FediSecfeeds

CVE	CVSS	EPSS	Posts	Repos	Nuclei	Updated	Description
CVE-2026-6597	2.7	0.00%	2	0		2026-04-20T03:16:17.153000	A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is
CVE-2026-4424	7.5	0.20%	1	0		2026-04-20T03:16:16.163000	A flaw was found in libarchive. This heap out-of-bounds read vulnerability exist
CVE-2026-6591	4.3	0.00%	2	0		2026-04-20T01:16:31.870000	A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_p
CVE-2026-6581	8.8	0.00%	2	0		2026-04-19T23:16:33.893000	A vulnerability was detected in H3C Magic B1 up to 100R004. Affected by this vul
CVE-2026-6572	5.6	0.00%	2	0		2026-04-19T15:30:24	A security vulnerability has been detected in Collabora KodExplorer up to 4.52.
CVE-2026-6574	7.3	0.00%	2	0		2026-04-19T14:16:11.593000	A vulnerability has been found in osuuu LightPicture up to 1.2.2. This issue aff
CVE-2026-6573	6.3	0.00%	2	0		2026-04-19T13:16:46.187000	A vulnerability was detected in PHPEMS 11.0. This affects the function temppage
CVE-2026-6570	2.7	0.02%	2	0		2026-04-19T12:16:32.763000	A security flaw has been discovered in kodcloud KodExplorer up to 4.52. Affected
CVE-2026-6568	7.3	0.09%	2	0		2026-04-19T10:16:09.203000	A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects
CVE-2026-6560	8.8	0.04%	4	0		2026-04-19T09:30:21	A security vulnerability has been detected in H3C Magic B0 up to 100R002. This v
CVE-2026-6563	8.8	0.04%	4	0		2026-04-19T09:16:11	A vulnerability has been found in H3C Magic B1 up to 100R004. The affected eleme
CVE-2026-0868	6.4	0.01%	2	0		2026-04-19T06:31:30	The EMC – Easily Embed Calendly Scheduling Features plugin for WordPress is vuln
CVE-2026-41113	8.1	0.10%	1	0		2026-04-18T21:16:09.427000	sagredo qmail before 2026.04.07 allows tls_quit remote code execution because of
CVE-2026-41242	0	0.05%	4	0		2026-04-18T17:16:13.983000	protobufjs compiles protobuf definitions into JavaScript (JS) functions. In vers
CVE-2026-2505	5.4	0.03%	2	2		2026-04-18T12:30:17	The Categories Images plugin for WordPress is vulnerable to Stored Cross-Site Sc
CVE-2026-2986	6.4	0.01%	2	1		2026-04-18T12:30:17	The Contextual Related Posts plugin for WordPress is vulnerable to Stored Cross-
CVE-2026-5426	7.5	0.05%	2	0		2026-04-18T06:31:20	Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver de
CVE-2026-6518	8.8	0.07%	3	0		2026-04-18T05:16:24.377000	The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress i
CVE-2026-40494	9.8	0.04%	2	0		2026-04-18T03:16:13.590000	SAIL is a cross-platform library for loading and saving images with support for
CVE-2026-40492	9.8	0.04%	2	0		2026-04-18T03:16:13.300000	SAIL is a cross-platform library for loading and saving images with support for
CVE-2026-40487	8.9	0.02%	2	1		2026-04-18T02:16:11.670000	Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file up
CVE-2026-35582	8.8	0.05%	1	0		2026-04-18T02:16:11.510000	Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and belo
CVE-2026-40572	9.0	0.01%	2	0		2026-04-18T01:16:19.663000	NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In
CVE-2026-40350	8.8	0.04%	1	0		2026-04-18T01:16:19.527000	Movary is a self hosted web app to track and rate a user's watched movies. Prior
CVE-2026-40317	9.3	0.02%	2	0		2026-04-18T01:16:19.380000	NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In
CVE-2026-35465	7.5	0.05%	1	0		2026-04-18T01:16:18.440000	SecureDrop Client is a desktop app for journalists to securely communicate with
CVE-2026-5807	7.5	0.01%	2	0		2026-04-18T00:53:52	Vault is vulnerable to a denial-of-service condition where an unauthenticated at
CVE-2026-4525	7.5	0.01%	1	0		2026-04-18T00:53:02	If a Vault auth mount is configured to pass through the "Authorization" header,
CVE-2026-3605	8.1	0.01%	1	0		2026-04-18T00:51:52	An authenticated user with access to a kvv2 path through a policy containing a g
CVE-2026-40582	0	0.11%	1	0		2026-04-18T00:16:39.827000	ChurchCRM is an open-source church management system. In versions prior to 7.2.0
CVE-2026-40581	8.1	0.01%	1	0		2026-04-18T00:16:39.683000	ChurchCRM is an open-source church management system. In versions prior to 7.2.0
CVE-2026-40484	9.1	0.05%	2	0		2026-04-18T00:16:39.387000	ChurchCRM is an open-source church management system. In versions prior to 7.2.0
CVE-2026-40349	8.8	0.01%	1	0		2026-04-18T00:16:38.817000	Movary is a self hosted web app to track and rate a user's watched movies. Prior
CVE-2026-40348	7.7	0.01%	1	0		2026-04-18T00:16:38.663000	Movary is a self hosted web app to track and rate a user's watched movies. Prior
CVE-2026-40324	9.1	0.09%	2	0		2026-04-18T00:16:36.920000	Hot Chocolate is an open-source GraphQL server. Prior to versions 12.22.7, 13.9.
CVE-2026-2262	7.5	0.04%	1	0		2026-04-18T00:16:36.620000	The Easy Appointments plugin for WordPress is vulnerable to Sensitive Informatio
CVE-2026-40478	9.0	0.13%	1	0		2026-04-17T22:16:33.650000	Thymeleaf is a server-side Java template engine for web and standalone environme
CVE-2026-40477	9.0	0.13%	2	0		2026-04-17T22:16:33.500000	Thymeleaf is a server-side Java template engine for web and standalone environme
CVE-2026-40474	7.6	0.03%	1	0		2026-04-17T22:16:33.213000	wger is a free, open-source workout and fitness manager. In versions 2.5 and bel
CVE-2026-40352	8.8	0.03%	2	0		2026-04-17T22:16:32.940000	FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the pas
CVE-2026-40351	9.8	0.05%	1	0		2026-04-17T22:16:32.793000	FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the pas
CVE-2026-40321	8.0	0.04%	1	0		2026-04-17T22:16:32.653000	DNN (formerly DotNetNuke) is an open-source web content management platform (CMS
CVE-2026-40258	9.1	0.05%	2	0		2026-04-17T22:16:32.067000	The Gramps Web API is a Python REST API for the genealogical research software G
CVE-2026-35546	9.8	0.06%	2	0		2026-04-17T21:31:53	Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This
CVE-2026-40461	7.5	0.03%	1	0		2026-04-17T21:31:53	Anviz CX2 Lite and CX7 are vulnerable to unauthenticated POST requests that modi
CVE-2026-40525	9.1	0.11%	1	0		2026-04-17T21:31:53	OpenViking prior to commit c7bb167 contains an authentication bypass vulnerabili
CVE-2026-40527	7.8	0.03%	1	0		2026-04-17T21:16:35.373000	radare2 prior to commit bc5a890 contains a command injection vulnerability in th
CVE-2026-40303	7.5	0.06%	1	0		2026-04-17T21:16:35.140000	zrok is software for sharing web services, files, and network resources. Prior t
CVE-2026-40434	8.1	0.02%	1	0		2026-04-17T20:16:36.083000	Anviz CrossChex Standard lacks source verification in the client/server channel,
CVE-2026-40342	9.9	0.08%	2	0		2026-04-17T20:16:35.930000	Firebird is an open-source relational database management system. In versions pr
CVE-2026-40066	8.8	0.03%	1	0		2026-04-17T20:16:35.637000	Anviz CX2 Lite and CX7 are vulnerable to unverified update packages that can be
CVE-2026-35682	8.8	0.26%	1	0		2026-04-17T20:16:35.510000	Anviz CX2 Lite is vulnerable to an authenticated command injection via a filena
CVE-2026-34232	7.5	0.04%	1	0		2026-04-17T20:16:34.977000	Firebird is an open-source relational database management system. In versions pr
CVE-2026-32650	7.5	0.02%	1	0		2026-04-17T20:16:34.360000	Anviz CrossChex Standard is vulnerable when an attacker manipulates the TDS7 Pre
CVE-2026-32324	7.7	0.01%	1	0		2026-04-17T20:16:33.817000	Anviz CX7 Firmware is vulnerable because the application embeds reusable certif
CVE-2026-32107	8.8	0.01%	1	0		2026-04-17T20:16:33.677000	xrdp is an open source RDP server. In versions through 0.10.5, the session execu
CVE-2026-40170	7.5	0.04%	1	0		2026-04-17T19:16:37.763000	ngtcp2 is a C implementation of the IETF QUIC protocol. In versions prior to 1.2
CVE-2026-33337	7.5	0.04%	1	0		2026-04-17T19:16:36.223000	Firebird is an open-source relational database management system. In versions pr
CVE-2026-6284	9.1	0.03%	3	0		2026-04-17T19:01:56.030000	An attacker with network access to the PLC is able to brute force discover passw
CVE-2025-65104	7.9	0.01%	1	0		2026-04-17T19:01:56.030000	Firebird is an open-source relational database management system. In versions FB
CVE-2026-40516	8.3	0.04%	1	0		2026-04-17T19:01:56.030000	OpenHarness before commit bd4df81 contains a server-side request forgery vulnera
CVE-2026-40515	7.5	0.03%	1	0		2026-04-17T19:01:56.030000	OpenHarness before commit bd4df81 contains a permission bypass vulnerability tha
CVE-2026-37749	9.8	0.11%	2	1		2026-04-17T18:32:56	A SQL injection vulnerability in CodeAstro Simple Attendance Management System v
CVE-2026-5718	8.1	0.12%	1	0		2026-04-17T18:32:05	The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress i
CVE-2026-5710	7.5	0.11%	1	0		2026-04-17T18:31:54	The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress i
CVE-2026-33829	4.3	0.07%	3	0		2026-04-17T18:15:00.417000	Exposure of sensitive information to an unauthorized actor in Windows Snipping T
CVE-2026-6307	8.8	0.03%	1	0		2026-04-17T17:27:07.873000	Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a re
CVE-2026-3464	8.8	0.34%	1	0		2026-04-17T17:17:07.217000	The WP Customer Area plugin for WordPress is vulnerable to arbitrary file read a
CVE-2026-6296	9.6	0.03%	1	0		2026-04-17T15:42:44.730000	Heap buffer overflow in ANGLE in Google Chrome prior to 147.0.7727.101 allowed a
CVE-2026-6297	8.3	0.01%	1	0		2026-04-17T15:42:11.360000	Use after free in Proxy in Google Chrome prior to 147.0.7727.101 allowed an atta
CVE-2026-30996	7.5	0.29%	1	0		2026-04-17T15:38:09.243000	An issue in the file handling logic of the component download.php of SAC-NFe v2.
CVE-2026-6290	8.0	0.03%	1	0		2026-04-17T15:38:09.243000	Velociraptor versions prior to 0.76.3 contain a vulnerability in the query() plu
CVE-2026-34242	7.7	0.01%	1	0		2026-04-17T15:38:09.243000	Weblate is a web based localization tool. In versions prior to 5.17, the ZIP dow
CVE-2026-33435	8.0	0.33%	1	0		2026-04-17T15:38:09.243000	Weblate is a web based localization tool. In versions prior to 5.17, the project
CVE-2026-40322	9.0	0.05%	1	0		2026-04-17T15:38:09.243000	SiYuan is an open-source personal knowledge management system. In versions 3.6.3
CVE-2026-40318	8.5	0.06%	1	0		2026-04-17T15:38:09.243000	SiYuan is an open-source personal knowledge management system. In versions 3.6.3
CVE-2026-40259	8.1	0.08%	1	0		2026-04-17T15:38:09.243000	SiYuan is an open-source personal knowledge management system. In versions 3.6.3
CVE-2026-22734	8.6	0.01%	1	0		2026-04-17T15:38:09.243000	Cloud Foundry UUA is vulnerable to a bypass that allows an attacker to obtain a
