##
Updated at UTC 2026-07-18T11:45:38.795486
| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-47871 | 8.8 | 0.00% | 2 | 0 | 2026-07-18T09:17:08.960000 | VMware Avi Load Balancer contains a directory traversal vulnerability. Flaws in | |
| CVE-2026-47869 | 8.7 | 0.00% | 2 | 0 | 2026-07-18T09:17:08.740000 | VMware Avi Load Balancer contains a remote code execution vulnerability. A malic | |
| CVE-2026-47868 | 7.8 | 0.00% | 2 | 0 | 2026-07-18T09:17:08.627000 | VMware Avi Load Balancer contains a local privilege escalation vulnerability. A | |
| CVE-2026-47867 | 8.7 | 0.00% | 2 | 0 | 2026-07-18T09:17:08.527000 | VMware Avi Load Balancer contains a remote code execution vulnerability. A malic | |
| CVE-2026-47866 | 8.3 | 0.00% | 2 | 0 | 2026-07-18T09:17:08.413000 | VMware Avi Load Balancer contains an authorization bypass vulnerability. A malic | |
| CVE-2026-47865 | 9.8 | 0.00% | 4 | 0 | 2026-07-18T09:17:08.287000 | VMware Avi Load Balancer contains an authentication bypass vulnerability. A mali | |
| CVE-2026-53359 | 8.8 | 0.18% | 1 | 8 | 2026-07-18T08:16:36.620000 | In the Linux kernel, the following vulnerability has been resolved: KVM: x86: F | |
| CVE-2026-9734 | 4.3 | 0.00% | 1 | 0 | 2026-07-18T06:32:02 | The W3SC Elementor to Zoho CRM plugin for WordPress is vulnerable to Cross-Site | |
| CVE-2026-63030 | 9.8 | 0.00% | 10 | 12 | template | 2026-07-18T05:16:56.167000 | WordPress 6.9.x before 6.9.5 and 7.0.x before 7.0.2 is affected by a REST API ba |
| CVE-2026-60137 | 5.9 | 0.00% | 6 | 7 | 2026-07-18T05:16:54.427000 | WordPress 6.8.x before 6.8.6, 6.9.x before 6.9.5, and 7.0.x before 7.0.2 does no | |
| CVE-2026-55445 | 0 | 0.40% | 1 | 0 | 2026-07-18T03:16:37.117000 | Qinglong is a timed task management platform supporting Python3, JavaScript, She | |
| CVE-2026-8505 | 9.8 | 0.00% | 4 | 0 | 2026-07-18T00:16:48.433000 | IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook | |
| CVE-2026-56740 | 7.5 | 0.00% | 3 | 0 | 2026-07-17T22:17:57.153000 | JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, an | |
| CVE-2026-9171 | 7.5 | 0.00% | 2 | 0 | 2026-07-17T21:31:52 | IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a | |
| CVE-2026-9135 | 9.9 | 0.00% | 2 | 0 | 2026-07-17T21:31:52 | IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 9498 | |
| CVE-2026-54498 | 8.7 | 0.00% | 2 | 0 | 2026-07-17T21:17:09.043000 | view_component is a framework for building reusable, testable, and encapsulated | |
| CVE-2026-48062 | 9.8 | 0.00% | 2 | 0 | 2026-07-17T21:17:06.787000 | CodeIgniter is a PHP full-stack web framework. Prior to 4.7.3, the ext_in upload | |
| CVE-2026-44891 | 7.5 | 0.00% | 2 | 0 | 2026-07-17T21:17:06.250000 | Netty is a network application framework for development of protocol servers and | |
| CVE-2026-13446 | 9.8 | 0.00% | 4 | 0 | 2026-07-17T21:17:05.960000 | IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a | |
| CVE-2026-13445 | 8.1 | 0.00% | 2 | 0 | 2026-07-17T21:17:05.473000 | IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exp | |
| CVE-2026-8635 | 9.9 | 0.00% | 2 | 0 | 2026-07-17T20:17:31.527000 | IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate pri | |
| CVE-2026-13448 | 8.1 | 0.00% | 1 | 0 | 2026-07-17T20:17:14.713000 | IBM Langflow OSS 1.0.0 through 1.10.1 Lanflow OSS contains an unauthenticated re | |
| CVE-2025-20205 | 4.8 | 0.31% | 1 | 0 | 2026-07-17T20:17:13.067000 | Multiple vulnerabilities in the web-based management interface of Cisco Identity | |
| CVE-2026-9103 | 9.8 | 0.00% | 2 | 0 | 2026-07-17T19:17:19.277000 | IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unau | |
| CVE-2026-62241 | 9.1 | 0.39% | 1 | 0 | 2026-07-17T19:17:18.647000 | clawvet self-hosted API server (apps/api) before 0.7.5 hard-codes a fallback JWT | |
| CVE-2026-44436 | 7.5 | 0.28% | 1 | 0 | 2026-07-17T18:37:25.590000 | Quicly is an IETF QUIC protocol implementation intended primarily for use within | |
| CVE-2026-55173 | 8.1 | 3.43% | 1 | 0 | 2026-07-17T18:36:41.143000 | WWBN AVideo is an open source video platform. Versions 29.0 and below remain vul | |
| CVE-2026-62232 | 7.4 | 0.28% | 1 | 0 | 2026-07-17T15:44:29.553000 | Grav before 2.0.4 contains a two-factor authentication bypass vulnerability in t | |
| CVE-2026-11961 | 8.1 | 0.14% | 1 | 0 | 2026-07-17T15:32:27 | The User Registration & Membership WordPress plugin before 5.2.3 does not valid | |
| CVE-2026-59117 | 7.5 | 0.45% | 1 | 0 | 2026-07-17T15:01:06.447000 | Integer overflow or wraparound in Windows Terminal allows an unauthorized attack | |
| CVE-2026-15982 | 9.8 | 0.29% | 2 | 0 | 2026-07-17T14:59:38.667000 | The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Too | |
| CVE-2026-63305 | 8.1 | 1.38% | 1 | 0 | 2026-07-17T14:17:27.207000 | AVideo through 29.0 contains an OS command injection vulnerability in the ffmpeg | |
| CVE-2026-25089 | 9.8 | 36.13% | 4 | 2 | 2026-07-17T05:16:38.687000 | A improper neutralization of special elements used in an os command ('os command | |
| CVE-2026-53412 | 9.8 | 0.51% | 8 | 0 | 2026-07-17T00:32:18 | Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client fo | |
| CVE-2026-53409 | 7.8 | 0.15% | 1 | 0 | 2026-07-16T21:30:46 | Improper Privilege Management in Zoom Rooms for Windows before version 7.1.0 may | |
| CVE-2026-62378 | 9.0 | 0.33% | 1 | 0 | 2026-07-16T20:16:47.430000 | RustFS Console is a web management console for the RustFS distributed file syste | |
| CVE-2026-52870 | 7.6 | 0.23% | 1 | 0 | 2026-07-16T19:56:14 | ### Summary In affected versions, the default request handlers installed by the | |
| CVE-2026-62312 | 8.8 | 0.72% | 1 | 0 | 2026-07-16T19:16:51.010000 | 9Router is an AI router & token saver. Prior to 0.5.2, 9Router allows a remote a | |
| CVE-2026-48352 | 7.5 | 0.41% | 1 | 0 | 2026-07-16T19:04:00.603000 | CAI Content Credentials is affected by an Improper Input Validation vulnerabilit | |
| CVE-2026-48351 | 7.5 | 0.41% | 1 | 0 | 2026-07-16T19:03:57.483000 | CAI Content Credentials is affected by an Improper Input Validation vulnerabilit | |
| CVE-2026-39808 | 9.8 | 84.16% | 4 | 6 | template | 2026-07-16T18:32:24 | A improper neutralization of special elements used in an os command ('os command |
| CVE-2026-58644 | 9.8 | 1.47% | 8 | 0 | 2026-07-16T18:31:26 | Deserialization of untrusted data in Microsoft Office SharePoint allows an unaut | |
| CVE-2026-12525 | 8.8 | 0.24% | 1 | 0 | 2026-07-16T18:16:41.633000 | The Redux Framework WordPress plugin before 4.5.13 does not restrict which user | |
| CVE-2026-49794 | 4.6 | 0.35% | 1 | 0 | 2026-07-16T15:59:58.327000 | Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an un | |
| CVE-2026-46339 | 10.0 | 4.57% | 1 | 0 | template | 2026-07-16T14:16:52.513000 | 9Router is an AI router & token saver. From 0.4.30 until 0.4.37, 9Router's src/p |
| CVE-2026-11386 | 9.0 | 0.32% | 3 | 0 | 2026-07-16T14:16:48.040000 | An input validation and injection vulnerability exists in Canonical ubuntu-pro-c | |
| CVE-2026-52887 | 10.0 | 0.59% | 1 | 0 | 2026-07-16T13:43:05.487000 | NocoBase is an AI-powered no-code/low-code platform for building business applic | |
| CVE-2026-22752 | 9.6 | 0.43% | 1 | 0 | 2026-07-16T12:32:28 | Authentication bypass by primary weakness vulnerability in Spring Security Sprin | |
| CVE-2026-15013 | 9.8 | 0.30% | 1 | 0 | 2026-07-16T06:31:33 | The SAML Single Sign On – SSO Login plugin for WordPress is vulnerable to Authen | |
| CVE-2026-56687 | 7.8 | 0.10% | 1 | 0 | 2026-07-16T05:16:25.420000 | Dell ThinOS 10, versions prior to 2605_10.2100, contain an Obsolete Feature in U | |
| CVE-2026-50130 | 8.8 | 0.22% | 1 | 0 | 2026-07-16T05:16:22.107000 | Pi-hole is a DNS sinkhole that protects devices from unwanted content without in | |
| CVE-2026-46817 | 9.8 | 1.04% | 6 | 2 | 2026-07-16T05:16:20.290000 | Vulnerability in the Oracle Payments product of Oracle E-Business Suite (compone | |
| CVE-2026-20296 | 8.3 | 0.17% | 1 | 0 | 2026-07-16T05:16:18.873000 | In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splu | |
| CVE-2026-15409 | 10.0 | 1.27% | 12 | 5 | 2026-07-16T05:16:18.293000 | A Server-side request forgery (SSRF) vulnerability has been identified in the SM | |
| CVE-2026-13385 | 0 | 0.10% | 1 | 0 | 2026-07-16T05:16:17.923000 | An Improper Validation of Integrity Check Value and Improper Certificate Validat | |
| CVE-2026-50525 | 7.5 | 0.62% | 1 | 0 | 2026-07-15T23:16:50.270000 | Allocation of resources without limits or throttling in .NET allows an unauthori | |
| CVE-2026-50274 | 7.5 | 0.00% | 2 | 0 | 2026-07-15T23:05:20 | ### Impact Datadog tracing libraries that implement W3C baggage propagation pars | |
| CVE-2026-50272 | 7.5 | 0.00% | 2 | 0 | 2026-07-15T22:58:53 | ### Impact Datadog tracing libraries that implement W3C baggage propagation pars | |
| CVE-2026-50271 | 7.5 | 0.00% | 2 | 0 | 2026-07-15T22:55:25 | ### Impact Datadog tracing libraries that implement W3C baggage propagation pars | |
| CVE-2026-15895 | 7.8 | 1.24% | 1 | 0 | 2026-07-15T21:31:26 | OS command injection in the npm package loading component in AWS jsii-diff befor | |
| CVE-2026-53517 | 8.1 | 0.41% | 1 | 0 | 2026-07-15T20:54:43.733000 | Better Auth is an authentication and authorization library for TypeScript. From | |
| CVE-2026-61835 | 7.7 | 0.25% | 1 | 0 | 2026-07-15T20:49:59.560000 | Directus is a real-time API and App dashboard for managing SQL database content. | |
| CVE-2026-50148 | 10.0 | 0.44% | 1 | 0 | 2026-07-15T20:35:56.207000 | Metabase is an open-source business intelligence and embedded analytics tool. Fr | |
| CVE-2026-62351 | 7.5 | 0.32% | 1 | 0 | 2026-07-15T20:18:01.667000 | TDengine is a time-series database optimized for Internet of Things devices. Pri | |
| CVE-2026-62422 | 10.0 | 0.35% | 1 | 0 | 2026-07-15T20:08:02.787000 | In JetBrains YouTrack before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1. | |
| CVE-2026-46485 | 8.2 | 0.30% | 1 | 0 | 2026-07-15T19:50:11.367000 | Dashy is a self-hostable personal dashboard. Prior to 4.0.8, Dashy deployments u | |
| CVE-2026-56434 | 6.5 | 0.39% | 1 | 0 | 2026-07-15T19:18:04.890000 | NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_ssi_module | |
| CVE-2026-20153 | 7.5 | 0.25% | 1 | 0 | 2026-07-15T19:17:00.473000 | As part of Cisco's ongoing commitment to proactive security and product quality, | |
| CVE-2023-4346 | 7.5 | 0.85% | 5 | 0 | 2026-07-15T18:32:50 | KNX devices that use KNX Connection Authorization and support Option 1 are, depe | |
| CVE-2026-20297 | 7.2 | 0.38% | 1 | 0 | 2026-07-15T18:32:05 | In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, 9.4.13, and 9.3.14, | |
| CVE-2026-58658 | 8.2 | 0.39% | 1 | 0 | 2026-07-15T18:32:05 | GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated inf | |
| CVE-2026-62389 | 7.5 | 0.45% | 1 | 0 | 2026-07-15T18:32:05 | ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js w | |
| CVE-2026-59258 | 8.3 | 0.32% | 1 | 0 | 2026-07-15T18:32:05 | immich before 3.0.3 contains a broken access control vulnerability in the PUT /a | |
| CVE-2026-20298 | 5.3 | 0.22% | 1 | 0 | 2026-07-15T18:32:04 | In Splunk Enterprise versions below 10.4.1, 10.2.5, 10.0.8, and 9.4.13, and Splu | |
| CVE-2026-60005 | 8.2 | 0.61% | 2 | 0 | 2026-07-15T18:31:58 | NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_slice_modu | |
| CVE-2026-20150 | 8.8 | 0.22% | 1 | 0 | 2026-07-15T18:31:58 | As part of Cisco's ongoing commitment to proactive security and product quality, | |
| CVE-2026-20146 | 5.5 | 0.34% | 1 | 0 | 2026-07-15T18:31:58 | A vulnerability in Cisco Identity Services Engine (ISE) and Cisco ISE Passive Id | |
| CVE-2026-62685 | 8.1 | 0.32% | 1 | 0 | 2026-07-15T18:15:13.373000 | File Browser is a file managing interface for uploading, deleting, previewing, r | |
| CVE-2026-48318 | 9.9 | 6.96% | 1 | 0 | 2026-07-15T17:59:53.417000 | ColdFusion is affected by an Improper Limitation of a Pathname to a Restricted D | |
| CVE-2026-15764 | 7.5 | 0.27% | 1 | 0 | 2026-07-15T17:52:02.543000 | Use after free in Ozone in Google Chrome on Linux prior to 150.0.7871.125 allowe | |
| CVE-2026-13585 | 0 | 0.11% | 1 | 1 | 2026-07-15T16:24:31.140000 | Allocation of Resources Without Limits and Throttling and Sensitive Information | |
| CVE-2026-42533 | 8.1 | 0.83% | 2 | 1 | 2026-07-15T15:33:14 | A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive | |
| CVE-2026-56155 | 7.8 | 0.38% | 5 | 0 | 2026-07-15T14:18:24.010000 | Insufficient granularity of access control in Active Directory Federation Servic | |
| CVE-2026-48309 | 7.8 | 0.17% | 1 | 0 | 2026-07-15T13:51:52.543000 | Audition is affected by an out-of-bounds write vulnerability that could result i | |
| CVE-2026-9770 | None | 0.22% | 1 | 0 | 2026-07-15T03:33:02 | Kasa EC71 v4 and EC70 v4 firmware contains a static cryptographic private key st | |
| CVE-2026-48334 | 9.3 | 0.43% | 1 | 0 | 2026-07-15T00:31:51 | Illustrator is affected by an Improper Input Validation vulnerability that could | |
| CVE-2026-48336 | 7.8 | 0.14% | 1 | 0 | 2026-07-15T00:31:50 | Illustrator is affected by an out-of-bounds write vulnerability that could resul | |
| CVE-2026-48337 | 7.8 | 0.14% | 1 | 0 | 2026-07-15T00:31:43 | Illustrator is affected by an out-of-bounds write vulnerability that could resul | |
| CVE-2025-3248 | 9.8 | 99.99% | 2 | 28 | template | 2026-07-14T23:17:27.010000 | Langflow versions prior to 1.3.0 are susceptible to code injection in the /api/ |
| CVE-2026-56164 | 5.3 | 5.60% | 7 | 1 | 2026-07-14T21:32:51 | Missing authentication for critical function in Microsoft Office SharePoint allo | |
| CVE-2026-48324 | 9.1 | 0.66% | 1 | 0 | 2026-07-14T21:32:33 | ColdFusion is affected by an Improper Neutralization of Special Elements used in | |
| CVE-2026-48327 | 9.0 | 0.23% | 1 | 0 | 2026-07-14T21:32:31 | ColdFusion is affected by an Incorrect Authorization vulnerability that could re | |
| CVE-2026-15765 | 7.5 | 0.27% | 1 | 0 | 2026-07-14T21:32:28 | Use after free in Ozone in Google Chrome prior to 150.0.7871.125 allowed a remot | |
| CVE-2026-15410 | 7.2 | 1.49% | 8 | 3 | 2026-07-14T21:32:21 | Post-authentication improper control of generation of code ('Code Injection') vu | |
| CVE-2026-13001 | 9.8 | 1.08% | 2 | 2 | 2026-07-14T21:16:40.860000 | The Podlove Podcast Publisher plugin for WordPress is vulnerable to arbitrary fi | |
| CVE-2026-58528 | 6.8 | 0.42% | 1 | 0 | 2026-07-14T20:35:32.720000 | Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an un | |
| CVE-2026-50453 | 6.1 | 0.37% | 1 | 0 | 2026-07-14T20:35:12.370000 | Out-of-bounds read in Windows USB Audio Class driver (usbaudio.sys) allows an un | |
| CVE-2026-54052 | 9.9 | 0.39% | 2 | 0 | 2026-07-14T19:07:15 | ## Impact In multi-tenant HTTP deployments — where a single n8n-mcp server serv | |
| CVE-2026-55040 | 9.1 | 0.67% | 1 | 0 | 2026-07-14T18:32:38 | Weak authentication in Microsoft Office SharePoint allows an unauthorized attack | |
