.com/acuciureanu/cpanel2shell-honeypot

https://github.com/ilmndwntr/CVE-2026-41940-MASS-EXPLOIT

https://github.com/MrOplus/CVE-2026-41940

https://github.com/debugactiveprocess/cPanel-WHM-AuthBypass-Session-Checker

https://github.com/murrez/CVE-2026-41940

https://github.com/Underh0st/CPanel-Audit-Remediation-Tool

https://github.com/Ap0dexMe0/CVE-2026-41940

https://github.com/branixsolutions/Security-CVE-2026-41940-cPanel-WHM-WP2

https://github.com/rfxn/cpanel-sessionscribe

https://github.com/linko-iheb/cve-2026-41940-scanner

https://github.com/sercanokur/CVE-2026-41940-cPanel-WHM-Verification-Tool

https://github.com/cy3erm/CVE-2026-41940-POC

https://github.com/Christian93111/CVE-2026-41940

https://github.com/george1-adel/CVE-2026-41940_exploit

https://github.com/merdw/cPanel-CVE-2026-41940-Scanner

https://github.com/Richflexpix/cpanel-pwn

https://github.com/3tternp/CVE-2026-41940---cPanel-WHM-check

https://github.com/tfawnies/CVE-2026-41940-next

https://github.com/zedxod/CVE-2026-41940-POC

https://github.com/AmirrezaMarzban/portscan-CVE-2026-41940

https://github.com/vineet7800/cpanel-malware-cleaner-cve-2026

https://github.com/imbas007/POC_CVE-2026-41940

https://github.com/thekawix/CVE-2026-41940

https://github.com/ngksiva/cpanel-forensics

https://github.com/tc4dy/CVE-2026-41940-POC-Exploit

https://github.com/Unfold-Security/CVE-2026-41940-Detection

https://github.com/ynsmroztas/cPanelSniper

https://github.com/adriyansyah-mf/cve-2026-41940-poc

https://github.com/Kagantua/cPanelWHM-AuthBypass

https://github.com/Jenderal92/CVE-2026-41940

https://github.com/nickpaulsec/2026-41940-poc

https://github.com/itsismarcos/CVE-2026-41940

https://github.com/zycoder0day/CVE-2026-41940

https://github.com/rdyprtmx/poc-cve-2026-41940

https://github.com/sebinxavi/cve-checker-2026

https://github.com/YudaSamuel/cpanel-vuln-scanner

https://github.com/0xF55/cve-2026-41940-exploit

https://github.com/iSee857/cPanel-WHM-CVE-2026-41940-AuthBypass

https://github.com/devtint/CVE-2026-41940

https://github.com/realawaisakbar/CVE-2026-41940-Exploit-PoC

https://github.com/44pie/cpsniper

https://github.com/anach-ai/CVE-2026-41940

https://github.com/shahidmallaofficial/cpanel-cve-2026-41940-fix

https://github.com/senyx122/CVE-2026-41940

https://github.com/MrAriaNet/cPanel-Fix

https://github.com/dennisec/CVE-2026-41940

https://github.com/Lutfifakee-Project/CVE-2026-41940

https://github.com/0dev1337/cpanelscanner

https://github.com/Sachinart/CVE-2026-41940-cpanel-0day

https://github.com/bughunt4me/cpanelCVE-2026-41940

https://github.com/OhmGun/whmxploit---CVE-2026-41940

https://github.com/tahaXafous/CVE_2026_41940_scan_exploit

https://github.com/NULL200OK/cve-2026-41940-tool

https://github.com/ZildanZ/CVE-2026-41940

https://github.com/0xabdoulaye/CPANEL-CVE-2026-41940

https://github.com/Defacto-ridgepole254/CVE-2026-41940-Exploit-PoC

tugatech@masto.pt at 2026-05-13T14:02:50.000Z ##

Ataque a sistemas cPanel explora falha CVE-2026-41940 para instalar backdoor
🔗 https://tugatech.com.pt/t83414-ataque-a-sistemas-cpanel-explora-falha-cve-2026-41940-para-instalar-backdoor

#ataque #cve #falha

##

pentesttools at 2026-05-13T09:47:01.862Z ##

Seven FuelCMS CVEs documented. XSS callbacks now show IP and headers. Website Scanner detects exposed private keys passively. Scheduled scan exports. API risk filtering.