CVE-2026-30995	8.6	0.03%	1	0		2026-04-17T15:37:20.857000	Slah CMS v1.5.0 and below was discovered to contain a SQL injection vulnerabilit
CVE-2026-30994	7.5	0.04%	1	0		2026-04-17T15:37:20.857000	Incorrect access control in the config.php component of Slah v1.5.0 and below al
CVE-2026-30993	9.8	0.29%	1	0		2026-04-17T15:37:20.857000	Slah CMS v1.5.0 and below was discovered to contain a remote code execution (RCE
CVE-2026-6507	7.5	0.11%	1	0		2026-04-17T15:31:27	A flaw was found in dnsmasq. A remote attacker could exploit an out-of-bounds wr
CVE-2026-23853	8.4	0.01%	1	0		2026-04-17T15:13:15.930000	Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Featu
CVE-2026-30778	7.5	0.03%	2	0		2026-04-17T15:09:46.880000	The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configurat
CVE-2026-4145	7.8	0.01%	2	0		2026-04-17T15:09:46.880000	During an internal security assessment, a potential vulnerability was discovered
CVE-2026-30364	7.5	0.04%	1	0		2026-04-17T15:09:46.880000	CentSDR commit e40795 was discovered to contain a stack overflow in the "Thread1
CVE-2025-67841	7.5	0.04%	1	0		2026-04-17T15:09:46.880000	Nordic Semiconductor IronSide SE for nRF54H20 before 23.0.2+17 has an Algorithmi
CVE-2026-30625	9.8	0.24%	1	0		2026-04-17T15:09:46.880000	Upsonic 0.71.6 contains a remote code execution vulnerability in its MCP server/
CVE-2026-30624	8.6	0.22%	1	0		2026-04-17T15:09:46.880000	Agent Zero 0.9.8 contains a remote code execution vulnerability in its External
CVE-2026-30617	8.6	0.14%	1	0		2026-04-17T15:09:46.880000	LangChain-ChatChat 0.3.1 contains a remote code execution vulnerability in its M
CVE-2026-30615	8.0	0.04%	1	0		2026-04-17T15:09:46.880000	A prompt injection vulnerability in Windsurf 1.9544.26 allows remote attackers t
CVE-2026-30461	8.3	0.23%	1	0		2026-04-17T15:09:46.880000	Daylight Studio FuelCMS v1.5.2 was discovered to contain an authenticated remote
CVE-2026-20147	9.9	0.23%	1	0		2026-04-17T15:09:46.880000	A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, rem
CVE-2026-20184	9.8	0.05%	1	0		2026-04-17T15:09:46.880000	A vulnerability in the integration of single sign-on (SSO) with Control Hub in C
CVE-2026-34632	8.2	0.01%	1	0		2026-04-17T15:08:54.530000	Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vu
CVE-2026-21719	7.2	0.18%	1	0		2026-04-17T15:08:25.183000	An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which m
CVE-2026-33825	7.8	0.04%	1	1		2026-04-17T14:19:21.290000	Insufficient granularity of access control in Microsoft Defender allows an autho
CVE-2026-23775	7.6	0.01%	1	0		2026-04-17T09:31:25	Dell PowerProtect Data Domain appliances with Data Domain Operating System (DD O
CVE-2025-36568	7.9	0.01%	1	0		2026-04-17T09:31:25	Dell PowerProtect Data Domain BoostFS for client of Feature Release versions 7.7
CVE-2026-33392	7.2	0.00%	1	0		2026-04-17T09:31:19	In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE
CVE-2026-6443	9.8	0.04%	3	0		2026-04-17T07:16:03.160000	The Accordion and Accordion Slider plugin for WordPress is vulnerable to an inje
CVE-2026-4659	7.5	0.03%	1	0		2026-04-17T07:16:01.967000	The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Arbit
CVE-2026-31843	9.8	0.89%	1	0		2026-04-16T22:58:59	The goodoneuz/pay-uz Laravel package (<= 2.2.24) contains a critical vulnerabili
CVE-2026-31987	None	0.03%	1	0		2026-04-16T22:57:43	JWT Tokens used by tasks were exposed in logs. This could allow UI users to act
CVE-2025-41118	9.1	0.03%	1	0		2026-04-16T21:41:16	Pyroscope is an open-source continuous profiling database. The database supports
CVE-2026-35569	8.7	0.03%	1	0		2026-04-16T20:44:20	## Summary A stored cross-site scripting (XSS) vulnerability exists in SEO-rela
CVE-2026-34393	8.8	0.04%	1	0		2026-04-16T20:43:50	### Impact The user patching API endpoint didn't properly limit the scope of ed
CVE-2026-34197	8.8	46.64%	9	9	template	2026-04-16T19:59:38.107000	Improper Input Validation, Improper Control of Generation of Code ('Code Injecti
CVE-2026-40744	8.5	0.03%	2	0		2026-04-16T15:31:44	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-6306	8.8	0.08%	1	0		2026-04-16T12:31:40	Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed
CVE-2026-6349	None	0.95%	2	0		2026-04-16T03:31:13	The iSherlock developed by HGiga has an OS Command Injection vulnerability, al
CVE-2026-33807	9.1	0.05%	2	0		2026-04-16T01:03:26	### Summary `@fastify/express` v4.0.4 contains a path handling bug in the `onRe
CVE-2026-4857	8.5	0.03%	1	0		2026-04-15T21:30:26	IdentityIQ 8.5, all IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4,
CVE-2026-6300	8.8	0.04%	1	0		2026-04-15T21:30:25	Use after free in CSS in Google Chrome prior to 147.0.7727.101 allowed a remote
CVE-2026-6299	8.8	0.04%	1	0		2026-04-15T21:30:25	Use after free in Prerender in Google Chrome prior to 147.0.7727.101 allowed a r
CVE-2026-20186	10.0	0.23%	1	0		2026-04-15T18:32:04	A vulnerability in Cisco Identity Services Engine (ISE) could allow an authentic
CVE-2026-20180	10.0	0.21%	1	0		2026-04-15T18:32:04	A vulnerability in Cisco Identity Services Engine (ISE) could allow an authentic
CVE-2026-40784	8.1	0.04%	2	0		2026-04-15T18:31:56	Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan
CVE-2026-40764	8.1	0.02%	2	0		2026-04-15T18:31:55	Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by W
CVE-2026-40745	7.6	0.03%	2	0		2026-04-15T18:31:55	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-6372	7.5	0.03%	1	0		2026-04-15T17:17:06.547000	Missing Authorization vulnerability in Plisio Accept Cryptocurrencies with Plisi
CVE-2025-63029	7.6	0.03%	1	0		2026-04-15T17:17:00.613000	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-34615	9.3	1.44%	2	0		2026-04-15T16:14:07.857000	Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserializati
CVE-2026-5617	8.8	0.04%	2	0		2026-04-15T09:16:33.210000	The Login as User plugin for WordPress is vulnerable to Privilege Escalation in
CVE-2025-0520	0	2.03%	2	0		2026-04-15T00:35:42.020000	An unrestricted file upload vulnerability in ShowDoc caused by improper validati
CVE-2026-33155	None	0.05%	1	0		2026-04-14T21:59:48	### Summary The pickle unpickler `_RestrictedUnpickler` validates which classes
CVE-2026-27303	9.7	1.50%	2	0		2026-04-14T18:30:50	Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserializati
CVE-2026-6203	6.1	1.29%	2	0	template	2026-04-13T23:16:28.110000	The User Registration & Membership plugin for WordPress is vulnerable to Open Re
CVE-2026-34621	8.6	4.56%	1	5		2026-04-13T21:23:27	Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by a
CVE-2026-40262	8.7	0.03%	2	0		2026-04-13T19:23:09	### Summary A stored same-origin XSS vulnerability allows any authenticated user
CVE-2026-33555	4.0	0.01%	1	1		2026-04-13T18:30:42	An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not chec
CVE-2026-39987	0	3.20%	3	5	template	2026-04-13T15:02:27.760000	marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE
CVE-2026-40200	8.1	0.02%	1	0		2026-04-13T15:02:06.187000	An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory co
CVE-2026-6042	3.3	0.01%	1	1		2026-04-13T15:02:06.187000	A security flaw has been discovered in musl libc up to 1.2.6. Affected is the fu
CVE-2026-6158	7.3	4.86%	2	0		2026-04-13T15:01:43.663000	A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the fu
CVE-2026-6141	6.3	1.23%	2	0		2026-04-13T15:01:43.663000	A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up t
CVE-2026-6138	9.8	1.25%	2	0		2026-04-13T15:01:43.663000	A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted ele
CVE-2026-6154	9.8	1.25%	2	0		2026-04-13T15:01:43.663000	A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. Th
CVE-2026-6139	9.8	1.25%	2	0		2026-04-13T15:01:43.663000	A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This af
CVE-2026-6140	9.8	1.25%	2	0		2026-04-13T03:30:29	A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts
CVE-2026-3055	9.8	55.71%	2	5	template	2026-03-31T13:18:14.213000	Insufficient input validation in NetScaler ADC and NetScaler Gateway when config
CVE-2026-33032	9.8	4.97%	3	3	template	2026-03-30T21:26:24	### Summary The nginx-ui MCP (Model Context Protocol) integration exposes two HT
CVE-2026-4368	0	0.02%	2	0		2026-03-24T15:54:09.400000	Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configur
CVE-2026-32746	9.8	0.03%	2	5		2026-03-23T14:16:33.017000	telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMO
CVE-2026-4440	8.8	0.07%	2	0		2026-03-20T19:27:12.970000	Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 a
CVE-2026-22730	8.8	0.02%	1	1		2026-03-18T20:20:40	A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionCon
CVE-2026-22729	8.6	0.08%	1	0		2026-03-18T20:20:27	A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConver
CVE-2026-33058	6.5	0.03%	1	0		2026-03-18T17:52:14.303000	Kanboard is project management software focused on Kanban methodology. Versions
CVE-2026-3888	7.9	0.01%	1	6		2026-03-18T06:31:20	Local privilege escalation in snapd on Linux allows local attackers to get root
CVE-2026-25554	6.5	0.09%	1	0		2026-02-27T21:31:20	OpenSIPS versions 3.1 before 3.6.4 containing the auth_jwt module (prior to comm
CVE-2026-1731	9.8	80.06%	1	4	template	2026-02-17T15:31:33	BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote
CVE-2026-24061	9.8	88.02%	1	69	template	2026-02-10T18:30:34	telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "
CVE-2019-1367	7.5	89.25%	2	1		2025-10-29T14:34:22.990000	A remote code execution vulnerability exists in the way that the scripting engin
CVE-2025-59284	3.3	0.03%	1	1		2025-10-27T19:39:57.120000	Exposure of sensitive information to an unauthorized actor in Windows NTLM allow
CVE-2023-33538	8.8	91.13%	1	2		2025-10-27T14:32:16.313000	TP-Link TL-WR940N V2/V4, TL-WR841N V8/V10, and TL-WR740N V1/V2 was discovered to
CVE-2024-32114	8.8	2.02%	1	1		2025-02-11T19:03:09	In Apache ActiveMQ 6.x, the default configuration doesn't secure the API web con
CVE-2024-3721	6.3	83.86%	3	1		2024-04-13T12:30:30	A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classi
CVE-2026-39973	0	0.00%	2	0			N/A
CVE-2026-35215	0	0.04%	1	0			N/A
CVE-2026-40196	0	0.03%	1	0			N/A
CVE-2026-40286	0	0.03%	1	0			N/A
CVE-2026-40285	0	0.03%	1	0			N/A
CVE-2026-40493	0	0.04%	2	0			N/A
CVE-2026-32105	0	0.04%	1	0			N/A
CVE-2026-27890	0	0.09%	1	0			N/A
CVE-2026-28224	0	0.09%	1	0			N/A
CVE-2026-28212	0	0.04%	1	0			N/A