| CVE-2026-50454 | 7.8 | 0.40% | 1 | 0 | 2026-07-14T18:32:32 | Relative path traversal in Windows User Interface Core allows an authorized atta | |
| CVE-2026-58635 | 7.8 | 0.22% | 1 | 1 | 2026-07-14T18:32:12 | Improper neutralization of special elements used in a command ('command injectio | |
| CVE-2026-50663 | 8.8 | 0.65% | 3 | 0 | 2026-07-14T18:32:06 | Relative path traversal in Age of Empires II: Definitive Edition Game allows an | |
| CVE-2026-10577 | 0 | 0.25% | 1 | 0 | 2026-07-14T16:46:49.030000 | A security issue exists within the 1715-AENTR EtherNet/IP Adapter. The affected | |
| CVE-2026-53565 | None | 0.10% | 1 | 0 | 2026-07-14T15:32:25 | Improper Privilege Management vulnerability in Citrix Secure Access Client for W | |
| CVE-2026-53566 | None | 0.11% | 1 | 0 | 2026-07-14T15:32:24 | Out-of-bounds read vulnerability in Citrix Citrix Secure Access Client for Windo | |
| CVE-2026-15719 | 5.4 | 0.13% | 1 | 0 | 2026-07-14T15:32:24 | We are aware that exploit code for this is public however we are not aware of an | |
| CVE-2026-15718 | 4.3 | 0.16% | 1 | 0 | 2026-07-14T15:32:24 | We are aware that exploit code for this is public however we are not aware of an | |
| CVE-2026-6875 | 0 | 0.51% | 3 | 0 | 2026-07-14T05:16:19.730000 | ServiceNow has addressed a remote code execution vulnerability that was identifi | |
| CVE-2026-15378 | 9.3 | 0.42% | 1 | 0 | 2026-07-14T02:16:54.120000 | A flaw was found in the `guardrails-detectors` component. This vulnerability all | |
| CVE-2026-59208 | 6.8 | 0.14% | 1 | 0 | 2026-07-14T01:16:18.827000 | n8n is an open source workflow automation platform. Prior to 2.27.4 and from 2.2 | |
| CVE-2026-54159 | 10.0 | 0.00% | 2 | 0 | 2026-07-10T20:36:58 | ### Impact A PHP Object Injection vulnerability affects the PrestaShop module ` | |
| CVE-2026-59792 | 9.6 | 0.42% | 1 | 0 | 2026-07-10T15:31:48 | In JetBrains IntelliJ IDEA before 2026.1.4, 2026.2 code execution via path trav | |
| CVE-2026-56688 | 9.1 | 1.29% | 1 | 0 | 2026-07-10T12:31:56 | Dell PowerFlex Manager, Version prior to 5.1.0.1, contain(s) an Improper Neutral | |
| CVE-2026-59826 | 9.1 | 0.39% | 1 | 0 | 2026-07-10T05:16:38.427000 | Metabase is an open-source business intelligence and embedded analytics tool. Fr | |
| CVE-2026-49485 | 7.5 | 0.00% | 2 | 0 | 2026-07-09T13:43:04 | # Summary All implementations of FHIRPathEngine accept arbitrary FHIRPath expres | |
| CVE-2026-43499 | 7.8 | 0.12% | 4 | 35 | 2026-07-08T23:16:54.523000 | In the Linux kernel, the following vulnerability has been resolved: rtmutex: Us | |
| CVE-2026-49445 | 9.2 | 0.17% | 1 | 0 | 2026-07-06T17:03:21 | ### Impact When Cilium L7 functionality is enabled on a cluster, the Envoy inst | |
| CVE-2026-45659 | 8.8 | 3.22% | 4 | 1 | 2026-07-01T21:35:53 | Deserialization of untrusted data in Microsoft Office SharePoint allows an autho | |
| CVE-2026-9798 | 4.3 | 0.21% | 1 | 0 | 2026-07-01T21:26:23 | A flaw was found in Keycloak, an open-source identity and access management solu | |
| CVE-2026-54458 | 9.6 | 0.30% | 2 | 0 | 2026-06-22T14:36:04 | # Unauthenticated Stored DOM XSS via `page_title` Broadcast in AVideo YPTSocket | |
| CVE-2026-43088 | 5.5 | 0.12% | 2 | 0 | 2026-06-19T13:16:28.160000 | In the Linux kernel, the following vulnerability has been resolved: net: af_key | |
| CVE-2026-55518 | 9.6 | 0.00% | 3 | 0 | 2026-06-17T18:49:13 | ## Summary A critical missing authorization flaw exists in Avo's association at | |
| CVE-2026-46669 | 7.5 | 0.23% | 1 | 0 | 2026-06-17T10:53:49.683000 | OpenVM is a performant and modular zkVM framework built for customization and ex | |
| CVE-2026-3891 | 9.8 | 0.84% | 1 | 6 | template | 2026-06-17T10:44:23.283000 | The Pix for WooCommerce plugin for WordPress is vulnerable to arbitrary file upl |
| CVE-2026-3300 | 9.8 | 40.99% | 1 | 2 | template | 2026-06-17T10:43:22.287000 | The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Executio |
| CVE-2026-33482 | 8.1 | 2.06% | 1 | 0 | 2026-06-17T10:37:34.483000 | WWBN AVideo is an open source video platform. In versions up to and including 26 | |
| CVE-2026-32201 | 6.5 | 22.81% | 4 | 1 | 2026-06-17T10:35:20.103000 | Improper input validation in Microsoft Office SharePoint allows an unauthorized | |
| CVE-2026-2701 | 9.1 | 48.81% | 1 | 0 | 2026-06-17T10:31:33.987000 | Authenticated user can upload a malicious file to the server and execute it, whi | |
| CVE-2026-23744 | 9.8 | 43.67% | 1 | 37 | template | 2026-06-17T10:22:02.160000 | MCPJam inspector is the local-first development platform for MCP servers. Versio |
| CVE-2026-1541 | 4.3 | 0.27% | 1 | 2 | 2026-06-17T10:16:02.020000 | The Avada (Fusion) Builder plugin for WordPress is vulnerable to Sensitive Infor | |
| CVE-2015-0004 | 0 | 3.55% | 1 | 0 | 2026-06-17T00:19:24.390000 | The User Profile Service (aka ProfSvc) in Microsoft Windows Server 2003 SP2, Win | |
| CVE-2026-44182 | None | 0.35% | 1 | 0 | 2026-06-03T21:37:18 | ### Summary The environment variables used during the rendering of the Kubernet | |
| CVE-2026-44023 | 8.6 | 0.29% | 1 | 0 | 2026-06-03T21:16:26 | ### Impact In versions `>= 1.5.0, < 2.74.1`, `docling-core` did not sufficiently | |
| CVE-2026-45363 | 7.4 | 0.24% | 1 | 0 | 2026-06-02T22:12:51 | `JWT.decode(token, '', true, algorithm: 'HS256')` accepts an attacker-forged tok | |
| CVE-2026-3220 | 8.8 | 0.32% | 1 | 4 | 2026-05-18T15:30:37 | The Autoptimize WordPress plugin before 3.1.15, Clearfy Cache WordPress plugin | |
| CVE-2025-40949 | 9.1 | 0.54% | 2 | 0 | 2026-05-12T12:32:14 | A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < V2.1 | |
| CVE-2026-38526 | 9.9 | 2.76% | 1 | 8 | 2026-04-14T18:30:41 | An authenticated arbitrary file upload vulnerability in the /admin/tinymce/uploa | |
| CVE-2026-2699 | 9.8 | 49.42% | 1 | 2 | template | 2026-04-02T15:31:40 | Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthentica |
| CVE-2025-26529 | 8.3 | 0.48% | 1 | 2 | 2025-02-24T22:02:54 | Description information displayed in the site administration live log required a | |
| CVE-2025-20204 | 4.8 | 0.31% | 1 | 0 | 2025-02-05T18:34:46 | A vulnerability in the web-based management interface of Cisco Identity Services | |
| CVE-2026-56741 | 0 | 0.00% | 2 | 0 | N/A | ||
| CVE-2026-54523 | 0 | 0.00% | 3 | 0 | N/A | ||
| CVE-2026-39359 | 0 | 0.24% | 1 | 0 | N/A | ||
| CVE-2026-15899 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-14266 | 0 | 0.00% | 1 | 1 | N/A | ||
| CVE-2026-62314 | 0 | 0.27% | 1 | 0 | N/A | ||
| CVE-2026-59827 | 0 | 0.46% | 1 | 1 | N/A | ||
| CVE-2026-55234 | 0 | 0.24% | 1 | 0 | N/A | ||
| CVE-2026-55652 | 0 | 0.36% | 1 | 0 | N/A | ||
| CVE-2026-62349 | 0 | 0.40% | 1 | 0 | N/A | ||
| CVE-2026-62948 | 0 | 0.31% | 1 | 0 | N/A | ||
| CVE-2026-50147 | 0 | 0.20% | 1 | 0 | N/A | ||
| CVE-2026-55242 | 0 | 0.14% | 1 | 0 | N/A | ||
| CVE-2026-61836 | 0 | 0.28% | 1 | 0 | N/A | ||
| CVE-2026-61736 | 0 | 0.30% | 1 | 0 | N/A | ||
| CVE-2026-52886 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-57233 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-54758 | 0 | 0.00% | 1 | 0 | N/A | ||
| CVE-2026-54572 | 0 | 0.40% | 1 | 0 | N/A | ||
| CVE-2026-59733 | 0 | 0.55% | 1 | 0 | N/A | ||
| CVE-2026-50649 | 0 | 0.94% | 1 | 0 | N/A | ||
| CVE-2026-20896 | 0 | 0.78% | 1 | 4 | N/A |
updated 2026-07-18T09:17:08.960000
2 posts
🟠 CVE-2026-47871 - High (8.8)
VMware Avi Load Balancer contains a directory traversal vulnerability. Flaws in file path validation allow malicious, authenticated network users to perform directory traversal attacks.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 3...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47871/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-47871 - High (8.8)
VMware Avi Load Balancer contains a directory traversal vulnerability. Flaws in file path validation allow malicious, authenticated network users to perform directory traversal attacks.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 3...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47871/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-18T09:17:08.740000
2 posts
🟠 CVE-2026-47869 - High (8.7)
VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious authenticated user with network access may be able to inject and execute code.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2 (fixed in 31.2.2...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47869/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-47869 - High (8.7)
VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious authenticated user with network access may be able to inject and execute code.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2 (fixed in 31.2.2...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47869/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-18T09:17:08.627000
2 posts
🟠 CVE-2026-47868 - High (7.8)
VMware Avi Load Balancer contains a local privilege escalation vulnerability. A malicious user with local access may be able to escalate their privileges to run code as root.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2 (fixe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47868/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-47868 - High (7.8)
VMware Avi Load Balancer contains a local privilege escalation vulnerability. A malicious user with local access may be able to escalate their privileges to run code as root.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2 (fixe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47868/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-18T09:17:08.527000
2 posts
🟠 CVE-2026-47867 - High (8.7)
VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious user with network access may be able to access the Avi Control plane and execute code remotely.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47867/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-47867 - High (8.7)
VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious user with network access may be able to access the Avi Control plane and execute code remotely.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 through 31.2.2...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47867/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-18T09:17:08.413000
2 posts
🟠 CVE-2026-47866 - High (8.3)
VMware Avi Load Balancer contains an authorization bypass vulnerability. A malicious actor on the network can access a limited subset of the Avi Control Plane without proper authorization.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 throug...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47866/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-47866 - High (8.3)
VMware Avi Load Balancer contains an authorization bypass vulnerability. A malicious actor on the network can access a limited subset of the Avi Control Plane without proper authorization.
Affected versions:
32.1.1 (fixed in 32.1.2)
31.1.1 throug...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47866/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-18T09:17:08.287000
4 posts
🔴 CVE-2026-47865 - Critical (9.8)
VMware Avi Load Balancer contains an authentication bypass vulnerability. A malicious user with network access may be able to access the Avi Control plane by bypassing the authentication mechanism.
Affected versions:
31.1.1 through 31.2.2 (fixed ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47865/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-47865 - Critical (9.8)
VMware Avi Load Balancer contains an authentication bypass vulnerability. A malicious user with network access may be able to access the Avi Control plane by bypassing the authentication mechanism.
Affected versions:
31.1.1 through 31.2.2 (fixed ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-47865/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Broadcom Patches Seven Critical and High-Severity Flaws in VMware Avi Load Balancer
Broadcom patched seven vulnerabilities in VMware Avi Load Balancer, including a critical authentication bypass (CVE-2026-47865) that allows unauthenticated network attackers to take over the control plane. The updates also fix flaws enabling remote code execution, privilege escalation, and directory traversal across multiple software versions.
**If you use VMware Avi Load Balancer, make sure its management interface is isolated from the internet and reachable only from trusted admin networks. A flaw lets attackers take it over without any password. Then update ASAP to the patched versions (32.1.2, 31.2.2-2p3, or 30.2.7).**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/broadcom-patches-seven-critical-and-high-severity-flaws-in-vmware-avi-load-balancer-v-l-p-w-v/gD2P6Ple2L
Broadcom patched seven severe flaws including CVE-2026-47865, a CVSS 9.8 authentication bypass letting any network-adjacent attacker waltz straight into your Avi control plane without credentials — think of it as the cursed skeleton key from Oblivion, except real and in your infrastructure.
Also afflicted: remote code execution, privilege escalation, and directory traversal bugs. (2/3)
##updated 2026-07-18T08:16:36.620000
1 posts
8 repos
https://github.com/ndouglas-cloudsmith/CVE-2026-53359
https://github.com/x024n/kvm-kernelcare-januscape
https://github.com/0xBlackash/CVE-2026-53359
https://github.com/chuzhongyun/CVE-2026-53359-Kernel-Fix
https://github.com/x024n/almalinux-januscape-mitigation
https://github.com/Aoripus-LTD/Januscape-Hotfix
🐧 SIGINT // Linux Watch — 2026-07-18
A KVM bug that matters if you run nested virtualization anywhere near Ubuntu hosts. Check your patch levels before someone else checks them for you.
🔗 https://quasa.io/media/januscape-cve-2026-53359-kvm-vulnerability-patches-and-mitigations
##updated 2026-07-18T06:32:02
1 posts
From now on all #CVe #CVEAlert additional to #yara #Sigma and #Suricate rules will have #Splunk #Wazuh rules all for FREE no tracking no registration, no payments! #cybersecurity #devsecops #devops #infosec #redteam #blueteam #github #gitlab #git #developers #developer info source and follow for more updates as there will be more EX: https://www.valtersit.com/cve/CVE-2026-9734/
##updated 2026-07-18T05:16:56.167000
10 posts
12 repos
https://github.com/tcyph3r/wp2shell-cve-2026-63030-root-cause
https://github.com/zeroc00I/CVE-2026-63030
https://github.com/ekomsSavior/wp2shell
https://github.com/Lutfifakee-Project/wp2shell
https://github.com/kulichr/wp2shell
https://github.com/47Cid/wp2shell-lab
https://github.com/Senanfurkan/wordpress-cve-2026-63030
https://github.com/attackercan/wp2shell-poc2
https://github.com/dinosn/wp2shell-lab
https://github.com/CybersecSpirit/CVE-2026-63030
wp2shell (CVE-2026-63030 + CVE-2026-60137): Independent Root Cause Analysis https://github.com/tcyph3r/wp2shell-cve-2026-63030-root-cause
##🔴 New security advisory:
CVE-2026-63030 affects multiple systems.
• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-63030-wordpress-rest-api-unauth-rce-poc
Two critical SQLi vulnerabilities in WordPress
WordPress 7.0.2는 치명적 SQL 인젝션 취약점 1건과 고위험 보안 이슈 1건을 수정하는 긴급 보안 릴리스다. CVE-2026-60137은 촉진된 SQL 인젝션 문제이며, CVE-2026-63030은 REST API 배치 라우트 혼동을 악용한 SQL 인젝션으로 원격 코드 실행(RCE)까지 이어질 수 있다. 영향을 받는 6.9 계열은 6.9.5, 6.8 계열은 6.8.6으로 업데이트해야 하며, 7.1 beta도 beta2에서 수정됐다. WordPress 운영 환경이나 해당 CMS를 통한 AI 서비스·콘텐츠 파이프라인을 운영한다면 강제 자동 업데이트 여부를 확인하고 즉시 패치 및 노...
##WordPress pre-auth RCE CVE-2026-63030 chains a REST batch bug with SQL injection. Details and a public PoC are out. Update to WordPress 7.0.2 now.
#WordPress #PreAuthRCE #CVE202663030 #SQLInjection #wp2shell #WebSecurity #InfoSec
##‼️🚨 CVE-2026-63030 // wp2shell-poc: Proof-of-concept for an unauthenticated SQL injection in WordPress core that chains to remote code execution, via REST batch route confusion.
##@shellsharks New fodder for vulnerability.garden: wp2shell is CVE-2026-63030 / https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-ff9f-jf42-662q
##wp2shell (CVE-2026-63030 + CVE-2026-60137): Independent Root Cause Analysis https://github.com/tcyph3r/wp2shell-cve-2026-63030-root-cause
##WordPress pre-auth RCE CVE-2026-63030 chains a REST batch bug with SQL injection. Details and a public PoC are out. Update to WordPress 7.0.2 now.
#WordPress #PreAuthRCE #CVE202663030 #SQLInjection #wp2shell #WebSecurity #InfoSec
##‼️🚨 CVE-2026-63030 // wp2shell-poc: Proof-of-concept for an unauthenticated SQL injection in WordPress core that chains to remote code execution, via REST batch route confusion.
##@shellsharks New fodder for vulnerability.garden: wp2shell is CVE-2026-63030 / https://github.com/WordPress/wordpress-develop/security/advisories/GHSA-ff9f-jf42-662q
##updated 2026-07-18T05:16:54.427000
6 posts
7 repos
https://github.com/ekomsSavior/wp2shell
https://github.com/kulichr/wp2shell
https://github.com/47Cid/wp2shell-lab
https://github.com/Senanfurkan/wordpress-cve-2026-63030
https://github.com/dinosn/wp2shell-lab
wp2shell (CVE-2026-63030 + CVE-2026-60137): Independent Root Cause Analysis https://github.com/tcyph3r/wp2shell-cve-2026-63030-root-cause
##「WordPressコアに新たなwp2shellの脆弱性が発見され、認証されていない攻撃者がコードを実行できるようになった。 」: #TheHackerNews
「匿名HTTPリクエストによって、WordPressサイト上でコードを実行できる脆弱性が発見されました。このバグはコア部分に存在するため、プラグインを一切インストールしていない状態でも悪用可能です。WordPressが6.9.5と7.0.2をリリースし、自動更新システムによる強制更新機能を有効にした金曜日までは、6.9および7.0バージョンのすべてのサイトが影響を受けていました。
wp2shell は1つのバグではなく、2つのバグから成り立っており、どちらにもCVE IDが付与されています。CVE -2026-63030 はREST APIのバッチルーティングの混同に関する脆弱性、 CVE-2026-60137 はWordPressコアにおけるSQLインジェクションの脆弱性です。 」
https://thehackernews.com/2026/07/new-wp2shell-wordpress-core-flaw-lets.html
##Two critical SQLi vulnerabilities in WordPress
WordPress 7.0.2는 치명적 SQL 인젝션 취약점 1건과 고위험 보안 이슈 1건을 수정하는 긴급 보안 릴리스다. CVE-2026-60137은 촉진된 SQL 인젝션 문제이며, CVE-2026-63030은 REST API 배치 라우트 혼동을 악용한 SQL 인젝션으로 원격 코드 실행(RCE)까지 이어질 수 있다. 영향을 받는 6.9 계열은 6.9.5, 6.8 계열은 6.8.6으로 업데이트해야 하며, 7.1 beta도 beta2에서 수정됐다. WordPress 운영 환경이나 해당 CMS를 통한 AI 서비스·콘텐츠 파이프라인을 운영한다면 강제 자동 업데이트 여부를 확인하고 즉시 패치 및 노...
##🚨 EUVD-2026-45280
📊 Score: n/a
📦 Product: WordPress, WordPress
🏢 Vendor: WordPress
📅 Updated: 2026-07-17
📝 WordPress 6.9.x before 6.9.5 and 7.0.x before 7.0.2 is affected by a REST API batch endpoint route confusion issue which, combined with the author__not_in WP_Query SQL Injection (CVE-2026-60137), could allow an attacker to perform SQL Injection and achieve R...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-45280
##wp2shell (CVE-2026-63030 + CVE-2026-60137): Independent Root Cause Analysis https://github.com/tcyph3r/wp2shell-cve-2026-63030-root-cause
##「WordPressコアに新たなwp2shellの脆弱性が発見され、認証されていない攻撃者がコードを実行できるようになった。 」: #TheHackerNews
「匿名HTTPリクエストによって、WordPressサイト上でコードを実行できる脆弱性が発見されました。このバグはコア部分に存在するため、プラグインを一切インストールしていない状態でも悪用可能です。WordPressが6.9.5と7.0.2をリリースし、自動更新システムによる強制更新機能を有効にした金曜日までは、6.9および7.0バージョンのすべてのサイトが影響を受けていました。
wp2shell は1つのバグではなく、2つのバグから成り立っており、どちらにもCVE IDが付与されています。CVE -2026-63030 はREST APIのバッチルーティングの混同に関する脆弱性、 CVE-2026-60137 はWordPressコアにおけるSQLインジェクションの脆弱性です。 」
https://thehackernews.com/2026/07/new-wp2shell-wordpress-core-flaw-lets.html
##updated 2026-07-18T03:16:37.117000
1 posts
CVE-2026-55445: Qinglong <2.20.1 has a CRITICAL improper authentication bug (CVSS 9.3). Attackers can reset admin credentials on initialized systems via /open/user/init. Upgrade to 2.20.1 ASAP. https://radar.offseq.com/threat/cve-2026-55445-cwe-287-improper-authentication-in--3a378a9a77ee78d0 #OffSeq #CVE202655445 #Vuln #Qinglong
##updated 2026-07-18T00:16:48.433000
4 posts
🔴 CVE-2026-8505 - Critical (9.8)
IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication logic allows unauthenticated users to trigger the execution of any flow. The system incorrectly bypasses API key validation when the WEBHOOK_AUTH_ENABLE...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8505/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CRITICAL (CVSS 9.8): CVE-2026-8505 in IBM Langflow OSS 1.0.0 – 1.10.0 enables unauthenticated RCE via default webhook auth config. Set WEBHOOK_AUTH_ENABLE=True to mitigate until official fix. Details: https://radar.offseq.com/threat/cve-2026-8505-vulnerability-in-ibm-langflow-oss-6558aceea84f8b7d #OffSeq #CVE20268505 #RCE #IBM
##🔴 CVE-2026-8505 - Critical (9.8)
IBM Langflow OSS 1.0.0 through 1.10.0 has a vulnerability in Langflow's webhook authentication logic allows unauthenticated users to trigger the execution of any flow. The system incorrectly bypasses API key validation when the WEBHOOK_AUTH_ENABLE...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8505/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CRITICAL (CVSS 9.8): CVE-2026-8505 in IBM Langflow OSS 1.0.0 – 1.10.0 enables unauthenticated RCE via default webhook auth config. Set WEBHOOK_AUTH_ENABLE=True to mitigate until official fix. Details: https://radar.offseq.com/threat/cve-2026-8505-vulnerability-in-ibm-langflow-oss-6558aceea84f8b7d #OffSeq #CVE20268505 #RCE #IBM
##updated 2026-07-17T22:17:57.153000
3 posts
CVE-2026-56740 - DoS in JLine Telnet server. Unauthenticated attackers can flood env variables to exhaust JVM heap memory. CVSS 7.5. No patch yet - disable telnet module if possible. #CVE #infosec #Java
##🟠 CVE-2026-56740 - High (7.5)
JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not limit the number of environment variables a client may inject via the Telnet NEW-ENVIRON option, and Te...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-56740/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-56740 - High (7.5)
JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not limit the number of environment variables a client may inject via the Telnet NEW-ENVIRON option, and Te...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-56740/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T21:31:52
2 posts
🟠 CVE-2026-9171 - High (7.5)
IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9171/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-9171 - High (7.5)
IBM PowerVM Novalink are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability to cause the server to consume memory resources.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9171/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T21:31:52
2 posts
🔴 CVE-2026-9135 - Critical (9.9)
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component's ToolGuard integration that bypasses the allow_custom_component...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9135/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-9135 - Critical (9.9)
IBM Langflow OSS 1.0.0 through 1.10.0 Langflow versions up to 1.9.2 (commit 94981c443d4918517b9e8163d70fc598dc33a32d) contain a code injection vulnerability in the Policies component's ToolGuard integration that bypasses the allow_custom_component...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9135/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T21:17:09.043000
2 posts
🟠 CVE-2026-54498 - High (8.7)
view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 4.0.0 until 4.12.0, ViewComponent::Base#around_render can return HTML-unsafe strings that bypass the escaping behavior applied t...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54498/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-54498 - High (8.7)
view_component is a framework for building reusable, testable, and encapsulated view components in Ruby on Rails. From 4.0.0 until 4.12.0, ViewComponent::Base#around_render can return HTML-unsafe strings that bypass the escaping behavior applied t...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54498/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T21:17:06.787000
2 posts
🔴 CVE-2026-48062 - Critical (9.8)
CodeIgniter is a PHP full-stack web framework. Prior to 4.7.3, the ext_in upload validation rule in system/Validation/StrictRules/FileRules.php checked the MIME-derived guessed extension instead of the client-provided filename extension. As a resu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48062/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-48062 - Critical (9.8)
CodeIgniter is a PHP full-stack web framework. Prior to 4.7.3, the ext_in upload validation rule in system/Validation/StrictRules/FileRules.php checked the MIME-derived guessed extension instead of the client-provided filename extension. As a resu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48062/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T21:17:06.250000
2 posts
🟠 CVE-2026-44891 - High (7.5)
Netty is a network application framework for development of protocol servers and clients. Prior to 4.1.136.Final and 4.2.16.Final, io.netty.handler.codec.stomp.StompSubframeDecoder fails to limit the total number of headers or their cumulative siz...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44891/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-44891 - High (7.5)
Netty is a network application framework for development of protocol servers and clients. Prior to 4.1.136.Final and 4.2.16.Final, io.netty.handler.codec.stomp.StompSubframeDecoder fails to limit the total number of headers or their cumulative siz...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44891/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T21:17:05.960000
4 posts
🔴 CVE-2026-13446 - Critical (9.8)
IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-13446/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-13446: IBM Langflow OSS 1.0.0 – 1.10.1 contains hard-coded credentials (CRITICAL, CVSS 9.8). Total system compromise possible. No patch yet — restrict access, monitor activity. More: https://radar.offseq.com/threat/cve-2026-13446-cwe-798-use-of-hard-coded-credentia-e33f708cc1420dc3 #OffSeq #Vuln #Cybersecurity #IBM
##🔴 CVE-2026-13446 - Critical (9.8)
IBM Langflow OSS 1.0.0 through 1.10.1 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-13446/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-13446: IBM Langflow OSS 1.0.0 – 1.10.1 contains hard-coded credentials (CRITICAL, CVSS 9.8). Total system compromise possible. No patch yet — restrict access, monitor activity. More: https://radar.offseq.com/threat/cve-2026-13446-cwe-798-use-of-hard-coded-credentia-e33f708cc1420dc3 #OffSeq #Vuln #Cybersecurity #IBM
##updated 2026-07-17T21:17:05.473000
2 posts
🟠 CVE-2026-13445 - High (8.1)
IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user's uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-13445/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-13445 - High (8.1)
IBM Langflow OSS 1.0.0 through 1.10.1 can allow an authenticated attacker to exploit the SaveToFile component to read and modify another user's uploaded files by specifying absolute paths pointing to victim storage locations. In append mode, the a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-13445/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T20:17:31.527000
2 posts
🔴 CVE-2026-8635 - Critical (9.9)
IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-8635 - Critical (9.9)
IBM Langflow OSS 1.0.0 through 1.10.0 allows authenticated users to escalate privileges to superuser by directly manipulating the database, execute arbitrary system commands, and achieve full system compromise with Langflow service permissions.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-8635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T20:17:14.713000
1 posts
CVE-2026-13448 - Unauthenticated RCE in IBM Langflow OSS 1.0.0-1.10.1. Incomplete denylist allows code execution via build endpoint. CVSS 8.1. No patch available. Disable or restrict access immediately. #CVE #IBM #infosec
##updated 2026-07-17T20:17:13.067000
1 posts
Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th https://support.broadcom.com/web/ecx/security-advisory
Cisco:
Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG @TalosSecurity
And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:
CISA:
CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-39808
CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-25089
And a Microsoft vulnerability:
CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-58644 #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom
##updated 2026-07-17T19:17:19.277000
2 posts
🔴 CVE-2026-9103 - Critical (9.8)
IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9103/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-9103 - Critical (9.8)
IBM Langflow OSS 1.0.0 through 1.10.0 could allow a remote attacker to gain unauthorized access due to improper authentication in the /api/v1/login/auto_login endpoint. The endpoint issues long-lived superuser bearer tokens without requiring authe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-9103/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T19:17:18.647000
1 posts
MohibShaikh clawvet API server <0.7.5 (CVE-2026-62241) suffers a CRITICAL flaw: hard-coded JWT secret enables unauthenticated user data access and session cookie forgery. Change secrets & limit endpoint access. https://radar.offseq.com/threat/cve-2026-62241-missing-authentication-for-critical-b8ebafbae06b4bce #OffSeq #CVE202662241 #vuln
##updated 2026-07-17T18:37:25.590000
1 posts
CVE-2026-44436 - High-severity DoS in Quicly (H2O HTTP server). Connection ID handling flaw can corrupt state. CVSS 7.5. No patch available yet. Monitor for updates. #CVE #infosec #cybersecurity
##updated 2026-07-17T18:36:41.143000
1 posts
🟠 CVE-2026-55173 - High (8.1)
WWBN AVideo is an open source video platform. Versions 29.0 and below remain vulnerable to OS command injection because the fix for CVE-2026-33482 was incomplete and still does not neutralize a single & ( the shell background operator). CVE-2026-...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-55173/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-17T15:44:29.553000
1 posts
CVE-2026-62232 (CRITICAL): getgrav Grav <2.0.4 has a 2FA bypass flaw — attackers knowing a user's password can overwrite the 2FA secret, reducing protection to password-only. Monitor & restrict access. Patch status pending. https://radar.offseq.com/threat/cve-2026-62232-missing-authorization-in-getgrav-gr-604d58721f0c378d #OffSeq #CVE202662232 #2FA #infosec
##updated 2026-07-17T15:32:27
1 posts
CVE-2026-11961 (CRITICAL): User Registration & Membership plugin (pre-5.2.3) allows unauthenticated users to assign arbitrary membership tiers, including admin, during signup. Disable or restrict registration until fixed. https://radar.offseq.com/threat/cve-2026-11961-cwe-269-improper-privilege-manageme-20cb46cff61ded54 #OffSeq #WordPress #CVE2026
##updated 2026-07-17T15:01:06.447000
1 posts
CVE-2026-59117 - Integer overflow in Wraparound Windows Terminal enables network-based RCE. CVSS 7.5. No patch available. Monitor systems and restrict network access. #CVE #infosec #cybersecurity
##updated 2026-07-17T14:59:38.667000
2 posts
🔴 CVE-2026-15982 - Critical (9.8)
The Aimogen Pro - All-in-One AI Content Writer, Editor, ChatBot & Automation Toolkit plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.8.4. This is due to due to a missing capability check on the 'a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-15982/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##CVE-2026-15982 | CodeRevolution Aimogen Pro (≤2.8.4) has a CRITICAL privilege escalation flaw — attackers can leverage missing capability checks to create admin accounts. Urgent patching advised. https://radar.offseq.com/threat/cve-2026-15982-cwe-269-improper-privilege-manageme-e0b1a13e8364d483 #OffSeq #WordPress #Vulnerability #Infosec
##updated 2026-07-17T14:17:27.207000
1 posts
CRITICAL: CVE-2026-63305 impacts WWBN AVideo ≤29.0. OS command injection in ffmpeg.json.php allows arbitrary command execution as the web-server user. No patch yet — restrict access & monitor logs. Details: https://radar.offseq.com/threat/cve-2026-63305-improper-neutralization-of-special--2152563144062b29 #OffSeq #Vuln #WWBN #CVE202663305
##updated 2026-07-17T05:16:38.687000
4 posts
2 repos
Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th https://support.broadcom.com/web/ecx/security-advisory
Cisco:
Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG @TalosSecurity
And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:
CISA:
CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-39808
CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-25089
And a Microsoft vulnerability:
CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-58644 #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom
##CISA KEV catalog adds three actively exploited flaws: FortiSandbox CVE-2026-25089, CVE-2026-39808, and SharePoint CVE-2026-58644. Patch by July 19.
