## Updated at UTC 2026-05-28T11:15:20.158277

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-4408 9.0 0.00% 2 0 2026-05-28T09:16:47.643000 A flaw was found in Samba. A remote attacker can exploit a misconfiguration in S
CVE-2026-9009 8.8 0.00% 4 0 2026-05-28T06:31:16 The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnera
CVE-2026-7802 8.8 0.00% 2 0 2026-05-28T06:31:16 The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authoriza
CVE-2026-32999 9.0 0.00% 2 0 2026-05-28T06:31:15 Insufficient character filtering in backup agent signing module on Comet Backup
CVE-2026-9789 None 0.00% 2 0 2026-05-28T03:31:21 A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense softwar
CVE-2026-7374 9.9 0.12% 1 0 2026-05-28T03:16:44.047000 A flaw was found in KubeVirt's virt-handler component. This vulnerability allows
CVE-2026-8915 8.8 0.00% 4 0 2026-05-28T00:30:35 Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflo
CVE-2026-9739 None 0.00% 2 0 2026-05-28T00:30:35 Vulnerable to DNS rebinding attacks when using SSE (http://b/499408790). During
CVE-2026-9208 8.8 0.00% 2 0 2026-05-28T00:30:35 Tanium addressed an unauthorized code execution vulnerability in Connect.
CVE-2026-45083 9.8 0.00% 2 0 2026-05-27T22:16:36.820000 The Goobi viewer is a web application that allows digitised material to be displ
CVE-2026-42496 9.1 0.02% 1 0 2026-05-27T21:32:23 Archive::Tar versions before 3.08 for Perl extract symlinks with attacker contro
CVE-2026-8359 7.5 0.00% 2 0 2026-05-27T21:31:33 When processing a request with a URL path starting with /status or /sysinfo, WOS
CVE-2026-8362 9.8 0.00% 2 0 2026-05-27T21:31:32 A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when
CVE-2026-8361 7.5 0.00% 2 0 2026-05-27T21:31:32 A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processin
CVE-2026-8364 9.8 0.00% 2 0 2026-05-27T21:31:32 Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe)
CVE-2026-8363 9.8 0.00% 2 0 2026-05-27T21:31:32 A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when p
CVE-2026-49017 None 0.04% 1 0 2026-05-27T21:31:24 In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite
CVE-2026-42497 7.5 0.02% 1 0 2026-05-27T21:31:24 Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker control
CVE-2026-8360 7.5 0.00% 2 0 2026-05-27T21:16:19.400000 Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DL
CVE-2026-44712 8.2 0.00% 2 0 2026-05-27T21:16:18.213000 pam_usb provides hardware authentication for Linux using ordinary removable medi
CVE-2026-44709 7.8 0.00% 2 0 2026-05-27T21:16:17.807000 pam_usb provides hardware authentication for Linux using ordinary removable medi
CVE-2026-48027 9.8 0.00% 4 0 2026-05-27T20:34:24.850000 Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious ver
CVE-2026-48152 8.1 0.00% 2 0 2026-05-27T20:16:40.943000 Budibase is an open-source low-code platform. Prior to 3.39.0, the single-dataso
CVE-2025-70103 7.3 0.00% 1 0 2026-05-27T20:00:46.020000 Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to th
CVE-2026-44327 10.0 0.00% 1 0 2026-05-27T19:51:27.110000 free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2,
CVE-2026-44900 8.1 0.00% 1 0 2026-05-27T19:41:21.417000 epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrast
CVE-2026-9170 9.8 0.06% 2 0 2026-05-27T19:16:25.223000 IBM HTTP Server 8.5, and 9.0
CVE-2026-8398 9.8 0.04% 4 0 2026-05-27T19:16:24.940000 A supply chain attack compromised the official installation packages of DAEMON T
CVE-2026-8450 9.1 0.14% 1 0 2026-05-27T18:32:40 HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_f
CVE-2015-2808 10.0 37.49% 1 0 2026-05-27T18:32:34 The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not proper
CVE-2026-48962 7.3 0.03% 1 0 2026-05-27T18:31:37 IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::
CVE-2025-12686 9.8 0.17% 1 0 2026-05-27T17:16:27.797000 Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerabi
CVE-2026-8180 7.5 0.00% 1 0 2026-05-27T15:33:33 IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM A
CVE-2026-7524 9.8 0.00% 1 0 2026-05-27T15:33:32 IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to im
CVE-2026-8179 8.8 0.00% 1 0 2026-05-27T15:33:32 IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM A
CVE-2026-8175 9.8 0.00% 1 0 2026-05-27T15:33:31 IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM A
CVE-2026-48972 7.5 0.00% 1 0 2026-05-27T15:33:28 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-6957 8.0 0.00% 1 0 2026-05-27T15:16:34.903000 Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from fed
CVE-2026-44449 9.1 0.08% 1 0 2026-05-27T14:57:07.120000 Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the prima
CVE-2025-14713 7.5 0.03% 1 0 2026-05-27T14:54:20.160000 An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Ed
CVE-2026-42013 8.2 0.03% 1 0 2026-05-27T14:54:20.160000 A flaw was found in gnutls. When validating certificates, an oversized Subject A
CVE-2026-7365 8.4 0.00% 1 0 2026-05-27T14:53:51.833000 IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Anal
CVE-2026-40850 7.5 0.05% 3 0 2026-05-27T14:53:22.863000 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40838 6.5 0.03% 2 0 2026-05-27T14:53:22.863000 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40810 7.5 0.05% 2 0 2026-05-27T14:53:22.863000 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40837 6.5 0.03% 2 0 2026-05-27T14:53:22.863000 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40840 6.5 0.03% 2 0 2026-05-27T14:53:22.863000 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40827 5.5 0.03% 2 0 2026-05-27T14:53:22.863000 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40839 6.5 0.03% 2 0 2026-05-27T14:53:22.863000 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40826 4.9 0.03% 2 0 2026-05-27T14:53:22.863000 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40821 4.9 0.03% 2 0 2026-05-27T14:53:22.863000 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40848 6.5 0.03% 2 0 2026-05-27T14:53:22.863000 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40843 6.5 0.03% 2 0 2026-05-27T14:53:22.863000 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40842 6.5 0.03% 2 0 2026-05-27T14:53:22.863000 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40841 6.5 0.03% 2 0 2026-05-27T14:53:22.863000 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2025-41669 8.8 0.06% 1 0 2026-05-27T14:53:22.863000 The Web-based Management allows a remote low privileged Engineer user to install
CVE-2026-42735 8.2 0.04% 1 0 2026-05-27T14:50:47.627000 Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic
CVE-2026-42747 9.3 0.03% 1 0 2026-05-27T14:50:47.627000 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-42756 9.9 0.05% 1 0 2026-05-27T14:50:47.627000 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
CVE-2026-9628 8.8 0.04% 1 0 2026-05-27T14:50:47.627000 A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected
CVE-2026-9632 8.8 0.04% 1 0 2026-05-27T14:50:47.627000 A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by
CVE-2026-42760 7.5 0.04% 1 0 2026-05-27T12:31:31 Authentication Bypass Using an Alternate Path or Channel vulnerability in revmak
CVE-2026-42755 9.3 0.03% 1 0 2026-05-27T12:31:30 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-42748 9.9 0.04% 1 0 2026-05-27T12:31:30 Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo
CVE-2026-42761 9.3 0.03% 1 0 2026-05-27T12:31:30 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-42758 9.8 0.04% 1 0 2026-05-27T12:31:30 Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias Webinar
CVE-2026-42757 9.9 0.05% 1 0 2026-05-27T12:31:30 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
CVE-2026-3012 8.0 0.00% 1 0 2026-05-27T12:31:29 A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. W
CVE-2026-40849 6.5 0.03% 2 0 2026-05-27T09:31:29 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40851 8.4 0.02% 3 0 2026-05-27T09:31:28 A local attacker can perform a confusion attack on the cfgparser via a specially
CVE-2026-49002 9.1 0.03% 1 0 2026-05-27T09:31:28 Access control failure means that an application does not effectively check user
CVE-2026-40852 7.2 0.07% 2 0 2026-05-27T09:31:28 A highly authenticated attacker can alter the config generator injecting a paylo
CVE-2026-40845 6.5 0.03% 2 0 2026-05-27T09:31:28 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40836 7.1 0.03% 2 0 2026-05-27T09:31:28 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40830 5.5 0.03% 2 0 2026-05-27T09:31:28 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40847 6.5 0.03% 2 0 2026-05-27T09:31:28 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40832 6.5 0.03% 2 0 2026-05-27T09:31:28 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40835 6.5 0.03% 2 0 2026-05-27T09:31:28 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40846 6.5 0.03% 2 0 2026-05-27T09:31:28 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40834 7.1 0.03% 2 0 2026-05-27T09:31:28 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40844 6.5 0.03% 2 0 2026-05-27T09:31:28 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40833 7.1 0.03% 2 0 2026-05-27T09:31:28 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2025-13392 8.1 0.05% 1 0 2026-05-27T09:31:24 Improper check for unusual or exceptional conditions vulnerability in SSO in Syn
CVE-2025-30028 8.6 0.04% 1 0 2026-05-27T09:31:24 A vulnerability in Active Backup for Business allows unauthorized remote attacke
CVE-2026-40831 6.5 0.03% 2 0 2026-05-27T09:31:24 An low privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40829 5.5 0.03% 2 0 2026-05-27T09:31:24 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40828 5.5 0.03% 2 0 2026-05-27T09:31:24 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40825 5.5 0.03% 3 0 2026-05-27T09:31:23 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40817 7.5 0.05% 2 0 2026-05-27T09:31:23 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40823 5.5 0.03% 2 0 2026-05-27T09:31:23 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40822 4.9 0.03% 2 0 2026-05-27T09:31:23 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40813 7.5 0.05% 2 0 2026-05-27T09:31:23 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40824 5.5 0.03% 2 0 2026-05-27T09:31:23 A high privileged remote attacker can exploit an unauthenticated SQL Injection v
CVE-2026-40818 7.5 0.05% 2 0 2026-05-27T09:31:23 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40819 7.5 0.05% 2 0 2026-05-27T09:31:23 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40815 7.5 0.05% 2 0 2026-05-27T09:31:23 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40816 7.5 0.05% 2 0 2026-05-27T09:31:22 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40812 7.5 0.05% 2 0 2026-05-27T09:31:22 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40814 7.5 0.05% 2 0 2026-05-27T09:31:22 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2026-40811 7.5 0.05% 2 0 2026-05-27T09:31:22 An unauthenticated remote attacker can exploit an unauthenticated SQL Injection
CVE-2025-41670 7.8 0.03% 1 0 2026-05-27T09:31:22 A local user with low privileges may be able to influence the behavior of a priv
CVE-2026-8760 9.8 0.25% 1 0 2026-05-27T09:31:21 The Login with OTP plugin for WordPress is vulnerable to authentication bypass i
CVE-2026-5260 8.2 0.14% 1 0 2026-05-27T06:32:38 A flaw was found in libgnutls. A remote attacker, by sending an extremely short
CVE-2026-2253 7.7 0.03% 1 0 2026-05-27T06:31:42 Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 an
CVE-2025-43306 7.8 0.01% 1 0 2026-05-27T03:31:37 A logic issue was addressed with improved checks. This issue is fixed in macOS S
CVE-2026-9631 8.8 0.04% 1 0 2026-05-27T03:30:37 A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affe
CVE-2026-9627 8.8 0.04% 1 0 2026-05-27T03:30:37 A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This
CVE-2026-9207 8.8 0.07% 1 0 2026-05-27T03:30:36 Tanium addressed an unauthorized code execution vulnerability in Connect.
CVE-2026-9312 None 0.05% 1 0 2026-05-27T00:31:29 A server-side request forgery (SSRF) vulnerability was identified in GitHub Ente
CVE-2026-44966 8.3 0.08% 1 0 2026-05-26T22:16:43.293000 Velocity.js is a JavaScript implementation of the Apache Velocity template engin
CVE-2026-5426 7.5 0.07% 4 1 2026-05-26T21:32:41 Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver de
CVE-2026-9642 9.8 0.04% 1 0 2026-05-26T21:32:08 There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthentica
CVE-2026-8676 8.8 0.02% 1 0 2026-05-26T21:32:07 An attacker is able to downgrade the security of a Bluetooth LE connection by de
CVE-2026-44843 8.2 0.01% 1 0 2026-05-26T21:16:39.003000 LangChain is a framework for building agents and LLM-powered applications. Prior
CVE-2026-7454 7.8 0.01% 1 0 2026-05-26T20:40:28.047000 A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force
CVE-2026-48172 9.8 7.96% 5 2 2026-05-26T20:19:13.460000 LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possi
CVE-2026-25104 7.8 0.01% 2 0 2026-05-26T20:16:40.787000 MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability
CVE-2026-8047 7.5 0.07% 1 0 2026-05-26T20:00:24.897000 The affected products perform improper length checking when parsing incoming HTT
CVE-2026-44469 7.8 0.01% 1 0 2026-05-26T20:00:24.897000 The affected product extracts installation files to a temporary directory with i
CVE-2026-9478 9.8 0.89% 1 0 2026-05-26T19:54:40.357000 A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted
CVE-2026-46368 8.8 0.06% 1 0 2026-05-26T19:50:21.747000 luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on f
CVE-2026-42773 9.3 0.03% 1 0 2026-05-26T19:31:20.323000 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-43284 7.8 1.49% 1 32 2026-05-26T18:32:39 In the Linux kernel, the following vulnerability has been resolved: xfrm: esp:
CVE-2026-8620 7.5 0.05% 1 0 2026-05-26T18:31:59 IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8
CVE-2026-8855 8.1 0.24% 1 0 2026-05-26T18:31:59 IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial o
CVE-2026-8854 7.5 0.01% 1 0 2026-05-26T18:31:58 IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional
CVE-2026-8856 7.7 0.03% 1 0 2026-05-26T18:31:51 IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configuration
CVE-2026-25112 7.8 0.01% 1 0 2026-05-26T18:31:42 A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows
CVE-2026-9496 7.5 0.04% 1 0 2026-05-26T15:33:18 Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service (
CVE-2026-45247 9.8 0.10% 1 0 2026-05-26T15:32:17 Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a
CVE-2026-4480 8.5 0.08% 1 0 2026-05-26T15:32:17 A flaw was found in the Samba printing subsystem. Samba passes the client-contro
CVE-2026-48131 8.1 0.02% 1 0 2026-05-26T15:32:16 The VPN service may mishandle an unexpected IKE fragment value received on the I
CVE-2026-9543 9.8 0.20% 1 0 2026-05-26T15:32:16 A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected
CVE-2026-26980 9.4 56.66% 4 4 template 2026-05-26T15:16:24.310000 Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 all
CVE-2026-44468 7.8 0.01% 1 0 2026-05-26T13:31:03 The affected product creates a directory with insecure default permissions durin
CVE-2026-8046 8.1 0.10% 1 0 2026-05-26T13:31:02 The affected products insufficiently verify authorization when deleting user acc
CVE-2026-39661 7.5 0.11% 1 0 2026-05-26T13:30:57 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-25713 7.8 0.01% 1 0 2026-05-26T13:30:56 MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability
CVE-2026-42774 9.3 0.03% 1 0 2026-05-26T13:30:53 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-4372 7.8 0.03% 1 0 2026-05-26T13:30:34 A critical remote code execution vulnerability exists in all versions of the Hug
CVE-2026-45659 8.8 0.50% 3 2 2026-05-26T13:30:30 Deserialization of untrusted data in Microsoft Office SharePoint allows an autho
CVE-2026-45250 7.8 0.01% 1 1 2026-05-22T03:30:26 The setcred(2) system call is only available to privileged users. However, befo
CVE-2010-0249 8.8 88.68% 1 0 2026-05-21T12:57:01.463000 Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 o
CVE-2026-9082 6.5 34.17% 2 9 template 2026-05-20T21:32:36 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-41091 7.8 5.94% 3 2 2026-05-20T19:06:36.850000 Improper link resolution before file access ('link following') in Microsoft Defe
CVE-2026-45498 4.0 4.11% 1 1 2026-05-20T18:31:35 Microsoft Defender Denial of Service Vulnerability
CVE-2026-45137 8.2 0.00% 2 0 2026-05-19T16:08:42 ### Summary An logic error causes anchor programs to accept any program id when
CVE-2026-42096 None 0.04% 1 1 2026-05-19T15:31:29 Sparx Pro Cloud Server is vulnerable to Broken Access Control within communicati
CVE-2026-45736 4.4 0.01% 1 0 2026-05-19T14:39:20.353000 ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, t
CVE-2026-45829 None 0.17% 1 2 2026-05-18T18:31:30 A pre-authentication, code injection vulnerability in version 1.0.0 or later of
CVE-2026-45298 8.6 0.02% 1 0 2026-05-18T16:41:41 ## Summary In a default dozzle deploy (the documented quickstart, no `DOZZLE_AU
CVE-2026-43500 7.8 1.26% 1 14 2026-05-17T16:16:16.740000 In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also
CVE-2026-42897 8.1 7.49% 1 1 2026-05-15T18:30:32 Improper neutralization of input during web page generation ('cross-site scripti
CVE-2026-45574 8.1 0.01% 1 0 2026-05-15T18:29:32 ### Impact An attacker on the network path between the ePA service and the Konne
CVE-2026-41089 9.8 0.13% 1 0 2026-05-15T15:42:17.907000 Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker
CVE-2026-42945 8.1 1.04% 1 35 2026-05-14T21:30:40 NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_mo
CVE-2026-0265 0 0.03% 1 2 2026-05-13T18:17:47.830000 An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software en
CVE-2026-45321 9.6 0.03% 3 12 2026-05-13T16:25:19 ## Summary On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicio
CVE-2026-45152 7.8 0.00% 2 0 2026-05-13T15:33:13 I discovered a command injection vulnerability in uniget that allows arbitrary c
CVE-2026-44724 7.8 0.00% 2 0 2026-05-13T15:29:22 ## Summary On Linux, `systeminformation` is vulnerable to command injection in
CVE-2016-10156 7.8 0.71% 2 0 2026-05-13T00:24:29.033000 A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files
CVE-2026-28952 7.5 0.02% 6 0 2026-05-12T18:30:36 An integer overflow was addressed with improved input validation. This issue is
CVE-2026-44483 8.2 0.00% 1 0 2026-05-11T16:09:41 ## Summary `setPath` in `@rvf/set-get` (used by `@rvf/core` to flatten incoming
CVE-2026-44971 8.2 0.00% 1 0 2026-05-11T14:45:09 # Summary The programmatic remote project scanning path rewrites attacker-contro
CVE-2026-44895 None 0.02% 1 0 2026-05-09T00:10:30 ## SSE Transport Has No Authentication and Wildcard CORS, Exposing All 86 GitLab
CVE-2026-44326 9.4 0.00% 1 0 2026-05-08T22:59:00 ### Summary free5GC's NEF mounts the `3gpp-traffic-influence` API without inboun
CVE-2025-26885 7.2 0.19% 1 0 2026-04-29T10:16:42.637000 Deserialization of Untrusted Data vulnerability in Beaver Builder WordPress Assi
CVE-2026-3172 8.1 0.06% 1 0 2026-04-15T00:35:42.020000 Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 all
CVE-2025-2005 9.8 2.94% 1 4 2026-04-08T17:20:35.697000 The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads
CVE-2024-23218 5.9 0.19% 1 0 2026-04-02T21:32:39 A timing side-channel issue was addressed with improvements to constant-time com
CVE-2026-33636 7.6 0.04% 1 0 2026-04-02T18:42:02.667000 LIBPNG is a reference library for use in applications that read, create, and man
CVE-2025-15284 3.7 0.04% 1 0 2026-03-02T22:05:33 ### Summary The `arrayLimit` option in qs did not enforce limits for bracket no
CVE-2021-4229 8.8 0.86% 1 1 2026-02-17T21:57:43 The npm package `ua-parser-js` had three versions published with malicious code.
CVE-2025-62582 9.8 0.03% 1 0 2026-01-16T03:30:27 Delta Electronics DIAView has multiple vulnerabilities.
CVE-2025-20286 9.9 0.18% 1 0 2025-06-04T18:30:58 A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud
CVE-2025-25015 9.9 0.74% 1 0 2025-04-02T18:31:55 Prototype pollution in Kibana leads to arbitrary code execution via a crafted fi
CVE-2025-1515 9.8 0.06% 1 0 2025-03-05T12:31:19 The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication
CVE-2024-13787 9.8 0.29% 1 0 2025-03-05T12:31:11 The VEDA - MultiPurpose WordPress Theme theme for WordPress is vulnerable to PHP
CVE-2023-25136 6.5 88.33% 2 11 2024-11-21T07:49:10.877000 OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.
CVE-2017-16054 7.5 0.26% 1 0 2023-09-08T20:34:48 The `nodefabric` package is a piece of malware that steals environment variables
CVE-2021-21735 None 0.17% 1 1 2023-01-29T05:06:59 A ZTE product has an information leak vulnerability. Due to improper permission
CVE-2026-27771 0 0.00% 2 2 N/A
CVE-2026-48095 0 0.00% 2 1 N/A
CVE-2026-48710 0 0.03% 15 3 N/A
CVE-2026-46402 0 0.00% 4 0 N/A
CVE-2026-44590 0 0.00% 2 1 N/A
CVE-2026-45108 0 0.00% 2 0 N/A
CVE-2026-45104 0 0.00% 2 0 N/A
CVE-2026-45102 0 0.00% 2 0 N/A
CVE-2026-44888 0 0.00% 2 0 N/A
CVE-2026-46414 0 0.00% 4 0 N/A
CVE-2026-48064 0 0.00% 2 0 N/A
CVE-2026-45322 0 0.00% 2 0 N/A
CVE-2026-44713 0 0.00% 2 0 N/A
CVE-2026-44711 0 0.00% 2 0 N/A
CVE-2026-46425 0 0.00% 2 0 N/A
CVE-2026-48153 0 0.00% 2 0 N/A
CVE-2026-48151 0 0.00% 2 0 N/A
CVE-2026-48150 0 0.00% 2 0 N/A
CVE-2026-48149 0 0.00% 2 0 N/A
CVE-2026-41613 0 0.07% 1 0 N/A
CVE-2026-40820 0 0.00% 2 0 N/A
CVE-2026-44450 0 0.07% 1 0 N/A
CVE-2026-44847 0 0.08% 1 0 N/A
CVE-2026-43988 0 0.03% 1 0 N/A
CVE-2026-44905 0 0.03% 1 0 N/A
CVE-2026-43935 0 0.13% 1 0 N/A
CVE-2026-33416 0 0.02% 1 0 N/A
CVE-2026-40172 0 0.01% 1 0 N/A
CVE-2026-5222 0 0.04% 2 0 N/A
CVE-2026-5223 0 0.04% 3 0 N/A