Also: free scanner for CVE-2026-41940, the cPanel auth bypass exploited for 64 days before a patch existed. No account needed.

https://pentest-tools.com/network-vulnerability-scanning/cve-2026-41940-scanner-cpanel-authentication-bypass

#infosec #pentesting #vulnerabilitymanagement

##

threatcodex at 2026-05-12T14:55:55.925Z ##

Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment
#CVE_2026_41940 #Mr_Rot13
https://blog.xlab.qianxin.com/mr_rot13-the-elusive-6-year-hacker-group-weaponizing-critical-cpanel-flaws-for-backdoor-deployment/

##

technadu at 2026-05-12T14:35:01.354Z ##

CVE-2026-41940 is under active mass exploitation.

Researchers say threat group “Mr_Rot13” is exploiting the critical cPanel flaw to steal credentials, deploy webshells, and gain persistent access across hosting infrastructure.

2,000+ attacking IPs observed globally.

https://www.technadu.com/cve-2026-41940-vulnerability-in-cpanel-exploited-to-steal-credentials/627803/

#CyberSecurity #ThreatIntel #cPanel

##

undercodenews@mastodon.social at 2026-05-12T13:11:11.000Z ##

Critical cPanel Vulnerability CVE-2026-41940 Sparks Global Cyberattacks and Backdoor Infections

Massive Exploitation Campaign Targets cPanel Servers Worldwide A dangerous cyberattack campaign is rapidly spreading across the internet after hackers began exploiting the critical cPanel vulnerability identified as CVE-2026-41940. Security researchers have assigned the flaw a CVSS severity score of 9.3, placing it among the most dangerous web hosting vulnerabilities…

https://undercodenews.com/critical-cpanel-vulnerability-cve-2026-41940-sparks-global-cyberattacks-and-backdoor-infections/?utm_source=mastodon&utm_medium=jetpack_social

##

tugatech@masto.pt at 2026-05-13T14:02:50.000Z ##

Ataque a sistemas cPanel explora falha CVE-2026-41940 para instalar backdoor
🔗 https://tugatech.com.pt/t83414-ataque-a-sistemas-cpanel-explora-falha-cve-2026-41940-para-instalar-backdoor

#ataque #cve #falha

##

pentesttools@infosec.exchange at 2026-05-13T09:47:01.000Z ##

Seven FuelCMS CVEs documented. XSS callbacks now show IP and headers. Website Scanner detects exposed private keys passively. Scheduled scan exports. API risk filtering.

Also: free scanner for CVE-2026-41940, the cPanel auth bypass exploited for 64 days before a patch existed. No account needed.

https://pentest-tools.com/network-vulnerability-scanning/cve-2026-41940-scanner-cpanel-authentication-bypass

#infosec #pentesting #vulnerabilitymanagement

##

threatcodex@infosec.exchange at 2026-05-12T14:55:55.000Z ##

Threat Actor Mr_Rot13 Actively Exploits CVE-2026-41940 for Backdoor Deployment
#CVE_2026_41940 #Mr_Rot13
https://blog.xlab.qianxin.com/mr_rot13-the-elusive-6-year-hacker-group-weaponizing-critical-cpanel-flaws-for-backdoor-deployment/

##

technadu@infosec.exchange at 2026-05-12T14:35:01.000Z ##

CVE-2026-41940 is under active mass exploitation.

Researchers say threat group “Mr_Rot13” is exploiting the critical cPanel flaw to steal credentials, deploy webshells, and gain persistent access across hosting infrastructure.