#CISA #KEV #Fortinet #FortiSandbox #SharePoint #CVE202658644 #ActivelyExploited #CyberSecurity
##🚨 [CISA-2026:0716] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0716)
CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2026-25089 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25089)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: https://fortiguard.fortinet.com/psirt/FG-IR-26-141 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-25089
⚠️ CVE-2026-39808 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-39808)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: https://fortiguard.fortinet.com/psirt/FG-IR-26-100 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-39808
⚠️ CVE-2026-58644 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58644)
- Name: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint
- Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58644 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-58644
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260716 #cisa20260716 #cve_2026_25089 #cve_2026_39808 #cve_2026_58644 #cve202625089 #cve202639808 #cve202658644
##CVE ID: CVE-2026-25089
Vendor: Fortinet
Product: FortiSandbox
Date Added: 2026-07-16
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-25089
updated 2026-07-17T00:32:18
8 posts
📢 Zoom : vulnérabilité critique CVE-2026-53412 permettant la prise de contrôle de comptes
📝 ## 🔍 Contexte
Source : BleepingComputer — publié le 15 juillet 2026.
📖 cyberveille : https://cyberveille.ch/posts/2026-07-18-zoom-vulnerabilite-critique-cve-2026-53412-permettant-la-prise-de-controle-de-comptes/
🌐 source : https://www.bleepingcomputer.com/news/security/zoom-warns-of-critical-account-takeover-vulnerability/
#CVE_2026_53409 #CVE_2026_53410 #Cyberveille
A Zoom critical vulnerability (CVE-2026-53412, CVSS 9.8) lets attackers hijack accounts on Windows with no user interaction. Update your client now.
#Zoom #CVE202653412 #Vulnerability #CyberSecurity #Windows #AccountTakeover
https://securityexpress.info/cve-2026-53412-zoom/?utm_source=mastodon&utm_medium=jetpack_social
##Zoom Patches Critical Windows Flaw Enabling Account Takeover
Zoom has released security updates to fix CVE-2026-53412, a critical Improper Input Validation vulnerability affecting its Windows software, which...
🔗️ [Thecyberexpress] https://link.is.it/17cS6R
##"Zoom is warning of a critical vulnerability in its desktop client and software development kit for Windows that could be exploited by an unauthenticated party to hijack accounts.
Discovered internally, the security issue is tracked as CVE-2026-53412 and received a severity score of 9.8 out of 10.
In an advisory this week, the messaging platform says that the flaw affects Zoom Workplace for Windows before version 7.0.0, the Windows VDI Client before versions 7.0.10, 6.6.15, and 6.5.18, and the Meeting SDK for Windows before version 7.0.0."
##Zoom Fixes CVE-2026-53412, a Critical Account Takeover Bug
https://securityaffairs.com/195454/security/zoom-fixes-cve-2026-53412-a-critical-account-takeover-bug.html
「Zoomがアカウント乗っ取りの重大な脆弱性について警告 」: #BLEEPINGCOMPUTER
「Zoomは、Windows向けデスクトップクライアントおよびソフトウェア開発キットに重大な脆弱性が存在すると警告している。この脆弱性を悪用すれば、認証されていない第三者がアカウントを乗っ取る可能性がある。
社内で発見されたこのセキュリティ問題は、CVE-2026-53412として追跡されており、深刻度スコアは10点満点中9.8点と評価されています。
今週発表された勧告によると、この脆弱性は、Windows版Zoom Workplaceのバージョン7.0.0未満、Windows VDI Clientのバージョン7.0.10未満、6.6.15未満、6.5.18未満、およびWindows版Meeting SDKのバージョン7.0.0未満に影響するとのことです。 」
##Oh my
Zoom Workplace for Windows - Improper Input Validation
Bulletin: ZSB-26014
CVEID: CVE-2026-53412
CVSS Severity: Critical
CVSS Score: 9.8
Description:
Improper Input Validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and Zoom Meeting SDK for Windows may allow an unauthenticated user to conduct an account takeover via network access.
##Zoom vulnerability CVE-2026-53412 (CVSS 9.8) allows unauthenticated account takeover over the network. Update Zoom Workplace for Windows to 7.0.0 now.
#Zoom #CVE202653412 #AccountTakeover #Windows #CyberSecurity
##updated 2026-07-16T21:30:46
1 posts
🟠 CVE-2026-53409 - High (7.8)
Improper Privilege Management in Zoom Rooms for Windows before version 7.1.0 may allow an authenticated user to conduct an escalation of privilege via local access.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-53409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-16T20:16:47.430000
1 posts
🔴 CVE-2026-62378 - Critical (9)
RustFS Console is a web management console for the RustFS distributed file system. From 0.1.7 until 0.1.10, the RustFS Console components/object/preview-modal.tsx and components/object/pdf-viewer.tsx extension-based PDF preview path can render HTM...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-62378/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-16T19:56:14
1 posts
🟠 CVE-2026-52870 - High (7.6)
The MCP Python SDK, called mcp on PyPI, is a Python implementation of the Model Context Protocol (MCP). From 1.23.0 until 1.27.2, default handlers installed by server.experimental.enable_tasks() for tasks/list, tasks/get, tasks/result, and tasks/c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-52870/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-16T19:16:51.010000
1 posts
🟠 CVE-2026-62312 - High (8.8)
9Router is an AI router & token saver. Prior to 0.5.2, 9Router allows a remote authenticated attacker to achieve arbitrary code execution on the host operating system by combining a Host header bypass of localhost-only routes with unvalidated MCP ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-62312/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-16T19:04:00.603000
1 posts
🟠 CVE-2026-48352 - High (7.5)
CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service conditio...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48352/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-16T19:03:57.483000
1 posts
🟠 CVE-2026-48351 - High (7.5)
CAI Content Credentials is affected by an Improper Input Validation vulnerability that could result in an application denial-of-service. An attacker could exploit this vulnerability to crash the application, leading to a denial-of-service conditio...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48351/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-16T18:32:24
4 posts
6 repos
https://github.com/error-inside/CVE-2026-39808
https://github.com/0xBlackash/CVE-2026-39808
https://github.com/Lechansky/CVE-2026-39808
https://github.com/ynsmroztas/FortiSandbox-RCE-Exploit-CVE-2026-39808
Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th https://support.broadcom.com/web/ecx/security-advisory
Cisco:
Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG @TalosSecurity
And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:
CISA:
CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-39808
CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-25089
And a Microsoft vulnerability:
CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-58644 #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom
##CISA KEV catalog adds three actively exploited flaws: FortiSandbox CVE-2026-25089, CVE-2026-39808, and SharePoint CVE-2026-58644. Patch by July 19.
#CISA #KEV #Fortinet #FortiSandbox #SharePoint #CVE202658644 #ActivelyExploited #CyberSecurity
##🚨 [CISA-2026:0716] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0716)
CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2026-25089 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25089)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: https://fortiguard.fortinet.com/psirt/FG-IR-26-141 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-25089
⚠️ CVE-2026-39808 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-39808)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: https://fortiguard.fortinet.com/psirt/FG-IR-26-100 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-39808
⚠️ CVE-2026-58644 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58644)
- Name: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint
- Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58644 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-58644
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260716 #cisa20260716 #cve_2026_25089 #cve_2026_39808 #cve_2026_58644 #cve202625089 #cve202639808 #cve202658644
##CVE ID: CVE-2026-39808
Vendor: Fortinet
Product: FortiSandbox
Date Added: 2026-07-16
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-39808
updated 2026-07-16T18:31:26
8 posts
Latest 24-hour summary:
Geopolitical: US strikes Iran for a sixth night, escalating conflict and impacting the Strait of Hormuz.
Technology: IBM unveils a sub-1nm chip, Japan achieves 6G, and AI chip demand surges amidst a deepening tech selloff.
Cybersecurity: CISA warns of an actively exploited SharePoint RCE zero-day (CVE-2026-58644), urging immediate patching. New BL4CK SP1D3R ransomware threats are also detected.
Latest 24-hour summary:
Geopolitical: US strikes Iran for a sixth night, escalating conflict and impacting the Strait of Hormuz.
Technology: IBM unveils a sub-1nm chip, Japan achieves 6G, and AI chip demand surges amidst a deepening tech selloff.
Cybersecurity: CISA warns of an actively exploited SharePoint RCE zero-day (CVE-2026-58644), urging immediate patching. New BL4CK SP1D3R ransomware threats are also detected.
Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th https://support.broadcom.com/web/ecx/security-advisory
Cisco:
Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG @TalosSecurity
And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:
CISA:
CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-39808
CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-25089
And a Microsoft vulnerability:
CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-58644 #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom
##CVE-2026-58644: CRITICAL RCE in Microsoft SharePoint enables remote, authenticated Site Owners to execute code via deserialization. Exploited in the wild — patch now (July 2026 updates). Details: https://radar.offseq.com/threat/fresh-sharepoint-vulnerability-exploited-soon-afte-951942a1c69ed88b #OffSeq #SharePoint #Vuln #KEV #Infosec
##CISA KEV catalog adds three actively exploited flaws: FortiSandbox CVE-2026-25089, CVE-2026-39808, and SharePoint CVE-2026-58644. Patch by July 19.
#CISA #KEV #Fortinet #FortiSandbox #SharePoint #CVE202658644 #ActivelyExploited #CyberSecurity
##🚨 [CISA-2026:0716] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0716)
CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2026-25089 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-25089)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: https://fortiguard.fortinet.com/psirt/FG-IR-26-141 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-25089
⚠️ CVE-2026-39808 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-39808)
- Name: Fortinet FortiSandbox OS Command Injection Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Fortinet
- Product: FortiSandbox
- Notes: https://fortiguard.fortinet.com/psirt/FG-IR-26-100 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-39808
⚠️ CVE-2026-58644 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-58644)
- Name: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint
- Notes: https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-58644 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-58644
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260716 #cisa20260716 #cve_2026_25089 #cve_2026_39808 #cve_2026_58644 #cve202625089 #cve202639808 #cve202658644
##CVE ID: CVE-2026-58644
Vendor: Microsoft
Product: SharePoint
Date Added: 2026-07-16
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-58644
CISA Issues Urgent Warning on SharePoint Server Exploitation
CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.
**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-issues-urgent-warning-on-sharepoint-server-exploitation-o-9-u-8-x/gD2P6Ple2L
updated 2026-07-16T18:16:41.633000
1 posts
CVE-2026-12525: Redux Framework <4.5.13 (WordPress) allows Subscribers to escalate to Admin by abusing the user-profile extension. Severity: CRITICAL. Disable the feature or restrict editing until a patch lands. https://radar.offseq.com/threat/cve-2026-12525-cwe-269-improper-privilege-manageme-e022e7bb11713010 #OffSeq #WordPress #CVE202612525 #PrivilegeEscalation
##updated 2026-07-16T15:59:58.327000
1 posts
@jerry Microsoft may be doing some creative counting on vulnerabilities. To what end, I dunno.
Example: I looked at the 3 "Windows USB Audio Class Driver Information Disclosure" vulnerabilities.
CVE-2026-58528
CVE-2026-50453
CVE-2026-49794
All three are:
Information disclosure only
Max severity = important
Exploitation assessment = exploitation less likely
weakness = CWE-125: Out-of-bounds Read
require physical access
exploit code maturity = unproven
Acknowledgement to Jonghoi Kim at Patchpoint.io
Sure, they could be 3 totally unique ways to exploit USB audio all found by the same researcher in the same month... but that definitely feels like they're all three the same core issue and could have been a single CVE.
updated 2026-07-16T14:16:52.513000
1 posts
CRITICAL: CVE-2026-46339 impacts decolua 9Router (<0.4.37). OS command injection via exposed API lets unauth attackers gain full control. Patch to 0.4.37 now! https://radar.offseq.com/threat/cve-2026-46339-cwe-78-improper-neutralization-of-s-96ae550cea593bb1 #OffSeq #CVE202646339 #infosec #security
##updated 2026-07-16T14:16:48.040000
3 posts
Ubuntu Pro Client vulnerability CVE-2026-11386 (CVSS 9.0) lets a spoofed contract server inject APT sources and run code with root privileges.
#Ubuntu #UbuntuPro #CVE202611386 #Canonical #RCE #Linux #CyberSecurity
##Ubuntu Pro Client vulnerability CVE-2026-11386 (CVSS 9.0) lets a spoofed contract server inject APT sources and run code with root privileges.
#Ubuntu #UbuntuPro #CVE202611386 #Canonical #RCE #Linux #CyberSecurity
##CRITICAL vuln in ubuntu-pro-client <37.2ubuntu~22.04.1: contract server manipulation can inject malicious APT config & install arbitrary packages as root. Preinstalled on Ubuntu Pro images. Patch status TBD. Details: https://radar.offseq.com/threat/ubuntu-cve-2026-11386-a076c116b384b281 #OffSeq #Ubuntu #LinuxSec #Vulnerability
##updated 2026-07-16T13:43:05.487000
1 posts
🔴 CVE-2026-52887 - Critical (10)
NocoBase is an AI-powered no-code/low-code platform for building business applications and enterprise solutions. Prior to 2.0.61, NocoBase @nocobase/plugin-notification-in-app-message exposed GET /api/myInAppChannels:list, where the filter[latestM...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-52887/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-16T12:32:28
1 posts
CVE-2026-22752: CRITICAL auth bypass in Spring Authorization Server (CVSS 9.6). Low-priv attackers can fully compromise confidentiality & integrity. No patch or workaround — monitor vendor updates. https://radar.offseq.com/threat/cve-2026-22752-vulnerability-in-spring-security-sp-73162920d784b7e4 #OffSeq #SpringSecurity #CVE202622752 #infosec
##updated 2026-07-16T06:31:33
1 posts
CVE-2026-15013 | CRITICAL vuln in cyberlord92 SAML SSO Login (≤5.4.3): Signature verification flaw enables authentication bypass & admin account takeover. Disable plugin until patched. https://radar.offseq.com/threat/cve-2026-15013-cwe-347-improper-verification-of-cr-9c8a5e33bdf9b83d #OffSeq #WordPress #CVE202615013 #SAML #Vuln
##updated 2026-07-16T05:16:25.420000
1 posts
🟠 CVE-2026-56687 - High (7.8)
Dell ThinOS 10, versions prior to 2605_10.2100, contain an Obsolete Feature in UI vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Unauthorized access.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-56687/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-16T05:16:22.107000
1 posts
🟠 CVE-2026-50130 - High (8.8)
Pi-hole is a DNS sinkhole that protects devices from unwanted content without installing any client-side software. From 6.0 to 6.4.2, a user with code execution as the unprivileged pihole user can escalate to root by replacing /etc/pihole/logrotat...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-50130/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-16T05:16:20.290000
6 posts
2 repos
⚠️ CRITICAL ALERT: CVE-2026-46817 allows unauthenticated takeover of Oracle E-Business Suite. With active exploitation verified, your perimeter is at risk. Get the forensic indicators, detection queries, and hardening playbooks you need to secure your infrastructure. https://thecybermind.co/k8ae
##Oracle E-Business Suite flaw (CVE-2026-46817, CRITICAL) enables unauthenticated takeover of Oracle Payments via HTTP. Exploited in the wild — patches available since May 2026. CISA requires federal patching by 7/18/26. Details: https://radar.offseq.com/threat/cisa-orders-feds-to-patch-actively-exploited-oracl-9835f0a6d8af730f #OffSeq #Oracle #Infosec #CVE202646817
##CISA KEV catalog now lists CVE-2026-46817, a critical Oracle E-Business Suite flaw, and CVE-2023-4346 in KNX devices. Both are exploited in the wild.
##🚨 [CISA-2026:0715] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0715)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2023-4346 (https://secdb.nttzen.cloud/cve/detail/CVE-2023-4346)
- Name: KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: KNX Association
- Product: KNX Protocol Connection Authorization Option 1
- Notes: https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-01 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2023-4346
⚠️ CVE-2026-46817 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-46817)
- Name: Oracle E-Business Suite Improper Privilege Management Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Oracle
- Product: E-Business Suite
- Notes: https://www.oracle.com/security-alerts/cspumay2026.html ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-46817
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260715 #cisa20260715 #cve_2023_4346 #cve_2026_46817 #cve20234346 #cve202646817
##CISA has updated the KEV catalogue:
- CVE-2023-4346: KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability https://www.cve.org/CVERecord?id=CVE-2023-4346
- CVE-2026-46817: Oracle E-Business Suite Improper Privilege Management Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-46817
Press release:
CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With Security Researchers https://www.cisa.gov/news-events/news/cisa-and-partners-publish-guidance-help-software-manufacturers-and-online-service-providers-work
Here's the guidance: https://www.cisa.gov/sites/default/files/2026-07/joint-guide-establishing-a-cvd-program-to-work-with-security-researchers_508c.pdf #CISA #infosec #vulnerability
##CVE ID: CVE-2026-46817
Vendor: Oracle
Product: E-Business Suite
Date Added: 2026-07-15
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-46817
updated 2026-07-16T05:16:18.873000
1 posts
Splunk patched three Splunk Enterprise vulnerabilities: CVE-2026-20296 CSRF, CVE-2026-20297 path traversal, and CVE-2026-20298 credential exposure.