CVE-2026-4408
(9.0 CRITICAL)

EPSS: 0.00%

updated 2026-05-28T09:16:47.643000

2 posts

A flaw was found in Samba. A remote attacker can exploit a misconfiguration in Samba file servers and classic domain controllers that use the "check password script" feature. If this script is configured with the %u substitution character, the client-controlled username is passed without proper escaping of shell meta-characters. This vulnerability allows an attacker to achieve remote command execu

offseq at 2026-05-28T09:00:28.749Z ##

🚨 CRITICAL: CVE-2026-4408 in Red Hat Enterprise Linux 10 via Samba misconfig enables remote command execution if "check password script" uses %u. Audit your configs now! Details: radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-05-28T09:00:28.000Z ##

🚨 CRITICAL: CVE-2026-4408 in Red Hat Enterprise Linux 10 via Samba misconfig enables remote command execution if "check password script" uses %u. Audit your configs now! Details: radar.offseq.com/threat/cve-20 #OffSeq #Linux #Samba #Infosec

##

CVE-2026-9009
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-28T06:31:16

4 posts

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filter_content function. This is due to passing the attacker-supplied 'callback_raw' shortcode attribute directly into call_user_func() with no sanitization or allowlist validation, relying solely on an is_callable() check that permits dan

offseq at 2026-05-28T07:30:27.027Z ##

⚠️ CVE-2026-9009 (HIGH): Crawlomatic Multipage Scraper Post Generator for WordPress lets author+ users trigger arbitrary PHP code via unsafe shortcodes. No patch yet — restrict author access & consider disabling plugin. Details: radar.offseq.com/threat/cve-20

##
thehackerwire@mastodon.social at 2026-05-28T07:00:01.000Z ##

🟠 CVE-2026-9009 - High (8.8)

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filter_content function. This is due to passing the attacker-supplied 'callback_raw' s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-05-28T07:30:27.000Z ##

⚠️ CVE-2026-9009 (HIGH): Crawlomatic Multipage Scraper Post Generator for WordPress lets author+ users trigger arbitrary PHP code via unsafe shortcodes. No patch yet — restrict author access & consider disabling plugin. Details: radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Vuln

##
thehackerwire@mastodon.social at 2026-05-28T07:00:01.000Z ##

🟠 CVE-2026-9009 - High (8.8)

The Crawlomatic Multipage Scraper Post Generator plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.7.2 via the filter_content function. This is due to passing the attacker-supplied 'callback_raw' s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-7802
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-28T06:31:16

2 posts

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with subscriber-level access and above, to overwrite an administrator's user_pass, user_email, first_name, last_n

thehackerwire@mastodon.social at 2026-05-28T07:00:12.000Z ##

🟠 CVE-2026-7802 - High (8.8)

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T07:00:12.000Z ##

🟠 CVE-2026-7802 - High (8.8)

The Frontend Admin by DynamiApps plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 3.29.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32999
(9.0 None)

EPSS: 0.00%

updated 2026-05-28T06:31:15

2 posts

Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a privileged user on the affected server and connected devices.

thehackerwire@mastodon.social at 2026-05-28T07:00:21.000Z ##

🔴 CVE-2026-32999 - Critical (9)

Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a privileged user on the affected server and connected devices.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T07:00:21.000Z ##

🔴 CVE-2026-32999 - Critical (9)

Insufficient character filtering in backup agent signing module on Comet Backup server allows authenticated tenant administrator to execute an arbitrary code on behalf of a privileged user on the affected server and connected devices.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9789(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-05-28T03:31:21

2 posts

A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List (ACL). This allows any authenticated local user to connect and send commands. Because the service does not check the caller's privileges before running file deletion comma

offseq at 2026-05-28T04:30:26.567Z ##

🛡️ CVE-2026-9789 (HIGH, CVSS 8.5): Acer NitroSense V3 (≤3.01.3001) local users can delete arbitrary files via PSAdminAgent's weak pipe ACL. No patch yet — restrict access, monitor activity. More: radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-05-28T04:30:26.000Z ##

🛡️ CVE-2026-9789 (HIGH, CVSS 8.5): Acer NitroSense V3 (≤3.01.3001) local users can delete arbitrary files via PSAdminAgent's weak pipe ACL. No patch yet — restrict access, monitor activity. More: radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Acer #PrivilegeEscalation

##

CVE-2026-7374
(9.9 CRITICAL)

EPSS: 0.12%

updated 2026-05-28T03:16:44.047000

1 posts

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets. By replacing the console socket with a symlink to the host's container runtime (CRI-O) socket, an attacker can hijack virt-handler's privileged connecti

thehackerwire@mastodon.social at 2026-05-26T15:00:49.000Z ##

🔴 CVE-2026-7374 - Critical (9.9)

A flaw was found in KubeVirt's virt-handler component. This vulnerability allows an authenticated OpenShift user with edit permissions in a single namespace to exploit improper symlink validation when connecting to virtual machine console sockets....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8915
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-28T00:30:35

4 posts

Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers. This issue affects Escargot: 36f5fb58366a67b713c02f6fd985e924fcc09e31.

thehackerwire@mastodon.social at 2026-05-28T03:00:43.000Z ##

🟠 CVE-2026-8915 - High (8.8)

Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers.

This issue affects Escargot: 36f5fb58366a67b713c02f6fd985e924fcc09e31.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq at 2026-05-28T01:30:26.242Z ##

🔔 CVE-2026-8915 (HIGH): Out-of-bounds write in Samsung Open Source Escargot (commit 36f5fb58...) enables buffer overflow risks — system compromise possible. No patch yet; monitor advisories & restrict access. radar.offseq.com/threat/cve-20

##
thehackerwire@mastodon.social at 2026-05-28T03:00:43.000Z ##

🟠 CVE-2026-8915 - High (8.8)

Out-of-bounds write vulnerability in Samsung Open Source Escargot allows Overflow Buffers.

This issue affects Escargot: 36f5fb58366a67b713c02f6fd985e924fcc09e31.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-05-28T01:30:26.000Z ##

🔔 CVE-2026-8915 (HIGH): Out-of-bounds write in Samsung Open Source Escargot (commit 36f5fb58...) enables buffer overflow risks — system compromise possible. No patch yet; monitor advisories & restrict access. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Escargot

##

CVE-2026-9739(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-05-28T00:30:35

2 posts

Vulnerable to DNS rebinding attacks when using SSE (http://b/499408790). During the beta phase, we implemented `allowed-origins` and `allowed-hosts` flags to align with MCP security guidelines. However, the hardcoded `Access-Control-Allow-Origin: *` header in the SSE initialization handler was inadvertently retained. This vulnerability specifically impacts users connecting via Toolbox using SSE un

offseq at 2026-05-28T00:00:38.049Z ##

🚨 CRITICAL: CVE-2026-9739 in Google MCP Toolbox for Databases (CVSS 9.4) allows DNS rebinding via a permissive cross-domain policy in SSE. No patch yet — restrict untrusted domains & monitor advisories. radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-05-28T00:00:38.000Z ##

🚨 CRITICAL: CVE-2026-9739 in Google MCP Toolbox for Databases (CVSS 9.4) allows DNS rebinding via a permissive cross-domain policy in SSE. No patch yet — restrict untrusted domains & monitor advisories. radar.offseq.com/threat/cve-20 #OffSeq #CVE #Infosec #Google

##

CVE-2026-9208
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-28T00:30:35

2 posts

Tanium addressed an unauthorized code execution vulnerability in Connect.

thehackerwire@mastodon.social at 2026-05-27T23:00:25.000Z ##

🟠 CVE-2026-9208 - High (8.8)

Tanium addressed an unauthorized code execution vulnerability in Connect.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T23:00:25.000Z ##

🟠 CVE-2026-9208 - High (8.8)

Tanium addressed an unauthorized code execution vulnerability in Connect.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45083
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T22:16:36.820000

2 posts

The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /api/v1/index/stream accepted an arbitrary Solr streaming expression from unauthenticated network clients and forwarded it to the backend Solr server without restriction. An attacker could read the complete Solr index and, in defau

thehackerwire@mastodon.social at 2026-05-27T23:00:34.000Z ##

🔴 CVE-2026-45083 - Critical (9.8)

The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /api/v1/index/stream accepted an arbitrary Solr streaming expression from unau...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T23:00:34.000Z ##

🔴 CVE-2026-45083 - Critical (9.8)

The Goobi viewer is a web application that allows digitised material to be displayed in a web browser. From 4.8.0 to before 26.04.1, the Goobi viewer REST endpoint POST /api/v1/index/stream accepted an arbitrary Solr streaming expression from unau...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42496
(9.1 CRITICAL)

EPSS: 0.02%

updated 2026-05-27T21:32:23

1 posts

Archive::Tar versions before 3.08 for Perl extract symlinks with attacker controlled targets outside the extraction directory. _make_special_file() passes the tar header's linkname to symlink() without validating it against absolute paths or .. segments. The secure-extract mode check that guards regular file extraction does not cover the symlink target. A subsequent open through the extracted na

offseq@infosec.exchange at 2026-05-26T06:00:33.000Z ##

🚩 CVE-2026-42496: HIGH severity vuln in BINGOS Archive::Tar (<3.08). Symlinks in tar archives can escape extraction dir, risking unauthorized file access. No patch yet — avoid untrusted archives! radar.offseq.com/threat/cve-20 #OffSeq #vuln #Perl #infosec

##

CVE-2026-8359
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-27T21:31:33

2 posts

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would be called to set up a "module" object for that module. However, WOSHttpStatusModule.dll is not present in the installation. As a result, a function pointer to WOSBin_LoadHttpModule (which would have bee

thehackerwire@mastodon.social at 2026-05-27T23:01:29.000Z ##

🟠 CVE-2026-8359 - High (7.5)

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would be called to set up a "module" object for that mo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T23:01:29.000Z ##

🟠 CVE-2026-8359 - High (7.5)

When processing a request with a URL path starting with /status or /sysinfo, WOSHttpStatusModule.dll is to be loaded to handle such URL patterns. The WOSBin_LoadHttpModule function in the dll would be called to set up a "module" object for that mo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8362
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T21:31:32

2 posts

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome

thehackerwire@mastodon.social at 2026-05-28T00:01:07.000Z ##

🔴 CVE-2026-8362 - Critical (9.8)

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T00:01:07.000Z ##

🔴 CVE-2026-8362 - Critical (9.8)

A stack-based buffer overflow condition exists in WOSDefaultHttpModule.dll when processing a long URL path starting with /woshome

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8361
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-27T21:31:32

2 posts

A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome

thehackerwire@mastodon.social at 2026-05-28T00:00:57.000Z ##

🟠 CVE-2026-8361 - High (7.5)

A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T00:00:57.000Z ##

🟠 CVE-2026-8361 - High (7.5)

A path traversal vulnerability exists in WOSDefaultHttpModule.dll when processing a URL path starting with /woshome

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8364
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T21:31:32

2 posts

Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache.

thehackerwire@mastodon.social at 2026-05-27T23:01:20.000Z ##

🔴 CVE-2026-8364 - Critical (9.8)

Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T23:01:20.000Z ##

🔴 CVE-2026-8364 - Critical (9.8)

Gladinet Triofox Cloud Server Agent Access Service (GladServerAgentService.exe) listens on TCP port 7878 and processes remote HTTP messages with URL paths starting with /resources, /status, /sysinfo, /woshome, /Settings, /schedule, or /DavCache.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8363
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T21:31:32

2 posts

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:

thehackerwire@mastodon.social at 2026-05-27T22:01:59.000Z ##

🔴 CVE-2026-8363 - Critical (9.8)

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T22:01:59.000Z ##

🔴 CVE-2026-8363 - Critical (9.8)

A stack-based buffer overflow condition exists in WOSDeviceDropFolder.dll when processing a long URL path starting with /resources:

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-49017(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-05-27T21:31:24

1 posts

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently unresponsive with increasing CPU and memory consumption. An authenticated attacker can systematically exhau

offseq@infosec.exchange at 2026-05-27T03:00:26.000Z ##

CVE-2026-49017: HIGH-severity in OpenStack Swift 2.36.0 & 2.37.0. Infinite loop in s3api lets authenticated attackers exhaust proxy workers → DoS risk. Patch to 2.36.2 or 2.37.2+ now! 🔄 radar.offseq.com/threat/cve-20 #OffSeq #OpenStack #Vuln #DoS

##

CVE-2026-42497
(7.5 HIGH)

EPSS: 0.02%

updated 2026-05-27T21:31:24

1 posts

Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. _make_special_file() passes the tar header's linkname to link() without validating it against absolute paths or .. segments, creating a hardlink that shares the victim file's inode. A subsequent write through the extracted name modifies the victim file, and the post-extract

offseq@infosec.exchange at 2026-05-26T04:30:24.000Z ##

🛡️ CVE-2026-42497 (HIGH): BINGOS Archive::Tar <3.08 lets attackers create hardlinks outside extraction dirs, risking file overwrite or privilege escalation. No patch yet — avoid untrusted tar files. Details: radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Perl #Security

##

CVE-2026-8360
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-27T21:16:19.400000

2 posts

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll) can return a NULL pointer (i.e., when no user is logged into the Triofox Server Agent Management Console). The returned NULL pointer is not checked before being dereferenced.

thehackerwire@mastodon.social at 2026-05-27T23:01:39.000Z ##

🟠 CVE-2026-8360 - High (7.5)

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll) can return a NULL pointer (i.e., when no user is logged into the Triofox Server Agent Management Console). The...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T23:01:39.000Z ##

🟠 CVE-2026-8360 - High (7.5)