CVE-2026-6597
(2.7 LOW)

EPSS: 0.00%

updated 2026-04-20T03:16:17.153000

2 posts

A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flow Using API. This manipulation causes unprotected storage of credentials. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vend

offseq at 2026-04-20T03:00:28.936Z ##

🛡️ CVE-2026-6597 (CVSS 5.1, MEDIUM): langflow-ai langflow v1.8.0 – 1.8.3 stores credentials without protection in Flow Using API. Public exploit available. Restrict access & rotate credentials until patched. https://radar.offseq.com/threat/cve-2026-6597-unprotected-storage-of-credentials-i-fc1cbce7 #OffSeq #Vulnerability #Langflow

##

offseq@infosec.exchange at 2026-04-20T03:00:28.000Z ##

🛡️ CVE-2026-6597 (CVSS 5.1, MEDIUM): langflow-ai langflow v1.8.0 – 1.8.3 stores credentials without protection in Flow Using API. Public exploit available. Restrict access & rotate credentials until patched. https://radar.offseq.com/threat/cve-2026-6597-unprotected-storage-of-credentials-i-fc1cbce7 #OffSeq #Vulnerability #Langflow

##

CVE-2026-4424
(7.5 HIGH)

EPSS: 0.20%

updated 2026-04-20T03:16:16.163000

1 posts

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR archive, leading to the disclosure of sensitive heap memory information without requiring authentication

linux@activitypub.awakari.com at 2026-04-16T20:01:01.000Z ## Oracle Linux 10 libarchive Important Fix ELSA-2026-8492 CVE-2026-4424 The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network:

#Oracle #Linux #Distribution #- #Security #Advisories

Origin | Interest | Match ##

CVE-2026-6591
(4.3 MEDIUM)

EPSS: 0.00%

updated 2026-04-20T01:16:31.870000

updated 2026-04-19T09:30:21

4 posts

A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function Edit_BasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any wa

thehackerwire@mastodon.social at 2026-04-19T08:00:14.000Z ##

🟠 CVE-2026-6560 - High (8.8)

A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function Edit_BasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be execu...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6560/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-04-19T07:30:28.018Z ##

⚠️ HIGH-severity buffer overflow (CVE-2026-6560) in H3C Magic B0 (100R002) allows remote code execution or DoS via Edit_BasicSSID in /goform/aspForm. No patch yet; restrict access & monitor updates. https://radar.offseq.com/threat/cve-2026-6560-buffer-overflow-in-h3c-magic-b0-f38a59da #OffSeq #H3C #Vuln #BufferOverflow

##

thehackerwire@mastodon.social at 2026-04-19T08:00:14.000Z ##

🟠 CVE-2026-6560 - High (8.8)

A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function Edit_BasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be execu...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6560/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-04-19T07:30:28.000Z ##

⚠️ HIGH-severity buffer overflow (CVE-2026-6560) in H3C Magic B0 (100R002) allows remote code execution or DoS via Edit_BasicSSID in /goform/aspForm. No patch yet; restrict access & monitor updates. https://radar.offseq.com/threat/cve-2026-6560-buffer-overflow-in-h3c-magic-b0-f38a59da #OffSeq #H3C #Vuln #BufferOverflow

##

CVE-2026-6563
(8.8 HIGH)

EPSS: 0.04%

updated 2026-04-19T09:16:11

4 posts

A vulnerability has been found in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond i

thehackerwire@mastodon.social at 2026-04-19T10:00:11.000Z ##

🟠 CVE-2026-6563 - High (8.8)

A vulnerability has been found in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to initiate the ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6563/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-04-19T09:00:29.387Z ##

🚨 CVE-2026-6563: HIGH severity buffer overflow in H3C Magic B1 ≤100R004 (SetAPWifiorLedInfoById, /goform/aspForm). Public exploit out, vendor silent. Audit exposure, restrict access! https://radar.offseq.com/threat/cve-2026-6563-buffer-overflow-in-h3c-magic-b1-2ad2f98e #OffSeq #vuln #infosec #routers

##

updated 2026-04-18T17:16:13.983000

4 posts

protobufjs compiles protobuf definitions into JavaScript (JS) functions. In versions prior to 8.0.1 and 7.5.5, attackers can inject arbitrary code in the "type" fields of protobuf definitions, which will then execute during object decoding using that definition. Versions 8.0.1 and 7.5.5 patch the issue.

beyondmachines1 at 2026-04-19T10:01:10.361Z ##

Critical Remote Code Execution Vulnerability Discovered in Protobuf.js Library

Protobuf.js patched a critical remote code execution vulnerability (CVE-2026-41242) caused by unsafe dynamic code generation when processing malicious protobuf schemas. The flaw allows attackers to execute arbitrary JavaScript code on servers or developer machines, potentially exposing sensitive credentials and enabling lateral movement.

**If your applications use protobuf.js (or libraries like gRPC, Firebase, or Google Cloud SDKs), update protobuf.js to version 8.0.1 or 7.5.5 ASAP. Run npm audit to catch hidden dependencies. Going forward, only load schemas you control and prefer precompiled static schemas in production to avoid this class of attack entirely.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-remote-code-execution-vulnerability-discovered-in-protobuf-js-library-o-k-k-y-h/gD2P6Ple2L

##

offseq at 2026-04-19T06:00:29.742Z ##

🚨 CRITICAL: CVE-2026-41242 in protobuf.js (<7.5.5, 8.0.0-experimental <8.0.1) allows code injection via "type" fields — remote code execution possible. Upgrade to 7.5.5 or 8.0.1+ now! https://radar.offseq.com/threat/cve-2026-41242-cwe-94-improper-control-of-generati-3ca40985 #OffSeq #infosec #protobuff #CVE202641242

##

beyondmachines1@infosec.exchange at 2026-04-19T10:01:10.000Z ##

Critical Remote Code Execution Vulnerability Discovered in Protobuf.js Library

Protobuf.js patched a critical remote code execution vulnerability (CVE-2026-41242) caused by unsafe dynamic code generation when processing malicious protobuf schemas. The flaw allows attackers to execute arbitrary JavaScript code on servers or developer machines, potentially exposing sensitive credentials and enabling lateral movement.

**If your applications use protobuf.js (or libraries like gRPC, Firebase, or Google Cloud SDKs), update protobuf.js to version 8.0.1 or 7.5.5 ASAP. Run npm audit to catch hidden dependencies. Going forward, only load schemas you control and prefer precompiled static schemas in production to avoid this class of attack entirely.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-remote-code-execution-vulnerability-discovered-in-protobuf-js-library-o-k-k-y-h/gD2P6Ple2L

##

offseq@infosec.exchange at 2026-04-19T06:00:29.000Z ##

🚨 CRITICAL: CVE-2026-41242 in protobuf.js (<7.5.5, 8.0.0-experimental <8.0.1) allows code injection via "type" fields — remote code execution possible. Upgrade to 7.5.5 or 8.0.1+ now! https://radar.offseq.com/threat/cve-2026-41242-cwe-94-improper-control-of-generati-3ca40985 #OffSeq #infosec #protobuff #CVE202641242

##

CVE-2026-2505
(5.4 MEDIUM)

EPSS: 0.03%

updated 2026-04-18T12:30:17

EPSS: 0.07%

updated 2026-04-18T05:16:24.377000

3 posts

The CMP – Coming Soon & Maintenance Plugin by NiteoThemes plugin for WordPress is vulnerable to arbitrary file upload and remote code execution in all versions up to, and including, 4.1.16 via the `cmp_theme_update_install` AJAX action. This is due to the function only checking for the `publish_pages` capability (available to Editors and above) instead of `manage_options` (Administrators only), co

updated 2026-04-18T02:16:11.670000

2 posts

Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypass allows any authenticated user to upload arbitrary HTML, SVG, or other executable file types to the server by spoofing the `Content-Type` header. The uploaded files are then served by nginx with a Content-Type derived from their original extension (`text/html`, `image/svg+xml`), enabling Stored Cr

1 repos

https://github.com/Astaruf/CVE-2026-40487

Matchbook3469@mastodon.social at 2026-04-19T14:02:00.000Z ##

🔶 New security advisory:

CVE-2026-40487 affects multiple systems.

• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours

Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-40487-postiz-stored-xss-via-file-upload-poc

#CVE #VulnerabilityManagement #CyberSec

##

thehackerwire@mastodon.social at 2026-04-18T05:00:49.000Z ##

🟠 CVE-2026-40487 - High (8.9)

Postiz is an AI social media scheduling tool. Prior to version 2.21.6, a file upload validation bypass allows any authenticated user to upload arbitrary HTML, SVG, or other executable file types to the server by spoofing the `Content-Type` header....

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40487/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-35582
(8.8 HIGH)

EPSS: 0.05%

updated 2026-04-18T02:16:11.510000

1 posts

Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand() is vulnerable to OS command injection because it interpolates temporary file paths into a /bin/sh -c shell command string without any escaping or input validation. The IN_FILE_ENDING and OUT_FILE_ENDING configuration keys flow directly into these paths, allowing a place author who can write o

thehackerwire@mastodon.social at 2026-04-18T05:00:39.000Z ##

🟠 CVE-2026-35582 - High (8.8)

Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand() is vulnerable to OS command injection because it interpolates temporary file paths into a /bin/sh -c shell command string without any escapi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-35582/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40572
(9.0 CRITICAL)

EPSS: 0.01%

updated 2026-04-18T01:16:19.663000

2 posts

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 (MemoryMapRange) allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validating against forbidden regions, including critical kernel structures such as the IDT, GDT, TSS, and page tables. A local attacker can exploit this to modif

thehackerwire@mastodon.social at 2026-04-18T05:02:35.000Z ##

🔴 CVE-2026-40572 - Critical (9)

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 15 (MemoryMapRange) allows Ring 3 user-mode processes to map arbitrary virtual address ranges into their address space without validati...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40572/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-04-18T01:30:26.000Z ##

🚩 CRITICAL: CVE-2026-40572 impacts MinecAnton209 NovumOS < 0.24. Syscall 15 flaw allows local privilege escalation by mapping over kernel memory — patch to v0.24+ ASAP! https://radar.offseq.com/threat/cve-2026-40572-cwe-269-improper-privilege-manageme-6ff979fd #OffSeq #CVE202640572 #NovumOS #Infosec

##

CVE-2026-40350
(8.8 HIGH)

EPSS: 0.04%

updated 2026-04-18T01:16:19.527000

1 posts

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can access the user-management endpoints `/settings/users` and use them to enumerate all users and create a new administrator account. This happens because the route definitions do not enforce admin-only middleware, and the controller-level authorization check uses a b

thehackerwire@mastodon.social at 2026-04-18T05:02:25.000Z ##

🟠 CVE-2026-40350 - High (8.8)

Movary is a self hosted web app to track and rate a user's watched movies. Prior to version 0.71.1, an ordinary authenticated user can access the user-management endpoints `/settings/users` and use them to enumerate all users and create a new admi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40350/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40317
(9.3 CRITICAL)

EPSS: 0.02%

updated 2026-04-18T01:16:19.380000

2 posts

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUser) accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode process to jump to kernel addresses and execute arbitrary code in Ring 0 context, resulting in local privilege escalation. This issue has been fixed in ver

offseq@infosec.exchange at 2026-04-18T07:30:26.000Z ##

🔍 CVE-2026-40317 (CRITICAL, CVSS 9.4): NovumOS < 0.24 allows local privilege escalation via unchecked entry point in Syscall 12. Patch to 0.24 ASAP or restrict syscalls to mitigate. Full details: https://radar.offseq.com/threat/cve-2026-40317-cwe-269-improper-privilege-manageme-d4098dd0 #OffSeq #Vuln #NovumOS #InfoSec

##

thehackerwire@mastodon.social at 2026-04-18T05:00:59.000Z ##

🔴 CVE-2026-40317 - Critical (9.3)

NovumOS is a custom 32-bit operating system written in Zig and x86 Assembly. In versions prior to 0.24, Syscall 12 (JumpToUser) accepts an arbitrary entry point address from user-space registers without validation, allowing any Ring 3 user-mode pr...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40317/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-35465
(7.5 HIGH)

EPSS: 0.05%

updated 2026-04-18T01:16:18.440000

1 posts

SecureDrop Client is a desktop app for journalists to securely communicate with sources and handle submissions on the SecureDrop Workstation. In versions 0.17.4 and below, a compromised SecureDrop Server can achieve code execution on the Client's virtual machine (sd-app) by exploiting improper filename validation in gzip archive extraction, which permits absolute paths and enables overwriting crit

thehackerwire@mastodon.social at 2026-04-18T05:02:44.000Z ##

🟠 CVE-2026-35465 - High (7.5)

SecureDrop Client is a desktop app for journalists to securely communicate with sources and handle submissions on the SecureDrop Workstation. In versions 0.17.4 and below, a compromised SecureDrop Server can achieve code execution on the Client's ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-35465/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-5807
(7.5 HIGH)

EPSS: 0.01%

updated 2026-04-18T00:53:52

2 posts

Vault is vulnerable to a denial-of-service condition where an unauthenticated attacker can repeatedly initiate or cancel root token generation or rekey operations, occupying the single in-progress operation slot. This prevents legitimate operators from completing these workflows. This vulnerability, CVE-2026-5807, is fixed in Vault Community Edition 2.0.0 and Vault Enterprise 2.0.0.

Matchbook3469@mastodon.social at 2026-04-19T23:04:49.000Z ##

🟠 New security advisory:

CVE-2026-5807 affects multiple systems.

• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours

updated 2026-04-18T00:16:39.827000

1 posts

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the /api/public/user/login endpoint validates only the username and password before returning the user's API key, bypassing the normal authentication flow that enforces account lockout and two-factor authentication checks. An attacker with knowledge of a user's password can obtain API access even when the account is

offseq@infosec.exchange at 2026-04-18T09:00:30.000Z ##

🚨 CVE-2026-40582: ChurchCRM < 7.2.0 has a CRITICAL auth bypass (CVSS 9.1). /api/public/user/login lets attackers with a password skip lockout & 2FA to get API access. Upgrade to 7.2.0+ ASAP. https://radar.offseq.com/threat/cve-2026-40582-cwe-288-authentication-bypass-using-58dc9576 #OffSeq #ChurchCRM #CVE202640582 #infosec

##

CVE-2026-40581
(8.1 HIGH)

EPSS: 0.01%

updated 2026-04-18T00:16:39.683000

1 posts

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the family record deletion endpoint (SelectDelete.php) performs permanent, irreversible deletion of family records and all associated data via a plain GET request with no CSRF token validation. An attacker can craft a malicious page that, when visited by an authenticated administrator, silently triggers deletion of t

thehackerwire@mastodon.social at 2026-04-18T05:10:54.000Z ##

🟠 CVE-2026-40581 - High (8.1)

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the family record deletion endpoint (SelectDelete.php) performs permanent, irreversible deletion of family records and all associated data via a plain GET request wi...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40581/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40484
(9.1 CRITICAL)

EPSS: 0.05%

updated 2026-04-18T00:16:39.387000

2 posts

ChurchCRM is an open-source church management system. In versions prior to 7.2.0, the database backup restore functionality extracts uploaded archive contents and copies files from the Images/ directory into the web-accessible document root using recursiveCopyDirectory(), which performs no file extension filtering. An authenticated administrator can upload a crafted backup archive containing a PHP

updated 2026-04-18T00:16:36.920000

2 posts

Hot Chocolate is an open-source GraphQL server. Prior to versions 12.22.7, 13.9.16, 14.3.1, and 15.1.14, Hot Chocolate's recursive descent parser `Utf8GraphQLParser` has no recursion depth limit. A crafted GraphQL document with deeply nested selection sets, object values, list values, or list types can trigger a `StackOverflowException` on payloads as small as 40 KB. Because `StackOverflowExceptio

updated 2026-04-17T22:16:33.500000

2 posts

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution mechanisms. Although the library provides mechanisms to prevent expression injection, it fails to properly restrict the scope of accessible objects, allowing specific potentially sensitive objects to be reached fro

Matchbook3469@mastodon.social at 2026-04-19T07:54:36.000Z ##

🔴 New security advisory:

CVE-2026-40477 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-40477-thymeleaf-ssti-allows-server-side-code-execution

#Cybersecurity #ZeroDay #ThreatIntel

##

thehackerwire@mastodon.social at 2026-04-18T06:00:13.000Z ##

🔴 CVE-2026-40477 - Critical (9)

Thymeleaf is a server-side Java template engine for web and standalone environments. Versions 3.1.3.RELEASE and prior contain a security bypass vulnerability in the expression execution mechanisms. Although the library provides mechanisms to preve...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40477/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40474
(7.6 HIGH)

EPSS: 0.03%

updated 2026-04-17T22:16:33.213000

1 posts

wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the GymConfigUpdateView declares permission_required = 'config.change_gymconfig' but inherits WgerFormMixin instead of WgerPermissionMixin, so the permission is never enforced at runtime. Since GymConfig is an ownerless singleton, any authenticated user can modify the global gym configuration, triggering save() sid

thehackerwire@mastodon.social at 2026-04-18T06:00:01.000Z ##

🟠 CVE-2026-40474 - High (7.6)

wger is a free, open-source workout and fitness manager. In versions 2.5 and below, the GymConfigUpdateView declares permission_required = 'config.change_gymconfig' but inherits WgerFormMixin instead of WgerPermissionMixin, so the permission is ne...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40474/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40352
(8.8 HIGH)

EPSS: 0.03%

updated 2026-04-17T22:16:32.940000

2 posts

FastGPT is an AI Agent building platform. In versions prior to 4.14.9.5, the password change endpoint is vulnerable to NoSQL injection. An authenticated attacker can bypass the "old password" verification by injecting MongoDB query operators. This allows an attacker who has gained a low-privileged session to change the password of their account (or others if combined with ID manipulation) without

Matchbook3469@mastodon.social at 2026-04-19T15:07:20.000Z ##

🟠 New security advisory:

CVE-2026-40352 affects multiple systems.

• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours

updated 2026-04-17T22:16:32.067000

2 posts

The Gramps Web API is a Python REST API for the genealogical research software Gramps. Versions 1.6.0 through 3.11.0 have a path traversal vulnerability (Zip Slip) in the media archive import feature. An authenticated user with owner-level privileges can craft a malicious ZIP file with directory-traversal filenames to write arbitrary files outside the intended temporary extraction directory on the

thehackerwire@mastodon.social at 2026-04-18T06:07:16.000Z ##

🔴 CVE-2026-40258 - Critical (9.1)

The Gramps Web API is a Python REST API for the genealogical research software Gramps. Versions 1.6.0 through 3.11.0 have a path traversal vulnerability (Zip Slip) in the media archive import feature. An authenticated user with owner-level privile...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40258/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-04-17T23:00:11.000Z ##

🚨 CVE-2026-40258: CRITICAL path traversal in gramps-web-api (1.6.0-3.11.0). Owner-level users can write files outside intended dirs via crafted ZIPs. Upgrade to 3.11.1+ to mitigate! https://radar.offseq.com/threat/cve-2026-40258-cwe-22-improper-limitation-of-a-pat-00f841f8 #OffSeq #CVE202640258 #PathTraversal #Infosec

##

CVE-2026-35546
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-04-17T21:31:53

2 posts

Anviz CX2 Lite and CX7 are vulnerable to unauthenticated firmware uploads. This causes crafted archives to be accepted, enabling attackers to plant and execute code and obtain a reverse shell.

updated 2026-04-17T20:16:35.930000

2 posts

Firebird is an open-source relational database management system. In versions prior to 5.0.4, 4.0.7 and 3.0.14, the external engine plugin loader concatenates a user-supplied engine name into a filesystem path without filtering path separators or .. components. An authenticated user with CREATE FUNCTION privileges can use a crafted ENGINE name to load an arbitrary shared library from anywhere on t

updated 2026-04-17T19:01:56.030000

3 posts

An attacker with network access to the PLC is able to brute force discover passwords to gain unauthorized access to systems and services. The limited password complexity and no password input limiters makes brute force password enumeration possible.

threatnoir@infosec.exchange at 2026-04-18T17:08:30.000Z ##

⚠️ CRITICAL: Horner Automation Cscape and XL4, XL7 PLC

Horner Automation Cscape v10.0, XL4 PLC v16.32.0, and XL7 PLC v15.60 contain a critical password brute-force vulnerability (CVE-2026-6284, CVSS 9.1) with no rate limiting. This affects manufacturing environments globally and allows unauthenticated network attackers to compromise PLCs controlling cr…

https://threatnoir.com/focus

#infosec #cybersecurity

##

updated 2026-04-17T18:32:56

2 posts

A SQL injection vulnerability in CodeAstro Simple Attendance Management System v1.0 allows remote unauthenticated attackers to bypass authentication via the username parameter in index.php.

1 repos

https://github.com/menevarad007/CVE-2026-37749

updated 2026-04-17T18:15:00.417000

3 posts

Exposure of sensitive information to an unauthorized actor in Windows Snipping Tool allows an unauthorized attacker to perform spoofing over a network.

updated 2026-04-17T15:09:46.880000

2 posts

The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL. This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0. Users are recommended to upgrade to version 10.4.0, which fixes the issue.

thehackerwire@mastodon.social at 2026-04-19T08:00:57.000Z ##

🟠 CVE-2026-30778 - High (7.5)

The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL.

This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0.

Users are recommended to upgrade to version 10.4.0, which fixes...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30778/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-04-19T08:00:57.000Z ##

🟠 CVE-2026-30778 - High (7.5)

The SkyWalking OAP /debugging/config/dump endpoint may leak sensitive configuration information of MySQL/PostgreSQL.

This issue affects Apache SkyWalking: from 9.7.0 through 10.3.0.

Users are recommended to upgrade to version 10.4.0, which fixes...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30778/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4145
(7.8 HIGH)

EPSS: 0.01%

updated 2026-04-17T15:09:46.880000

2 posts

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges.

thehackerwire@mastodon.social at 2026-04-19T06:59:53.000Z ##

🟠 CVE-2026-4145 - High (7.8)

During an internal security assessment, a potential vulnerability was discovered in Lenovo Software Fix that could allow a local authenticated user to perform arbitrary code execution with elevated privileges.

EPSS: 0.01%

updated 2026-04-17T15:08:54.530000

1 posts

Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged local attacker could have exploited this vulnerability by manipulating the search path used by the application to locate critical resources, potentially causing unauthorized code execution. Exploitation

thehackerwire@mastodon.social at 2026-04-17T15:59:56.000Z ##

🟠 CVE-2026-34632 - High (8.2)

Adobe Photoshop Installer was affected by an Uncontrolled Search Path Element vulnerability that could have resulted in arbitrary code execution in the context of the current user. A low-privileged local attacker could have exploited this vulnerab...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34632/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21719
(7.2 HIGH)

EPSS: 0.18%

updated 2026-04-17T15:08:25.183000

1 posts

An OS command injection vulnerability exists in CubeCart prior to 6.6.0, which may allow a user with an administrative privilege to execute an arbitrary OS command.

offseq@infosec.exchange at 2026-04-17T06:00:28.000Z ##

CVE-2026-21719: HIGH severity OS command injection in CubeCart <6.6.0. Authenticated admins can run arbitrary OS commands. No patch yet — restrict admin access & monitor logs. https://radar.offseq.com/threat/cve-2026-21719-improper-neutralization-of-special--543f1327 #OffSeq #CubeCart #Vuln #Infosec

##

EPSS: 0.00%

updated 2026-04-17T09:31:19

1 posts

In JetBrains YouTrack before 2025.3.131383 high privileged user can achieve RCE via sandbox bypass

offseq@infosec.exchange at 2026-04-17T09:00:32.000Z ##

🚨 CVE-2026-33392: HIGH severity RCE in JetBrains YouTrack < 2025.3.131383. High privileged users can bypass sandbox for remote code execution. No patch yet — restrict admin rights & monitor advisories. https://radar.offseq.com/threat/cve-2026-33392-cwe-1336-in-jetbrains-youtrack-3a31f8ef #OffSeq #YouTrack #Infosec #Vuln

##

CVE-2026-6443
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-04-17T07:16:03.160000

3 posts

The Accordion and Accordion Slider plugin for WordPress is vulnerable to an injected backdoor in version 1.4.6. This is due to the plugin being sold to a malicious threat actor that embedded a backdoor in all of the plugin's they acquired. This makes it possible for the threat actor to maintain a persistent backdoor and inject spam into the affected sites.

offseq@infosec.exchange at 2026-04-17T15:30:29.000Z ##

⚠️ CRITICAL: CVE-2026-6443 in WordPress Accordion & Accordion Slider v1.4.6 — embedded backdoor enables persistent access & spam injection. Remove/disable the plugin ASAP. No patch yet. https://radar.offseq.com/threat/cve-2026-6443-cwe-506-embedded-malicious-code-in-e-b2b69859 #OffSeq #WordPress #CVE20266443 #Infosec

##

offseq@infosec.exchange at 2026-04-17T07:30:32.000Z ##

🚨 CVE-2026-6443 (CRITICAL): WordPress Accordion & Accordion Slider v1.4.6 embeds a backdoor (CWE-506), enabling persistent unauthorized access & spam. No patch — remove or disable plugin now! https://radar.offseq.com/threat/cve-2026-6443-cwe-506-embedded-malicious-code-in-e-b2b69859 #OffSeq #WordPress #Infosec #Vuln

##

thehackerwire@mastodon.social at 2026-04-17T07:16:36.000Z ##

🔴 CVE-2026-6443 - Critical (9.8)

The Accordion and Accordion Slider plugin for WordPress is vulnerable to an injected backdoor in version 1.4.6. This is due to the plugin being sold to a malicious threat actor that embedded a backdoor in all of the plugin's they acquired. This ma...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6443/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4659
(7.5 HIGH)

EPSS: 0.03%

updated 2026-04-17T07:16:01.967000

1 posts

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Arbitrary File Read via the Repeater JSON/CSV URL parameter in versions up to, and including, 2.0.6. This is due to insufficient path traversal sanitization in the URLtoRelative() and urlToPath() functions, combined with the ability to enable debug output in widget settings. The URLtoRelative() function only performs a simp

thehackerwire@mastodon.social at 2026-04-17T07:16:46.000Z ##

🟠 CVE-2026-4659 - High (7.5)

The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Arbitrary File Read via the Repeater JSON/CSV URL parameter in versions up to, and including, 2.0.6. This is due to insufficient path traversal sanitization in the URLtoRel...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4659/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-31843
(9.8 CRITICAL)

EPSS: 0.89%

updated 2026-04-16T22:58:59

1 posts

The goodoneuz/pay-uz Laravel package (<= 2.2.24) contains a critical vulnerability in the /payment/api/editable/update endpoint that allows unauthenticated attackers to overwrite existing PHP payment hook files. The endpoint is exposed via Route::any() without authentication middleware, enabling remote access without credentials. User-controlled input is directly written into executable PHP files

offseq@infosec.exchange at 2026-04-17T01:30:29.000Z ##

⚠️ CVE-2026-31843: CRITICAL improper access control in goodoneuz/pay-uz <=2.2.24 allows unauthenticated PHP file overwrite & RCE via /payment/api/editable/update. No patch yet — restrict endpoint access! https://radar.offseq.com/threat/cve-2026-31843-cwe-284-improper-access-control-lea-f84d8bc9 #OffSeq #CVE202631843 #Laravel #RCE

##

CVE-2026-31987(CVSS UNKNOWN)

EPSS: 0.03%

updated 2026-04-16T22:57:43

1 posts

JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors. Users are advised to upgrade to Airflow version that contains fix. Users are recommended to upgrade to version 3.2.0, which fixes this issue.

thehackerwire@mastodon.social at 2026-04-18T07:10:00.000Z ##

🟠 CVE-2026-31987 - High (7.5)

JWT Tokens used by tasks were exposed in logs. This could allow UI users to act as Dag Authors.
Users are advised to upgrade to Airflow version that contains fix.