2,000+ attacking IPs observed globally.

https://www.technadu.com/cve-2026-41940-vulnerability-in-cpanel-exploited-to-steal-credentials/627803/

#CyberSecurity #ThreatIntel #cPanel

##

CVE-2026-21535
(8.2 HIGH)

EPSS: 0.09%

updated 2026-02-20T00:31:59

2 posts

Improper access control in Microsoft Teams allows an unauthorized attacker to disclose information over a network.

vitobotta@mastodon.social at 2026-05-13T11:00:38.000Z ##

CVE-2026-21535: unauthenticated info disclosure in Microsoft Teams. Network access is all an attacker needs, no credentials at all. The app sitting open on every corporate laptop right now. Go patch it. https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2026-patch-tuesday-fixes-120-flaws-no-zero-days/

##

vitobotta@mastodon.social at 2026-05-13T11:00:38.000Z ##

CVE-2026-21535: unauthenticated info disclosure in Microsoft Teams. Network access is all an attacker needs, no credentials at all. The app sitting open on every corporate laptop right now. Go patch it. https://www.bleepingcomputer.com/news/microsoft/microsoft-may-2026-patch-tuesday-fixes-120-flaws-no-zero-days/

##

CVE-2017-0144
(8.1 HIGH)

EPSS: 94.32%

updated 2025-10-22T00:32:22

2 posts

The SMBv1 server in Microsoft Windows Vista SP2; Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; and Windows 10 Gold, 1511, and 1607; and Windows Server 2016 allows remote attackers to execute arbitrary code via crafted packets, aka "Windows SMB Remote Code Execution Vulnerability." This vulnerability is different from those describe

22 repos

https://github.com/MedX267/EternalBlue-Vulnerability-Scanner

https://github.com/klairmanraj/Multi-VLAN-Enterprise-Network-Vulnerability-Assessment

https://github.com/pelagornisandersi/WIndows-7-automated-exploitation-using-metasploit-framework-

https://github.com/AdityaBhatt3010/VAPT-Report-on-SMB-Exploitation-in-Windows-10-Finance-Endpoint

https://github.com/AtithKhawas/autoblue

https://github.com/AnugiArrawwala/CVE-Research

https://github.com/FireTemple/Blackash-CVE-2017-0144

https://github.com/peterpt/eternal_scanner

https://github.com/ducanh2oo3/Vulnerability-Research-CVE-2017-0144

https://github.com/quynhold/Detect-CVE-2017-0144-attack

https://github.com/trinadh-dasari-cyber/eternalblue-ms17-010-research

https://github.com/ichhyak22/EternalBlue-Exploit-Demonstration-MS17-010

https://github.com/kimocoder/eternalblue

https://github.com/denuwanjayasekara/CVE-Exploitation-Reports

https://github.com/EEsshq/CVE-2017-0144---EtneralBlue-MS17-010-Remote-Code-Execution

https://github.com/klairmanraj/Vulnerability-Risk-Assessment-TVRA-Enterprise-Network

https://github.com/althany/CVE-2017-0144_Lab-Guide

https://github.com/dannic145/EternalBlue-Exploit-Demonstration

https://github.com/Mitsu-bis/Eternal-Blue-CVE-2017-0144-THM-Write-Up

https://github.com/klairmanraj/Multi-VLAN-Enterprise-Network-Security-Infrastructure

https://github.com/luckyman2907/SMB-Protocol-Vulnerability_CVE-2017-0144

https://github.com/sethwhy/BlueDoor

alsoran@dfarq.homeip.net at 2026-05-12T11:00:06.000Z ## On May 12, 2017, ransomware named Wannacry started spreading across the globe, infecting and encrypting Windows systems by exploiting CVE-2017-0144, a flaw that a two-month-old Microsoft patch, MS17-010, had fixed. It quickly became one of the biggest Windows outbreaks ever. Why was it so bad, and what could have made it go better? […]

https://dfarq.homeip.net/why-the-wannacry-outbreak-was-so-bad-2/

##

alsoran@dfarq.homeip.net at 2026-05-12T11:00:06.000Z ##

Why the Wannacry outbreak was so bad

On May 12, 2017, ransomware named Wannacry started spreading across the globe, infecting and encrypting Windows systems by exploiting CVE-2017-0144, a flaw that a two-month-old Microsoft patch, MS17-010, had fixed. It quickly became one of the biggest Windows outbreaks ever. Why was it so bad, and what could have made it go better? […]

https://dfarq.homeip.net/why-the-wannacry-outbreak-was-so-bad/

##

CVE-2025-27421
(7.5 HIGH)

##

forst@mastodon.social at 2026-05-13T16:40:44.000Z ##

Apparently yet another one of those #DirtyFrag-like vulnerabilities in #Linux, this one called #Fragnesia

CVE-2026-46300

https://www.openwall.com/lists/oss-security/2026/05/13/3

#CopyFail

##

jschauma@mstdn.social at 2026-05-13T16:05:02.000Z ##

As I was saying, we're not done with page cache LPEs.