Function calls to WOSCommonUtil.dll!WOSSysInfoGetDeviceInterface() in various DLLs (i.e., WOSProfileMgrModule.dll, WOSWebDavModule.dll) can return a NULL pointer (i.e., when no user is logged into the Triofox Server Agent Management Console). The...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44712
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-27T21:16:18.213000

2 posts

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $(id>/tmp/rce) in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUID (some controllers allow this) can inject the payload at --add-device time. Also, userName from the XML config is passed to os.system() in pamusb-agent,

thehackerwire@mastodon.social at 2026-05-27T22:00:42.000Z ##

🟠 CVE-2026-44712 - High (8.2)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $(id>/tmp/rce) in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUI...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T22:00:42.000Z ##

🟠 CVE-2026-44712 - High (8.2)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, a crafted UUID such as $(id>/tmp/rce) in the config causes root RCE when pamusb-conf --reset-pads is run. A USB device with a crafted filesystem UUI...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44709
(7.8 HIGH)

EPSS: 0.00%

updated 2026-05-27T21:16:17.807000

2 posts

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly without any validation. Any process that can set environment variables before pamusb-pinentry is invoked can point PINENTRY_FALLBACK_APP at an arbitrary binary or script and have it executed with the privile

thehackerwire@mastodon.social at 2026-05-27T22:01:50.000Z ##

🟠 CVE-2026-44709 - High (7.8)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly without any validation. Any process that can set envir...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T22:01:50.000Z ##

🟠 CVE-2026-44709 - High (7.8)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, pamusb-pinentry reads the PINENTRY_FALLBACK_APP environment variable and executes it directly without any validation. Any process that can set envir...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48027
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T20:34:24.850000

4 posts

Nx Console is the user interface for Nx & Lerna. On 19 May 2026, a malicious version of Nx Console, 18.95.0, was published at 12:30 PM UTC and removed soon after at 12:48 PM UTC, leaving it available for ~18 minutes in Visual Studio Marketplace. For OpenVSX, the problem was detected later, and the compromised version was available from 12:33 UTC to 13:09 UTC (~36 minutes). Version 18.100.0 of Nx C

Matchbook3469@mastodon.social at 2026-05-27T23:50:15.000Z ##

🔴 New security advisory:

CVE-2026-48027 affects Nx Console.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
yazoul.net/advisory/cve/cve-20

#CVE #VulnerabilityManagement #CyberSec

##
secdb at 2026-05-27T20:00:15.931Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (secdb.nttzen.cloud/cve/detail/)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/TanStack/router/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-48027 (secdb.nttzen.cloud/cve/detail/)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/nrwl/nx-console/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-8398 (secdb.nttzen.cloud/cve/detail/)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: blog.daemon-tools.cc/post/secu ; nvd.nist.gov/vuln/detail/CVE-2

##
secdb@infosec.exchange at 2026-05-27T20:00:15.000Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (secdb.nttzen.cloud/cve/detail/)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/TanStack/router/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-48027 (secdb.nttzen.cloud/cve/detail/)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/nrwl/nx-console/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-8398 (secdb.nttzen.cloud/cve/detail/)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: blog.daemon-tools.cc/post/secu ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260527 #cisa20260527 #cve_2026_45321 #cve_2026_48027 #cve_2026_8398 #cve202645321 #cve202648027 #cve20268398

##
cisakevtracker@mastodon.social at 2026-05-27T18:00:49.000Z ##

CVE ID: CVE-2026-48027
Vendor: Nx
Product: Nx Console
Date Added: 2026-05-27
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-48152
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-27T20:16:40.943000

2 posts

Budibase is an open-source low-code platform. Prior to 3.39.0, the single-datasource GET and PUT routes are guarded by generic TABLE READ, not by Builder/Admin permission or datasource-specific ownership/resource checks. The built-in Basic app user role maps to the WRITE permission set, which includes table read/write and query write. A Basic user can therefore read an existing REST datasource, re

thehackerwire@mastodon.social at 2026-05-27T19:01:22.000Z ##

🟠 CVE-2026-48152 - High (8.1)

Budibase is an open-source low-code platform. Prior to 3.39.0, the single-datasource GET and PUT routes are guarded by generic TABLE READ, not by Builder/Admin permission or datasource-specific ownership/resource checks. The built-in Basic app use...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T19:01:22.000Z ##

🟠 CVE-2026-48152 - High (8.1)

Budibase is an open-source low-code platform. Prior to 3.39.0, the single-datasource GET and PUT routes are guarded by generic TABLE READ, not by Builder/Admin permission or datasource-specific ownership/resource checks. The built-in Basic app use...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-70103
(7.3 HIGH)

EPSS: 0.00%

updated 2026-05-27T20:00:46.020000

1 posts

Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc.

sigdevel@infosec.exchange at 2026-05-26T18:14:03.000Z ##

Security Advisory: CVE-2025-70103 - Heap-Based Buffer Overflow in libjxl / cjxl

A heap-based buffer overflow vulnerability was identified in JPEG XL libjxl when processing crafted PBM/PNM images.

Summary:
The vulnerability exists in `jxl::extras::DecodeImagePNM()` in `lib/extras/dec/pnm.cc`. When processing a specially crafted PBM/PNM image, insufficient validation of buffer sizes before memory copy operations may cause `memcpy()` to write past the end of an allocated heap buffer.

The issue was observed as a WRITE of 24 bytes at the end of a 16-byte heap region.

CWE:
CWE-122 - Heap-based Buffer Overflow
CWE-787 - Out-of-bounds Write

Affected product:
JPEG XL / libjxl

Affected component:
`lib/extras/dec/pnm.cc`
Function: `jxl::extras::DecodeImagePNM()`
Affected line: `pnm.cc:554`

Affected version:
The issue was reproduced in `cjxl v0.12.0` at commit `24357f189c233c03fb46368a142a0b2c1a949f9d`.

Attack conditions:
Exploitation requires the vulnerable application or library consumer to process a crafted PBM/PNM image. This can be triggered locally via `cjxl` or through software that exposes the `DecodeImagePNM` decoding path to attacker-controlled input.

Example reproduction command:
`./cjxl ./2_PBM_lib_extras_dec_pnm_cc_554 --disable_output`

Impact:
Successful exploitation may cause memory corruption and process termination. The confirmed impact is denial of service (DoS) due to a crash during image processing. No evidence of reliable arbitrary code execution has been identified.

Fix / mitigation status:
The upstream issue is closed. A mitigation/fix proposal was provided in PR `#4338`, adding additional buffer-size, row-boundary, pixel-size, offset, and extra-channel checks. Users are advised to update to a libjxl build that contains the relevant fix once available, or review and apply the mitigation from PR `#4338` where appropriate.

References:
Issue:
github.com/libjxl/libjxl/issue

Fix / mitigation PR:
github.com/libjxl/libjxl/pull/
github.com/libjxl/libjxl/commi

PoC:
github.com/sigdevel/pocs/blob/

Credit:
@sigdevel

cve.org/CVERecord?id=CVE-2025-

#fuzzing #infosec #security #afl #revers #cybersecurity #bugbounty #vulnerability #opensource #linux #cve #advisory

##

CVE-2026-44327
(10.0 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T19:51:27.110000

1 posts

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route with no Authorization header at all and the handler returns 200 OK. The current OAM handler is a stub that returns null, but the structural defect is ro

thehackerwire@mastodon.social at 2026-05-27T18:01:01.000Z ##

🔴 CVE-2026-44327 - Critical (10)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the nnef-oam route group without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can hit the OAM route...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44900
(8.1 HIGH)

EPSS: 0.00%

updated 2026-05-27T19:41:21.417000

1 posts

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.1, in SignedPublicKeysTrustValidatorImpl.isTrusted(), the ECDSA signature verification at line 45 discards the boolean return value of Signature.verify(). The method performs certificate chain validation, OCSP check, and signature algorithm setup, but never checks whether the signature actually ma

thehackerwire@mastodon.social at 2026-05-27T04:00:55.000Z ##

🟠 CVE-2026-44900 - High (8.1)

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.1, in SignedPublicKeysTrustValidatorImpl.isTrusted(), the ECDSA signature verification at line 45 discards the boolean return value of Signature....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9170
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-05-27T19:16:25.223000

2 posts

IBM HTTP Server 8.5, and 9.0

argos4v@mastodon.social at 2026-05-28T08:11:56.000Z ##

Die Entdeckung von neun Sicherheitslücken in IBM HTTP Server, darunter eine als "kritisch" eingestufte Schwachstelle (CVE-2026-9170), die Angreifern Remote Code Execution…

#Geopolitics #OpenSource

heise.de/news/IBM-Software-wie

##
thehackerwire@mastodon.social at 2026-05-26T19:02:49.000Z ##

🟠 CVE-2026-9170 - High (7.5)

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to denial of service and a potential remote code execution due to impr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8398
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-05-27T19:16:24.940000

4 posts

A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the vendor's (AVB Disc Soft) build or distribution infrastructure and trojanized three binaries: DTHelper.ex

argos4v@mastodon.social at 2026-05-28T09:08:09.000Z ##

Die jüngsten Warnungen vor Malware durch Supply-Chain-Attacken wie CVE-2026-8398 unterstreichen die Bedeutung einer umfassenden Risikobewertung in der Lieferkette, da laut einer Studie etwa 80 Prozent der Unternehmen von solchen Angriffen betroffen sind. Wie können Unternehmen ihre Lieferketten effektiv absichern, um derartige Angriffe zukünftig zu ver

heise.de/news/CISA-warnt-vor-M

##
secdb at 2026-05-27T20:00:15.931Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (secdb.nttzen.cloud/cve/detail/)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/TanStack/router/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-48027 (secdb.nttzen.cloud/cve/detail/)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/nrwl/nx-console/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-8398 (secdb.nttzen.cloud/cve/detail/)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: blog.daemon-tools.cc/post/secu ; nvd.nist.gov/vuln/detail/CVE-2

##
secdb@infosec.exchange at 2026-05-27T20:00:15.000Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (secdb.nttzen.cloud/cve/detail/)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/TanStack/router/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-48027 (secdb.nttzen.cloud/cve/detail/)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/nrwl/nx-console/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-8398 (secdb.nttzen.cloud/cve/detail/)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: blog.daemon-tools.cc/post/secu ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260527 #cisa20260527 #cve_2026_45321 #cve_2026_48027 #cve_2026_8398 #cve202645321 #cve202648027 #cve20268398

##
cisakevtracker@mastodon.social at 2026-05-27T18:01:22.000Z ##

CVE ID: CVE-2026-8398
Vendor: Daemon
Product: Daemon Tools Lite
Date Added: 2026-05-27
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-8450
(9.1 CRITICAL)

EPSS: 0.14%

updated 2026-05-27T18:32:40

1 posts

HTTP::Daemon versions before 6.17 for Perl allow OS command injection via send_file(). send_file() opens its string argument with Perl's 2-arg open(). The 2-arg form interprets magic prefixes: '| cmd' and 'cmd |' open a pipe to a subprocess, '> path' and '>> path' open the path for write or append. Untrusted input passed to send_file() can run OS commands at the daemon process UID. The read-pipe

offseq@infosec.exchange at 2026-05-27T06:00:26.000Z ##

🚨 CVE-2026-8450 (CRITICAL): OALDERS HTTP::Daemon <6.17 has OS command injection via send_file(). Attackers can run commands, leak data, & manipulate files. Avoid untrusted input and monitor for patches. radar.offseq.com/threat/cve-20 #OffSeq #CVE20268450 #infosec

##

CVE-2015-2808
(10.0 CRITICAL)

EPSS: 37.49%

updated 2026-05-27T18:32:34

1 posts

The RC4 algorithm, as used in the TLS protocol and SSL protocol, does not properly combine state data with key data during the initialization phase, which makes it easier for remote attackers to conduct plaintext-recovery attacks against the initial bytes of a stream by sniffing network traffic that occasionally relies on keys affected by the Invariance Weakness, and then using a brute-force appro

TomSellers@infosec.exchange at 2026-05-27T18:22:44.000Z ##

RE: infosec.exchange/@perfect10_bo

So CVE-2015-2808 (RC4 weaknesses in TLS) got bumped to 10.0 today due to CISA enrichment...

#Security

##

CVE-2026-48962
(7.3 HIGH)

EPSS: 0.03%

updated 2026-05-27T18:31:37

1 posts

IO::Compress versions before 2.220 for Perl can execute arbitrary code in File::GlobMapper via an attacker-controlled output glob. _parseOutputGlob() wraps the caller-supplied output glob string in double quotes and stores it in the parser state; _getFiles() then runs the stored expression through eval STRING. A literal double quote in the output glob closes the dquote wrapper, and the characters

offseq@infosec.exchange at 2026-05-27T04:30:27.000Z ##

⚠️ HIGH severity: CVE-2026-48962 in PMQS IO::Compress (Perl <2.220) enables eval injection via crafted glob strings. Arbitrary Perl code may execute with process privileges. Restrict untrusted input & monitor for patches. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Perl #Infosec

##

CVE-2025-12686
(9.8 CRITICAL)

EPSS: 0.17%

updated 2026-05-27T17:16:27.797000

1 posts

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary code via unspecified vectors.

thehackerwire@mastodon.social at 2026-05-27T10:01:21.000Z ##

🔴 CVE-2025-12686 - Critical (9.8)

Buffer copy without checking size of input ('Classic Buffer Overflow') vulnerability in AdminCenter in Synology BeeStation Manager (BSM) before 1.3.2-65648 and Synology BeeStation OS before 1.3.2-65648 allows remote attackers to execute arbitrary ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8180
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-27T15:33:33

1 posts

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential denial of service in the asperahttpd component. An unauthenticated user can cause the asperahttpd service to crash.

thehackerwire@mastodon.social at 2026-05-27T15:00:16.000Z ##

🟠 CVE-2026-8180 - High (7.5)

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a potential denial of service in the aspera...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-7524
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T15:33:32

1 posts

IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.

thehackerwire@mastodon.social at 2026-05-27T15:01:15.000Z ##

🔴 CVE-2026-7524 - Critical (9.8)

IBM Langflow OSS 1.0.0 through 1.9.1 could allow remote code execution due to improper validation of symbolic links during archive extraction.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8179
(8.8 HIGH)

EPSS: 0.00%

updated 2026-05-27T15:33:32

1 posts

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could allow an authenticated user to execute arbitrary code on the system.

thehackerwire@mastodon.social at 2026-05-27T15:00:26.000Z ##

🟠 CVE-2026-8179 - High (8.8)

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd compon...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8175
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-05-27T15:33:31

1 posts

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd component. This vulnerability could be exploited to cause a denial of service and potentially lead to authentication bypass or remote code execution.

thehackerwire@mastodon.social at 2026-05-27T15:01:24.000Z ##

🔴 CVE-2026-8175 - Critical (9.8)

IBM Aspera High-Speed Transfer Endpoint 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Server 3.7.4 through 4.4.7 Fix Pack 1 and IBM Aspera High-Speed Transfer Endpoint are affected by a buffer overflow in the asperahttpd compon...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48972
(7.5 HIGH)

EPSS: 0.00%

updated 2026-05-27T15:33:28

1 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SeedProd LLC SeedProd Pro allows PHP Local File Inclusion. This issue affects SeedProd Pro: from n/a before 6.19.5.

thehackerwire@mastodon.social at 2026-05-27T15:01:33.000Z ##

🟠 CVE-2026-48972 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in SeedProd LLC SeedProd Pro allows PHP Local File Inclusion.

This issue affects SeedProd Pro: from n/a before 6.19.5.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-6957
(8.0 HIGH)

EPSS: 0.00%

updated 2026-05-27T15:16:34.903000

1 posts

Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitrary locations within the target server's filestore via a malicious filename delivered through the shared-channel attachment sync protocol. Mattermost Adviso

thehackerwire@mastodon.social at 2026-05-27T17:00:20.000Z ##

🟠 CVE-2026-6957 - High (8)

Mattermost Plugins versions &lt;=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which allows an administrator of a remote federated Mattermost server to write files to arbitr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44449
(9.1 CRITICAL)

EPSS: 0.08%

updated 2026-05-27T14:57:07.120000

1 posts

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPath(fullPath) call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly into the smbclient -c script without validation. smbclient interprets ; as a subcommand separator and !cmd as a local-shell escape that runs cmd on the hos

thehackerwire@mastodon.social at 2026-05-27T06:00:12.000Z ##

🔴 CVE-2026-44449 - Critical (9.1)

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, when the primary toSmbPath(fullPath) call throws, the method falls back to a dirname/basename split and only validates the directory prefix. The basename is concatenated directly in...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-14713
(7.5 HIGH)

EPSS: 0.03%

updated 2026-05-27T14:54:20.160000

1 posts

An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server.

thehackerwire@mastodon.social at 2026-05-27T17:02:25.000Z ##

🟠 CVE-2025-14713 - High (7.5)

An Exposed Dangerous Method or Function vulnerability in Synology C2 Identity Edge Server package in DSM before 1.76.0-0307 allows remote attackers to obtain user credentials from the edge server.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42013
(8.2 HIGH)

EPSS: 0.03%

updated 2026-05-27T14:54:20.160000

1 posts

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass proper certificate validation, potentially leading to spoofing or man-in-the-middle attacks.

thehackerwire@mastodon.social at 2026-05-26T23:01:43.000Z ##

🟠 CVE-2026-42013 - High (8.2)

A flaw was found in gnutls. When validating certificates, an oversized Subject Alternative Name (SAN) could cause the validation process to incorrectly fall back to checking the Common Name (CN) field. This could allow a remote attacker to bypass ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-7365
(8.4 HIGH)

EPSS: 0.00%

updated 2026-05-27T14:53:51.833000

1 posts

IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authentication.

thehackerwire@mastodon.social at 2026-05-27T15:00:35.000Z ##

🟠 CVE-2026-7365 - High (8.4)

IBM Operations Analytics - Log Analysis  and IBM SmartCloud Analytics - Log Analysis uses default passwords default passwords from the manufacturing process for use during the installation process, which could allow an attacker to bypass authenti...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40850
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T14:53:22.863000

3 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

thehackerwire@mastodon.social at 2026-05-27T10:00:11.000Z ##

🟠 CVE-2026-40850 - High (7.5)

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentia...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40838
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDeviceScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40810
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T14:53:22.863000