Users are recommended to upgrade to version 3.2.0, which fixes this issue.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31987/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41118
(9.1 CRITICAL)

EPSS: 0.03%

updated 2026-04-16T21:41:16

updated 2026-04-16T19:59:38.107000

9 posts

Improper Input Validation, Improper Control of Generation of Code ('Code Injection') vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ. Apache ActiveMQ Classic exposes the Jolokia JMX-HTTP bridge at /api/jolokia/ on the web console. The default Jolokia access policy permits exec operations on all ActiveMQ MBeans (org.apache.activemq:*), including BrokerService.addNetworkConnector(String) a

Nuclei template

9 repos

https://github.com/hg0434hongzh0/CVE-2026-34197

https://github.com/AtoposX-J/CVE-2026-34197-Apache-ActiveMQ-RCE

https://github.com/dinosn/CVE-2026-34197

https://github.com/xshysjhq/CVE-2026-34197-payload-Apache-ActiveMQ-

https://github.com/Catherines77/ActiveMQ-EXPtools

https://github.com/DEVSECURITYSPRO/CVE-2026-34197

https://github.com/keraattin/CVE-2026-34197

https://github.com/KONDORDEVSECURITYCORP/CVE-2026-34197

https://github.com/0xBlackash/CVE-2026-34197

threatnoir at 2026-04-20T03:30:06.958Z ##

2026-W16 — Weekly Threat Roundup

🚨 Critical Apache ActiveMQ flaw (CVE-2026-34197) actively exploited after 13-year dormancy, now on CISA KEV catalog
🏛️ Operation PowerOFF dismantles 53 DDoS-for-hire domains, arrests 4, exposes 3M criminal accounts across 21 countries
🔍 Three Windows zero-days (BlueHammer, RedSun, UnDefend) acti…

https://threatnoir.com/weekly/2026-w16

#infosec #cybersecurity #threatintel

##

canartuc@mastodon.social at 2026-04-19T08:50:45.000Z ##

CISA added Apache ActiveMQ CVE-2026-34197 to the Known Exploited Vulnerabilities list on April 17 with a federal deadline of April 30. Horizon3's Naveen Sunkavally found the bug by running Claude over the Jolokia code. The flaw has sat in the codebase for 13 years. 8,000+ brokers on the open internet, admin:admin still the common credential. I have watched every real incident start with an unrotated credential, not a zero-day.

#InfoSec #OpenSource #CyberSecurity

##

threatnoir@infosec.exchange at 2026-04-20T03:30:06.000Z ##

2026-W16 — Weekly Threat Roundup

🚨 Critical Apache ActiveMQ flaw (CVE-2026-34197) actively exploited after 13-year dormancy, now on CISA KEV catalog
🏛️ Operation PowerOFF dismantles 53 DDoS-for-hire domains, arrests 4, exposes 3M criminal accounts across 21 countries
🔍 Three Windows zero-days (BlueHammer, RedSun, UnDefend) acti…

https://threatnoir.com/weekly/2026-w16

#infosec #cybersecurity #threatintel

##

beyondmachines1@infosec.exchange at 2026-04-17T18:01:09.000Z ##

CISA Warns of Active Exploitation in Apache ActiveMQ Jolokia API Vulnerability

CISA added a high-severity Apache ActiveMQ vulnerability (CVE-2026-34197) to its KEV catalog due to active exploitation that allows attackers to run arbitrary OS commands via the Jolokia API. The flaw is particularly dangerous when chained with CVE-2024-32114, which enables unauthenticated remote code execution in certain versions.

**If you're running Apache ActiveMQ, upgrade to version 5.19.4 or 6.2.3 ASAP. Atackers are actively exploiting this right now. While you're at it, make sure your ActiveMQ console is not exposed to the internet, change any default admin:admin credentials, and disable the Jolokia endpoint entirely if you don't need it.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/cisa-warns-of-active-exploitation-in-apache-activemq-jolokia-api-vulnerability-i-v-s-d-e/gD2P6Ple2L

##

offseq@infosec.exchange at 2026-04-17T14:00:30.000Z ##

CRITICAL: Apache ActiveMQ RCE vuln (CVE-2026-34197) disclosed. No patch yet — review your security posture & monitor vendor channels for updates. Remote attackers could fully compromise systems. https://radar.offseq.com/threat/recent-apache-activemq-vulnerability-exploited-in--98176e07 #OffSeq #ActiveMQ #Vuln #InfoSec

##

canartuc@mastodon.social at 2026-04-17T13:03:28.000Z ##

An Anthropic researcher used Claude to find Apache ActiveMQ flaw CVE-2026-34197. Maintainers shipped the fix in seven days. CISA added the CVE to its federal exploited-vulnerability list. The same week, Cal.com closed source citing AI scanners as the reason. I have run defender-side tooling rollouts for 20 years. Every wave gets framed as attacker-only for six months first. One team shipped the patch. The other shipped the excuse.

#InfoSec #OpenSource #AI #CyberSecurity

##

technadu@infosec.exchange at 2026-04-17T10:52:12.000Z ##

New KEV added 🚨
CVE-2026-34197 (Apache ActiveMQ)
• Active exploitation confirmed
• High-risk entry point
KEV = patch now, not later

Source: https://www.cisa.gov/news-events/alerts/2026/04/16/cisa-adds-one-known-exploited-vulnerability-catalog

💬 How fast is your patch cycle?
Follow @technadu

#InfoSec #CyberSecurity #KEV

##

offseq@infosec.exchange at 2026-04-17T10:30:27.000Z ##

⚠️ CRITICAL: CVE-2026-34197 is a remote code execution vuln in Apache ActiveMQ. No patch or confirmed exploitation yet. Monitor vendor advisories & apply security best practices. Details: https://radar.offseq.com/threat/recent-apache-activemq-vulnerability-exploited-in--98176e07 #OffSeq #ApacheActiveMQ #Vuln #Infosec

##

hackerworkspace@infosec.exchange at 2026-04-17T04:58:11.000Z ##

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

https://thehackernews.com/2026/04/apache-activemq-cve-2026-34197-added-to.html

Read on HackerWorkspace: https://hackerworkspace.com/article/apache-activemq-cve-2026-34197-added-to-cisa-kev-amid-active-exploitation

#cybersecurity #vulnerability #exploit

##

CVE-2026-40744
(8.5 HIGH)

EPSS: 0.03%

updated 2026-04-16T15:31:44

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through <= 2.10.1.2.

thehackerwire@mastodon.social at 2026-04-19T07:00:12.000Z ##

🟠 CVE-2026-40744 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through <= 2....

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40744/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-04-19T07:00:12.000Z ##

🟠 CVE-2026-40744 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beaver Builder Beaver Builder beaver-builder-lite-version allows Blind SQL Injection.This issue affects Beaver Builder: from n/a through <= 2....

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40744/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-6306
(8.8 HIGH)

EPSS: 0.08%

updated 2026-04-16T12:31:40

1 posts

Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

thehackerwire@mastodon.social at 2026-04-16T20:44:59.000Z ##

🟠 CVE-2026-6306 - High (8.8)

Heap buffer overflow in PDFium in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted PDF file. (Chromium security severity: High)

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6306/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-6349(CVSS UNKNOWN)

EPSS: 0.95%

updated 2026-04-16T03:31:13

2 posts

The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing unauthenticated local attackers to inject arbitrary OS commands and execute them on the server.

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-33807
(9.1 CRITICAL)

EPSS: 0.05%

updated 2026-04-16T01:03:26

2 posts

### Summary `@fastify/express` v4.0.4 contains a path handling bug in the `onRegister` function that causes middleware paths to be doubled when inherited by child plugins. This results in complete bypass of Express middleware security controls for all routes defined within child plugin scopes that share a prefix with parent-scoped middleware. No special configuration is required — this affects th

thehackerwire@mastodon.social at 2026-04-19T08:02:14.000Z ##

🔴 CVE-2026-33807 - Critical (9.1)

@fastify/express v4.0.4 and earlier contains a path handling bug in the onRegister function that causes middleware paths to be doubled when inherited by child plugins. When a child plugin is registered with a prefix that matches a middleware path,...

updated 2026-04-15T18:31:56

2 posts

Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through <= 1.91.2.

thehackerwire@mastodon.social at 2026-04-19T07:00:02.000Z ##

🟠 CVE-2026-40784 - High (8.1)

Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through <= 1.91.2.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40784/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-04-19T07:00:02.000Z ##

🟠 CVE-2026-40784 - High (8.1)

Authorization Bypass Through User-Controlled Key vulnerability in Mahmudul Hasan Arif FluentBoards fluent-boards allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FluentBoards: from n/a through <= 1.91.2.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40784/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40764
(8.1 HIGH)

EPSS: 0.02%

updated 2026-04-15T18:31:55

2 posts

Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through <= 1.10.0.2.

thehackerwire@mastodon.social at 2026-04-19T08:00:47.000Z ##

🟠 CVE-2026-40764 - High (8.1)

Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through <= 1.10.0.2.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40764/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-04-19T08:00:47.000Z ##

🟠 CVE-2026-40764 - High (8.1)

Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Contact Form by WPForms wpforms-lite allows Cross Site Request Forgery.This issue affects Contact Form by WPForms: from n/a through <= 1.10.0.2.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40764/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40745
(7.6 HIGH)

EPSS: 0.03%

updated 2026-04-15T18:31:55

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: from n/a through <= 8.4.2.

thehackerwire@mastodon.social at 2026-04-19T08:00:37.000Z ##

🟠 CVE-2026-40745 - High (7.6)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in bdthemes Element Pack Elementor Addons bdthemes-element-pack-lite allows Blind SQL Injection.This issue affects Element Pack Elementor Addons: fr...

updated 2026-04-15T16:14:07.857000

2 posts

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-5617
(8.8 HIGH)

EPSS: 0.04%

updated 2026-04-15T09:16:33.210000

2 posts

The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the handle_return_to_admin() function trusting a client-controlled cookie (oclaup_original_admin) to determine which user to authenticate as, without any server-side verification that the cookie value was legitimately set during an admin-initiated user switch. Th

thehackerwire@mastodon.social at 2026-04-19T08:02:23.000Z ##

🟠 CVE-2026-5617 - High (8.8)

The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the handle_return_to_admin() function trusting a client-controlled cookie (oclaup_original_admin) to determine...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-5617/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-04-19T08:02:23.000Z ##

🟠 CVE-2026-5617 - High (8.8)

The Login as User plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.0.3. This is due to the handle_return_to_admin() function trusting a client-controlled cookie (oclaup_original_admin) to determine...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-5617/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-0520
(0 None)

EPSS: 2.03%

updated 2026-04-15T00:35:42.020000

2 posts

An unrestricted file upload vulnerability in ShowDoc caused by improper validation of file extension allows execution of arbitrary PHP, leading to remote code execution.This issue affects ShowDoc: before 2.8.7.

Hackread@mstdn.social at 2026-04-18T14:42:19.000Z ##

📢⚠️ Hackers are exploiting a 5-year-old #ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.