##updated 2026-07-16T05:16:18.293000
12 posts
5 repos
https://github.com/HORKimhab/CVE-2026-15409
https://github.com/remmons-r7/rapid7-CVE-2026-15409
https://github.com/tc4dy/CVE-2026-15409-15410-Framework
https://github.com/MrRawBit/SonicWall-SMA1000-Zero-Day-IoC-Check
⚠️ CRITICAL: Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
Two zero-day vulnerabilities in SonicWall SMA 1000 appliances are actively exploited in the wild. CVE-2026-15409 is an SSRF flaw, while CVE-2026-15410 allows unauthenticated attackers to execute arbitrary commands as admin. Organizations using these devices face immediate risk of full appliance com…
##‼️ CVE-2026-15409: PoC exploit for CVE-2026-15409 that achieves non-root remote code execution on SonicWall SMA 1000 appliances.
##SonicWall SMA1000 vulnerability CVE-2026-15409 (CVSS 10.0) is exploited in the wild. Public PoC enables remote code execution patch now.
#SonicWall #SMA1000 #CVE202615409 #RCE #ZeroDay #CyberSecurity
##SonicWall has addressed a critical vulnerability. This was posted yesterday:
CVE-2026-15409 and CVE-2026-15410 https://psirt.global.sonicwall.com/vuln-list #infosec #SonicWall #vulnerability
##⚠️Alerte CERT-FR⚠️
Les vulnérabilités CVE-2026-15409 et CVE-2026-15410 affectent les SMA 1000 et permettent une SSRF ainsi que d'exécuter du code arbitraire à distance.
Elles sont activement exploitées.
⚠️ 📢 Sicherheitshinweis: Am 14. Juli 2026 veröffentlichte das Unternehmen #SonicWall ein Advisory zu seiner SMA1000-Produktserie und führte darin aus, dass die Modelle 6210, 7210 und 8200v durch zwei neu entdeckte Zero-Day #Schwachstellen (CVE-2026-15409, CVE-2026-1541) verwundbar sind.
❗️ Das Unternehmen verweist im Advisory darauf, dass "zahlreiche Fälle" vorliegen, die auf eine Ausnutzung der Schwachstellen schließen lassen.
Mehr dazu hier: ➡️ https://www.bsi.bund.de/dok/1203248
##CISA Adds SonicWall SMA1000 Vulnerabilities to KEV Catalog Following Active Exploitation
Security researchers have identified two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting SonicWall SMA1000 Series...
🔗️ [Thecyberexpress] https://link.is.it/dwrlPe
##🚨 Two actively exploited zero-days affecting SonicWall SMA1000 appliances: CVE-2026-15409 (CVSS 10.0) and CVE-2026-15410 (CVSS 7.2)
I’ve created vulnerability detection templates here (with confidence levels):
CVE-2026-15409: https://github.com/rxerium/rxerium-templates/blob/main/2026/CVE-2026-15409.yaml
CVE-2026-15410: https://github.com/rxerium/rxerium-templates/blob/main/2026/CVE-2026-15410.yaml
CVE-2026-15409 is remotely exploitable without authentication, while CVE-2026-15410 requires an authenticated administrator.
##🏆 New Achievement! Step Right Up and Get Exploited!
Ladies and gentlemen, gather round and feast your eyes on the most ASTONISHING spectacle of unpatched network appliances this side of the midway! SonicWall — yes, THAT SonicWall — is hollering from the rooftops that threat actors are actively exploiting not one but TWO zero-day vulnerabilities in SMA1000 appliances, CVE-2026-15409 and CVE-2026-15410, in the wild, right now, as you read this! (1/2)
##SonicWall SMA1000 SSRF flaw CVE-2026-15409 (CVSS 10.0) is exploited in the wild. Upgrade to hotfix 12.4.3-03453 or 12.5.0-02835 now.
#SonicWall #SMA1000 #SSRF #CVE202615409 #CyberSecurity
https://securityonline.info/sonicwall-sma1000-ssrf/?utm_source=mastodon&utm_medium=jetpack_social
##SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day...
🔗️ [Bleepingcomputer] https://link.is.it/KLZmPI
##CVE ID: CVE-2026-15409
Vendor: SonicWall
Product: SMA1000 Appliances
Date Added: 2026-07-14
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-15409
updated 2026-07-16T05:16:17.923000
1 posts
ASUS routers face CRITICAL risk (CVE-2026-13385, CVSS 9.5) due to improper integrity and certificate checks. MITM attackers can execute arbitrary commands. No patch yet — monitor ASUS advisories. https://radar.offseq.com/threat/cve-2026-13385-cwe-354-improper-validation-of-inte-022c4477d04d4a24 #OffSeq #ASUS #infosec #CVE #vuln
##updated 2026-07-15T23:16:50.270000
1 posts
Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Tag
CVE ID
CVE Title
Severity
.NET
CVE-2026-50649
.NET Remote Code Execution Vulnerability
Important
.NET
CVE-2026-50525
.NET Denial…
#NewsBeep #News #US #USA #UnitedStates #UnitedStatesOfAmerica #Technology
https://www.newsbeep.com/us/763025/
updated 2026-07-15T23:05:20
2 posts
🟠 CVE-2026-50274 - High (7.5)
Datadog dd-trace-go is a Go client library for Datadog application performance monitoring, profiling, and security monitoring. Prior to 2.8.1, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers wit...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-50274/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-50274 - High (7.5)
Datadog dd-trace-go is a Go client library for Datadog application performance monitoring, profiling, and security monitoring. Prior to 2.8.1, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers wit...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-50274/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T22:58:53
2 posts
🟠 CVE-2026-50272 - High (7.5)
dd-trace is the Datadog APM client for Node.js. Prior to 5.100.0, W3C baggage propagation in packages/dd-trace/src/baggage.js and packages/dd-trace/src/opentracing/propagation/text_map.js parsed incoming baggage HTTP headers without enforcing DD_T...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-50272/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-50272 - High (7.5)
dd-trace is the Datadog APM client for Node.js. Prior to 5.100.0, W3C baggage propagation in packages/dd-trace/src/baggage.js and packages/dd-trace/src/opentracing/propagation/text_map.js parsed incoming baggage HTTP headers without enforcing DD_T...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-50272/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T22:55:25
2 posts
🟠 CVE-2026-50271 - High (7.5)
Datadog dd-trace-py is the Datadog Python APM client. Prior to 4.8.2, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing DD_TRACE_BAGGAGE_MAX_ITEMS or DD_TRACE_BAGGAGE_MAX_BYTES l...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-50271/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-50271 - High (7.5)
Datadog dd-trace-py is the Datadog Python APM client. Prior to 4.8.2, Datadog tracing libraries that implement W3C baggage propagation parse incoming baggage HTTP headers without enforcing DD_TRACE_BAGGAGE_MAX_ITEMS or DD_TRACE_BAGGAGE_MAX_BYTES l...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-50271/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T21:31:26
1 posts
CVE-2026-15895: OS command injection in jsii-diff in AWS jsii
Bulletin ID: 2026-057-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 07/15/2026 12:00 PM PDT
Description:
jsii-diff is a command line tool to compare the API differences between two jsii assemblies...
https://aws.amazon.com/security/security-bulletins/rss/2026-057-aws/
##updated 2026-07-15T20:54:43.733000
1 posts
🟠 CVE-2026-53517 - High (8.1)
Better Auth is an authentication and authorization library for TypeScript. From 1.4.8-beta.7 until 1.6.11, the @better-auth/oauth-provider POST /oauth2/token endpoint on the refresh_token grant performs a non-atomic read, validate, revoke, and min...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-53517/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T20:49:59.560000
1 posts
🟠 CVE-2026-61835 - High (7.7)
Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, the SSRF protection on Directus's file-import-from-URL feature can be bypassed using the address 0.0.0.0 because api/src/request/is-denied-ip.ts trea...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-61835/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T20:35:56.207000
1 posts
🔴 CVE-2026-50148 - Critical (10)
Metabase is an open-source business intelligence and embedded analytics tool. From 1.54.0 until 1.54.24, 1.55.24, 1.56.25, 1.57.19, 1.58.14, 1.59.10, and 1.60.4, a Metabase user with permission to add or edit a database connection can achieve remo...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-50148/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T20:18:01.667000
1 posts
🟠 CVE-2026-62351 - High (7.5)
TDengine is a time-series database optimized for Internet of Things devices. Prior to 3.4.1.15, source/libs/transport/src/transComm.c transDecompressMsg() read STransCompMsg.contLen when pHead->comp == 1 without first validating that the RPC packe...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-62351/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T20:08:02.787000
1 posts
JetBrains vulnerabilities patched: CVE-2026-62422 (CVSS 10) YouTrack authentication bypass, IntelliJ IDEA RCE CVE-2026-59792, and four TeamCity flaws.
#JetBrains #YouTrack #IntelliJIDEA #TeamCity #CVE
http://securityonline.info/jetbrains-vulnerabilities/?utm_source=mastodon&utm_medium=jetpack_social
##updated 2026-07-15T19:50:11.367000
1 posts
🟠 CVE-2026-46485 - High (8.2)
Dashy is a self-hostable personal dashboard. Prior to 4.0.8, Dashy deployments using OIDC can allow unauthenticated users or non-admin authenticated users to write changes to the main config.yaml through the config-saving functionality despite con...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-46485/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T19:18:04.890000
1 posts
F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.
##updated 2026-07-15T19:17:00.473000
1 posts
Broadcom has a long list of advisories addressing several critical vulnerabilities, among others not quite as privileged https://socket.dev/blog/11-malicious-nuget-tools-pose-as-game-cheats
Don't forget Cisco:
Cisco: High severity: CVE-2026-20150 and CVE-2026-20153: Cisco RoomOS Security Hardening Release: July 2026 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq
Midium Severity: CVE-2026-20146: Cisco Identity Services Engine Path Traversal Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-xNt7wb2Y @TalosSecurity #Cisco #infosec #vulnerability #Broadcom
##updated 2026-07-15T18:32:50
5 posts
🚨 ALERT: CVE-2023-4346 allows attackers to purge and lock KNX industrial control devices. If you manage building automation, your perimeter is at risk. Get the forensic indicators and hardening playbooks you need to secure your assets. https://thecybermind.co/m6eo
##CISA KEV catalog now lists CVE-2026-46817, a critical Oracle E-Business Suite flaw, and CVE-2023-4346 in KNX devices. Both are exploited in the wild.
##🚨 [CISA-2026:0715] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0715)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2023-4346 (https://secdb.nttzen.cloud/cve/detail/CVE-2023-4346)
- Name: KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: KNX Association
- Product: KNX Protocol Connection Authorization Option 1
- Notes: https://www.cisa.gov/news-events/ics-advisories/icsa-23-236-01 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2023-4346
⚠️ CVE-2026-46817 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-46817)
- Name: Oracle E-Business Suite Improper Privilege Management Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Oracle
- Product: E-Business Suite
- Notes: https://www.oracle.com/security-alerts/cspumay2026.html ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-46817
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260715 #cisa20260715 #cve_2023_4346 #cve_2026_46817 #cve20234346 #cve202646817
##CISA has updated the KEV catalogue:
- CVE-2023-4346: KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability https://www.cve.org/CVERecord?id=CVE-2023-4346
- CVE-2026-46817: Oracle E-Business Suite Improper Privilege Management Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-46817
Press release:
CISA and Partners Publish Guidance to Help Software Manufacturers and Online Service Providers Work With Security Researchers https://www.cisa.gov/news-events/news/cisa-and-partners-publish-guidance-help-software-manufacturers-and-online-service-providers-work
Here's the guidance: https://www.cisa.gov/sites/default/files/2026-07/joint-guide-establishing-a-cvd-program-to-work-with-security-researchers_508c.pdf #CISA #infosec #vulnerability
##CVE ID: CVE-2023-4346
Vendor: KNX Association
Product: KNX Protocol Connection Authorization Option 1
Date Added: 2026-07-15
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2023-4346
updated 2026-07-15T18:32:05
1 posts
Splunk patched three Splunk Enterprise vulnerabilities: CVE-2026-20296 CSRF, CVE-2026-20297 path traversal, and CVE-2026-20298 credential exposure.
##updated 2026-07-15T18:32:05
1 posts
🟠 CVE-2026-58658 - High (8.2)
GPUStack through 2.2.1, fixed in commit 4e20551, contains an unauthenticated information disclosure vulnerability that allows unauthenticated attackers to access sensitive inference logs and modify worker configuration by exploiting unprotected /s...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-58658/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T18:32:05
1 posts
🟠 CVE-2026-62389 - High (7.5)
ws before 8.21.1 contains a memory exhaustion vulnerability in lib/receiver.js where the fragment guard only triggers when fragment count reaches maxFragments, allowing attackers to exhaust memory by sending incomplete fragmented WebSocket message...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-62389/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T18:32:05
1 posts
🟠 CVE-2026-59258 - High (8.3)
immich before 3.0.3 contains a broken access control vulnerability in the PUT /albums/:id/user/:userId endpoint that allows shared album editors to modify member roles without owner-only restrictions. Attackers with editor access can demote the al...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-59258/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T18:32:04
1 posts
Splunk patched three Splunk Enterprise vulnerabilities: CVE-2026-20296 CSRF, CVE-2026-20297 path traversal, and CVE-2026-20298 credential exposure.
##updated 2026-07-15T18:31:58
2 posts
F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.
##🟠 CVE-2026-60005 - High (8.2)
NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_slice_module module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests t...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-60005/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T18:31:58
1 posts
Broadcom has a long list of advisories addressing several critical vulnerabilities, among others not quite as privileged https://socket.dev/blog/11-malicious-nuget-tools-pose-as-game-cheats
Don't forget Cisco:
Cisco: High severity: CVE-2026-20150 and CVE-2026-20153: Cisco RoomOS Security Hardening Release: July 2026 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq
Midium Severity: CVE-2026-20146: Cisco Identity Services Engine Path Traversal Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-xNt7wb2Y @TalosSecurity #Cisco #infosec #vulnerability #Broadcom
##updated 2026-07-15T18:31:58
1 posts
Broadcom has a long list of advisories addressing several critical vulnerabilities, among others not quite as privileged https://socket.dev/blog/11-malicious-nuget-tools-pose-as-game-cheats
Don't forget Cisco:
Cisco: High severity: CVE-2026-20150 and CVE-2026-20153: Cisco RoomOS Security Hardening Release: July 2026 https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-hardening-roomos-AqNMbEq
Midium Severity: CVE-2026-20146: Cisco Identity Services Engine Path Traversal Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-traversal-xNt7wb2Y @TalosSecurity #Cisco #infosec #vulnerability #Broadcom
##updated 2026-07-15T18:15:13.373000
1 posts
🟠 CVE-2026-62685 - High (8.1)
File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Prior to 2.63.17, File Browser builds new user scopes from usernames passed through cleanUsername() when Signu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-62685/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-15T17:59:53.417000
1 posts
Adobe ColdFusion 2025 is affected by a CRITICAL path traversal vuln (CVE-2026-48318, CVSS 9.9). Attackers can read arbitrary files — no user interaction. Restrict ColdFusion access & monitor logs until a patch is released. Details: https://radar.offseq.com/threat/cve-2026-48318-improper-limitation-of-a-pathname-t-89bd432b493aca98 #OffSeq #CVE202648318 #ColdFusion #Infosec
##updated 2026-07-15T17:52:02.543000
1 posts
Google's Chrome security update 150.0.7871.124 fixes 15 flaws, including critical use-after-free bugs CVE-2026-15764 and CVE-2026-15765. Update now.
#Chrome #GoogleChrome #CVE #BrowserSecurity #CyberSecurity
http://securityonline.info/chrome-150-security-update/?utm_source=mastodon&utm_medium=jetpack_social
##updated 2026-07-15T16:24:31.140000
1 posts
1 repos
ASUS bsitf.sys (CVE-2026-13585): Arbitrary Physical Memory Mapping via Unvalidated IOCTL https://blog.ahmadz.ai/asus_bsitf_0_day_poc/
##updated 2026-07-15T15:33:14
2 posts
1 repos
https://github.com/0xCyberstan/CVE-2026-42533-Config-Scanner
F5 patched the NGINX code execution flaw CVE-2026-42533, along with CVE-2026-60005 and CVE-2026-56434. Update NGINX Plus and Open Source builds now.