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the userinfo endpoint due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40837
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40840
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the VerifyCreateLicences function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40827
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _RemoveRequest function due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40839
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getComponentScalings function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40826
(4.9 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dsgvo_contracts view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40821
(4.9 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAccountByID function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40848
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40843
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the alarming view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40842
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getWidgetTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40841
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T14:53:22.863000

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getProjectTags function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2025-41669
(8.8 HIGH)

EPSS: 0.06%

updated 2026-05-27T14:53:22.863000

1 posts

The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution with root privileges on the PLC device. A successful exploitation may allow to install a manipulated APP package, potent

certvde@infosec.exchange at 2026-05-27T07:22:41.000Z ##

#OT #Advisory VDE-2026-050
Phoenix Contact: PLCnext Firmware Security Issues Related to APPs and Configuration Files

This advisory addresses security issues in PLCnext firmware versions prior to 2026.0.3 that are related to APP handling and the processing of configuration files. The identified vulnerabilities affect APP installation authenticity as well as the handling of configuration data in writable directories. Successful exploitation may allow authenticated attackers with different privilege levels to compromise integrity, availability, and system security of affected PLCnext Control. Both issues are resolved starting with PLCnext firmware version 2026.0.3.
#CVE CVE-2025-41669, CVE-2025-41670

certvde.com/en/advisories/vde-

#CSAF phoenixcontact.csaf-tp.certvde

##

CVE-2026-42735
(8.2 HIGH)

EPSS: 0.04%

updated 2026-05-27T14:50:47.627000

1 posts

Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through <= 4.3.0.

thehackerwire@mastodon.social at 2026-05-27T14:00:41.000Z ##

🟠 CVE-2026-42735 - High (8.2)

Authentication Bypass Using an Alternate Path or Channel vulnerability in Iqonic Design KiviCare kivicare-clinic-management-system allows Password Recovery Exploitation.This issue affects KiviCare: from n/a through &lt;= 4.3.0.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42747
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-05-27T14:50:47.627000

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects Easy Form Builder: from n/a through <= 4.0.6.

thehackerwire@mastodon.social at 2026-05-27T12:01:37.000Z ##

🔴 CVE-2026-42747 - Critical (9.3)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hassantafreshi Easy Form Builder easy-form-builder allows Blind SQL Injection.This issue affects Easy Form Builder: from n/a through &lt;= 4.0.6.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42756
(9.9 CRITICAL)

EPSS: 0.05%

updated 2026-05-27T14:50:47.627000

1 posts

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ludwig You QuickWebP &#8211; Compress / Optimize Images &amp; Convert WebP | SEO Friendly quickwebp allows Path Traversal.This issue affects QuickWebP &#8211; Compress / Optimize Images &amp; Convert WebP | SEO Friendly: from n/a through <= 3.2.7.

thehackerwire@mastodon.social at 2026-05-27T12:00:06.000Z ##

🔴 CVE-2026-42756 - Critical (9.9)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ludwig You QuickWebP &#8211; Compress / Optimize Images &amp; Convert WebP | SEO Friendly quickwebp allows Path Traversal.This issue affects QuickWebP ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9628
(8.8 HIGH)

EPSS: 0.04%

updated 2026-05-27T14:50:47.627000

1 posts

A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipulation of the argument PPTP server address/username/password/tunnel name causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been made available to the public and c

thehackerwire@mastodon.social at 2026-05-27T04:00:00.000Z ##

🟠 CVE-2026-9628 - High (8.8)

A weakness has been identified in UTT HiPER 1200GW up to 2.5.3-170306. Affected is an unknown function of the file /goform/formPptpClientConfig of the component Web Management Interface. This manipulation of the argument PPTP server address/userna...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9632
(8.8 HIGH)

EPSS: 0.04%

updated 2026-05-27T14:50:47.627000

1 posts

A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Executing a manipulation of the argument Profile can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.

thehackerwire@mastodon.social at 2026-05-27T03:00:44.000Z ##

🟠 CVE-2026-9632 - High (8.8)

A flaw has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this issue is the function strcpy of the file /goform/formGroupConfig of the component Web Management Interface. Executing a manipulation of the argument Profile can ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42760
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-27T12:31:31

1 posts

Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Password Recovery Exploitation.This issue affects Backup and Staging by WP Time Capsule: from n/a through <= 1.22.25.

thehackerwire@mastodon.social at 2026-05-27T12:01:19.000Z ##

🟠 CVE-2026-42760 - High (7.5)

Authentication Bypass Using an Alternate Path or Channel vulnerability in revmakx Backup and Staging by WP Time Capsule wp-time-capsule allows Password Recovery Exploitation.This issue affects Backup and Staging by WP Time Capsule: from n/a throug...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42755
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-05-27T12:31:30

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through <= 1.0.5.1.

thehackerwire@mastodon.social at 2026-05-27T14:00:32.000Z ##

🔴 CVE-2026-42755 - Critical (9.3)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 TableOn posts-table-filterable allows Blind SQL Injection.This issue affects TableOn: from n/a through &lt;= 1.0.5.1.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42748
(9.9 CRITICAL)

EPSS: 0.04%

updated 2026-05-27T12:31:30

1 posts

Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through <= 5.4.1.

thehackerwire@mastodon.social at 2026-05-27T14:00:22.000Z ##

🔴 CVE-2026-42748 - Critical (9.9)

Unrestricted Upload of File with Dangerous Type vulnerability in WPify WPify Woo Czech wpify-woo allows Upload a Web Shell to a Web Server.This issue affects WPify Woo Czech: from n/a through &lt;= 5.4.1.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42761
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-05-27T12:31:30

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through <= 1.0.9.

thehackerwire@mastodon.social at 2026-05-27T12:01:28.000Z ##

🔴 CVE-2026-42761 - Critical (9.3)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Pro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42758
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-05-27T12:31:30

1 posts

Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through < 4.08.253.

thehackerwire@mastodon.social at 2026-05-27T12:00:27.000Z ##

🔴 CVE-2026-42758 - Critical (9.8)

Incorrect Privilege Assignment vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Privilege Escalation.This issue affects WebinarIgnition: from n/a through &lt; 4.08.253.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42757
(9.9 CRITICAL)

EPSS: 0.05%

updated 2026-05-27T12:31:30

1 posts

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Path Traversal.This issue affects WebinarIgnition: from n/a through < 4.08.253.

thehackerwire@mastodon.social at 2026-05-27T12:00:17.000Z ##

🔴 CVE-2026-42757 - Critical (9.9)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Saleswonder Team: Tobias WebinarIgnition webinar-ignition allows Path Traversal.This issue affects WebinarIgnition: from n/a through &lt; 4.08.253.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3012
(8.0 HIGH)

EPSS: 0.00%

updated 2026-05-27T12:31:29

1 posts

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without proper verification. An attacker with the ability to intercept or redirect network traffic could exploit this behavior to supply a malicious certificate a

thehackerwire@mastodon.social at 2026-05-27T17:02:14.000Z ##

🟠 CVE-2026-3012 - High (8)

A flaw was found in Samba’s certificate auto-enrollment Group Policy handling. When certificate auto-enrollment is enabled, Samba may retrieve a CA certificate over an unencrypted HTTP connection and install it into the local trust store without...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40849
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:29

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the user_alarmprofile view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40851
(8.4 HIGH)

EPSS: 0.02%

updated 2026-05-27T09:31:28

3 posts

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability.

thehackerwire@mastodon.social at 2026-05-27T10:00:21.000Z ##

🟠 CVE-2026-40851 - High (8.4)

A local attacker can perform a confusion attack on the cfgparser via a specially crafted file on an USB stick leading to code execution. This can result in a total loss of confidentiality, integrity and availability.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
certvde@infosec.exchange at 2026-05-27T08:13:15.000Z ##

#OT #Advisory VDE-2026-059
Helmholz: Multiple vulnerabilities in REX100/REX200/REX250

Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
#CVE CVE-2026-40851, CVE-2026-40852

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:12:46.000Z ##

#OT #Advisory VDE-2026-054
MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.mini

Two command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
#CVE CVE-2026-40851, CVE-2026-40852

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-49002
(9.1 CRITICAL)

EPSS: 0.03%

updated 2026-05-27T09:31:28

1 posts

Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and modifying configuration information.

thehackerwire@mastodon.social at 2026-05-27T10:00:01.000Z ##

🔴 CVE-2026-49002 - Critical (9.1)

Access control failure means that an application does not effectively check user access permissions, so that unauthorized users can access system data beyond their permissions, such as viewing and modifying configuration information.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40852
(7.2 HIGH)

EPSS: 0.07%

updated 2026-05-27T09:31:28

2 posts

A highly authenticated attacker can alter the config generator injecting a payload into future created configurations. The device is not correctly checking this configuration value before passing it to an system execute leading to code execution. This can result in a total loss of confidentiality, integrity and availability.

certvde@infosec.exchange at 2026-05-27T08:13:15.000Z ##

#OT #Advisory VDE-2026-059
Helmholz: Multiple vulnerabilities in REX100/REX200/REX250

Two command injection vulnerabilities have been discovered in Helmholz REX100/REX200/REX250.
#CVE CVE-2026-40851, CVE-2026-40852

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:12:46.000Z ##

#OT #Advisory VDE-2026-054
MB connect line: Multiple vulnerabilities in mbNET/mbNET.rokey/mbNET.mini

Two command injection vulnerabilities have been discovered in MB connect line mbNET/mbNET.rokey/mbNET.mini.
#CVE CVE-2026-40851, CVE-2026-40852

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40845
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the devices_configuration view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40836
(7.1 HIGH)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the inmessage model due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40830
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the admin.mbnetj.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40847
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system_tag view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40832
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getDevicegroups function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40835
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the saveObjectFromData function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40846
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the system view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40834
(7.1 HIGH)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash_layout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40844
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashboard view due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40833
(7.1 HIGH)

EPSS: 0.03%

updated 2026-05-27T09:31:28

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dash.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2025-13392
(8.1 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:24

1 posts

Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowledge of the distinguished name (DN).

thehackerwire@mastodon.social at 2026-05-27T10:01:30.000Z ##

🟠 CVE-2025-13392 - High (8.1)

Improper check for unusual or exceptional conditions vulnerability in SSO in Synology DiskStation Manager (DSM) before 7.2.2-72806-5 and 7.3.1-86003-1 (7.2.1-69057 is not affected) allows remote attackers to bypass authentication with prior knowle...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-30028
(8.6 HIGH)

EPSS: 0.04%

updated 2026-05-27T09:31:24

1 posts

A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files.

thehackerwire@mastodon.social at 2026-05-27T10:01:11.000Z ##

🟠 CVE-2025-30028 - High (8.6)

A vulnerability in Active Backup for Business allows unauthorized remote attackers to read arbitrary files.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-40831
(6.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:24

2 posts

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the Easy View due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40829
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:24

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the view.html.php files UpdateParam function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40828
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:24

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DeleteSysLogEntry function due to improper neutralization of special elements in a SQL DELETE command allowing for reading the whole database and deleting entries in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40825
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:23

3 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view devices parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

offseq@infosec.exchange at 2026-05-27T09:00:27.000Z ##

⚠️ HIGH severity: CVE-2026-40825 in MB connect line mbCONNECT24. SQL Injection via accountstatus view devices param enables DB read/modify. No patch yet — restrict access & monitor vendor advisories. radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #Vuln #MBconnect

##
certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40817
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:23

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getAlarmProfiles function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40823
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:23

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40822
(4.9 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:23

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the DevSerialReset function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40813
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:23

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions tagid parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40824
(5.5 MEDIUM)

EPSS: 0.03%

updated 2026-05-27T09:31:23

2 posts

A high privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the accountstatus view userid parameter due to improper neutralization of special elements in a SQL UPDATE command allowing for reading the whole database and changing values in a non critical table. This can result in a total loss of confidentiality and some loss of integrity.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40818
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:23

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _mb24confi_getDevice function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40819
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:23

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the sync_data24 task due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40815
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:23

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the _mb24api_getUserAccount function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40816
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:22

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the mb24alarm.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40812
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:22

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the getLiveValues functions sn parameter due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40814
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:22

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dataapi.php files _mb24confi_getTagAlarm function due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-40811
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-27T09:31:22

2 posts

An unauthenticated remote attacker can exploit an unauthenticated SQL Injection vulnerability in the ssoabstractservice due to improper neutralization of special elements in a SQL SELECT command. This can result in a total loss of confidentiality.

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2025-41670
(7.8 HIGH)

EPSS: 0.03%

updated 2026-05-27T09:31:22

1 posts

A local user with low privileges may be able to influence the behavior of a privileged system service by manipulating configuration or application-related files located in user-writable areas of the filesystem. The affected service processes data from locations that are not sufficiently protected against modification by low-privileged users. As the service runs with elevated privileges, successful

certvde@infosec.exchange at 2026-05-27T07:22:41.000Z ##

#OT #Advisory VDE-2026-050
Phoenix Contact: PLCnext Firmware Security Issues Related to APPs and Configuration Files

This advisory addresses security issues in PLCnext firmware versions prior to 2026.0.3 that are related to APP handling and the processing of configuration files. The identified vulnerabilities affect APP installation authenticity as well as the handling of configuration data in writable directories. Successful exploitation may allow authenticated attackers with different privilege levels to compromise integrity, availability, and system security of affected PLCnext Control. Both issues are resolved starting with PLCnext firmware version 2026.0.3.
#CVE CVE-2025-41669, CVE-2025-41670

certvde.com/en/advisories/vde-

#CSAF phoenixcontact.csaf-tp.certvde

##

CVE-2026-8760
(9.8 CRITICAL)

EPSS: 0.25%

updated 2026-05-27T09:31:21

1 posts

The Login with OTP plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.6. This is due to an incomplete fix for CVE-2024-11178: the rate-limit/lockout check added to `otpl_login_action()` was placed only inside the OTP-generation branch and is never evaluated on the OTP-validation branch, and the generated 6-digit OTP additionally has no expiration. T

offseq@infosec.exchange at 2026-05-27T07:30:25.000Z ##

🔥 CVE-2026-8760 (CRITICAL, CVSS 9.8): india-web-developer Login with OTP ≤1.6 allows brute-force OTP bypass — no rate-limit on validation, no OTP expiry. Disable the plugin or restrict login access now. Patch pending. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Vuln

##

CVE-2026-5260
(8.2 HIGH)

EPSS: 0.14%

updated 2026-05-27T06:32:38

1 posts

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure.

thehackerwire@mastodon.social at 2026-05-26T23:00:08.000Z ##

🟠 CVE-2026-5260 - High (8.2)

A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS#11 token, could trigger a short heap overread. This memory corruption vulnera...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2253
(7.7 HIGH)

EPSS: 0.03%

updated 2026-05-27T06:31:42

1 posts

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities.

thehackerwire@mastodon.social at 2026-05-27T05:00:02.000Z ##

🟠 CVE-2026-2253 - High (7.7)

Hitachi Vantara Pentaho Data Integration & Analytics versions before 10.2.0.7 and 11.0.0.0, including 9.3.x and 8.3.x, does not prevent certain XML parsers from resolving external entities.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-43306
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-27T03:31:37

1 posts

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges.

thehackerwire@mastodon.social at 2026-05-27T04:01:07.000Z ##

🟠 CVE-2025-43306 - High (7.8)

A logic issue was addressed with improved checks. This issue is fixed in macOS Sequoia 15.7, macOS Sonoma 14.8, macOS Tahoe 26. A malicious app may be able to gain root privileges.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9631
(8.8 HIGH)

EPSS: 0.04%

updated 2026-05-27T03:30:37

1 posts

A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of the argument Profile results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit is now public and may be used.

thehackerwire@mastodon.social at 2026-05-27T04:00:11.000Z ##

🟠 CVE-2026-9631 - High (8.8)

A vulnerability was detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. Affected by this vulnerability is the function strcpy of the file /goform/formConfigFastDirectionW of the component Web Management Interface. Performing a manipulation of ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9627
(8.8 HIGH)

EPSS: 0.04%

updated 2026-05-27T03:30:37

1 posts

A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in buffer overflow. The attack can be launched remotely. The exploit has been released to the public and may be used for attacks.

thehackerwire@mastodon.social at 2026-05-27T03:01:04.000Z ##

🟠 CVE-2026-9627 - High (8.8)

A security flaw has been discovered in UTT HiPER 1200GW up to 2.5.3-170306. This impacts the function strcpy of the file /goform/setSysAdm of the component Web Management Interface. The manipulation of the argument sysAdmUser/sysAdmPass results in...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9207
(8.8 HIGH)

EPSS: 0.07%

updated 2026-05-27T03:30:36

1 posts

Tanium addressed an unauthorized code execution vulnerability in Connect.

thehackerwire@mastodon.social at 2026-05-27T03:00:54.000Z ##

🟠 CVE-2026-9207 - High (8.8)

Tanium addressed an unauthorized code execution vulnerability in Connect.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9312(CVSS UNKNOWN)

EPSS: 0.05%

updated 2026-05-27T00:31:29

1 posts

A server-side request forgery (SSRF) vulnerability was identified in GitHub Enterprise Server that allowed an unauthenticated attacker to send crafted requests to internal services by exploiting insufficient input validation in an upload endpoint. By injecting path traversal content into request parameters, an attacker could bypass the intended request flow and redirect internal API calls, potenti

offseq@infosec.exchange at 2026-05-27T01:30:24.000Z ##

🚨 CRITICAL: CVE-2026-9312 (SSRF) in GitHub Enterprise Server 3.16.0 – 3.21.0 lets unauth attackers access internal services via crafted uploads. Patch to 3.16.20+ ASAP! Details: radar.offseq.com/threat/cve-20 #OffSeq #SSRF #GitHub #Vuln

##

CVE-2026-44966
(8.3 HIGH)

EPSS: 0.08%

updated 2026-05-26T22:16:43.293000

1 posts

Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of #set directives in Velocity templates. If an application renders a template controlled by an attacker, it is possible to modify Object.prototype, potentially leading to Denial of Service

thehackerwire@mastodon.social at 2026-05-26T23:00:27.000Z ##

🟠 CVE-2026-44966 - High (8.3)

Velocity.js is a JavaScript implementation of the Apache Velocity template engine. In 2.1.5 and earlier, a prototype pollution vulnerability was discovered in velocityjs. This issue occurs during the processing of #set directives in Velocity templ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-5426
(7.5 HIGH)

EPSS: 0.07%

updated 2026-05-26T21:32:41

4 posts

Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks

1 repos

https://github.com/HORKimhab/CVE-2026-5426

beyondmachines1 at 2026-05-27T20:01:06.869Z ##

KnowledgeDeliver Zero-Day Flaw Exploited to Deploy Web Shells

KnowledgeDeliver LMS installations are being targeted by a zero-day deserialization vulnerability (CVE-2026-5426) caused by hardcoded machine keys, allowing attackers to deploy web shells and Cobalt Strike backdoors.