Read: https://hackread.com/showdoc-vulnerability-patch-2020-server-takeover/

#CyberSecurity #Vulnerability #CyberAttacks

##

Hackread@mstdn.social at 2026-04-18T14:39:50.000Z ##

📢⚠️ Hackers are exploiting a 5-year-old #ShowDoc vulnerability (CVE-2025-0520) to deploy web shells, enabling RCE and full server takeover worldwide.

Read: https://hackread.com/showdoc-vulnerability-patch-2020-server-takeover/

#CyberSecurity #Vulnerability #CyberAttacks

##

CVE-2026-33155(CVSS UNKNOWN)

EPSS: 0.05%

updated 2026-04-14T21:59:48

1 posts

### Summary The pickle unpickler `_RestrictedUnpickler` validates which classes can be loaded but does not limit their constructor arguments. A few of the types in `SAFE_TO_IMPORT` have constructors that allocate memory proportional to their input (`builtins.bytes`, `builtins.list`, `builtins.range`). A 40-byte pickle payload can force 10+ GB of memory, which crashes applications that load delta

_r_netsec@infosec.exchange at 2026-04-17T08:43:12.000Z ##

we found a memory exhaustion CVE in a library downloaded 29 million times a month. AWS, DataHub, and Lightning AI are in the blast radius. https://www.periphery.security/blog/cve-2026-33155---40-bytes-to-chaos

##

CVE-2026-27303
(9.7 CRITICAL)

EPSS: 1.50%

updated 2026-04-14T18:30:50

2 posts

Adobe Connect versions 2025.3, 12.10 and earlier are affected by a Deserialization of Untrusted Data vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-6203
(6.1 MEDIUM)

EPSS: 1.29%

updated 2026-04-13T23:16:28.110000

2 posts

The User Registration & Membership plugin for WordPress is vulnerable to Open Redirect in versions up to and including 5.1.4. This is due to insufficient validation of user-supplied URLs passed via the 'redirect_to_on_logout' GET parameter before redirecting users. The `redirect_to_on_logout` GET parameter is passed directly to WordPress's `wp_redirect()` function instead of the domain-restricted

Nuclei template

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-34621
(8.6 HIGH)

EPSS: 4.56%

updated 2026-04-13T21:23:27

1 posts

Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

5 repos

https://github.com/NULL200OK/cve_2026_34621_advanced

https://github.com/ercihan/CVE-2026-34621_PDF_SAMPLE

https://github.com/ercihan/CVE-2026-34621

https://github.com/KeulenR01/Remediate-AdobeAcrobat-CVE-2026-34621

https://github.com/eduardorossi84/CVE-2026-34621-POC

_r_netsec@infosec.exchange at 2026-04-18T15:58:05.000Z ##

CVE-2026-34621 PoC isn't a scanner, it's a campaign weaponizer with 62 pre-authenticated Brazilian fintech targets https://nefariousplan.com/posts/adobe-acrobat-cve-2026-34621-pdf-weaponizer

##

CVE-2026-40262
(8.7 HIGH)

EPSS: 0.03%

updated 2026-04-13T19:23:09

2 posts

### Summary A stored same-origin XSS vulnerability allows any authenticated user to upload an HTML, SVG, or XHTML file as a note asset and have it executed in a victim’s browser under the application’s origin. Because the application serves these files inline without a safe content type and without `nosniff`, browsers can sniff and render active content, giving the attacker access to authenticated

Matchbook3469@mastodon.social at 2026-04-19T16:52:37.000Z ##

⚠️ New security advisory:

CVE-2026-40262 affects multiple systems.

• Impact: Significant security breach potential
• Risk: Unauthorized access or data exposure
• Mitigation: Apply patches within 24-48 hours

Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-40262-note-mark-stored-xss-via-file-upload

#InfoSec #PatchNow #InfoSecCommunity

##

thehackerwire@mastodon.social at 2026-04-17T04:56:01.000Z ##

🟠 CVE-2026-40262 - High (8.7)

Note Mark is an open-source note-taking application. In versions 0.19.1 and prior, the asset delivery handler serves uploaded files inline and relies on magic-byte detection for content type, which does not identify text-based formats such as HTML...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40262/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33555
(4.0 None)

EPSS: 0.01%

updated 2026-04-13T18:30:42

1 posts

An issue was discovered in HAProxy before 3.3.6. The HTTP/3 parser does not check that the received body length matches a previously announced content-length when the stream is closed via a frame with an empty payload. This can cause desynchronization issues with the backend server and could be used for request smuggling. The earliest affected version is 2.6.

1 repos

https://github.com/r3verii/CVE-2026-33555

_r_netsec@infosec.exchange at 2026-04-16T20:13:05.000Z ##

HAProxy HTTP/3 -> HTTP/1 Desync: Cross-Protocol Smuggling via a Standalone QUIC FIN (CVE-2026-33555) https://r3verii.github.io/cve/2026/04/14/haproxy-h3-standalone-fin-smuggling.html

##

CVE-2026-39987
(0 None)

EPSS: 3.20%

updated 2026-04-13T15:02:27.760000

3 posts

marimo is a reactive Python notebook. Prior to 0.23.0, Marimo has a Pre-Auth RCE vulnerability. The terminal WebSocket endpoint /terminal/ws lacks authentication validation, allowing an unauthenticated attacker to obtain a full PTY shell and execute arbitrary system commands. Unlike other WebSocket endpoints (e.g., /ws) that correctly call validate_auth() for authentication, the /terminal/ws endpo

Nuclei template

5 repos

https://github.com/keraattin/CVE-2026-39987

https://github.com/0xBlackash/CVE-2026-39987

https://github.com/Nxploited/CVE-2026-39987

https://github.com/mki9/CVE-2026-39987_exploit

https://github.com/fevar54/marimo_CVE-2026-39987_RCE_PoC

threatnoir@infosec.exchange at 2026-04-18T17:08:28.000Z ##

⚠️ CRITICAL: Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Attackers are actively exploiting CVE-2026-39987, a critical RCE vulnerability in Marimo Python notebooks, to deploy NKAbuse malware hosted on Hugging Face. The malware acts as a RAT with credential theft and lateral movement capabilities. Exploitation started within 10 hours of disclosure across m…

https://threatnoir.com/focus

#infosec #cybersecurity

##

canartuc@mastodon.social at 2026-04-17T10:54:45.000Z ##

Marimo is a Python notebook used in AI toolchains. It was exploited 9 hours 41 minutes after CVE-2026-39987 disclosure. Sysdig published the telemetry. Full remote takeover, no login required. The patch shipped with the advisory. Most shops do not have weekend on-call for a Python notebook. By Sunday morning the command-and-control traffic was already 14 hours deep. Patch window is shorter than one night of sleep. On-call SLA is the new budget line.

#CyberSecurity #DevOps #Python #InfoSec

##

hackerworkspace@infosec.exchange at 2026-04-17T04:56:17.000Z ##

CVE-2026-39987 update: How attackers weaponized marimo to deploy a blockchain botnet via HuggingFace | Sysdig

https://www.sysdig.com/blog/cve-2026-39987-update-how-attackers-weaponized-marimo-to-deploy-a-blockchain-botnet-via-huggingface

Read on HackerWorkspace: https://hackerworkspace.com/article/cve-2026-39987-update-how-attackers-weaponized-marimo-to-deploy-a-blockchain-botnet-via-huggingface-sysdig

#malware #cybersecurity #vulnerability

##

CVE-2026-40200
(8.1 HIGH)

EPSS: 0.02%

updated 2026-04-13T15:02:06.187000

1 posts

An issue was discovered in musl libc 0.7.10 through 1.2.6. Stack-based memory corruption can occur during qsort of very large arrays, due to incorrectly implemented double-word primitives. The number of elements must exceed about seven million, i.e., the 32nd Leonardo number on 32-bit platforms (or the 64th Leonardo number on 64-bit platforms, which is not practical).

airtower@woem.men at 2026-04-19T12:21:44.882Z ##

Does anyone know how to report errors to https://db.gcve.eu/? Just their info@ mail? I looked up CVE-2026-6042 and CVE-2026-40200 there because I was annoyed that the NVD database (which #Buildroot uses for automated vulnerability checks) still didn't have them correctly labeled with the CPE (so automated tools can't identify the package is vulnerable).

Result: CVE-2026-40200 is correctly labeled (good!), while CVE-2026-6042 is not (different vendor/product). Mistakes happen, an organization that's trying to run as serious vulnerability DB really needs to provide an obvious "report errors here" mail address (or other means, but really… mail). :neocat_glare: #CVE #GCVE

##

CVE-2026-6042
(3.3 LOW)

EPSS: 0.01%

updated 2026-04-13T15:02:06.187000

1 posts

A security flaw has been discovered in musl libc up to 1.2.6. Affected is the function iconv of the file src/locale/iconv.c of the component GB18030 4-byte Decoder. Performing a manipulation results in inefficient algorithmic complexity. The attack must be initiated from a local position. To fix this issue, it is recommended to deploy a patch.

1 repos

https://github.com/jensnesten/CVE-2026-6042-PoC

airtower@woem.men at 2026-04-19T12:21:44.882Z ##

Does anyone know how to report errors to https://db.gcve.eu/? Just their info@ mail? I looked up CVE-2026-6042 and CVE-2026-40200 there because I was annoyed that the NVD database (which #Buildroot uses for automated vulnerability checks) still didn't have them correctly labeled with the CPE (so automated tools can't identify the package is vulnerable).

Result: CVE-2026-40200 is correctly labeled (good!), while CVE-2026-6042 is not (different vendor/product). Mistakes happen, an organization that's trying to run as serious vulnerability DB really needs to provide an obvious "report errors here" mail address (or other means, but really… mail). :neocat_glare: #CVE #GCVE

##

CVE-2026-6158
(7.3 HIGH)

EPSS: 4.86%

updated 2026-04-13T15:01:43.663000

2 posts

A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-6141
(6.3 MEDIUM)

EPSS: 1.23%

updated 2026-04-13T15:01:43.663000

2 posts

A vulnerability was determined in danielmiessler Personal_AI_Infrastructure up to 2.3.0. Affected is an unknown function of the file Skills/Parser/Tools/parse_url.ts. Executing a manipulation can lead to os command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 14322e87e58bf585cf3c7b9295578a6eb7dc4945. It is advisab

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-6138
(9.8 CRITICAL)

EPSS: 1.25%

updated 2026-04-13T15:01:43.663000

2 posts

A flaw has been found in Totolink A7100RU 7.4cu.2313_b20191024. The impacted element is the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mac causes os command injection. The attack can be initiated remotely. The exploit has been published and may be used.

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-6154
(9.8 CRITICAL)

EPSS: 1.25%

updated 2026-04-13T15:01:43.663000

2 posts

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313_b20191024. The affected element is the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument wizard results in os command injection. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks.