##That's a lot of Fixes introduced in: NONE.
https://my.f5.com/manage/s/article/K000162097
##A vulnerability exists in NGINX Plus and NGINX Open Source when a map directive uses regex matching and a string expression references the map's regex capture variables before referencing the map output variable. Alternatively, the same result could be achieved by using a non-cacheable variable in a string expression under certain conditions. An unauthenticated attacker along with conditions beyond their control can exploit this vulnerability by sending crafted HTTP requests. This may cause a heap buffer overflow in the NGINX worker process leading to a restart. Additionally, attackers can execute code on systems with Address Space Layout Randomization (ASLR) disabled or when the attacker can bypass ASLR. (CVE-2026-42533)
updated 2026-07-15T14:18:24.010000
5 posts
Active exploitation of CVE-2026-56155 in Microsoft ADFS puts your identity perimeter at risk. Our latest TSUITE brief delivers the forensic indicators, detection queries, and compensating controls needed to neutralize this privilege escalation threat. Secure your architecture today. https://thecybermind.co/al3f
##Regarding CVE-2026-56155, the in-the-wild ADFS vulnerability - the July patch just released does not fix the vulnerability.
Instead it adds an audit log. The changes to harden the service and enforce protection will only apply with October 2026’s update applied.
##Microsoft's July 2026 Patch Tuesday fixes 570 flaws. Zero-days CVE-2026-56155 and CVE-2026-56164 are exploited in the wild. Patch now.
#PatchTuesday #Microsoft #ZeroDay #CVE #CyberSecurity
https://securityonline.info/july-2026-patch-tuesday/?utm_source=mastodon&utm_medium=jetpack_social
##CVE ID: CVE-2026-56155
Vendor: Microsoft
Product: Active Directory Federation Services
Date Added: 2026-07-14
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-56155
🚨 [CISA-2026:0714] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0714)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2026-56155 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56155)
- Name: Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Active Directory Federation Services
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-56155 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-56155
⚠️ CVE-2026-56164 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56164)
- Name: Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint Server
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-56164 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-56164
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260714 #cisa20260714 #cve_2026_56155 #cve_2026_56164 #cve202656155 #cve202656164
##updated 2026-07-15T13:51:52.543000
1 posts
#CVE-2026-48309 - #Adobe #Audition Out Of Bounds Write #Vulnerability
##updated 2026-07-15T03:33:02
1 posts
TP-Link Kasa vulnerability CVE-2026-9770 (CVSS 8.6) lets local attackers intercept admin credentials on EC70 and EC71 cameras. Update firmware now.
##updated 2026-07-15T00:31:51
1 posts
CRITICAL: CVE-2026-48334 impacts Adobe Illustrator Desktop 2026 (CVSS 9.3). Improper input validation lets attackers run code if a user opens a malicious file. No patch — open only trusted files. https://radar.offseq.com/threat/cve-2026-48334-improper-input-validation-cwe-20-in-92b003786ac4de7b #OffSeq #Adobe #Vuln #CVE202648334
##updated 2026-07-15T00:31:50
1 posts
CVE-2026-48336 - High severity out-of-bounds write in Illustrator. Could lead to arbitrary code execution. CVSS 7.8. Update immediately. #CVE #Adobe #infosec
##updated 2026-07-15T00:31:43
1 posts
🟠 CVE-2026-48337 - High (7.8)
Illustrator is affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-48337/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-14T23:17:27.010000
2 posts
28 repos
https://github.com/PuddinCat/CVE-2025-3248-POC
https://github.com/ynsmroztas/CVE-2025-3248-Langflow-RCE
https://github.com/min8282/CVE-2025-3248
https://github.com/b0ySie7e/CVE-2025-3248-POC
https://github.com/imbas007/CVE-2025-3248
https://github.com/Vip3rLi0n/CVE-2025-3248
https://github.com/dennisec/CVE-2025-3248
https://github.com/Atomics-hub/exposecheck
https://github.com/vigilante-1337/CVE-2025-3248
https://github.com/ill-deed/Langflow-CVE-2025-3248-Multi-target
https://github.com/zapstiko/CVE-2025-3248
https://github.com/tiemio/RCE-CVE-2025-3248
https://github.com/wand3rlust/CVE-2025-3248
https://github.com/xuemian168/CVE-2025-3248
https://github.com/0xgh057r3c0n/CVE-2025-3248
https://github.com/Praison001/CVE-2025-3248
https://github.com/nebari-playground/langflow-cve-2025-3248
https://github.com/get-xor/coreweave-demo-2026-05
https://github.com/r0otk3r/CVE-2025-3248
https://github.com/bambooqj/cve-2025-3248
https://github.com/0-d3y/langflow-rce-exploit
https://github.com/dennisec/Mass-CVE-2025-3248
https://github.com/Kiraly07/Demo_CVE-2025-3248
https://github.com/drackyjr/cve-2025-3248-exploit
https://github.com/12-test-12/CVE-2025-3248
https://github.com/EQSTLab/CVE-2025-3248
New from RelayShield: four #AIsecurity checks for agents built with smolagents, published as an MCP server on @huggingface.
- MCP server reputation check before your agent connects
- Prompt-injection pattern detection on ingested content
- Tech-stack CVE monitoring (covers agent frameworks themselves — Langflow's CVE-2025-3248 was the initial-access vector in the first documented autonomous-agent ransomware op)
- Bulk identity-risk scoring
Self-serve, pay-per-call, no subscription.
https://huggingface.co/blog/relayshieldadmin/smolagents-agent-security-tools
##New from RelayShield: four #AIsecurity checks for agents built with smolagents, published as an MCP server on @huggingface.
- MCP server reputation check before your agent connects
- Prompt-injection pattern detection on ingested content
- Tech-stack CVE monitoring (covers agent frameworks themselves — Langflow's CVE-2025-3248 was the initial-access vector in the first documented autonomous-agent ransomware op)
- Bulk identity-risk scoring
Self-serve, pay-per-call, no subscription.
https://huggingface.co/blog/relayshieldadmin/smolagents-agent-security-tools
##updated 2026-07-14T21:32:51
7 posts
1 repos
Symantec, posted yesterday: Spirals: New Stealthy Ransomware Deployed Against Asian IT Company https://www.security.com/threat-intelligence/ransomware-spirals-extortion
Also from yesterday:
Tenable: CVE-2026-32201, CVE-2026-45659, CVE-2026-56164: Frequently Asked Questions About Active Exploitation of Microsoft SharePoint Server Vulnerabilities https://www.tenable.com/blog/cve-2026-32201-cve-2026-45659-cve-2026-56164-faq-sharepoint-server-exploitation #threatresearch #Microsoft #ransomware #infosec #SharePoint
##These security flaws (tracked as CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) affect all supported self-hosted SharePoint Server versions. https://www.bleepingcomputer.com/news/security/cisa-warns-admins-to-patch-actively-exploited-sharepoint-flaws/
##CISA Issues Urgent Warning on SharePoint Server Exploitation
CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.
**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-issues-urgent-warning-on-sharepoint-server-exploitation-o-9-u-8-x/gD2P6Ple2L
CISA warns SharePoint vulnerabilities CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164 are exploited in the wild. Patch and harden servers now.
#CISA #SharePoint #Microsoft #CVE #CyberSecurity
https://securityonline.info/cisa-sharepoint-hardening/?utm_source=mastodon&utm_medium=jetpack_social
##Microsoft's July 2026 Patch Tuesday fixes 570 flaws. Zero-days CVE-2026-56155 and CVE-2026-56164 are exploited in the wild. Patch now.
#PatchTuesday #Microsoft #ZeroDay #CVE #CyberSecurity
https://securityonline.info/july-2026-patch-tuesday/?utm_source=mastodon&utm_medium=jetpack_social
##CVE ID: CVE-2026-56164
Vendor: Microsoft
Product: SharePoint Server
Date Added: 2026-07-14
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-56164
🚨 [CISA-2026:0714] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0714)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2026-56155 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56155)
- Name: Microsoft Active Directory Federation Services Insufficient Granularity of Access Control Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Active Directory Federation Services
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-56155 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-56155
⚠️ CVE-2026-56164 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-56164)
- Name: Microsoft SharePoint Server Missing Authentication for Critical Function Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset's internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint Server
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-56164 ; BOD 26-04: https://www.cisa.gov/news-events/directives/bod-26-04-prioritizing-security-updates-based-risk ; Forensics Triage Requirements: https://www.cisa.gov/news-events/directives/bod-26-04-implementation-guidance-prioritizing-security-updates-based-risk ; https://nvd.nist.gov/vuln/detail/CVE-2026-56164
#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260714 #cisa20260714 #cve_2026_56155 #cve_2026_56164 #cve202656155 #cve202656164
##updated 2026-07-14T21:32:33
1 posts
CVE-2026-48324 (CRITICAL, CVSS 9.1): Adobe ColdFusion 2025 suffers from an SQL Injection (CWE-89) allowing arbitrary code execution. No patch confirmed — restrict access & monitor SQL activity. https://radar.offseq.com/threat/cve-2026-48324-improper-neutralization-of-special--e4f7ad5cedb0440f #OffSeq #ColdFusion #SQLInjection #Vuln
##updated 2026-07-14T21:32:31
1 posts
Adobe ColdFusion 2025 hit by CRITICAL CVE-2026-48327: Incorrect Authorization (CVSS 9.0) enables arbitrary code execution — no user interaction needed. Restrict network access & limit privileges until patch released. https://radar.offseq.com/threat/cve-2026-48327-incorrect-authorization-cwe-863-in--27904a5083d83266 #OffSeq #ColdFusion #CVE202648327 #Infosec
##updated 2026-07-14T21:32:28
1 posts
Google's Chrome security update 150.0.7871.124 fixes 15 flaws, including critical use-after-free bugs CVE-2026-15764 and CVE-2026-15765. Update now.
#Chrome #GoogleChrome #CVE #BrowserSecurity #CyberSecurity
http://securityonline.info/chrome-150-security-update/?utm_source=mastodon&utm_medium=jetpack_social
##updated 2026-07-14T21:32:21
8 posts
3 repos
https://github.com/MrRawBit/SonicWall-SMA1000-Zero-Day-IoC-Check
⚠️ CRITICAL: Two SonicWall SMA 1000 Zero-Days Exploited, One Could Enable Admin Commands
Two zero-day vulnerabilities in SonicWall SMA 1000 appliances are actively exploited in the wild. CVE-2026-15409 is an SSRF flaw, while CVE-2026-15410 allows unauthenticated attackers to execute arbitrary commands as admin. Organizations using these devices face immediate risk of full appliance com…
##SonicWall has addressed a critical vulnerability. This was posted yesterday:
CVE-2026-15409 and CVE-2026-15410 https://psirt.global.sonicwall.com/vuln-list #infosec #SonicWall #vulnerability
##⚠️Alerte CERT-FR⚠️
Les vulnérabilités CVE-2026-15409 et CVE-2026-15410 affectent les SMA 1000 et permettent une SSRF ainsi que d'exécuter du code arbitraire à distance.
Elles sont activement exploitées.
CISA Adds SonicWall SMA1000 Vulnerabilities to KEV Catalog Following Active Exploitation
Security researchers have identified two critical vulnerabilities, CVE-2026-15409 and CVE-2026-15410, affecting SonicWall SMA1000 Series...
🔗️ [Thecyberexpress] https://link.is.it/dwrlPe
##🚨 Two actively exploited zero-days affecting SonicWall SMA1000 appliances: CVE-2026-15409 (CVSS 10.0) and CVE-2026-15410 (CVSS 7.2)
I’ve created vulnerability detection templates here (with confidence levels):
CVE-2026-15409: https://github.com/rxerium/rxerium-templates/blob/main/2026/CVE-2026-15409.yaml
CVE-2026-15410: https://github.com/rxerium/rxerium-templates/blob/main/2026/CVE-2026-15410.yaml
CVE-2026-15409 is remotely exploitable without authentication, while CVE-2026-15410 requires an authenticated administrator.
##🏆 New Achievement! Step Right Up and Get Exploited!
Ladies and gentlemen, gather round and feast your eyes on the most ASTONISHING spectacle of unpatched network appliances this side of the midway! SonicWall — yes, THAT SonicWall — is hollering from the rooftops that threat actors are actively exploiting not one but TWO zero-day vulnerabilities in SMA1000 appliances, CVE-2026-15409 and CVE-2026-15410, in the wild, right now, as you read this! (1/2)
##SonicWall warns of SMA1000 flaws exploited in zero-day attacks, patch now
SonicWall warns that threat actors have been exploiting two SMA1000 vulnerabilities, tracked as CVE-2026-15409 and CVE-2026-15410, in zero-day...
🔗️ [Bleepingcomputer] https://link.is.it/KLZmPI
##CVE ID: CVE-2026-15410
Vendor: SonicWall
Product: SMA1000 Appliances
Date Added: 2026-07-14
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-15410
updated 2026-07-14T21:16:40.860000
2 posts
2 repos
@brettagoge Ich hoffe du hast brav ein Backup.
Hier war ein Stelle von letzter Woche:
##‘Podlove Publisher 4.5.2 fixes CVE-2026-13001, a critical vulnerability in the image cache that could allow unauthenticated remote code execution on affected installations.’
##updated 2026-07-14T20:35:32.720000
1 posts
@jerry Microsoft may be doing some creative counting on vulnerabilities. To what end, I dunno.
Example: I looked at the 3 "Windows USB Audio Class Driver Information Disclosure" vulnerabilities.
CVE-2026-58528
CVE-2026-50453
CVE-2026-49794
All three are:
Information disclosure only
Max severity = important
Exploitation assessment = exploitation less likely
weakness = CWE-125: Out-of-bounds Read
require physical access
exploit code maturity = unproven
Acknowledgement to Jonghoi Kim at Patchpoint.io
Sure, they could be 3 totally unique ways to exploit USB audio all found by the same researcher in the same month... but that definitely feels like they're all three the same core issue and could have been a single CVE.
updated 2026-07-14T20:35:12.370000
1 posts
@jerry Microsoft may be doing some creative counting on vulnerabilities. To what end, I dunno.
Example: I looked at the 3 "Windows USB Audio Class Driver Information Disclosure" vulnerabilities.
CVE-2026-58528
CVE-2026-50453
CVE-2026-49794
All three are:
Information disclosure only
Max severity = important
Exploitation assessment = exploitation less likely
weakness = CWE-125: Out-of-bounds Read
require physical access
exploit code maturity = unproven
Acknowledgement to Jonghoi Kim at Patchpoint.io
Sure, they could be 3 totally unique ways to exploit USB audio all found by the same researcher in the same month... but that definitely feels like they're all three the same core issue and could have been a single CVE.
updated 2026-07-14T19:07:15
2 posts
CVE-2026-54052: CRITICAL auth bypass in czlonkowski n8n-mcp <2.56.1. Multi-tenant HTTP mode allows tenants to access/delete others’ sensitive workflow backups. Patch to 2.56.1 ASAP. https://radar.offseq.com/threat/cve-2026-54052-cwe-639-authorization-bypass-throug-04ca76ef25ff4df2 #OffSeq #CVE #infosec #vuln
##🔴 CVE-2026-54052 - Critical (9.9)
n8n-MCP is an MCP server that provides AI assistants access to n8n node documentation, properties, and operations. Prior to 2.56.1, in HTTP mode with multi-tenancy enabled through ENABLE_MULTI_TENANT=true, n8n-mcp's local workflow version history ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54052/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-14T18:32:38
1 posts
CISA Issues Urgent Warning on SharePoint Server Exploitation
CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.
**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-issues-urgent-warning-on-sharepoint-server-exploitation-o-9-u-8-x/gD2P6Ple2L
updated 2026-07-14T18:32:32
1 posts
Windows AppResolver LPE: From AppContainer to SYSTEM. PoC linked to CVE-2026-50454 https://davidcarliez.github.io/blog/windows-appresolver-lpe-to-system/
##updated 2026-07-14T18:32:12
1 posts
1 repos
‼️ CVE-2026-58635: Windows Narrator Braille Local Privilege Escalation
##updated 2026-07-14T18:32:06
3 posts
Age of Empires II : une faille permettait de prendre le contrôle d’un PC via une partie multijoueur https://www.it-connect.fr/age-of-empires-ii-faille-rce-cve-2026-50663/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #Microsoft
##Microsoft fixed an Age of Empires RCE from yesterday’s Patch Tuesday (CVE-2026-50663). Here is an example of how it was done.
##I was scanning through the @sans_isc #PatchTuesday post (https://isc.sans.edu/diary/33154?n with another record breaking number of fixes!) and had to double take when I saw "Age of Empires II" ... I was playing that 25 years ago.
Here's the CVE:
https://nvd.nist.gov/vuln/detail/CVE-2026-50663
updated 2026-07-14T16:46:49.030000
1 posts
Rockwell Automation vulnerability CVE-2026-10577 (CVSS 10) exposes an unauthenticated debug port in 1715 Redundant I/O modules. Update to firmware 3.011.
##updated 2026-07-14T15:32:25
1 posts
Citrix patched CVE-2026-53565, a Citrix Secure Access vulnerability letting local users gain SYSTEM, plus the CVE-2026-53566 out-of-bounds read bug.
#Citrix #CVE202653565 #PrivilegeEscalation #Vulnerability #Windows
##updated 2026-07-14T15:32:24
1 posts
Citrix patched CVE-2026-53565, a Citrix Secure Access vulnerability letting local users gain SYSTEM, plus the CVE-2026-53566 out-of-bounds read bug.