**If you run Digital Knowledge's KnowledgeDeliver LMS, immediately replace the default ASP.NET machine keys in your web.config with unique, cryptographically strong ones to block these attacks. If possible, restrict portal access to trusted IP ranges, and monitor Windows Application logs for Event ID 1316 (ViewState verification failures).**

beyondmachines.net/event_detai

##
beyondmachines1@infosec.exchange at 2026-05-27T20:01:06.000Z ##

KnowledgeDeliver Zero-Day Flaw Exploited to Deploy Web Shells

KnowledgeDeliver LMS installations are being targeted by a zero-day deserialization vulnerability (CVE-2026-5426) caused by hardcoded machine keys, allowing attackers to deploy web shells and Cobalt Strike backdoors.

**If you run Digital Knowledge's KnowledgeDeliver LMS, immediately replace the default ASP.NET machine keys in your web.config with unique, cryptographically strong ones to block these attacks. If possible, restrict portal access to trusted IP ranges, and monitor Windows Application logs for Event ID 1316 (ViewState verification failures).**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##
Mozilla@activitypub.awakari.com at 2026-05-27T18:59:43.000Z ## 🚩 Critical KnowledgeDeliver RCE (CVE-2026-5426) abused via shared ASP.NET machine keys to deliver web shells and Cobalt Strike KnowledgeDeliver exploit (CVE-2026-5426) enables RCE via ViewState ...

#TIGR #malware #vulnerability

Origin | Interest | Match ##
blog@insicurezzadigitale.com at 2026-05-27T07:47:40.000Z ##

CVE-2026-5426: zero-day in KnowledgeDeliver LMS sfruttato per distribuire BLUEBEAM e Cobalt Strike BEACON

Mandiant ha pubblicato i dettagli dell'exploitation attiva di CVE-2026-5426, zero-day nel LMS KnowledgeDeliver causato da chiavi ASP.NET machineKey hardcoded e condivise tra tutte le installazioni. L'attacco ha portato al deployment della web shell in-memory BLUEBEAM e, tramite social engineering degli utenti, alla distribuzione di Cobalt Strike BEACON personalizzato per organizzazione.

insicurezzadigitale.com/cve-20

##

CVE-2026-9642
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-05-26T21:32:08

1 posts

There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database Access) An unauthenticated remote attacker can access configured databases in a DIAView project.

thehackerwire@mastodon.social at 2026-05-26T22:00:09.000Z ##

🔴 CVE-2026-9642 - Critical (9.8)

There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database Access)

An unauthenticated remote attacker can access configured databases in a DIAView project.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8676
(8.8 HIGH)

EPSS: 0.02%

updated 2026-05-26T21:32:07

1 posts

An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond.

thehackerwire@mastodon.social at 2026-05-26T22:00:19.000Z ##

🟠 CVE-2026-8676 - High (8.8)

An attacker is able to downgrade the security of a Bluetooth LE connection by deleting an existing bond, spoofing the bonded device and creating a new bond.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44843
(8.2 HIGH)

EPSS: 0.01%

updated 2026-05-26T21:16:39.003000

1 posts

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad object allowlists. These paths may call load() with allowed_objects="all". This does not enable arbitrary Python object deserialization, but it does all

thehackerwire@mastodon.social at 2026-05-26T22:00:28.000Z ##

🟠 CVE-2026-44843 - High (8.2)

LangChain is a framework for building agents and LLM-powered applications. Prior to 0.3.85 and 1.3.3, LangChain contains older runtime code paths that deserialize run inputs, run outputs, or other application-controlled payloads using overly broad...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-7454
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T20:40:28.047000

1 posts

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

thehackerwire@mastodon.social at 2026-05-26T19:02:59.000Z ##

🟠 CVE-2026-7454 - High (7.8)

A maliciously crafted WRL file, when parsed through Autodesk 3ds Max, can force a Memory Corruption vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48172
(9.8 CRITICAL)

EPSS: 7.96%

updated 2026-05-26T20:19:13.460000

5 posts

LiteSpeed User-End cPanel Plugin before 2.4.5 allows privilege escalation (possibly to root), as exploited in the wild in May 2026. Detection is best done via a command line of grep -rE "cpanel_jsonapi_func=redisAble" /var/cpanel/logs /usr/local/cpanel/logs/ 2>/dev/null in Bash. If you get no output, you have not been hit with exploitation of the vulnerability. If there is output, we recommend you

2 repos

https://github.com/HORKimhab/CVE-2026-48172

https://github.com/retmakarunia/CVE-2026-48172

sayzard@mastodon.sayzard.org at 2026-05-27T19:43:01.000Z ##

LiteSpeed CPanel Plugin with Root Privilege Escalation Under Active Exploitation

LiteSpeed User-End cPanel Plugin의 CVE-2026-48172 취약점은 lsws.redisAble JSON API 함수의 권한 검증 오류로 인해 낮은 권한의 cPanel 사용자가 루트 권한으로 임의 스크립트를 실행할 수 있는 심각한 권한 상승 문제입니다. 이 취약점은 2.3부터 2.4.6 버전까지 영향을 미치며, 2.4.7 버전 이상으로 업데이트해야 해결됩니다. CISA KEV에 등재되어 실제 공격이 확인되었으며, 공격 탐지용 Python 스크립트도 공개되어 있어 서버 로그...

haltingproblems.com/analysis/l

##
offseq@infosec.exchange at 2026-05-27T10:30:30.000Z ##

⚠️ CRITICAL: Actively exploited privilege escalation in LiteSpeed cPanel plugin (CVE-2026-48172) enables remote root access via lsws.redisAble. Patch plugin v2.3 – v2.4.4 now! CISA mandates 4-day deadline for U.S. agencies. radar.offseq.com/threat/cisa-g #OffSeq #vuln #patchnow

##
bugxhunter@infosec.exchange at 2026-05-27T02:00:53.000Z ##

🏛️ CISA Adds LiteSpeed cPanel Plugin Privilege Escalation Vulnerability

📝 CISA adds CVE-2026-48172 to KEV Catalog, affecting federal agencies.

cisa.gov/news-events/alerts/20

📰 Alerts

#GovSec #CVE

##
secdb@infosec.exchange at 2026-05-26T20:00:14.000Z ##

🚨 [CISA-2026:0526] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-48172 (secdb.nttzen.cloud/cve/detail/)
- Name: LiteSpeed cPanel Plugin Privilege Escalation Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: LiteSpeed
- Product: cPanel Plugin
- Notes: blog.litespeedtech.com/2026/05 ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260526 #cisa20260526 #cve_2026_48172 #cve202648172

##
cisakevtracker@mastodon.social at 2026-05-26T18:01:10.000Z ##

CVE ID: CVE-2026-48172
Vendor: LiteSpeed
Product: cPanel Plugin
Date Added: 2026-05-26
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-25104
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T20:16:40.787000

2 posts

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability

thehackerwire@mastodon.social at 2026-05-26T14:00:09.000Z ##

🟠 CVE-2026-25104 - High (7.8)

MediaArea MediaInfoLib LXF parsing heap-based buffer overflow vulnerability

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-05-26T09:00:29.000Z ##

🚨 HIGH severity: CVE-2026-25104 impacts MediaArea MediaInfoLib 26.01. Integer underflow in LXF parsing can trigger heap-based buffer overflow. No patch yet — restrict untrusted LXF file parsing and monitor for updates. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Infosec

##

CVE-2026-8047
(7.5 HIGH)

EPSS: 0.07%

updated 2026-05-26T20:00:24.897000

1 posts

The affected products perform improper length checking when parsing incoming HTTP requests, resulting in a size-limited out-of-bounds write. An unauthenticated remote attacker can exploit this flaw to cause a denial of service via a system crash on the affected device.

certvde@infosec.exchange at 2026-05-26T07:14:44.000Z ##

#OT #Advisory VDE-2026-057
CODESYS Control - Out-of-bounds Write

Successful exploitation allows an unauthenticated remote attacker to trigger an out-of-bounds write, causing the CODESYS Control Runtime to crash and resulting in a denial of service on the affected device.
#CVE CVE-2026-8047

certvde.com/en/advisories/vde-

#CSAF codesys.csaf-tp.certvde.com/.w

##

CVE-2026-44469
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T20:00:24.897000

1 posts

The affected product extracts installation files to a temporary directory with incorrect default permissions during administrative installation. A low-privileged local attacker can exploit a TOCTOU race condition with a practical time window to replace verified files with malicious ones before installation, resulting in local privilege escalation.

certvde@infosec.exchange at 2026-05-26T07:14:09.000Z ##

#OT #Advisory VDE-2026-055
CODESYS Development System - Incorrect Default Permissions

Two local privilege escalation vulnerabilities were identified in the CODESYS Development System. Specifically, the PackageManager and the IPM create temporary directories with insecure default permissions when executed with administrative privileges. This allows low-privileged local users to modify a temporary bootstrap file to force the deployment of arbitrary components, or to exploit a Time-of-Check to Time-of-Use (TOCTOU) race condition to replace digitally verified installation files with malicious ones prior to installation. Both flaws bypass intended security boundaries during the installation of packages or add-ons.
#CVE CVE-2026-44469, CVE-2026-44468

certvde.com/en/advisories/vde-

#CSAF codesys.csaf-tp.certvde.com/.w

##

CVE-2026-9478
(9.8 CRITICAL)

EPSS: 0.89%

updated 2026-05-26T19:54:40.357000

1 posts

A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing a manipulation of the argument enable can lead to os command injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks.

offseq@infosec.exchange at 2026-05-26T03:00:25.000Z ##

🛑 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) is vulnerable (CVE-2026-9478) to remote OS command injection via the web interface. Public exploit available. Restrict access & monitor for patches! radar.offseq.com/threat/cve-20 #OffSeq #CVE20269478 #IoTSecurity #Infosec

##

CVE-2026-46368
(8.8 HIGH)

EPSS: 0.06%

updated 2026-05-26T19:50:21.747000

1 posts

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability in the setInitAction function. An authenticated user holding the luci.https-dns-proxy ACL permission can inject shell metacharacters through the 'name' parame

thehackerwire@mastodon.social at 2026-05-26T16:00:41.000Z ##

🟠 CVE-2026-46368 - High (8.8)

luci-app-https-dns-proxy through 2025.12.29-5 — an optional LuCI web UI add-on for the https-dns-proxy package, distributed through the OpenWrt community packages feed and not installed by default — contains a command injection vulnerability i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42773
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-05-26T19:31:20.323000

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in eMagicOne eMagicOne Store Manager allows Blind SQL Injection. This issue affects eMagicOne Store Manager: from n/a through 1.3.2.

offseq@infosec.exchange at 2026-05-26T00:00:35.000Z ##

🚨 CRITICAL: CVE-2026-42773 in eMagicOne Store Manager (≤1.3.2) enables unauthenticated Blind SQL Injection (CVSS 9.3). No patch yet. Restrict app access & monitor databases. Details: radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #Vuln #eMagicOne

##

CVE-2026-43284
(7.8 HIGH)

EPSS: 1.49%

updated 2026-05-26T18:32:39

1 posts

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(), so later paths that may modify packet data can first make a private copy. The IPv4/IPv6 datagram append paths did not set this flag when

32 repos

https://github.com/XRSecCD/202605_dirty_frag

https://github.com/infiniroot/ansible-mitigate-copyfail-dirtyfrag

https://github.com/liamromanis101/DirtyFrag-Detector

https://github.com/metalx1993/dirtyfrag-patches

https://github.com/xd20111/CVE-2026-43284

https://github.com/haydenjames/dirty-frag-check

https://github.com/ochebotar/copy-fail-CVE-2026-31431-detection-probe

https://github.com/AK777177/Dirty-Frag-Analysis

https://github.com/Koshmare-Blossom/DirtyFrag-go

https://github.com/LucasPDiniz/CVE-2026-43284

https://github.com/gagaltotal/CVE-2026-43284-CVE-2026-43500-scan

https://github.com/attaattaatta/CVE-2026-43500

https://github.com/Percivalll/Dirty-Frag-Kubernetes-PoC

https://github.com/AtlasVector/Dirty-Frag-CVE-2026-43284

https://github.com/kuniyal08/Dirty-Frag-CVE-2026-43284

https://github.com/whosfault/CVE-2026-43284

https://github.com/jayhutajulu1/CVE-2026-43284-DirtyFrag-PoC

https://github.com/ChernStepanov/DirtyFrag-for-dummies

https://github.com/suominen/CVE-2026-43284

https://github.com/linnemanlabs/dirtyfrag-arm64

https://github.com/mym0us3r/DIRTY-FRAG-Detection-with-Wazuh-4.14.4

https://github.com/dixyes/dirtypatch

https://github.com/Aiyakami/rust_dirtyfrag

https://github.com/ryan2929/CVE-2026-43284-

https://github.com/0xlane/pagecache-guard

https://github.com/krisiasty/vcheck

https://github.com/6abc/Copy-Fail-CVE-2026-31431-dirty-frag-CVE-2026-43284

https://github.com/FrosterDL/CVE-2026-43284

https://github.com/grabesec/XCP_ng_CVE-2026-43284_tester

https://github.com/scriptzteam/Paranoid-Dirty-Frag-CVE-2026-43284

https://github.com/KaraZajac/DIRTYFAIL

https://github.com/0xBlackash/CVE-2026-43284

linux@activitypub.awakari.com at 2026-05-28T03:43:38.000Z ## Dirty Frag: a kernel zero-day vs. container and microVM sandboxes On May 7, Hyunwoo Kim (V4bel) disclosed Dirty Frag — two Linux kernel vulnerabilities (CVE-2026-43284 and CVE-2026-43500) that gi...


Origin | Interest | Match ##

CVE-2026-8620
(7.5 HIGH)

EPSS: 0.05%

updated 2026-05-26T18:31:59

1 posts

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a specially crafted request.

thehackerwire@mastodon.social at 2026-05-26T19:03:10.000Z ##

🟠 CVE-2026-8620 - High (7.5)

IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to HTTP request smuggling in the Web Server Plug-ins through a special...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8855
(8.1 HIGH)

EPSS: 0.24%

updated 2026-05-26T18:31:59

1 posts

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

thehackerwire@mastodon.social at 2026-05-26T19:00:17.000Z ##

🟠 CVE-2026-8855 - High (8.1)

IBM HTTP Server 8.5, and 9.0 is vulnerable to remote code execution and denial of service in configurations with TLS mutual authentication (client authentication).

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8854
(7.5 HIGH)

EPSS: 0.01%

updated 2026-05-26T18:31:58

1 posts

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.

thehackerwire@mastodon.social at 2026-05-26T19:00:07.000Z ##

🟠 CVE-2026-8854 - High (7.5)

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module mod_mem_cache.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-8856
(7.7 HIGH)

EPSS: 0.03%

updated 2026-05-26T18:31:51

1 posts

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.

thehackerwire@mastodon.social at 2026-05-26T19:00:27.000Z ##

🟠 CVE-2026-8856 - High (7.7)

IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service in configurations where an attacker has write access to parts of the server configuration.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25112
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T18:31:42

1 posts

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.

thehackerwire@mastodon.social at 2026-05-26T16:59:57.000Z ##

🟠 CVE-2026-25112 - High (7.8)

A high-severity vulnerability in the deployment of Genetec RabbitMQ that allows a privilege escalation attack.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9496
(7.5 HIGH)

EPSS: 0.04%

updated 2026-05-26T15:33:18

1 posts

Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service (DoS) via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s regex replacement and string-manipulation logic, causing excessive CPU consumption and potentially stalling or crashing the process.

offseq@infosec.exchange at 2026-05-26T07:30:26.000Z ##

⚠️ HIGH severity: CVE-2026-9496 impacts pacote 11.2.7 in cloud-hosted setups. Crafted spec.rawSpec can trigger DoS via CPU exhaustion. Vendor patches are rolling out — verify your service is updated. No active exploitation seen. radar.offseq.com/threat/cve-20 #OffSeq #DoS #CloudSec

##

CVE-2026-45247
(9.8 CRITICAL)

EPSS: 0.10%

updated 2026-05-26T15:32:17

1 posts

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarmer cookie. Attackers can exploit the unrestricted call to PHP's native unserialize() function combined with gadget chains available in Magento and its de

thehackerwire@mastodon.social at 2026-05-26T16:00:25.000Z ##

🔴 CVE-2026-45247 - Critical (9.8)

Mirasvit Full Page Cache Warmer for Magento 2 before version 1.11.12 contains a PHP object injection vulnerability that allows unauthenticated attackers to achieve remote code execution by supplying a crafted serialized PHP object in the CacheWarm...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4480
(8.5 HIGH)

EPSS: 0.08%

updated 2026-05-26T15:32:17

1 posts

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J" substitution character without escaping shell meta characters. A remote attacker could exploit this vulnerability by sending a specially crafted print job description that contains unescaped shell characters. This could

thehackerwire@mastodon.social at 2026-05-26T16:00:15.000Z ##

🟠 CVE-2026-4480 - High (8.5)

A flaw was found in the Samba printing subsystem. Samba passes the client-controlled job description string to the command configured with the "print command" setting via the "%J"
substitution character without escaping shell meta characters. A re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48131
(8.1 HIGH)

EPSS: 0.02%

updated 2026-05-26T15:32:16

1 posts

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service (temporary disruption of VPN-related functionality).

thehackerwire@mastodon.social at 2026-05-26T15:00:59.000Z ##

🟠 CVE-2026-48131 - High (8.1)

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service (temporary disrupt...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-9543
(9.8 CRITICAL)

EPSS: 0.20%

updated 2026-05-26T15:32:16

1 posts

A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os command injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used.

thehackerwire@mastodon.social at 2026-05-26T15:00:39.000Z ##

🔴 CVE-2026-9543 - Critical (9.8)

A vulnerability has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Such manipulation of the argument admpass leads to os comman...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26980
(9.4 CRITICAL)

EPSS: 56.66%

updated 2026-05-26T15:16:24.310000

4 posts

Ghost is a Node.js content management system. Versions 3.24.0 through 6.19.0 allow unauthenticated attackers to perform arbitrary reads from the database. This issue has been fixed in version 6.19.1.