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-6139
(9.8 CRITICAL)

EPSS: 1.25%

updated 2026-04-13T15:01:43.663000

2 posts

A vulnerability has been found in Totolink A7100RU 7.4cu.2313_b20191024. This affects the function UploadOpenVpnCert of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument FileName leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-6140
(9.8 CRITICAL)

EPSS: 1.25%

updated 2026-04-13T03:30:29

2 posts

A vulnerability was found in Totolink A7100RU 7.4cu.2313_b20191024. This impacts the function UploadFirmwareFile of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument FileName results in os command injection. The attack may be initiated remotely. The exploit has been made public and could be used.

secdb at 2026-04-20T00:01:03.994Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

secdb@infosec.exchange at 2026-04-20T00:01:03.000Z ##

📈 CVE Published in last 7 days (2026-04-13 - 2026-04-20)
See more at https://secdb.nttzen.cloud/dashboard

Total CVEs: 1192

Severity:
- Critical: 104
- High: 477
- Medium: 485
- Low: 67
- None: 59

Status:
- : 27
- Analyzed: 155
- Awaiting Analysis: 421
- Deferred: 72
- Received: 270
- Rejected: 6
- Undergoing Analysis: 241

Top CNAs:
- GitHub, Inc.: 234
- Microsoft Corporation: 163
- MITRE: 116
- Wordfence: 100
- VulDB: 77
- Adobe Systems Incorporated: 53
- Chrome: 31
- N/A: 27
- Fortinet, Inc.: 27
- VulnCheck: 23

Top Affected Products:
- UNKNOWN: 856
- Microsoft Windows Server 2025: 121
- Microsoft Windows 11 24h2: 118
- Microsoft Windows 11 26h1: 117
- Microsoft Windows 11 25h2: 114
- Microsoft Windows Server 2022: 114
- Microsoft Windows 11 23h2: 113
- Microsoft Windows Server 23h2: 108
- Microsoft Windows 10 21h2: 105
- Microsoft Windows 10 22h2: 105

##

CVE-2026-3055
(9.8 CRITICAL)

EPSS: 55.71%

updated 2026-03-31T13:18:14.213000

2 posts

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

Nuclei template

5 repos

https://github.com/fevar54/CVE-2026-3055---Citrix-NetScaler-Memory-Overread-PoC

https://github.com/NetVanguard-cmd/CVE-2026-3055

https://github.com/0xBlackash/CVE-2026-3055

https://github.com/fevar54/CVE-2026-3055-Scanner---Herramienta-de-Detecci-n

https://github.com/l0lsec/check-cve-2026-3055-netscaler

mttaggart at 2026-04-19T14:35:08.156Z ##

Useful explainer on the latest Citrix shenanigans, including verifying exposure and hunting/forensics recommendations

https://www.picussecurity.com/resource/blog/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread

##

mttaggart@infosec.exchange at 2026-04-19T14:35:08.000Z ##

Useful explainer on the latest Citrix shenanigans, including verifying exposure and hunting/forensics recommendations

https://www.picussecurity.com/resource/blog/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread

##

CVE-2026-33032
(9.8 CRITICAL)

EPSS: 4.97%

updated 2026-03-30T21:26:24

3 posts

### Summary The nginx-ui MCP (Model Context Protocol) integration exposes two HTTP endpoints: `/mcp` and `/mcp_message`. While `/mcp` requires both IP whitelisting and authentication (`AuthRequired()` middleware), the `/mcp_message` endpoint only applies IP whitelisting - and the default IP whitelist is empty, which the middleware treats as "allow all". This means any network attacker can invoke a

Nuclei template

3 repos

https://github.com/Twinson333/cve-2026-33032-scanner

https://github.com/keraattin/CVE-2026-33032

https://github.com/Shreda/CVE-2026-33032-nginx-ui-vuln-lab

oversecurity@mastodon.social at 2026-04-17T08:50:36.000Z ##

Critical nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

A critical vulnerability identified as CVE-2026-33032 is drawing urgent attention from the cybersecurity community due to its role in enabling a...

🔗️ [Thecyberexpress] https://link.is.it/wkIJDC

##

vitobotta@mastodon.social at 2026-04-17T08:17:00.000Z ##

nginx-ui CVE-2026-33032: the /mcp endpoint had auth, /mcp_message didn't. One missing check = full server takeover. As tools rush to add MCP support, expect more of these gaps. - https://thehackernews.com/2026/04/critical-nginx-ui-vulnerability-cve.html

##

cyberveille@mastobot.ping.moi at 2026-04-17T02:30:24.000Z ##

📢 CVE-2026-33032 : Authentification manquante dans Nginx UI exploitée in the wild
📝 ## 🔍 Contexte

Rapid7 a publié le 16 avril 2026 une alerte de sécurité concernant **CVE-2026-33032**, une vulnérabilité crit...
📖 cyberveille : https://cyberveille.ch/posts/2026-04-16-cve-2026-33032-authentification-manquante-dans-nginx-ui-exploitee-in-the-wild/
🌐 source : https://www.rapid7.com/blog/post/etr-cve-2026-33032-nginx-ui-missing-mcp-authentication/
#CVE_2026_33032 #IOC #Cyberveille

##

CVE-2026-4368
(0 None)

EPSS: 0.02%

updated 2026-03-24T15:54:09.400000

2 posts

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup

mttaggart at 2026-04-19T14:35:08.156Z ##

Useful explainer on the latest Citrix shenanigans, including verifying exposure and hunting/forensics recommendations

https://www.picussecurity.com/resource/blog/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread

##

mttaggart@infosec.exchange at 2026-04-19T14:35:08.000Z ##

Useful explainer on the latest Citrix shenanigans, including verifying exposure and hunting/forensics recommendations

https://www.picussecurity.com/resource/blog/cve-2026-3055-cve-2026-4368-inside-the-netscaler-citrixbleed-3-memory-overread

##

CVE-2026-32746
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-03-23T14:16:33.017000

2 posts

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

5 repos

https://github.com/watchtowrlabs/watchtowr-vs-telnetd-CVE-2026-32746

https://github.com/chosenonehacks/CVE-2026-32746

https://github.com/jeffaf/cve-2026-32746

https://github.com/danindiana/cve-2026-32746-mitigation

https://github.com/ekomsSavior/telnet_scan

_r_netsec@infosec.exchange at 2026-04-17T08:43:12.000Z ##

A 32-Year-Old Bug Walks Into A Telnet Server (GNU inetutils Telnetd CVE-2026-32746) - watchTowr Labs https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/

##

_r_netsec@infosec.exchange at 2026-04-17T08:43:08.000Z ##

CVE-2026-32746 GNU telnetd Buffer Overflow PoC - Critical (9.8) https://pwn.guide/free/other/cve-2026-32746

##

CVE-2026-4440
(8.8 HIGH)

EPSS: 0.07%

updated 2026-03-20T19:27:12.970000

2 posts

Out of bounds read and write in WebGL in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to perform arbitrary read/write via a crafted HTML page. (Chromium security severity: Critical)

campuscodi@mastodon.social at 2026-04-19T10:46:24.000Z ##

Exploit code for a recently patched Chrome vulnerability has leaked online via a misconfigured server.

Security firm Breakglass believes the code is the work of a "professional exploit developer," and most intended for "sale or government use."

https://intel.breakglass.tech/post/cve-2026-4440-chrome-exploit-dev-server-open-directory

##

campuscodi@mastodon.social at 2026-04-19T10:46:24.000Z ##

Exploit code for a recently patched Chrome vulnerability has leaked online via a misconfigured server.

Security firm Breakglass believes the code is the work of a "professional exploit developer," and most intended for "sale or government use."

https://intel.breakglass.tech/post/cve-2026-4440-chrome-exploit-dev-server-open-directory

##

CVE-2026-22730
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-18T20:20:40

1 posts

updated 2026-03-18T06:31:20

1 posts

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.

6 repos

https://github.com/fevar54/CVE-2026-3888-POC-all-from-the-Qualys-platform.

https://github.com/netw0rk7/CVE-2026-3888-PoC

https://github.com/Many-Hat-Group/Ubuntu-CVE-2026-3888-patcher

https://github.com/TheCyberGeek/CVE-2026-3888-snap-confine-systemd-tmpfiles-LPE

https://github.com/nomaisthere/CVE-2026-3888

https://github.com/DanielTangnes/CVE-2026-3888

_r_netsec@infosec.exchange at 2026-04-17T08:43:09.000Z ##

Ubtuntu 24.04+ Snapd Local Privilege Escalation (CVE-2026-3888) https://blog.qualys.com/vulnerabilities-threat-research/2026/03/17/cve-2026-3888-important-snap-flaw-enables-local-privilege-escalation-to-root

##

CVE-2026-25554
(6.5 MEDIUM)

EPSS: 0.09%

updated 2026-02-27T21:31:20

1 posts

OpenSIPS versions 3.1 before 3.6.4 containing the auth_jwt module (prior to commit 3822d33) contain a SQL injection vulnerability in the jwt_db_authorize() function in modules/auth_jwt/authorize.c when db_mode is enabled and a SQL database backend is used. The function extracts the tag claim from a JWT without prior signature verification and incorporates the unescaped value directly into a SQL qu

_r_netsec@infosec.exchange at 2026-04-17T08:43:11.000Z ##

OpenSIPS SQL Injection to Authentication Bypass (CVE-2026-25554) https://aisle.com/blog/opensips-sql-injection-aisle-deep-dive-sql-injection-authentication-bypass

##

CVE-2026-1731
(9.8 CRITICAL)

EPSS: 80.06%

updated 2026-02-17T15:31:33

1 posts

BeyondTrust Remote Support (RS) and certain older versions of Privileged Remote Access (PRA) contain a critical pre-authentication remote code execution vulnerability. By sending specially crafted requests, an unauthenticated remote attacker may be able to execute operating system commands in the context of the site user.

Nuclei template

4 repos

https://github.com/cybrdude/cve-2026-1731-scanner

https://github.com/hexissam/CVE-2026-1731

https://github.com/jakubie07/CVE-2026-1731

https://github.com/win3zz/CVE-2026-1731

cyberveille@mastobot.ping.moi at 2026-04-20T00:00:10.000Z ##

📢 Exploitation active de Bomgar RMM via CVE-2026-1731 : déploiement de LockBit et accès MSP
📝 ## 🔍 Contexte

Publié le 19 avril 2026 par Huntress, cet article de threat intelligence documente une recrudescence d'incidents liés à l'expl...
📖 cyberveille : https://cyberveille.ch/posts/2026-04-19-exploitation-active-de-bomgar-rmm-via-cve-2026-1731-deploiement-de-lockbit-et-acces-msp/
🌐 source : https://www.huntress.com/blog/uptick-bomgar-exploitation
#AnyDesk #Atera #Cyberveille

##

CVE-2026-24061
(9.8 CRITICAL)

EPSS: 88.02%

updated 2026-02-10T18:30:34

1 posts

telnetd in GNU Inetutils through 2.7 allows remote authentication bypass via a "-f root" value for the USER environment variable.

Nuclei template

69 repos

https://github.com/0p5cur/CVE-2026-24061-POC

https://github.com/Lingzesec/CVE-2026-24061-GUI

https://github.com/duy-31/CVE-2026-24061---telnetd

https://github.com/Remnant-DB/CVE-2026-24061

https://github.com/Gabs-hub/CVE-2026-24061_Lab

https://github.com/balgan/CVE-2026-24061

https://github.com/m3ngx1ng/cve_2026_24061_cli

https://github.com/ms0x08-dev/CVE-2026-24061-POC

https://github.com/ridpath/Terrminus-CVE-2026-2406

https://github.com/monstertsl/CVE-2026-24061

https://github.com/MY0723/GNU-Inetutils-telnet-CVE-2026-24061-

https://github.com/parameciumzhang/Tell-Me-Root

https://github.com/Parad0x7e/CVE-2026-24061

https://github.com/Ali-brarou/telnest

https://github.com/mbanyamer/CVE-2026-24061-GNU-Inetutils-telnetd-Remote-Authentication-Bypass-Root-Shell-

https://github.com/HD0x01/CVE-2026-24061-NSE

https://github.com/nrnw/CVE-2026-24061-GNU-inetutils-Telnet-Detector

https://github.com/hyu164/Terrminus-CVE-2026-2406

https://github.com/SafeBreach-Labs/CVE-2026-24061

https://github.com/Mefhika120/Ashwesker-CVE-2026-24061

https://github.com/0x7556/CVE-2026-24061

https://github.com/SystemVll/CVE-2026-24061

https://github.com/LucasPDiniz/CVE-2026-24061

https://github.com/h3athen/CVE-2026-24061

https://github.com/z3n70/CVE-2026-24061

https://github.com/buzz075/CVE-2026-24061

https://github.com/X-croot/CVE-2026-24061_POC

https://github.com/novitahk/Exploit-CVE-2026-24061

https://github.com/yanxinwu946/CVE-2026-24061--telnetd

https://github.com/franckferman/CVE_2026_24061

https://github.com/tiborscholtz/CVE-2026-24061

https://github.com/athack-ctf/chall2026-telneted

https://github.com/FurkanKAYAPINAR/CVE-2026-24061-telnet2root

https://github.com/Chocapikk/CVE-2026-24061

https://github.com/androidteacher/CVE-2026-24061-PoC-Telnetd

https://github.com/cumakurt/tscan

https://github.com/r00tuser111/CVE-2026-24061

https://github.com/Alter-N0X/CVE-2026-24061-POC

https://github.com/leonjza/inetutils-telnetd-auth-bypass

https://github.com/XsanFlip/CVE-2026-24061-Scanner

https://github.com/ibrahmsql/CVE-2026-24061-PoC

https://github.com/infat0x/CVE-2026-24061

https://github.com/setuju/telnetd

https://github.com/xuemian168/CVE-2026-24061

https://github.com/scumfrog/cve-2026-24061

https://github.com/RStephanH/vuln-deb

https://github.com/punitdarji/telnetd-cve-2026-24061

https://github.com/0xXyc/telnet-inetutils-auth-bypass-CVE-2026-24061

https://github.com/typeconfused/CVE-2026-24061

https://github.com/przemytn/CVE-2026-24061

https://github.com/JayGLXR/CVE-2026-24061-POC

https://github.com/0xBlackash/CVE-2026-24061

https://github.com/Risma2025/CVE-2026-24061-GNU-InetUtils-telnetd-Authentication-Bypass-Vulnerability

https://github.com/dotelpenguin/telnetd_CVE-2026-24061_tester

https://github.com/obrunolima1910/CVE-2026-24061

https://github.com/BrainBob/Telnet-TestVuln-CVE-2026-24061

https://github.com/TryA9ain/CVE-2026-24061

https://github.com/shivam-bathla/CVE-2026-24061-setup

https://github.com/madfxr/Twenty-Three-Scanner

https://github.com/lavabyte/telnet-CVE-2026-24061

https://github.com/canpilayda/inetutils-telnetd-cve-2026-24061

https://github.com/ilostmypassword/Melissae-Honeypot-Framework

https://github.com/midox008/CVE-2026-24061

https://github.com/hackingyseguridad/root

https://github.com/BrainBob/CVE-2026-24061

https://github.com/killsystema/scan-cve-2026-24061

https://github.com/SeptembersEND/CVE--2026-24061

https://github.com/Mr-Zapi/CVE-2026-24061

https://github.com/ekomsSavior/telnet_scan

tobru@mstdn.social at 2026-04-17T12:04:27.000Z ##

2026-01-14: The Day the telnet Died

"On January 14, 2026, global telnet traffic observed by GreyNoise sensors fell off a cliff. A 59% sustained reduction, eighteen ASNs going completely silent, five countries vanishing from our data entirely. Six days later, CVE-2026-24061 dropped. Coincidence is one explanation."