Looks like a third variant just dropped (CVE-2026-46300):
https://github.com/v12-security/pocs/tree/main/fragnesia
https://github.com/v12-security/pocs/blob/d4043edc2acbd75d093e3f5795751b678c66b259/fragnesia/fragnesia.c

https://www.openwall.com/lists/oss-security/2026/05/13/3

Initial reading is defense against #DirtyFrag mitigates this, too, so perhaps not a full round of updates needed here.

##

decio@infosec.exchange at 2026-05-13T17:05:55.000Z ##

et voilà il a reçu son nom de code CVE-2026-46300

##

jschauma@mstdn.social at 2026-05-13T16:05:02.000Z ##

As I was saying, we're not done with page cache LPEs.

Looks like a third variant just dropped (CVE-2026-46300):
https://github.com/v12-security/pocs/tree/main/fragnesia
https://github.com/v12-security/pocs/blob/d4043edc2acbd75d093e3f5795751b678c66b259/fragnesia/fragnesia.c

https://www.openwall.com/lists/oss-security/2026/05/13/3

Initial reading is defense against #DirtyFrag mitigates this, too, so perhaps not a full round of updates needed here.

##

CVE-2026-4798
(0 None)

EPSS: 0.06%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-13T16:17:07.000Z ##

🟠 CVE-2026-4798 - High (7.5)

The Avada Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ‘product_order’ parameter in all versions up to, and including, 3.15.1 due to insufficient escaping on the user supplied parameter and lack of sufficient ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4798/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T16:17:07.000Z ##

🟠 CVE-2026-4798 - High (7.5)

The Avada Builder plugin for WordPress is vulnerable to time-based SQL Injection via the ‘product_order’ parameter in all versions up to, and including, 3.15.1 due to insufficient escaping on the user supplied parameter and lack of sufficient ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4798/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3425
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-13T15:56:19.000Z ##

🟠 CVE-2026-3425 - High (8.8)

The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2 via the 'path' parameter of the 'get_content' AJAX action. This makes it possible for authenticated attackers, w...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3425/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-05-13T15:56:19.000Z ##

🟠 CVE-2026-3425 - High (8.8)

The RTMKit Addons for Elementor plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.0.2 via the 'path' parameter of the 'get_content' AJAX action. This makes it possible for authenticated attackers, w...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3425/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30893
(0 None)

EPSS: 0.08%

2 posts

N/A

benzogaga33@mamot.fr at 2026-05-13T15:40:03.000Z ##

Wazuh – CVE-2026-30893 : un patch est disponible pour cette faille critique https://www.it-connect.fr/wazuh-cve-2026-30893-un-patch-est-disponible-pour-cette-faille-critique/ #ActuCybersécurité #Cybersécurité #Vulnérabilité

##

benzogaga33@mamot.fr at 2026-05-13T15:40:03.000Z ##

Wazuh – CVE-2026-30893 : un patch est disponible pour cette faille critique https://www.it-connect.fr/wazuh-cve-2026-30893-un-patch-est-disponible-pour-cette-faille-critique/ #ActuCybersécurité #Cybersécurité #Vulnérabilité

##

CVE-2026-23479
(0 None)

EPSS: 0.10%

2 posts

N/A

1 repos

https://github.com/mgiay/CVE-2026-25589-25588-25243-23631-23479-REDIS

redis_release_watcher@kodesumber.com at 2026-05-13T12:50:36.000Z ##

8.6.3

Update urgency: SECURITY: There are security fixes in the release. Security fixes (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code...

##

redis_release_watcher@kodesumber.com at 2026-05-13T12:50:36.000Z ##

8.6.3

Update urgency: SECURITY: There are security fixes in the release. Security fixes (CVE-2026-23479) Use-After-Free in unblock client flow may lead to Remote Code Execution (CVE-2026-25243) Invalid memory access in RESTORE may lead to Remote Code...