Nuclei template

4 repos

https://github.com/Kulik-Labs-Development/Ghost-CMS-Code-Injection-Audit-CVE-2026-26980

https://github.com/vognik/CVE-2026-26980

https://github.com/dinosn/ghost-cve-2026-26980

https://github.com/EQSTLab/CVE-2026-26980

benzogaga33@mamot.fr at 2026-05-28T09:20:03.000Z ##

Plus de 700 sites piratés : la faille critique de Ghost CMS qui sème la terreur sur le web goodtech.info/ghost-cms-faille #Développement #Applications #Sécurité #Àlaune

##
benzogaga33@mamot.fr at 2026-05-28T09:20:03.000Z ##

Plus de 700 sites piratés : la faille critique de Ghost CMS qui sème la terreur sur le web goodtech.info/ghost-cms-faille #Développement #Applications #Sécurité #Àlaune

##
tomshw@mastodon.social at 2026-05-26T11:05:09.000Z ##

⚠️ Un CMS molto usato finisce nel mirino: siti legittimi possono diventare trappole invisibili. Aggiornare, monitorare, verificare. #Cybersecurity #CMS

🔗 tomshw.it/hardware/ghost-cms-c

##
oversecurity@mastodon.social at 2026-05-26T10:40:33.000Z ##

Critical Ghost CMS Vulnerability Exploited to Hack 700+ Websites

A critical Ghost CMS vulnerability identified as CVE-2026-26980 has been exploited in a widespread cyber campaign that compromised more than 700...

🔗️ [Thecyberexpress] link.is.it/FdS8KE

##

CVE-2026-44468
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T13:31:03

1 posts

The affected product creates a directory with insecure default permissions during administrative installation. This allows a low-privileged local attacker to modify a temporary file defining the components to be installed, enabling local privilege escalation by forcing the deployment of arbitrary components.

certvde@infosec.exchange at 2026-05-26T07:14:09.000Z ##

#OT #Advisory VDE-2026-055
CODESYS Development System - Incorrect Default Permissions

Two local privilege escalation vulnerabilities were identified in the CODESYS Development System. Specifically, the PackageManager and the IPM create temporary directories with insecure default permissions when executed with administrative privileges. This allows low-privileged local users to modify a temporary bootstrap file to force the deployment of arbitrary components, or to exploit a Time-of-Check to Time-of-Use (TOCTOU) race condition to replace digitally verified installation files with malicious ones prior to installation. Both flaws bypass intended security boundaries during the installation of packages or add-ons.
#CVE CVE-2026-44469, CVE-2026-44468

certvde.com/en/advisories/vde-

#CSAF codesys.csaf-tp.certvde.com/.w

##

CVE-2026-8046
(8.1 HIGH)

EPSS: 0.10%

updated 2026-05-26T13:31:02

1 posts

The affected products insufficiently verify authorization when deleting user accounts. An authenticated, low-privileged remote user can exploit this vulnerability to delete other users, including those with higher privileges.

certvde@infosec.exchange at 2026-05-26T07:14:28.000Z ##

#OT #Advisory VDE-2026-056
CODESYS Control - Incorrect Authorization

The CODESYS Control runtime system provides a user management mechanism with multiple privilege groups including the visualization administrators group, which is intended solely to manage visualization users.
#CVE CVE-2026-8046

certvde.com/en/advisories/vde-

#CSAF codesys.csaf-tp.certvde.com/.w

##

CVE-2026-39661
(7.5 HIGH)

EPSS: 0.11%

updated 2026-05-26T13:30:57

1 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magentech SW Core allows PHP Local File Inclusion. This issue affects SW Core: from n/a through 1.7.18.

thehackerwire@mastodon.social at 2026-05-26T14:00:00.000Z ##

🟠 CVE-2026-39661 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Magentech SW Core allows PHP Local File Inclusion.

This issue affects SW Core: from n/a through 1.7.18.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25713
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-26T13:30:56

1 posts

MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability

thehackerwire@mastodon.social at 2026-05-26T14:00:23.000Z ##

🟠 CVE-2026-25713 - High (7.8)

MediaArea MediaInfoLib ID3v2 parsing heap buffer overflow vulnerability

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42774
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-05-26T13:30:53

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Crocoblock JetEngine allows SQL Injection. This issue affects JetEngine: from n/a through 3.8.8.1.

offseq@infosec.exchange at 2026-05-26T01:30:23.000Z ##

🚨 CRITICAL SQL Injection (CVE-2026-42774) in Crocoblock JetEngine ≤ 3.8.8.1 (CVSS 9.3). Unauthenticated attackers could access sensitive DB data. No vendor patch yet — restrict access & monitor activity. More: radar.offseq.com/threat/cve-20 #OffSeq #SQLInjection #WordPress

##

CVE-2026-4372
(7.8 HIGH)

EPSS: 0.03%

updated 2026-05-26T13:30:34

1 posts

A critical remote code execution vulnerability exists in all versions of the HuggingFace transformers library prior to version 5.3.0. The vulnerability allows an attacker to craft a malicious `config.json` file containing the `_attn_implementation_internal` field set to an attacker-controlled HuggingFace Hub repository ID. When a victim loads this model using the standard `AutoModelForCausalLM.fro

drmorrisj@mastodon.social at 2026-05-28T01:45:06.000Z ##

Mother fucker. Just when you start to think, "maybe I do not actually need to write a model for that?" CVE-2026-4372

##

CVE-2026-45659
(8.8 HIGH)

EPSS: 0.50%

updated 2026-05-26T13:30:30

3 posts

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

2 repos

https://github.com/mistbarbarianspot/CVE-2026-45659-SharePoint-RCE

https://github.com/HORKimhab/CVE-2026-45659

youranonnewsirc@nerdculture.de at 2026-05-27T11:34:02.000Z ##

Global tensions escalate with US strikes on Iran and Israeli actions in Lebanon (May 27). Tech sees an AI boom boosting chip stocks, with China restricting AI talent travel. Cybersecurity highlights: FBI warns on "First VPN Service" enabling ransomware (May 27), and Microsoft patched a critical SharePoint RCE vulnerability (CVE-2026-45659).

#AnonNews_irc #Cybersecurity #News

##
beyondmachines1@infosec.exchange at 2026-05-27T08:01:06.000Z ##

Microsoft Patches High-Severity SharePoint RCE Vulnerability CVE-2026-45659

Microsoft patched a high-severity remote code execution vulnerability (CVE-2026-45659) in SharePoint that allows authenticated attackers with low-level permissions to execute arbitrary code via untrusted data deserialization.

**If you run SharePoint on-premise (Subscription Edition, 2019, or 2016), apply Microsoft's patch for CVE-2026-45659 asap, since even low-level Site Member accounts can trigger remote code execution.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
benzogaga33@mamot.fr at 2026-05-26T15:40:04.000Z ##

Faille RCE dans SharePoint : Microsoft publie un patch pour la CVE-2026-45659 it-connect.fr/faille-rce-share #ActuCybersécurité #Cybersécurité #Vulnérabilité #SharePoint #Microsoft

##

CVE-2026-45250
(7.8 HIGH)

EPSS: 0.01%

updated 2026-05-22T03:30:26

1 posts

The setcred(2) system call is only available to privileged users. However, before the privilege level of the caller is checked, the user-supplied list of supplementary groups is copied into a fixed-size kernel stack buffer without first validating its length. If the supplied list exceeds the capacity of that buffer, a stack buffer overflow occurs. Because the bounds check on the supplementary g

1 repos

https://github.com/venglin/setcred

emaste@mastodon.social at 2026-05-26T18:07:06.000Z ##

@lattera How is autoloading zfs.ko related to CVE-2026-45250?

##

CVE-2010-0249
(8.8 HIGH)

EPSS: 88.68%

updated 2026-05-21T12:57:01.463000

1 posts

Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; Windows XP SP2 and SP3; Windows Server 2003 SP2; Windows Vista Gold, SP1, and SP2; Windows Server 2008 Gold, SP2, and R2; and Windows 7 allows remote attackers to execute arbitrary code by accessing a pointer associated with a deleted object, related to incorrectly initialized memory and improper ha

nyanbinary@infosec.exchange at 2026-05-26T21:36:21.000Z ##

Ok, CISA adding CVE-2010-0249 (Use-After-Free in checks notes Internet Explorer 6, 6 SP1, 7, and 8 for Server up to 2008 & Win7 to their KEV list... last week... has me giggle.

Yeah, I guess there may be EITW exploitation? But putting a "you got 2 weeks to fix your Server 2008 Internet Explorer NOW in 2 weeks!!!" is, like, seriously funny.

db.gcve.eu/known-exploited-vul

##

CVE-2026-9082
(6.5 MEDIUM)

EPSS: 34.17%

updated 2026-05-20T21:32:36

2 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Drupal Drupal core allows SQL Injection. This issue affects Drupal core: from 8.9.0 before 10.4.10, from 10.5.0 before 10.5.10, from 10.6.0 before 10.6.9, from 11.0.0 before 11.1.10, from 11.2.0 before 11.2.12, from 11.3.0 before 11.3.10.

Nuclei template

9 repos

https://github.com/0xBlackash/CVE-2026-9082

https://github.com/strobelpierre/CVE-2026-9082

https://github.com/N45HT/drupal-cve-2026-9082-checker

https://github.com/ywh-jfellus/CVE-2026-9082

https://github.com/thinhap/CVE-2026-9082-PoC

https://github.com/ridhinva/CVE-2026-9082

https://github.com/HORKimhab/CVE-2026-9082

https://github.com/lysophavin18/cve-2026-9082

https://github.com/7h30th3r0n3/CVE-2026-9082-Drupal-PoC

maniabel@mastodon.de at 2026-05-26T19:55:39.000Z ##

Drupal: kritische Sicherheitslücke (CVE-2026-9082). Der Patch steht zur Verfügung. Aktuell sind in Deutschland 61 Instanzen ungepatcht.
Interessiert das irgendjemenschen? Braucht es weitere Informationen? Oder ist der Beitrag flüssiger als Wasser?

dashboard.shadowserver.org/sta

#Drupal #infosec

##
hackmag@infosec.exchange at 2026-05-25T18:00:02.000Z ##

⚪️ Critical Drupal bug could lead to remote code execution

🗨️ The Drupal developers have released emergency patches for a “highly critical” vulnerability in Drupal Core that affects sites using PostgreSQL. The issue has been assigned the identifier CVE-2026-9082 and is related to an SQL injection, which in some scenarios may…

🔗 hackmag.com/news/drupal-inject

#news

##

CVE-2026-41091
(7.8 HIGH)

EPSS: 5.94%

updated 2026-05-20T19:06:36.850000

3 posts

Improper link resolution before file access ('link following') in Microsoft Defender allows an authorized attacker to elevate privileges locally.

2 repos

https://github.com/0xBlackash/CVE-2026-41091

https://github.com/ridhinva/defender-vulnerability-scanner

hackmag@infosec.exchange at 2026-05-27T18:30:03.000Z ##

⚪️ Microsoft patches UnDefend and RedSun 0‑day vulnerabilities

🗨️ Microsoft developers have released out-of-band updates to fix two 0‑day vulnerabilities in Microsoft Defender that are already being used in real-world attacks. These are the bugs CVE-2026-41091 and CVE-2026-45498, known as RedSun and UnDefend. The first issue (7.8 on the…

🔗 hackmag.com/news/undefend-reds

#news

##
christopherkunz@chaos.social at 2026-05-26T10:31:47.000Z ##

The RedSun vulnerability was "officially fixed" on May 19, with the fix being "let's break the PoC by quarantining the affected .exe". The fix is just part of a Defender definition update. So, I guess the Red Sun no longer prevails.
msrc.microsoft.com/update-guid

##
christopherkunz@chaos.social at 2026-05-26T06:57:56.000Z ##

@jhr77 @Hal_9000 Turns out my hunch was right: CVE-2026-41091 is RedSun.

##

CVE-2026-45498
(4.0 None)

EPSS: 4.11%

updated 2026-05-20T18:31:35

1 posts

Microsoft Defender Denial of Service Vulnerability

1 repos

https://github.com/ridhinva/defender-vulnerability-scanner

hackmag@infosec.exchange at 2026-05-27T18:30:03.000Z ##

⚪️ Microsoft patches UnDefend and RedSun 0‑day vulnerabilities

🗨️ Microsoft developers have released out-of-band updates to fix two 0‑day vulnerabilities in Microsoft Defender that are already being used in real-world attacks. These are the bugs CVE-2026-41091 and CVE-2026-45498, known as RedSun and UnDefend. The first issue (7.8 on the…

🔗 hackmag.com/news/undefend-reds

#news

##

CVE-2026-45137
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-19T16:08:42

2 posts

### Summary An logic error causes anchor programs to accept any program id when requiring the system program id, causing false assumptions resulting in potential arbitrary cpi in programs that invoke system program instructions. ### Details In the TryFrom<&'a AccountInfo<'a>> implementation for Program<'a, T>, the id of T is compared with Pubkey::default() to check whether anchor should allow any

thehackerwire@mastodon.social at 2026-05-27T22:01:41.000Z ##

🟠 CVE-2026-45137 - High (8.2)

Anchor is a framework providing several convenient developer tools for writing Solana programs. From 1.0.0 to before 1.0.2, an logic error causes anchor programs to accept any program id when requiring the system program id, causing false assumpti...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T22:01:41.000Z ##

🟠 CVE-2026-45137 - High (8.2)

Anchor is a framework providing several convenient developer tools for writing Solana programs. From 1.0.0 to before 1.0.2, an logic error causes anchor programs to accept any program id when requiring the system program id, causing false assumpti...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-42096(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-05-19T15:31:29

1 posts

Sparx Pro Cloud Server is vulnerable to Broken Access Control within communication with the database. Due to lack of permission checks, any low privileged user can run arbitrary SQL queries within database user context. The vendor was notified early about this vulnerability, but didn't respond with the details of vulnerability or vulnerable version range. Only version 6.1 (build 167) and below we

1 repos

https://github.com/br0xpl/sparx_hack

campuscodi@mastodon.social at 2026-05-26T17:43:45.000Z ##

Sparx Systems has failed to patch five security issues in its Pro Cloud Server even after being contacted by CERT Poland

cert.pl/en/posts/2026/05/CVE-2

##

CVE-2026-45736
(4.4 MEDIUM)

EPSS: 0.01%

updated 2026-05-19T14:39:20.353000

1 posts

ws is an open source WebSocket client and server for Node.js. Prior to 8.20.1, the websocket.close() implementation is vulnerable to uninitialized memory disclosure when a TypedArray is passed as the reason argument. This vulnerability is fixed in 8.20.1.

lambdawatchdog@techhub.social at 2026-05-27T12:01:02.000Z ##

🔍 Lambda Watchdog detected that CVE-2026-45736 is no longer present in latest AWS Lambda base image scans. github.com/aws/aws-lambda-base #AWS #Lambda #Security #CVE #DevOps #SecOps

##

CVE-2026-45829(CVSS UNKNOWN)

EPSS: 0.17%

updated 2026-05-18T18:31:30

1 posts

A pre-authentication, code injection vulnerability in version 1.0.0 or later of the ChromaDB Python project allows an unauthenticated attacker to run arbitrary code on the server by sending a malicious model repository and trust_remote_code set to true in the /api/v2/tenants/{tenant}/databases/{db}/collections endpoint.

2 repos

https://github.com/fevar54/FULL-ANALYSIS---CVE-2026-45829-ChromaDB-

https://github.com/0xBlackash/CVE-2026-45829

nicfab@fosstodon.org at 2026-05-26T08:12:31.000Z ##

NicFab Newsletter #22 is out.

→ Garante fines Ambrosetti €85k for late breach notification (Art. 34 GDPR)
→ Verizon DBIR 2026: vuln exploitation overtakes credentials as #1 vector
→ Commission opens first Article 112(1) AI Act review
→ Colorado CADMA replaces the 2024 AI Act
→ Unpatched RCE in ChromaDB (CVE-2026-45829)

Read: nicfab.eu/en/newsletter-issues
Subscribe: nicfab.eu/en/pages/newsletter/

#Privacy #AIAct #AI #GDPR #Cybersecurity

##

CVE-2026-45298
(8.6 HIGH)

EPSS: 0.02%

updated 2026-05-18T16:41:41

1 posts

## Summary In a default dozzle deploy (the documented quickstart, no `DOZZLE_AUTH_PROVIDER` set), `POST /api/notifications/test-webhook` is reachable without authentication and forwards an attacker-controlled URL into a `WebhookDispatcher` that: - Sends an HTTP POST to the supplied URL with attacker-controlled request headers, and - Returns the response status code AND up to 1MB of the response

thehackerwire@mastodon.social at 2026-05-26T23:01:25.000Z ##

🟠 CVE-2026-45298 - High (8.6)

Dozzle is a realtime log viewer for docker containers. Prior to 10.5.2, in a default dozzle deploy (the documented quickstart, no DOZZLE_AUTH_PROVIDER set), POST /api/notifications/test-webhook is reachable without authentication and forwards an a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43500
(7.8 HIGH)

EPSS: 1.26%

updated 2026-05-17T16:16:16.740000

1 posts

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy the skb to a linear one before calling into the security ops only when skb_cloned() is true. An skb that is not cloned but still carries externally-o

14 repos

https://github.com/AK777177/Dirty-Frag-Analysis

https://github.com/XRSecCD/202605_dirty_frag

https://github.com/Koshmare-Blossom/DirtyFrag-go

https://github.com/gagaltotal/CVE-2026-43284-CVE-2026-43500-scan

https://github.com/krisiasty/vcheck

https://github.com/0xlane/pagecache-guard

https://github.com/attaattaatta/CVE-2026-43500

https://github.com/liamromanis101/DirtyFrag-Detector

https://github.com/metalx1993/dirtyfrag-patches

https://github.com/vorkampfer/dirty_frag_mitigation

https://github.com/linnemanlabs/dirtyfrag-arm64

https://github.com/haydenjames/dirty-frag-check

https://github.com/KaraZajac/DIRTYFAIL

https://github.com/mym0us3r/DIRTY-FRAG-Detection-with-Wazuh-4.14.4

linux@activitypub.awakari.com at 2026-05-28T03:43:38.000Z ## Dirty Frag: a kernel zero-day vs. container and microVM sandboxes On May 7, Hyunwoo Kim (V4bel) disclosed Dirty Frag — two Linux kernel vulnerabilities (CVE-2026-43284 and CVE-2026-43500) that gi...