Link: https://www.labs.greynoise.io/grimoire/2026-02-10-telnet-falls-silent/

#linkdump #blogpost #filtering #internet #isp #security #telnet

##

CVE-2019-1367
(7.5 HIGH)

EPSS: 89.25%

updated 2025-10-29T14:34:22.990000

2 posts

A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer, aka 'Scripting Engine Memory Corruption Vulnerability'. This CVE ID is unique from CVE-2019-1221.

1 repos

https://github.com/mandarenmanman/CVE-2019-1367

ajguides@mastodon.social at 2026-04-19T19:30:18.000Z ##

Microsoft Update causing Print Spooler Problems - CVE-2019-1367 | https://techygeekshome.info/cve-2019-1367/?fsp_sid=38914 | #Guide #Microsoft #News #security #Updates #Windows
https://techygeekshome.info/cve-2019-1367/?fsp_sid=38914

##

ajguides@mastodon.social at 2026-04-19T19:30:18.000Z ##

Microsoft Update causing Print Spooler Problems - CVE-2019-1367 | https://techygeekshome.info/cve-2019-1367/?fsp_sid=38914 | #Guide #Microsoft #News #security #Updates #Windows
https://techygeekshome.info/cve-2019-1367/?fsp_sid=38914

##

##

CVE-2024-3721
(6.3 MEDIUM)

EPSS: 83.86%

updated 2024-04-13T12:30:30

3 posts

A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260573

1 repos

https://github.com/bytecategory/homeip

jbz@indieweb.social at 2026-04-19T23:00:11.000Z ##

☣️ Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

｢ The attack activity outlined by Fortinet involves the exploitation of CVE-2024-3721 to obtain and drop a downloader script, which then launches the botnet payload based on the Linux system's architecture. Once the malware is executed, it displays a message stating "nexuscorp has taken control." ｣

https://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.html

#iot #ddos #botnet #cybersecurity

##

jbz@indieweb.social at 2026-04-19T23:00:11.000Z ##

☣️ Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

｢ The attack activity outlined by Fortinet involves the exploitation of CVE-2024-3721 to obtain and drop a downloader script, which then launches the botnet payload based on the Linux system's architecture. Once the malware is executed, it displays a message stating "nexuscorp has taken control." ｣

https://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.html

#iot #ddos #botnet #cybersecurity

##

hackerworkspace@infosec.exchange at 2026-04-18T08:49:10.000Z ##

Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet

https://thehackernews.com/2026/04/mirai-variant-nexcorium-exploits-cve.html

Read on HackerWorkspace: https://hackerworkspace.com/article/mirai-variant-nexcorium-exploits-cve-2024-3721-to-hijack-tbk-dvrs-for-ddos-botnet

#malware #cybersecurity #vulnerability

##

CVE-2026-39973
(0 None)

EPSS: 0.00%

2 posts

N/A

iBotPeaches at 2026-04-19T12:42:34.142Z ##

apktool 3.0.2 is out!

2 posts

N/A

thehackerwire@mastodon.social at 2026-04-18T05:00:06.000Z ##

🔴 CVE-2026-40493 - Critical (9.8)

SAIL is a cross-platform library for loading and saving images with support for animation, metadata, and ICC profiles. Prior to commit c930284445ea3ff94451ccd7a57c999eca3bc979, the PSD codec computes bytes-per-pixel (`bpp`) from raw header fields ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40493/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-04-18T04:30:27.000Z ##

🚨 CVE-2026-40493: CRITICAL out-of-bounds write in HappySeaFox sail (<c930284445ea3ff94451ccd7a57c999eca3bc979) — Heap buffer overflow in PSD codec risks RCE & data loss. Patch ASAP: commit c930284445ea3ff94451ccd7a57c999eca3bc979. https://radar.offseq.com/threat/cve-2026-40493-cwe-787-out-of-bounds-write-in-happ-da0d28a1 #OffSeq #infosec #CVE202640493

##

CVE-2026-32105
(0 None)

thehackerwire@mastodon.social at 2026-04-17T19:20:30.000Z ##

🟠 CVE-2026-28212 - High (7.5)

Firebird is an open-source relational database management system. In versions prior to 6.0.0, 5.0.4, 4.0.7 and 3.0.14, when processing an op_slice network packet, the server passes an unprepared structure containing a null pointer to the SDL_info(...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28212/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-6597(2.7 LOW)

EPSS: 0.00%

CVE-2026-4424(7.5 HIGH)

EPSS: 0.20%

CVE-2026-6591(4.3 MEDIUM)

EPSS: 0.00%

CVE-2026-6581(8.8 HIGH)

EPSS: 0.00%

CVE-2026-6572(5.6 MEDIUM)

EPSS: 0.00%

CVE-2026-6574(7.3 HIGH)

EPSS: 0.00%

CVE-2026-6573(6.3 MEDIUM)

EPSS: 0.00%

CVE-2026-6570(2.7 LOW)

EPSS: 0.02%

CVE-2026-6568(7.3 HIGH)

EPSS: 0.09%

CVE-2026-6560(8.8 HIGH)

EPSS: 0.04%

CVE-2026-6563(8.8 HIGH)

EPSS: 0.04%

CVE-2026-0868(6.4 MEDIUM)

EPSS: 0.01%

CVE-2026-41113(8.1 HIGH)

EPSS: 0.10%

CVE-2026-41242(0 None)

EPSS: 0.05%

CVE-2026-2505(5.4 MEDIUM)

EPSS: 0.03%

CVE-2026-2986(6.4 MEDIUM)

EPSS: 0.01%

CVE-2026-5426(7.5 HIGH)

EPSS: 0.05%

CVE-2026-6518(8.8 HIGH)

EPSS: 0.07%

CVE-2026-40494(9.8 CRITICAL)

EPSS: 0.04%

CVE-2026-40492(9.8 CRITICAL)

EPSS: 0.04%

CVE-2026-40487(8.9 HIGH)

EPSS: 0.02%

CVE-2026-35582(8.8 HIGH)

EPSS: 0.05%

CVE-2026-40572(9.0 CRITICAL)

EPSS: 0.01%

CVE-2026-40350(8.8 HIGH)

EPSS: 0.04%

CVE-2026-40317(9.3 CRITICAL)

EPSS: 0.02%

CVE-2026-35465(7.5 HIGH)

EPSS: 0.05%

CVE-2026-5807(7.5 HIGH)

EPSS: 0.01%

CVE-2026-4525(7.5 HIGH)

EPSS: 0.01%

CVE-2026-3605(8.1 HIGH)

EPSS: 0.01%

CVE-2026-40582(0 None)

EPSS: 0.11%

CVE-2026-40581(8.1 HIGH)

EPSS: 0.01%

CVE-2026-40484(9.1 CRITICAL)

EPSS: 0.05%

CVE-2026-40349(8.8 HIGH)

EPSS: 0.01%

CVE-2026-40348(7.7 HIGH)

EPSS: 0.01%

CVE-2026-40324(9.1 CRITICAL)

EPSS: 0.09%

CVE-2026-2262(7.5 HIGH)

EPSS: 0.04%

CVE-2026-40478(9.0 CRITICAL)

EPSS: 0.13%

CVE-2026-40477(9.0 CRITICAL)

EPSS: 0.13%

CVE-2026-40474(7.6 HIGH)

EPSS: 0.03%

CVE-2026-40352(8.8 HIGH)

EPSS: 0.03%

CVE-2026-6597
(2.7 LOW)

CVE-2026-4424
(7.5 HIGH)

CVE-2026-6591
(4.3 MEDIUM)

CVE-2026-6581
(8.8 HIGH)

CVE-2026-6572
(5.6 MEDIUM)

CVE-2026-6574
(7.3 HIGH)

CVE-2026-6573
(6.3 MEDIUM)

CVE-2026-6570
(2.7 LOW)

CVE-2026-6568
(7.3 HIGH)

CVE-2026-6560
(8.8 HIGH)

CVE-2026-6563
(8.8 HIGH)

CVE-2026-0868
(6.4 MEDIUM)

CVE-2026-41113
(8.1 HIGH)

CVE-2026-41242
(0 None)

CVE-2026-2505
(5.4 MEDIUM)

CVE-2026-2986
(6.4 MEDIUM)

CVE-2026-5426
(7.5 HIGH)

CVE-2026-6518
(8.8 HIGH)

CVE-2026-40494
(9.8 CRITICAL)

CVE-2026-40492
(9.8 CRITICAL)

CVE-2026-40487
(8.9 HIGH)

CVE-2026-35582
(8.8 HIGH)

CVE-2026-40572
(9.0 CRITICAL)

CVE-2026-40350
(8.8 HIGH)

CVE-2026-40317
(9.3 CRITICAL)

CVE-2026-35465
(7.5 HIGH)

CVE-2026-5807
(7.5 HIGH)

CVE-2026-4525
(7.5 HIGH)

CVE-2026-3605
(8.1 HIGH)

CVE-2026-40582
(0 None)

CVE-2026-40581
(8.1 HIGH)

CVE-2026-40484
(9.1 CRITICAL)

CVE-2026-40349
(8.8 HIGH)

CVE-2026-40348
(7.7 HIGH)

CVE-2026-40324
(9.1 CRITICAL)

CVE-2026-2262
(7.5 HIGH)

CVE-2026-40478
(9.0 CRITICAL)

CVE-2026-40477
(9.0 CRITICAL)

CVE-2026-40474
(7.6 HIGH)

CVE-2026-40352
(8.8 HIGH)

CVE-2026-40351
(9.8 CRITICAL)

CVE-2026-40321
(8.0 HIGH)

CVE-2026-40258
(9.1 CRITICAL)

CVE-2026-35546
(9.8 CRITICAL)

CVE-2026-40461
(7.5 HIGH)

CVE-2026-40525
(9.1 CRITICAL)

CVE-2026-40527
(7.8 HIGH)

CVE-2026-40303
(7.5 HIGH)

CVE-2026-40434
(8.1 HIGH)

CVE-2026-40342
(9.9 CRITICAL)

CVE-2026-40066
(8.8 HIGH)

CVE-2026-35682
(8.8 HIGH)

CVE-2026-34232
(7.5 HIGH)

CVE-2026-32650
(7.5 HIGH)

CVE-2026-32324
(7.7 HIGH)

CVE-2026-32107
(8.8 HIGH)

CVE-2026-40170
(7.5 HIGH)

CVE-2026-33337
(7.5 HIGH)

CVE-2026-6284
(9.1 CRITICAL)

CVE-2025-65104
(7.9 HIGH)

CVE-2026-40516
(8.3 HIGH)

CVE-2026-40515
(7.5 HIGH)

CVE-2026-37749
(9.8 CRITICAL)

CVE-2026-5718
(8.1 HIGH)

CVE-2026-5710
(7.5 HIGH)

CVE-2026-33829
(4.3 MEDIUM)

CVE-2026-6307
(8.8 HIGH)

CVE-2026-3464
(8.8 HIGH)

CVE-2026-6296
(9.6 CRITICAL)

CVE-2026-6297
(8.3 HIGH)

CVE-2026-30996
(7.5 HIGH)

CVE-2026-6290
(8.0 HIGH)

CVE-2026-34242
(7.7 HIGH)

CVE-2026-33435
(8.0 HIGH)

CVE-2026-40322
(9.0 CRITICAL)