#Citrix #CVE202653565 #PrivilegeEscalation #Vulnerability #Windows
##updated 2026-07-14T15:32:24
1 posts
Firefox 152.0.6 and Chrome 150.0.7871.124/.125 resolve CRITICAL flaws. Firefox bugs (CVE-2026-15718, CVE-2026-15719) have public exploits, but no in-the-wild attacks. Patch ASAP. Chrome fixes 15 issues. https://radar.offseq.com/threat/critical-vulnerabilities-patched-with-fresh-chrome-e977806d68193e89 #OffSeq #Vuln #PatchNow #BrowserSecurity
##updated 2026-07-14T15:32:24
1 posts
Firefox 152.0.6 and Chrome 150.0.7871.124/.125 resolve CRITICAL flaws. Firefox bugs (CVE-2026-15718, CVE-2026-15719) have public exploits, but no in-the-wild attacks. Patch ASAP. Chrome fixes 15 issues. https://radar.offseq.com/threat/critical-vulnerabilities-patched-with-fresh-chrome-e977806d68193e89 #OffSeq #Vuln #PatchNow #BrowserSecurity
##updated 2026-07-14T05:16:19.730000
3 posts
Active Exploitation and Public PoC Disclosed for CVE-2026-6875 ServiceNow Sandbox Escape Remote Code Execution
##Active Exploitation and Public PoC Disclosed for CVE-2026-6875 ServiceNow Sandbox Escape Remote Code Execution
##CRITICAL RCE in ServiceNow AI platform (CVE-2026-6875) allows unauthenticated code execution. Patched — no active exploitation. Ivanti & Fortinet also released key updates. Patch all affected systems promptly. https://radar.offseq.com/threat/vulnerabilities-patched-by-fortinet-ivanti-service-e42e461913c3f486 #OffSeq #Vuln #ServiceNow #Ivanti #Fortinet
##updated 2026-07-14T02:16:54.120000
1 posts
CVE-2026-15378 is a blind SSRF in Red Hat OpenShift AI. The guardrails-detectors flaw exposes cloud credentials and Kubernetes secrets.
##updated 2026-07-14T01:16:18.827000
1 posts
CVE-2026-59208: Cross-Issuer Account Takeover in n8n
##updated 2026-07-10T20:36:58
2 posts
🔴 CVE-2026-54159 - Critical (10)
PrestaShop ps_facetedsearch is a module that adds layered navigation filters. From 3.0.0 until 4.0.4, the ps_facetedsearch module rebuilds selected search filters from the request URL, and the value of a slider filter, price or weight, is taken fr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54159/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-54159 - Critical (10)
PrestaShop ps_facetedsearch is a module that adds layered navigation filters. From 3.0.0 until 4.0.4, the ps_facetedsearch module rebuilds selected search filters from the request URL, and the value of a slider filter, price or weight, is taken fr...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54159/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-10T15:31:48
1 posts
JetBrains vulnerabilities patched: CVE-2026-62422 (CVSS 10) YouTrack authentication bypass, IntelliJ IDEA RCE CVE-2026-59792, and four TeamCity flaws.
#JetBrains #YouTrack #IntelliJIDEA #TeamCity #CVE
http://securityonline.info/jetbrains-vulnerabilities/?utm_source=mastodon&utm_medium=jetpack_social
##updated 2026-07-10T12:31:56
1 posts
Dell patched CVE-2026-56688, a PowerFlex command execution bug. This OS command injection flaw lets a privileged attacker run code as root.
##updated 2026-07-10T05:16:38.427000
1 posts
Metabase patched CVE-2026-59827 (CVSS 9.9) and CVE-2026-59826 (CVSS 9.1). These flaws enable remote code execution via unsafe H2 deserialization.
##updated 2026-07-09T13:43:04
2 posts
🟠 CVE-2026-49485 - High (7.5)
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.9 and 6.9.4.2, all implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input valida...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-49485/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-49485 - High (7.5)
HAPI FHIR is a complete implementation of the HL7 FHIR standard for healthcare interoperability in Java. Prior to 6.9.9 and 6.9.4.2, all implementations of FHIRPathEngine accept arbitrary FHIRPath expressions and evaluate them without input valida...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-49485/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-08T23:16:54.523000
4 posts
35 repos
https://github.com/0xBlackash/CVE-2026-43499
https://github.com/Linuxoid-cn/CVE-2026-43499-Poc-Analysis
https://github.com/onesmiledx/CVE-2026-43499
https://github.com/BuSung-dev/CVE-2026-43499-S25U
https://github.com/HORKimhab/CVE-2026-43499
https://github.com/ctnBobong32/auto_extract_offsets
https://github.com/tc3650/CVE-2026-43499-armv7
https://github.com/BuSung-dev/Root-My-Galaxy
https://github.com/2932796375github/CVE-2026-43499_OPPO-MT6835
https://github.com/HYCQAQ/Logitech-G-Cloud-GhostLock-CVE-2026-43499
https://github.com/x-spy/CVE-2026-43499-popsicle
https://github.com/PeronGH/ghostlock-selinux-disabler
https://github.com/ctnBobong32/CVE-2026-43499-so-build
https://github.com/Bartixxx32/CVE-2026-43499-OnePlus15
https://github.com/ayyy7128/CVE-2026-43499-jinghu
https://github.com/caspy123/CVE-2026-43499
https://github.com/sorrow404Null/CVE-2026-43499-RMX5200
https://github.com/Linuxoid-cn/Mi8E5-Unlocker-by-CVE-2026-43499
https://github.com/MiaPatsune/cve-2026-43499
https://github.com/joehquak/Mi8E5-Unlocker-by-CVE-2026-43499
https://github.com/Cxyofficial/x200-cve-2026-43499
https://github.com/inforcqb/CVE-2026-43499-pja110
https://github.com/qsvggff-spec/oppo-A5-PRO-5G-CVE-2026-43499
https://github.com/p2p3p/GhostLock-for-OnePlus
https://github.com/Yakayna/SpringPeace
https://github.com/JoinChang/ghostlock-oneplus
https://github.com/MobiusM/CVE-2026-43499
https://github.com/pubglite55/oppo-ghostlock
https://github.com/Thiasap/oppo-pgem10-ghostlock
https://github.com/dmcdtc/openvz-cve-patch-2026
https://github.com/Wtrwx/smt878u-ionstack-poc
https://github.com/CakesTwix/Android-CVE-2026-43499
https://github.com/SlightNeko/ghostlock-rothko
🐧 SIGINT // Ubuntu Watch — 2026-07-18
A 15-year-old futex bug with a 97% reliable public root exploit is exactly the kind of thing that ruins a weekend. Check your kernel version on every box, containers included, and patch before someone else does it for you.
🔗 https://linuxjust4u.com/linux/ghostlock-cve-2026-43499-linux-futex-root-exploit-fix/
##Un bel article qui détaille GhostLock (CVE-2026-43499) : une vulnérabilité du noyau Linux présente depuis 2011 dans quasi toutes les distributions Linux.
###AI Uncovers a 15-Year-Old #LinuxKernel Root #Vulnerability Hidden Since 2011
Security researchers at Nebula Security announced the discovery of #GhostLock (CVE-2026-43499), a critical local privilege escalation vulnerability that remained hidden in the Linux kernel for approximately 15 years before being identified by the company's AI-powered vulnerability research platform, VEGA
The vulnerability affects #Linux kernels dating back to version 2.6.39 (2011).
https://www.linuxjournal.com/content/ai-uncovers-15-year-old-linux-kernel-root-vulnerability-hidden-2011
⚪️ GhostLock vulnerability has existed since 2011 and affects major Linux distributions
🗨️ Researchers at Nebula Security have disclosed a vulnerability in the Linux kernel called GhostLock (CVE-2026-43499). This bug allows an unprivileged local user to escalate privileges to root and escape from a container. The issue has been present in the kernel…
##updated 2026-07-06T17:03:21
1 posts
🔴 CVE-2026-49445 - Critical (9.2)
Cilium is a networking, observability, and security solution. Prior to 1.17.14, 1.18.8, and 1.19.2, when Cilium L7 functionality is enabled, the embedded or standalone Envoy instance creates a world-accessible admin.sock on cluster nodes, allowing...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-49445/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-07-01T21:35:53
4 posts
1 repos
Symantec, posted yesterday: Spirals: New Stealthy Ransomware Deployed Against Asian IT Company https://www.security.com/threat-intelligence/ransomware-spirals-extortion
Also from yesterday:
Tenable: CVE-2026-32201, CVE-2026-45659, CVE-2026-56164: Frequently Asked Questions About Active Exploitation of Microsoft SharePoint Server Vulnerabilities https://www.tenable.com/blog/cve-2026-32201-cve-2026-45659-cve-2026-56164-faq-sharepoint-server-exploitation #threatresearch #Microsoft #ransomware #infosec #SharePoint
##These security flaws (tracked as CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) affect all supported self-hosted SharePoint Server versions. https://www.bleepingcomputer.com/news/security/cisa-warns-admins-to-patch-actively-exploited-sharepoint-flaws/
##CISA Issues Urgent Warning on SharePoint Server Exploitation
CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.
**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-issues-urgent-warning-on-sharepoint-server-exploitation-o-9-u-8-x/gD2P6Ple2L
CISA warns SharePoint vulnerabilities CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164 are exploited in the wild. Patch and harden servers now.
#CISA #SharePoint #Microsoft #CVE #CyberSecurity
https://securityonline.info/cisa-sharepoint-hardening/?utm_source=mastodon&utm_medium=jetpack_social
##updated 2026-07-01T21:26:23
1 posts
🚨 EUVD-2026-45225
📊 Score: 4.3/10 (CVSS v3.1)
📅 Updated: 2026-07-17
📝 A flaw was found in the keycloak-services component of Keycloak. This issue is an incomplete fix for CVE-2026-9798, where brute-force protection checks were added to the Client-Initiated Backchannel Authentication (CIBA) initiation handler but were omitted from the token redemption handler. Thi...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-45225
##updated 2026-06-22T14:36:04
2 posts
CVE-2026-54458 (CRITICAL, CVSS 9.6): WWBN AVideo (<29.0) suffers stored DOM XSS in YPTSocket plugin. Unauthenticated attackers can hijack admin sessions. Patch now — upgrade to v29.0. https://radar.offseq.com/threat/cve-2026-54458-cwe-79-improper-neutralization-of-i-57743e6d03256988 #OffSeq #XSS #WWBNA Video #infosec
##🔴 CVE-2026-54458 - Critical (9.6)
WWBN AVideo is an open source video platform. Versions prior to 29.0 contain a stored DOM Cross-Site Scripting vulnerability in the YPTSocket plugin. Any unauthenticated remote attacker can execute arbitrary JavaScript in the authenticated origin ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54458/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-19T13:16:28.160000
2 posts
@kevin L4? Apple would like a word. About secure enclaves. Now, Mr Torvalds, about that PF_KEY CVE... https://dailycve.com/linux-kernel-uninitialized-memory-disclosure-cve-2026-43088-medium/
##@kevin L4? Apple would like a word. About secure enclaves. Now, Mr Torvalds, about that PF_KEY CVE... https://dailycve.com/linux-kernel-uninitialized-memory-disclosure-cve-2026-43088-medium/
##updated 2026-06-17T18:49:13
3 posts
CVE-2026-55518 - Critical privilege escalation in Avo admin panel. Ruby on Rails users: authorization bypass in association attach workflow lets authenticated low-privilege users mutate associations. CVSS 9.6. No patch yet - monitor updates. #CVE #RubyOnRails #infosec
##🔴 CVE-2026-55518 - Critical (9.6)
Avo is a framework to create admin panels for Ruby on Rails apps. Prior to 3.32.1 and 4.0.0.beta.51, Avo's association attach workflow checks attach_? in the UI and GET /resources/:resource/:id/:related/new path, but the actual write endpoint, POS...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-55518/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-55518 - Critical (9.6)
Avo is a framework to create admin panels for Ruby on Rails apps. Prior to 3.32.1 and 4.0.0.beta.51, Avo's association attach workflow checks attach_? in the UI and GET /resources/:resource/:id/:related/new path, but the actual write endpoint, POS...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-55518/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-17T10:53:49.683000
1 posts
AI Meets Cryptography 2: What AI Found in OpenVM's ZkVM
OpenVM의 zkVM 게스트 라이브러리 `openvm-pairing`에서 임의의 pairing equality를 위조할 수 있는 치명적 건전성 취약점(CVE-2026-46669)이 발견됐으며, OpenVM 1.6.0에서 수정됐다. 최적화된 pairing 검증이 스케일링 인자 `u`/`s`가 올바른 Fp6 부분체에 속하는지 검사하지 않아, 공격자가 `c=1`, `u=f^-1`를 제공해 거짓 pairing 검증을 통과시킬 수 있었다. 영향 범위는 zkVM 증명 시스템 자체가 아니라 취약한 게스트 라이브러리를 사용하는 코드이지만, BLS12-381 기반 KZG opening proof·PLONK·BL...
##updated 2026-06-17T10:44:23.283000
1 posts
6 repos
https://github.com/joshuavanderpoll/CVE-2026-3891
https://github.com/AnggaTechI/Mass-Scanner-CVE-2026-3891
https://github.com/m4sh-wacker/CVE-2026-3891-Pix-for-WooCommerce-Plugin-Exploit
https://github.com/shinthink/CVE-2026-3891
‼️ CVE-2026-3891: A critical Unauthenticated Arbitrary File Upload vulnerability found in the Pix for WooCommerce WordPress plugin in versions up to and including 1.5.0.
PoC: https://github.com/m4sh-wacker/CVE-2026-3891-Pix-for-WooCommerce-Plugin-Exploit
##updated 2026-06-17T10:43:22.287000
1 posts
2 repos
Krytyczna podatność RCE we wtyczce Everest Forms Pro (WordPress)
Badacze bezpieczeństwa z Wordfence ujawnili krytyczną podatność Remote Code Execution we wtyczce Everest Forms Pro przeznaczonej dla WordPressa. Luka ma być wciąż wykorzystywana do ataków na strony korzystające z tego rozszerzenia. Podatność dotyczy wszystkich wersji przed 1.9.13 i otrzymała ocenę 9.8 (krytyczna) w skali CVSS. TLDR: Podatność (CVE-2026-3300) pozwala nieuwierzytelnionemu...
#WBiegu #Podatność #Rce #Wordpress #Wtyczki
https://sekurak.pl/krytyczna-podatnosc-rce-we-wtyczce-everest-forms-pro-wordpress/
##updated 2026-06-17T10:37:34.483000
1 posts
🟠 CVE-2026-55173 - High (8.1)
WWBN AVideo is an open source video platform. Versions 29.0 and below remain vulnerable to OS command injection because the fix for CVE-2026-33482 was incomplete and still does not neutralize a single & ( the shell background operator). CVE-2026-...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-55173/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-17T10:35:20.103000
4 posts
1 repos
Symantec, posted yesterday: Spirals: New Stealthy Ransomware Deployed Against Asian IT Company https://www.security.com/threat-intelligence/ransomware-spirals-extortion
Also from yesterday:
Tenable: CVE-2026-32201, CVE-2026-45659, CVE-2026-56164: Frequently Asked Questions About Active Exploitation of Microsoft SharePoint Server Vulnerabilities https://www.tenable.com/blog/cve-2026-32201-cve-2026-45659-cve-2026-56164-faq-sharepoint-server-exploitation #threatresearch #Microsoft #ransomware #infosec #SharePoint
##These security flaws (tracked as CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) affect all supported self-hosted SharePoint Server versions. https://www.bleepingcomputer.com/news/security/cisa-warns-admins-to-patch-actively-exploited-sharepoint-flaws/
##CISA Issues Urgent Warning on SharePoint Server Exploitation
CISA warns of active exploitation of three SharePoint Server vulnerabilities (CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164) used by threat actors to deploy malware and steal IIS machine keys. The agency also reports two additional critical flaws (CVE-2026-55040 and CVE-2026-58644) that pose a high risk for remote code execution and authentication bypass.
**If you run on-premise SharePoint Server (2016, 2019, or Subscription Edition), apply the latest Microsoft security updates immediately. Three of these flaws are being actively exploited to deploy ransomware. Then check your servers for signs of breach before rotating your IIS machine keys, and block direct internet access to SharePoint (especially the Central Administration interface) by placing it behind a reverse proxy.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-issues-urgent-warning-on-sharepoint-server-exploitation-o-9-u-8-x/gD2P6Ple2L
CISA warns SharePoint vulnerabilities CVE-2026-32201, CVE-2026-45659, and CVE-2026-56164 are exploited in the wild. Patch and harden servers now.
#CISA #SharePoint #Microsoft #CVE #CyberSecurity
https://securityonline.info/cisa-sharepoint-hardening/?utm_source=mastodon&utm_medium=jetpack_social
##updated 2026-06-17T10:31:33.987000
1 posts
🏆 New Achievement! Storage Zone, No Ozone!