Origin | Interest | Match ##

CVE-2026-42897
(8.1 HIGH)

EPSS: 7.49%

updated 2026-05-15T18:30:32

1 posts

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Exchange Server allows an unauthorized attacker to perform spoofing over a network.

1 repos

https://github.com/atiilla/CVE-2026-42897

wordfence@mastodon.social at 2026-05-27T23:11:55.000Z ##

Microsoft Exchange Zero-Day Under Attack | Wordfence Security News Clip | May 18, 2026

Microsoft disclosed an actively exploited XSS zero-day in Exchange Server OWA affecting Exchange 2016, 2019, and Subscription Edition.

CVE-2026-42897 requires no prior foothold or stolen credentials. CISA added it to the KEV catalog on May 15th.

Verify the Exchange Emergency Mitigation Service is running and rule M2.1.x is applied.

youtube.com/shorts/WBP06q6bE00

##

CVE-2026-45574
(8.1 HIGH)

EPSS: 0.01%

updated 2026-05-15T18:29:32

1 posts

### Impact An attacker on the network path between the ePA service and the Konnektor can present any TLS certificate (self-signed, expired, wrong CN) and intercept all SOAP traffic. This includes patient identifiers (KVNR), SMC-B card operations (authentication, signing), document content, and credential exchanges. ### Patches [#36](https://github.com/oviva-ag/epa4all-client/pull/36) ### Workaro

thehackerwire@mastodon.social at 2026-05-26T23:01:34.000Z ##

🟠 CVE-2026-45574 - High (8.1)

epa4all-client is the Java Client for epa4all / ePA 3.0 in the Telematik Infrastruktur. Prior to 1.2.2, an attacker on the network path between the ePA service and the Konnektor can present any TLS certificate (self-signed, expired, wrong CN) and ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41089
(9.8 CRITICAL)

EPSS: 0.13%

updated 2026-05-15T15:42:17.907000

1 posts

Stack-based buffer overflow in Windows Netlogon allows an unauthorized attacker to execute code over a network.

threatcodex@infosec.exchange at 2026-05-26T17:43:22.000Z ##

Micropatches released for Windows Netlogon Remote Code Execution Vulnerability (CVE-2026-41089)
#CVE_2026_41089
blog.0patch.com/2026/05/microp

##

CVE-2026-42945
(8.1 HIGH)

EPSS: 1.04%

updated 2026-05-14T21:30:40

1 posts

NGINX Plus and NGINX Open Source have a vulnerability in the ngx_http_rewrite_module module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression (PCRE) capture (for example, $1, $2) with a replacement string that includes a question mark (?). An unauthenticated attacker along with conditions beyond it

35 repos

https://github.com/MateusVerass/nGixshell

https://github.com/fkj-src/fix_nginx_cve_2026_42945

https://github.com/nanwinata/nginxrift-CVE-2026-42945

https://github.com/oseasfr/Scanner_CVE_2026-42945

https://github.com/bamov970/CVE-2026-42945-Nginx-RCE-bypass-ASLR

https://github.com/DepthFirstDisclosures/Nginx-Rift

https://github.com/hnytgl/cve-2026-42945

https://github.com/chenqin231/CVE-2026-42945

https://github.com/p3Nt3st3r-sTAr/CVE-2026-42945-POC

https://github.com/RedCrazyGhost/CVE-2026-42945

https://github.com/jelasin/CVE-2026-42945

https://github.com/byezero/nginx-cve-2026-42945-check

https://github.com/webdev75950-ux/nginx-rce-cve-2026-42945

https://github.com/ChamsBouzaiene/ai-vuln-rediscovery-nginx-cve-2026-42945

https://github.com/forxiucn/nginx-cve-2026-42945-poc

https://github.com/cipherspy/CVE-2026-42945-POC

https://github.com/realityone/cve-2026-42945-scan

https://github.com/dinosn/cve-2026-42945-nginx32-lab

https://github.com/gagaltotal/CVE-2026-42945-NGINX-Rift-Toolkit

https://github.com/yusufdalbudak/CVE-2026-42945

https://github.com/karakapaku43/CVE-2026-42945

https://github.com/BarAppTeam/nginx-cve-fix

https://github.com/iammerrida-source/nginx-rift-detect

https://github.com/quantumworld-dpdns-io/CVE-2026-42945

https://github.com/F2u0a0d3/CVE-2026-42945-nginx-rift-poc

https://github.com/tal7aouy/nginx-cve-2026-42945

https://github.com/sibersan/web-server-audit_CVE-2026-42945

https://github.com/soksofos/wazuh-nginx-cve-2026-42945-sca-lab

https://github.com/Renison-Gohel/CVE-2026-42945-NGINX-Rift

https://github.com/imSre9/CVE-2026-42945

https://github.com/rheodev/CVE-2026-42945

https://github.com/niekaicheng/CVE-2026-42945_NGINX_Rift

https://github.com/nu0l/NGINX-Rift

https://github.com/0xBlackash/CVE-2026-42945

https://github.com/friparia/NGINX_RIFT_SCAN_CVE_2026_42945

nemo@mas.to at 2026-05-27T11:30:17.000Z ##

Researchers report "NGINX Rift" (CVE-2026-42945) is being probed and exploited days after disclosure — attackers are scanning exposed servers for the 18‑year bug. Patches released; teams urged to remediate. 🔍⚠️🛡️ #NGINX #infosec #CVE2026-42945 theregister.com/security/2026/

##

CVE-2026-0265
(0 None)

EPSS: 0.03%

updated 2026-05-13T18:17:47.830000

1 posts

An authentication bypass vulnerability in Palo Alto Networks PAN-OS® software enables an unauthenticated attacker with network access to bypass authentication controls when Cloud Authentication Service (CAS) is enabled. The risk is higher if CAS is enabled on the management interface and lower when any other login interfaces are used. The risk of this issue is greatly reduced if you secure acc

2 repos

https://github.com/BishopFox/CVE-2026-0265-check

https://github.com/tstephens1080/palo-alto-cve-2026-0265-checker

hrbrmstr@mastodon.social at 2026-05-25T15:08:44.000Z ##

I thought Palo was part of the Mythos seekrit cabal platform and also had their own advanced AI BS that protected enterprises from everything.

Given that, how does CVE-2026-0265 — an at-scale PAN-OS CAS Authentication Bypass — happen now?

Seems like Mythos isn't all its cracked up to be?

##

CVE-2026-45321
(9.6 CRITICAL)

EPSS: 0.03%

updated 2026-05-13T16:25:19

3 posts

## Summary On 2026-05-11, between approximately 19:20 and 19:26 UTC, 84 malicious versions across 42 `@tanstack/*` packages were published to the npm registry. The publishes were authenticated via the legitimate GitHub Actions OIDC trusted-publisher binding for `TanStack/router`, but the publish workflow itself was not modified. The attacker chained three known vulnerability classes — a `pull_req

12 repos

https://github.com/prashanthnataraj/mini-shai-hulud-detector

https://github.com/renewablehacking/CVE-2026-45321-Tanstack

https://github.com/Breakingcircuitsllc/teampcp_shai_hulud.yar

https://github.com/Intrudify/mini-shai-hulud-scanner

https://github.com/nkopylov/tanscript-exploit-check

https://github.com/Yomisana/are-you-get-tanstack-attack

https://github.com/Caixa-git/tanstack-shield

https://github.com/fabriziosalmi/tanstack-compromise-checker

https://github.com/ry-allan/tanstack-compromise-checker

https://github.com/digi4care/shai-scan

https://github.com/shayr1/shai-hulud-scan

https://github.com/qi-scape/scan-shai-hulud

secdb at 2026-05-27T20:00:15.931Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (secdb.nttzen.cloud/cve/detail/)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/TanStack/router/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-48027 (secdb.nttzen.cloud/cve/detail/)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/nrwl/nx-console/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-8398 (secdb.nttzen.cloud/cve/detail/)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: blog.daemon-tools.cc/post/secu ; nvd.nist.gov/vuln/detail/CVE-2

##
secdb@infosec.exchange at 2026-05-27T20:00:15.000Z ##

🚨 [CISA-2026:0527] CISA Adds 3 Known Exploited Vulnerabilities to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added 3 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45321 (secdb.nttzen.cloud/cve/detail/)
- Name: TanStack Unspecified Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: TanStack
- Product: TanStack
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/TanStack/router/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-48027 (secdb.nttzen.cloud/cve/detail/)
- Name: Nx Console Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Nx
- Product: Nx Console
- Notes: This vulnerability could affect an open-source component, third-party library, protocol, or proprietary implementation that could be used by different products. For more information, please see: github.com/nrwl/nx-console/sec ; nvd.nist.gov/vuln/detail/CVE-2

⚠️ CVE-2026-8398 (secdb.nttzen.cloud/cve/detail/)
- Name: Daemon Tools Lite Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Daemon
- Product: Daemon Tools Lite
- Notes: blog.daemon-tools.cc/post/secu ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260527 #cisa20260527 #cve_2026_45321 #cve_2026_48027 #cve_2026_8398 #cve202645321 #cve202648027 #cve20268398

##
cisakevtracker@mastodon.social at 2026-05-27T18:01:05.000Z ##

CVE ID: CVE-2026-45321
Vendor: TanStack
Product: TanStack
Date Added: 2026-05-27
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-45152
(7.8 HIGH)

EPSS: 0.00%

updated 2026-05-13T15:33:13

2 posts

I discovered a command injection vulnerability in uniget that allows arbitrary command execution through the metadata loading and version check mechanism. ### Summary A command injection vulnerability exists in uniget due to unsafe execution of the `check` field from metadata files using `/bin/bash -c`. Because the `check` field is loaded directly from untrusted JSON metadata without validation

thehackerwire@mastodon.social at 2026-05-27T23:00:43.000Z ##

🟠 CVE-2026-45152 - High (7.8)

uniget is a universal installer and updater for (container) tools. Prior to 0.27.1, a command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c. Because the check field is lo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T23:00:43.000Z ##

🟠 CVE-2026-45152 - High (7.8)

uniget is a universal installer and updater for (container) tools. Prior to 0.27.1, a command injection vulnerability exists in uniget due to unsafe execution of the check field from metadata files using /bin/bash -c. Because the check field is lo...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44724
(7.8 HIGH)

EPSS: 0.00%

updated 2026-05-13T15:29:22

2 posts

## Summary On Linux, `systeminformation` is vulnerable to command injection in `networkInterfaces()` when an **active NetworkManager connection profile name** contains shell metacharacters. This is not caused by a caller passing attacker-controlled arguments into `networkInterfaces()`. The vulnerable value is obtained internally from real `nmcli device status` output. The library sanitizes the n

thehackerwire@mastodon.social at 2026-05-28T05:00:48.000Z ##

🟠 CVE-2026-44724 - High (7.8)

systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces() when an active NetworkManager connection profile name contains shell...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T05:00:48.000Z ##

🟠 CVE-2026-44724 - High (7.8)

systeminformation is a System and OS information library for node.js. From 4.17.0 to 5.31.5, on Linux, systeminformation is vulnerable to command injection in networkInterfaces() when an active NetworkManager connection profile name contains shell...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2016-10156
(7.8 HIGH)

EPSS: 0.71%

updated 2026-05-13T00:24:29.033000

2 posts

A flaw in systemd v228 in /src/basic/fs-util.c caused world writable suid files to be created when using the systemd timers features, allowing local attackers to escalate their privileges to root. This is fixed in v229.

grawity@treehouse.systems at 2026-05-28T07:50:28.000Z ##

my approach to finding security bugs:

me in 2017: "hmm the directory is world-writable, and the sticky bit looks ugly in my colorized ls, I'll send a patch"
someone on IRC a week later: "hey you're named in CVE-2016-10156"

me in 2023: "ugh OpenSSH crashes when I'm connecting from my retro Win98 VM"
someone on IRC a week later: "hey did you know you're in CVE-2023-25136"

##
grawity@treehouse.systems at 2026-05-28T07:50:28.000Z ##

my approach to finding security bugs:

me in 2017: "hmm the directory is world-writable, and the sticky bit looks ugly in my colorized ls, I'll send a patch"
someone on IRC a week later: "hey you're named in CVE-2016-10156"

me in 2023: "ugh OpenSSH crashes when I'm connecting from my retro Win98 VM"
someone on IRC a week later: "hey did you know you're in CVE-2023-25136"

##

CVE-2026-28952
(7.5 HIGH)

EPSS: 0.02%

updated 2026-05-12T18:30:36

6 posts

An integer overflow was addressed with improved input validation. This issue is fixed in iOS 18.7.9 and iPadOS 18.7.9, macOS Sequoia 15.7.7, macOS Sonoma 14.8.7, macOS Tahoe 26.5. An app may be able to cause unexpected system termination.

hackersnews@mastodon.cesium.pw at 2026-05-26T05:30:08.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude
news.ycombinator.com/item?id=4

#hackernews #tech

##
hn100@social.lansky.name at 2026-05-26T04:45:09.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

Link: support.apple.com/en-us/127115
Discussion: news.ycombinator.com/item?id=4

##
hn50@social.lansky.name at 2026-05-26T01:15:06.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

Link: support.apple.com/en-us/127115
Discussion: news.ycombinator.com/item?id=4

##
hnbot@chrispelli.fun at 2026-05-26T00:13:26.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude - support.apple.com/en-us/127115

#hackernews

##
h4ckernews@mastodon.social at 2026-05-26T00:12:12.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

support.apple.com/en-us/127115

#HackerNews #CVE202628952 #Apple #macOS #Kernel #Vulnerability #CyberSecurity #Claude

##
CuratedHackerNews@mastodon.social at 2026-05-26T00:12:03.000Z ##

CVE-2026-28952: Apple macOS 26.5 Kernel Vuln found by Claude

support.apple.com/en-us/127115

#apple #macos

##

CVE-2026-44483
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-11T16:09:41

1 posts

## Summary `setPath` in `@rvf/set-get` (used by `@rvf/core` to flatten incoming form data into a nested object) does not block the keys `__proto__`, `constructor`, or `prototype` when walking a path. Because field names in submitted form data are passed directly to `setPath` via `preprocessFormData` (and through `parseFormData` / `validate`), an attacker who can submit a form to a Remix / React R

thehackerwire@mastodon.social at 2026-05-27T18:00:43.000Z ##

🟠 CVE-2026-44483 - High (8.2)

RVF (formerly Remix Validated Form) provides easy form validation and state management for React. From 6.0.0 to before 6.0.4 and 7.0.2, setPath in @Rvf/set-get (used by @Rvf/core to flatten incoming form data into a nested object) does not block t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44971
(8.2 HIGH)

EPSS: 0.00%

updated 2026-05-11T14:45:09

1 posts

# Summary The programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credentials with the resulting request. This allows an attacker who can influence the scanned repository URL to trigger SSRF and capture the `GH_TOKEN` used by GuardDog. # Description `ProjectScanner.scan_remote()` takes a `url`,

thehackerwire@mastodon.social at 2026-05-27T17:01:11.000Z ##

🟠 CVE-2026-44971 - High (8.2)

GuardDog is a CLI tool to identify malicious PyPI packages. From 1.0.0 to 2.9.0, the programmatic remote project scanning path rewrites attacker-controlled repository URLs using a blind string replacement and then sends the caller's GitHub credent...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44895(CVSS UNKNOWN)

EPSS: 0.02%

updated 2026-05-09T00:10:30

1 posts

## SSE Transport Has No Authentication and Wildcard CORS, Exposing All 86 GitLab Tools Including Destructive Operations A review of `mcp-gitlab-server` at commit `80a7b4cf3fba6b55389c0ef491a48190f7c8996a` uncovered that the SSE HTTP transport — advertised in the README and comparison table as a differentiating feature — runs with no authentication and wildcard CORS on every endpoint. The maintain

offseq@infosec.exchange at 2026-05-27T00:00:35.000Z ##

🚨 CRITICAL: CVE-2026-44895 in yoda-digital mcp-gitlab-server (<0.6.0) allows unauthenticated access to a mutation-capable RPC endpoint, risking full GitLab resource compromise. Upgrade to 0.6.0+ ASAP. radar.offseq.com/threat/cve-20 #OffSeq #Vuln #GitLab #CVE202644895

##

CVE-2026-44326
(9.4 CRITICAL)

EPSS: 0.00%

updated 2026-05-08T22:59:00

1 posts

### Summary free5GC's NEF mounts the `3gpp-traffic-influence` API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, read, patch, and delete traffic-influence subscriptions either with no `Authorization` header at all, or with a forged bearer token (e.g. `Authorization: Bearer not-a-real-token`). This includes creating `AnyUeInd=true` sub

thehackerwire@mastodon.social at 2026-05-27T18:00:52.000Z ##

🔴 CVE-2026-44326 - Critical (9.4)

free5GC is an open-source implementation of the 5G core network. Prior to 4.2.2, free5GC's NEF mounts the 3gpp-traffic-influence API without inbound OAuth2/bearer-token authorization. A network attacker who can reach NEF on the SBI can create, rea...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-26885
(7.2 HIGH)

EPSS: 0.19%

updated 2026-04-29T10:16:42.637000

1 posts

Deserialization of Untrusted Data vulnerability in Beaver Builder WordPress Assistant assistant allows Object Injection.This issue affects WordPress Assistant: from n/a through <= 1.5.1.

hugovalters@mastodon.social at 2026-05-28T09:03:24.000Z ##

CVE-2025-26885 - Insecure Deserialization in Beaver Builder WordPress Assistant. Object Injection via untrusted data. CVSS 7.2. Unpatched in versions ≤ 1.5.1. Disable or isolate immediately. #CVE #WordPress #infosec

valtersit.com/cve/CVE-2025-268

##

CVE-2026-3172
(8.1 HIGH)

EPSS: 0.06%

updated 2026-04-15T00:35:42.020000

1 posts

Buffer overflow in parallel HNSW index build in pgvector 0.6.0 through 0.8.1 allows a database user to leak sensitive data from other relations or crash the database server.

mastokukei@social.josko.org at 2026-05-28T09:01:58.000Z ##

Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #programmingAtKukei masto.kukei.eu/browse/programm category:
- **Zig programming language**: Idiomatic error handling, GitHub migration, no-AI policy, and 1.0 release discussions.
- **AI coding tools**: Claude Code, GitHub Copilot, Cursor, DeepSeek Reasonix, and debates on security risks (e.g., symlink RCE in AI agents).
- **PostgreSQL updates**: Security patches (CVE-2026-3172), pgvector fixes, pgBackRest [1/2]

##

CVE-2025-2005
(9.8 CRITICAL)

EPSS: 2.94%

updated 2026-04-08T17:20:35.697000

1 posts

The Front End Users plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the file uploads field of the registration form in all versions up to, and including, 3.2.32. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.