Tonight's broadcast is brought to you by Deferred Patch Tuesdays — "Why upgrade today when v5.11 is running just fine?" Progress Software discovered two critical zero-days, CVE-2026-2699 and CVE-2026-2701, lurking in ShareFile Storage Zones Controller v5.x. Unauthenticated. Remote. Full system compromise. So catastrophic that customer-managed Storage Zone Controllers had to be emergency-shutdown entirely. (1/2)
##updated 2026-06-17T10:22:02.160000
1 posts
37 repos
https://github.com/avivyap/CVE-2026-23744
https://github.com/InzegoSec/CVE-2026-23744
https://github.com/CyLock11/CVE-2026-23744
https://github.com/sbouabid-sec/CVE-2026-23744-POC
https://github.com/ibreakthingsforaliving/CVE-2026-23744-PoC
https://github.com/alisster00/CVE-2026-23744-RCE
https://github.com/ctzisme/CVE-2026-23744
https://github.com/z4yd3/PoC-CVE-2026-23744
https://github.com/luiskrnr/exploit-CVE-2026-23744
https://github.com/d3vn0mi/CVE-2026-23744-POC
https://github.com/p1ctur3p3rf3ct/CVE-2026-23744
https://github.com/FrenzisRed/CVE-2026-23744
https://github.com/Dahalsamir/CVE-2026-23744-MCPJAM-RCE-exploit
https://github.com/Least-Significant-Bit/CVE-2026-23744
https://github.com/rohit-sundar/cve-2026-23744
https://github.com/MrR0b0t19/CVE-2026-23744-PoC
https://github.com/fckoo/mcpjaminspector-unauth-rce
https://github.com/thisisish/HTB-DevHub
https://github.com/timgad794/DevHub-HTB-Walkthrough
https://github.com/fcjaviergarcia/CVE-2026-23744-POC
https://github.com/rootdirective-sec/CVE-2026-23744-Lab
https://github.com/0x77FSec/CVE-2026-23744
https://github.com/CerberusMrXi/CVE-2026-23744-MCPJam-Exploit
https://github.com/kennedy-aikohi/mcpjam-cve-2026-23744-validator
https://github.com/H1sok444/CVE-2026-23744-PoC
https://github.com/daemoncibsec/mcpExec
https://github.com/jf-gondim/mcp-pwn
https://github.com/SrGinebras/CVE-2026-23744-RCE-for-MCPjam-inspector-v1.4.2
https://github.com/m2sousa/CVE-2026-23744
https://github.com/oryk0/CVE-2026-23744
https://github.com/diamorphine666/CVE-2026-23744-exploit
https://github.com/suljov/CVE-2026-23744-Remote-Code-Execution-POC
https://github.com/keeieb79/CVE-2026-23744-poc
https://github.com/afifudinmtop/MCPJam-Inspector-1.4.2-Remote-Code-Execution-CVE-2026-23744
https://github.com/ozcanpng/CVE-2026-23744
‼️ CVE-2026-23744: MCPJam Inspector RCE Exploit
GitHub: https://github.com/CerberusMrXi/CVE-2026-23744-MCPJam-Exploit
Features:
▪️Multi-payload Support: Includes Bash, Python, Netcat, Perl, PHP, and Base64 payloads.
▪️Command Execution: Execute commands on the target system with output capture.
▪️Target Scanning: Scan multiple targets with configurable rate limiting.
▪️Session Management: Persistent session management for ongoing testing.
▪️Proxy Support: Integrate with proxies for anonymous or routed traffic.
▪️Target Fingerprinting: Identify target system characteristics.
▪️Auto-listener Setup: Automatically configure listeners for reverse shells.
updated 2026-06-17T10:16:02.020000
1 posts
2 repos
⚠️ 📢 Sicherheitshinweis: Am 14. Juli 2026 veröffentlichte das Unternehmen #SonicWall ein Advisory zu seiner SMA1000-Produktserie und führte darin aus, dass die Modelle 6210, 7210 und 8200v durch zwei neu entdeckte Zero-Day #Schwachstellen (CVE-2026-15409, CVE-2026-1541) verwundbar sind.
❗️ Das Unternehmen verweist im Advisory darauf, dass "zahlreiche Fälle" vorliegen, die auf eine Ausnutzung der Schwachstellen schließen lassen.
Mehr dazu hier: ➡️ https://www.bsi.bund.de/dok/1203248
##updated 2026-06-17T00:19:24.390000
1 posts
cross-posted from: https://piefed.world/c/tech/p/1263199/nightmare-eclipse-just-dropped-legacyhive-a-new-windows-privilege-escalation-zero-day-po
##The PoC reportedly uses a carefully timed path-switching trick to make Windows mount another user’s Registry file, potentially an administrator’s, under a standard “helper” account.
Nightmare-Eclipse claims it works across supported Windows desktop and server builds patched through July 2026.
Nightmare-Eclipse says a private version could load arbitrary Registry hives, but that broader version has not been published.
Interestingly, Nightmare-Eclipse previously told us that vulnerability names are inspired by random events in his life. “LegacyHive” appears to break from that convention.
Deja vu: Microsoft patched this broad ProfSvc trust-boundary failure in 2015 as CVE-2015-0004, which also loaded another user’s hive. LegacyHive appears to use a new path-swap to revive that bug class.
As of writing: no CVE, no Microsoft advisory, no comment.
Text source: International Cyber Digest.
updated 2026-06-03T21:37:18
1 posts
CVE-2026-44182: CRITICAL YAML injection in jupyter-server enterprise_gateway <3.3.0 🚨 Untrusted env vars in manifests can let attackers create/modify Kubernetes resources, incl. privileged pods. Upgrade to 3.3.0+ ASAP. https://radar.offseq.com/threat/cve-2026-44182-cwe-74-improper-neutralization-of-s-6b0aef4923a88d9e #OffSeq #CVE202644182 #Kubernetes
##updated 2026-06-03T21:16:26
1 posts
🟠 CVE-2026-44023 - High (8.6)
Docling Core defines core data types and transformations for the document processing application Docling. In versions 1.5.0 and above, prior to 2.74.1, docling-core did not sufficiently restrict remote request destinations and could resolve a serv...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-44023/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-06-02T22:12:51
1 posts
CVE-2026-45363: CRITICAL improper authentication in ruby-jwt (<2.10.3, <3.2.0) lets attackers forge JWTs with empty HMAC keys. Immediate upgrade required to 2.10.3/3.2.0. Impact: auth bypass, high integrity risk. https://radar.offseq.com/threat/cve-2026-45363-cwe-287-improper-authentication-in--588cdab561cd07ab #OffSeq #CVE202645363 #ruby #jwt #infosec
##updated 2026-05-18T15:30:37
1 posts
4 repos
https://github.com/B1tBit/CVE-2026-32201-exploit
https://github.com/virus-or-not/CVE-2026-32202
Symantec, posted yesterday: Spirals: New Stealthy Ransomware Deployed Against Asian IT Company https://www.security.com/threat-intelligence/ransomware-spirals-extortion
Also from yesterday:
Tenable: CVE-2026-32201, CVE-2026-45659, CVE-2026-56164: Frequently Asked Questions About Active Exploitation of Microsoft SharePoint Server Vulnerabilities https://www.tenable.com/blog/cve-2026-32201-cve-2026-45659-cve-2026-56164-faq-sharepoint-server-exploitation #threatresearch #Microsoft #ransomware #infosec #SharePoint
##updated 2026-05-12T12:32:14
2 posts
🏆 New Achievement! Rooted in Operational Technology!
PATCH NOTES v0.0.0 — KNOWN ISSUES: Siemens ROX II OT switches ship with a three-vulnerability zero-day chain, including CVE-2025-40949, that grants attackers persistent root access. This feature was not intentional. Unit 42 and Siemens have jointly confirmed it exists anyway.
ADDED: Full root on your industrial network by people who are not you. FIXED: Nothing, until you manually update to firmware V2.17.1. (1/2)
##🏆 New Achievement! Rooted in Operational Technology!
PATCH NOTES v0.0.0 — KNOWN ISSUES: Siemens ROX II OT switches ship with a three-vulnerability zero-day chain, including CVE-2025-40949, that grants attackers persistent root access. This feature was not intentional. Unit 42 and Siemens have jointly confirmed it exists anyway.
ADDED: Full root on your industrial network by people who are not you. FIXED: Nothing, until you manually update to firmware V2.17.1. (1/2)
##updated 2026-04-14T18:30:41
1 posts
8 repos
https://github.com/pawpic/CVE-2026-38526-POC
https://github.com/Qurclinc/CVE-2026-38526
https://github.com/Resolvdd/CVE-2026-38526-PoC-htb-nexus
https://github.com/diamorphine666/CVE-2026-38526-Exploit
https://github.com/mmoobbeeiidat-design/Hack-The-Box-Nexus-Findings-Report
https://github.com/b0nyo/CVE-2026-38526
https://github.com/CerberusMrXi/KrayinCRM-RCE-Exploit-CVE-2026-38526
‼️Krayin CRM v2.2.x Authenticated Remote Code Execution Exploit (CVE-2026-38526)
PoC: https://github.com/CerberusMrXi/KrayinCRM-RCE-Exploit-CVE-2026-38526
##updated 2026-04-02T15:31:40
1 posts
2 repos
https://github.com/0xBlackash/CVE-2026-2699
https://github.com/watchtowrlabs/watchTowr-vs-Progress-ShareFile-CVE-2026-2699
🏆 New Achievement! Storage Zone, No Ozone!
Tonight's broadcast is brought to you by Deferred Patch Tuesdays — "Why upgrade today when v5.11 is running just fine?" Progress Software discovered two critical zero-days, CVE-2026-2699 and CVE-2026-2701, lurking in ShareFile Storage Zones Controller v5.x. Unauthenticated. Remote. Full system compromise. So catastrophic that customer-managed Storage Zone Controllers had to be emergency-shutdown entirely. (1/2)
##updated 2025-02-24T22:02:54
1 posts
2 repos
‼️ CVE-2025-26529: Moodle XSS to RCE Exploit
##updated 2025-02-05T18:34:46
1 posts
Broadcom has new advisories addressing two high-severity vulnerabilities that were fist published on the 15th https://support.broadcom.com/web/ecx/security-advisory
Cisco:
Medium Severity: CVE-2025-20204and CVE-2025-20205 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-xss-42tgsdMG @TalosSecurity
And if you missed this yesterday, CISA added two Fortinet vulnerabilities to the catalogue:
CISA:
CVE-2026-39808: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-39808
CVE-2026-25089: Fortinet FortiSandbox OS Command Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-25089
And a Microsoft vulnerability:
CISA: CVE-2026-58644: Microsoft SharePoint Deserialization of Untrusted Data Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-58644 #Microsoft #CISA #Fortinet #infosec #vulnerability #Cisco #Broadcom
##🟠 CVE-2026-56741 - High (7.5)
JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS option, and TelnetIO.handleNAW...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-56741/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-56741 - High (7.5)
JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS option, and TelnetIO.handleNAW...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-56741/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##‼️ New Dark Web Informer Blog Post!
Title: One Namespace String to kube-system: Cross-Namespace Privilege Escalation in Kyverno (CVE-2026-54523)
💥 Get early visibility into underground claims, including unblurred screenshots, before they turn into headlines: https://darkwebinformer.com/pricing
##‼️ New Dark Web Informer Blog Post!
Title: One Namespace String to kube-system: Cross-Namespace Privilege Escalation in Kyverno (CVE-2026-54523)
💥 Get early visibility into underground claims, including unblurred screenshots, before they turn into headlines: https://darkwebinformer.com/pricing
##Kyverno vulnerability CVE-2026-54523 (CVSS 9.6) is public with PoC exploit code. It lets a tenant gain admin in any namespace. Update to v1.18.2.
#Kyverno #CVE202654523 #PrivilegeEscalation #Kubernetes #CyberSecurity
https://securityonline.info/kyverno-cve-2026-54523/?utm_source=mastodon&utm_medium=jetpack_social
##Wake up, babe, new ../ in Wazuh just dropped ... https://db.gcve.eu/vuln/cve-2026-39359
##Chrome security update 150.0.7871.128 patches 7 flaws, including three critical use-after-free bugs in CameraCapture, GPU, and Network. Update now.
#Chrome #GoogleChrome #CVE202615899 #UseAfterFree #BrowserSecurity #Chromium #CyberSecurity
##7-Zip vulnerability CVE-2026-14266 (CVSS 7.0) allows remote code execution via crafted XZ data. Update to 7-Zip 26.02. No exploitation confirmed.
#7Zip #CVE202614266 #RCE #BufferOverflow #ZDI #CyberSecurity
##Anubis is busted (CVE-2026-62314) and FWIW it rly doesn't stop the AI bots even when not busted — https://vulnerability.circl.lu/vuln/CVE-2026-62314
##Metabase patched CVE-2026-59827 (CVSS 9.9) and CVE-2026-59826 (CVSS 9.1). These flaws enable remote code execution via unsafe H2 deserialization.
##🟠 CVE-2026-55234 - High (8.5)
Wekan is open source kanban built with Meteor. Prior to 9.37, Wekan DDP update allow rules in server/permissions/cards.js, server/permissions/lists.js, and server/permissions/swimlanes.js authorize against the stored source boardId and do not vali...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-55234/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-55652 - Critical (9.8)
Wekan is open source kanban built with Meteor. Prior to 9.46, header-login with HEADER_LOGIN_TRUSTED_IPS uses getRequestIp() in server/lib/headerLoginAuth.js to trust the client-supplied X-Forwarded-For header before the real socket address, allow...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-55652/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-62349 - High (8.3)
TDengine is an open source, time-series database optimized for Internet of Things devices. In 3.4.1.6 and earlier, source/libs/parser/src/parUtil.c trimString() checks space for only one byte before processing SQL string escape sequences \%, \_, o...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-62349/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-62948 - Critical (9.6)
OpenWrt is a Linux operating system targeting embedded devices. Prior to 25.12.5, odhcpd writes a DHCPv6 client FQDN option 39 hostname into /tmp/odhcpd.leases through src/statefiles.c statefiles_write_state6() and statefiles_write_state4() withou...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-62948/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-50147 - High (7.6)
Metabase is an open-source business intelligence and embedded analytics tool. From 1.57.0 until 1.57.19.1, 1.58.14.1, 1.59.10, and 1.60.4, an attacker who can configure a Metabase database connection can read arbitrary files from the Metabase serv...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-50147/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-55242 - High (8.8)
ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.111.0 and 16.22.0, an authenticated user with a standard operational role can trigger server-side template injection through a configuration field, resulting in unaut...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-55242/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-61836 - High (8.6)
Directus is a real-time API and App dashboard for managing SQL database content. Prior to 12.0.0, when response caching is enabled, the cache-key derivation in api/src/utils/get-cache-key.ts includes version, path, query, and accountability.user b...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-61836/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-61736 - Critical (9.3)
LightRAG provides simple and fast retrieval-augmented generation. Prior to 1.5.4, the server defaults to CORS_ORIGINS=* combined with allow_credentials=True in lightrag/api/lightrag_server.py, causing Starlette CORSMiddleware to effectively whitel...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-61736/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Notepad++ vulnerabilities now have public PoC exploit code. CVE-2026-52886, CVE-2026-54758, and CVE-2026-57233 are fixed in v8.9.7. Update now.
##Notepad++ vulnerabilities now have public PoC exploit code. CVE-2026-52886, CVE-2026-54758, and CVE-2026-57233 are fixed in v8.9.7. Update now.
##Notepad++ vulnerabilities now have public PoC exploit code. CVE-2026-52886, CVE-2026-54758, and CVE-2026-57233 are fixed in v8.9.7. Update now.
##🟠 CVE-2026-54572 - High (7.5)
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Prior to 1.74.4, with -l/--links, rclone serializes symlinks as .rclonelink text objects and recreates them on a local destination withou...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-54572/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-59733 - High (8.8)
Rclone is a command-line program to sync files and directories to and from different cloud storage providers. Prior to 1.74.4, rclone serve restic --private-repos enforces authorization using the routed user path segment while building the backend...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-59733/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Microsoft July 2026 Patch Tuesday fixes massive 570 flaws, 3 zero-days
Tag
CVE ID
CVE Title
Severity
.NET
CVE-2026-50649
.NET Remote Code Execution Vulnerability
Important
.NET
CVE-2026-50525
.NET Denial…
#NewsBeep #News #US #USA #UnitedStates #UnitedStatesOfAmerica #Technology
https://www.newsbeep.com/us/763025/
1 posts
4 repos
https://github.com/rz1027/CVE-2026-20896
https://github.com/szybnev/cve-2026-20896-gitea-poc
Ein gefälschter HTTP-Header genügte monatelang, um sich in Gitea und Forgejo zum Admin zu machen, ganz ohne Passwort. CVE-2026-20896 hat einen CVSS-Wert von 9.8. Gitea ist seit dem 21. Juni gepatcht, Forgejo hängt weiter in der Luft. Was du an deiner Konfiguration sofort prüfen musst.
#chrislo #ITSicherheit #ServerInfrastruktur #Gitea #Forgejo #Docker #SelfHosting #CVE #ReverseProxy #OpenSource #Codeberg
##