4 repos

https://github.com/Nxploited/CVE-2025-2005

https://github.com/mrmtwoj/CVE-2025-2005

https://github.com/h4ckxel/CVE-2025-2005

https://github.com/chetools/CVE2005_Spring2025

hugovalters@mastodon.social at 2026-05-27T05:01:26.000Z ##

CVE-2025-2005 - Critical RCE in Front End Users plugin for WordPress. Unauthenticated arbitrary file upload. CVSS 9.8. No patch available. Disable plugin immediately. #CVE #WordPress #infosec

valtersit.com/cve/CVE-2025-200

##

CVE-2024-23218
(5.9 MEDIUM)

EPSS: 0.19%

updated 2026-04-02T21:32:39

1 posts

A timing side-channel issue was addressed with improvements to constant-time computation in cryptographic functions. This issue is fixed in macOS Sonoma 14.3, watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3. An attacker may be able to decrypt legacy RSA PKCS#1 v1.5 ciphertexts without having the private key.

neverpanic@chaos.social at 2026-05-27T05:36:19.000Z ##

@campuscodi As far I know, that code has always been available for download, the only change is that it's now a lot less hidden and on GitHub. It used to be an unversioned download link well hidden somewhere on their website.

Source: read it a while ago to report CVE-2024-23218.

##

CVE-2026-33636
(7.6 HIGH)

EPSS: 0.04%

updated 2026-04-02T18:42:02.667000

1 posts

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that eno

certvde@infosec.exchange at 2026-05-26T08:01:19.000Z ##

#OT #Advisory VDE-2026-053
METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities

Titration software versions prior to 2.0.2.6 are affected by libpng vulnerabilities CVE-2026-33416 and CVE-2026-33636.
#CVE CVE-2026-33636, CVE-2026-33416

certvde.com/en/advisories/vde-

#CSAF mettler-toledo.csaf-tp.certvde

##

CVE-2025-15284
(3.7 LOW)

EPSS: 0.04%

updated 2026-03-02T22:05:33

1 posts

### Summary The `arrayLimit` option in qs did not enforce limits for bracket notation (`a[]=1&a[]=2`), only for indexed notation (`a[0]=1`). This is a consistency bug; `arrayLimit` should apply uniformly across all array notations. **Note:** The default `parameterLimit` of 1000 effectively mitigates the DoS scenario originally described. With default options, bracket notation cannot produce arra

certvde@infosec.exchange at 2026-05-26T07:15:09.000Z ##

#OT #Advisory VDE-2026-009
JUMO: Multiple products affected by nodejs vulnerability

A vulnerability in the REST API of the JUMO device allows an attacker to trigger a denial‑of‑service (DoS) condition. Due to an incorrect implementation of the arrayLimit option in the Node.js qs module, limits for incoming request parameters are not properly enforced. As a result, an attacker can send specially crafted requests containing excessively large or deeply nested arrays, causing the web server to become unresponsive. This condition leads to a crash of the web server, followed by an automatic restart of the device.
#CVE CVE-2025-15284

certvde.com/en/advisories/vde-

#CSAF jumo.csaf-tp.certvde.com/.well

##

CVE-2021-4229
(8.8 HIGH)

EPSS: 0.86%

updated 2026-02-17T21:57:43

1 posts

The npm package `ua-parser-js` had three versions published with malicious code. Users of affected versions (0.7.29, 0.8.0, 1.0.0) should upgrade as soon as possible and check their systems for suspicious activity. See [this issue](https://github.com/faisalman/ua-parser-js/issues/536) for details as they unfold. Any computer that has this package installed or running should be considered fully co

1 repos

https://github.com/corelight/CVE-2021-42292

caspicat@infosec.exchange at 2026-05-27T18:18:57.000Z ##

@GossiTheDog Yes, since 2017ish, for example

nvd.nist.gov/vuln/detail/CVE-2

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2025-62582
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-01-16T03:30:27

1 posts

Delta Electronics DIAView has multiple vulnerabilities.

thehackerwire@mastodon.social at 2026-05-26T22:00:09.000Z ##

🔴 CVE-2026-9642 - Critical (9.8)

There is a mitigation bypass / (incomplete fix) for CVE-2025-62582 (Unauthenticated Remote Database Access)

An unauthenticated remote attacker can access configured databases in a DIAView project.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-20286
(9.9 CRITICAL)

EPSS: 0.18%

updated 2025-06-04T18:30:58

1 posts

A vulnerability in Amazon Web Services (AWS), Microsoft Azure, and Oracle Cloud Infrastructure (OCI) cloud deployments of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to access sensitive data, execute limited administrative operations, modify system configurations, or disrupt services within the impacted systems. This vulnerability exists because credentia

hugovalters@mastodon.social at 2026-05-26T02:04:37.000Z ##

CVE-2025-20286 Critical flaw in Cisco ISE cloud deployments on AWS, Azure, OCI. Unauthenticated remote access to sensitive data, admin ops, config changes, or DoS. CVSS 9.9. No patch yet. Monitor immediately. #CVE #Cisco #infosec

valtersit.com/cve/CVE-2025-202

##

CVE-2025-25015
(9.9 CRITICAL)

EPSS: 0.74%

updated 2025-04-02T18:31:55

1 posts

Prototype pollution in Kibana leads to arbitrary code execution via a crafted file upload and specifically crafted HTTP requests. In Kibana versions >= 8.15.0 and < 8.17.1, this is exploitable by users with the Viewer role. In Kibana versions 8.17.1 and 8.17.2 , this is only exploitable by users that have roles that contain all the following privileges: fleet-all, integrations-all, actions:execute

hugovalters@mastodon.social at 2026-05-27T23:07:17.000Z ##

CVE-2025-25015 - Prototype pollution in Elastic Kibana leads to arbitrary code execution via crafted file upload. CVSS 9.9. Viewer role exploit in older versions, elevated privileges needed in 8.17.1-8.17.2. Patch now. #CVE #Elastic #infosec

valtersit.com/cve/CVE-2025-250

##

CVE-2025-1515
(9.8 CRITICAL)

EPSS: 0.06%

updated 2025-03-05T12:31:19

1 posts

The WP Real Estate Manager plugin for WordPress is vulnerable to Authentication Bypass in all versions up to, and including, 2.8. This is due to insufficient identity verification on the LinkedIn login request process. This makes it possible for unauthenticated attackers to bypass official authentication and log in as any user on the site, including administrators.

hugovalters@mastodon.social at 2026-05-28T02:02:54.000Z ##

CVE-2025-1515 - Critical authentication bypass in WP Real Estate Manager plugin. CVSS 9.8. Unauthenticated attackers can log in as any user, including admins. No patch available. Disable plugin immediately. #CVE #WordPress #infosec

valtersit.com/cve/CVE-2025-151

##

CVE-2024-13787
(9.8 CRITICAL)

EPSS: 0.29%

updated 2025-03-05T12:31:11

1 posts

The VEDA - MultiPurpose WordPress Theme theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.2 via deserialization of untrusted input in the 'veda_backup_and_restore_action' function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to inject a PHP Object. No known POP chain is present in the vulnerable softwar

hugovalters@mastodon.social at 2026-05-28T05:06:03.000Z ##

CVE-2024-13787 - Critical Insecure Deserialization in Veda WordPress theme. CVSS 9.8. Authenticated attackers can inject PHP objects. Unpatched. Disable theme or use firewall. #CVE #WordPress #infosec

valtersit.com/cve/CVE-2024-137

##

CVE-2023-25136
(6.5 MEDIUM)

EPSS: 88.33%

updated 2024-11-21T07:49:10.877000

2 posts

OpenSSH server (sshd) 9.1 introduced a double-free vulnerability during options.kex_algorithms handling. This is fixed in OpenSSH 9.2. The double free can be leveraged, by an unauthenticated remote attacker in the default configuration, to jump to any location in the sshd address space. One third-party report states "remote code execution is theoretically possible."

11 repos

https://github.com/Lane0218/CVE-2023-25136-PoC

https://github.com/ticofookfook/CVE-2023-25136

https://github.com/malvika-thakur/CVE-2023-25136

https://github.com/adhikara13/CVE-2023-25136

https://github.com/axylisdead/CVE-2023-25136_POC

https://github.com/nhakobyan685/CVE-2023-25136

https://github.com/jfrog/jfrog-CVE-2023-25136-OpenSSH_Double-Free

https://github.com/mrmtwoj/CVE-2023-25136

https://github.com/Business1sg00d/CVE-2023-25136

https://github.com/Christbowel/CVE-2023-25136

https://github.com/H4K6/CVE-2023-25136

grawity@treehouse.systems at 2026-05-28T07:50:28.000Z ##

my approach to finding security bugs:

me in 2017: "hmm the directory is world-writable, and the sticky bit looks ugly in my colorized ls, I'll send a patch"
someone on IRC a week later: "hey you're named in CVE-2016-10156"

me in 2023: "ugh OpenSSH crashes when I'm connecting from my retro Win98 VM"
someone on IRC a week later: "hey did you know you're in CVE-2023-25136"

##
grawity@treehouse.systems at 2026-05-28T07:50:28.000Z ##

my approach to finding security bugs:

me in 2017: "hmm the directory is world-writable, and the sticky bit looks ugly in my colorized ls, I'll send a patch"
someone on IRC a week later: "hey you're named in CVE-2016-10156"

me in 2023: "ugh OpenSSH crashes when I'm connecting from my retro Win98 VM"
someone on IRC a week later: "hey did you know you're in CVE-2023-25136"

##

CVE-2017-16054
(7.5 HIGH)

EPSS: 0.26%

updated 2023-09-08T20:34:48

1 posts

The `nodefabric` package is a piece of malware that steals environment variables and sends them to attacker controlled locations. All versions have been unpublished from the npm registry. ## Recommendation As this package is malware, if you find it installed in your environment, the real security concern is determining how it got there. If you have found this installed in your environment

caspicat@infosec.exchange at 2026-05-27T18:18:57.000Z ##

@GossiTheDog Yes, since 2017ish, for example

nvd.nist.gov/vuln/detail/CVE-2

nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2021-21735(CVSS UNKNOWN)

EPSS: 0.17%

updated 2023-01-29T05:06:59

1 posts

A ZTE product has an information leak vulnerability. Due to improper permission settings, an attacker with ordinary user permissions could exploit this vulnerability to obtain some sensitive user information through the wizard page without authentication. This affects ZXHN H168N all versions up to V3.5.0_EG1T4_TE.

1 repos

https://github.com/minanagehsalalma/cve-2021-21735-zte-zxhn-h168n-admin-compromise

_r_netsec@infosec.exchange at 2026-05-25T14:58:05.000Z ##

CVE-2021-21735: ZTE H168N wizard whitelist exposed PPPoE and WLAN secrets pre-auth minanagehsalalma.github.io/cve

##

CVE-2026-27771
(0 None)

EPSS: 0.00%

2 posts

N/A

2 repos

https://github.com/portbuster1337/CVE-2026-27771

https://github.com/HORKimhab/CVE-2026-27771

undercodenews@mastodon.social at 2026-05-28T10:05:52.000Z ##

Gitea Critical Vulnerability Exposes Private Container Images to the Entire Internet

Introduction A newly disclosed security vulnerability in Gitea has triggered serious concern across the cybersecurity community after researchers revealed that private container images stored in Gitea’s built-in registry could be downloaded by anyone on the internet without authentication. The flaw, tracked as CVE-2026-27771, remained hidden for nearly four years and affected thousands…

undercodenews.com/gitea-critic

##
undercodenews@mastodon.social at 2026-05-28T07:23:12.000Z ##

Silent Disaster in Open Source: Gitea Vulnerability Exposes “Private” Container Images to the Entire Internet for Years

🔥 Introduction: When “Private” Was Never Really Private A newly discovered security vulnerability in the widely used open-source platform Gitea has revealed a deeply concerning flaw in its container registry system. The issue, tracked as CVE-2026-27771, allowed unauthenticated attackers to access and pull supposedly private container images without…

undercodenews.com/silent-disas

##

CVE-2026-48095
(0 None)

EPSS: 0.00%

2 posts

N/A

1 repos

https://github.com/HORKimhab/CVE-2026-48095

beyondmachines1 at 2026-05-28T08:01:07.040Z ##

Critical 7-Zip Vulnerability Allows Remote Code Execution via NTFS Handler

7-Zip version 26.00 and earlier contain a critical heap buffer overflow (CVE-2026-48095) in the NTFS handler that allows attackers to execute arbitrary code via a crafted archive. The flaw is extension-agnostic and can be triggered simply by opening a malicious file.

**If you use 7-Zip, update to version 26.01 or later immediately. Versions 26.00 and earlier let attackers take over your system just by opening a malicious archive. Until you've updated, do not open any archive or disk image files from untrusted or unexpected sources, regardless of the file extension.**

beyondmachines.net/event_detai

##
beyondmachines1@infosec.exchange at 2026-05-28T08:01:07.000Z ##

Critical 7-Zip Vulnerability Allows Remote Code Execution via NTFS Handler

7-Zip version 26.00 and earlier contain a critical heap buffer overflow (CVE-2026-48095) in the NTFS handler that allows attackers to execute arbitrary code via a crafted archive. The flaw is extension-agnostic and can be triggered simply by opening a malicious file.

**If you use 7-Zip, update to version 26.01 or later immediately. Versions 26.00 and earlier let attackers take over your system just by opening a malicious archive. Until you've updated, do not open any archive or disk image files from untrusted or unexpected sources, regardless of the file extension.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-48710
(0 None)

EPSS: 0.03%

15 posts

N/A

3 repos

https://github.com/eris-ths/supply-chain-guard

https://github.com/xtremebeing/starlette-host-header-lab

https://github.com/Bhanunamikaze/BadHost-CVE-2026-48710-Exploit

x41sec at 2026-05-28T07:30:41.338Z ##

There's an update for the Starlette issue: We've scanned thousands of hosts for CVE-2026-48710 and found something important: Being behind a proxy or CloudFlare isn't always a protection unlike previously stated!
When a reverse proxy or CDN (including Cloudflare) sits in front of the target and rejects malformed Host headers, the X-Forwarded-Host header can sometimes be used to bypass the protection! If the backend middleware reads X-Forwarded-Host and updates the ASGI scope, the malicious value can reach the ASGI and Starlette.

##
hackmag at 2026-05-28T05:30:04.547Z ##

⚪️ BadHost vulnerability in the Starlette framework poses a threat to AI agents

🗨️ Researchers are warning about a critical vulnerability, CVE-2026-48710, discovered in the open-source Starlette framework and dubbed BadHost. Since Starlette underpins FastAPI and many popular AI tools, the issue creates risks for millions of servers and AI agents, and exploiting the…

🔗 hackmag.com/news/badhost?utm_s

##
sayzard@mastodon.sayzard.org at 2026-05-28T00:42:57.000Z ##

A One-Character Host Header Bug in Starlette Exposed AI Agents

Starlette, a widely used Python framework foundational to FastAPI and many AI tools, had a critical vulnerability (CVE-2026-48710, 'BadHost') that allowed attackers to bypass authentication by manipulating a single character in the HTTP Host header. This flaw exposed millions of AI agents and their c...

firethering.com/badhost-starle

##
x41sec@infosec.exchange at 2026-05-28T07:30:41.000Z ##

There's an update for the Starlette issue: We've scanned thousands of hosts for CVE-2026-48710 and found something important: Being behind a proxy or CloudFlare isn't always a protection unlike previously stated!
When a reverse proxy or CDN (including Cloudflare) sits in front of the target and rejects malformed Host headers, the X-Forwarded-Host header can sometimes be used to bypass the protection! If the backend middleware reads X-Forwarded-Host and updates the ASGI scope, the malicious value can reach the ASGI and Starlette. #badhost

##
hackmag@infosec.exchange at 2026-05-28T05:30:04.000Z ##

⚪️ BadHost vulnerability in the Starlette framework poses a threat to AI agents

🗨️ Researchers are warning about a critical vulnerability, CVE-2026-48710, discovered in the open-source Starlette framework and dubbed BadHost. Since Starlette underpins FastAPI and many popular AI tools, the issue creates risks for millions of servers and AI agents, and exploiting the…

🔗 hackmag.com/news/badhost?utm_s

#news

##
LLMs@activitypub.awakari.com at 2026-05-27T15:22:51.000Z ## Attackers Can Exploit BadHost to Access Sensitive AI Agent Server Endpoints A newly disclosed critical vulnerability, tracked as CVE-2026-48710 and dubbed “BadHost,” is putting thousands of AI-...

#AI #Cyber #Security #News #Vulnerability #cyber #security #cyber #security #news

Origin | Interest | Match ##
hn100@social.lansky.name at 2026-05-27T14:45:09.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass

Link: badhost.org/
Discussion: news.ycombinator.com/item?id=4

##
hn50@social.lansky.name at 2026-05-27T10:05:07.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass

Link: badhost.org/
Discussion: news.ycombinator.com/item?id=4

##
beyondmachines1@infosec.exchange at 2026-05-27T09:01:07.000Z ##

BadHost Vulnerability in Starlette Framework Threatens AI Infrastructure

Starlette patched a path-poisoning vulnerability (CVE-2026-48710) that allows attackers to bypass security middleware in AI agents and Python-based servers. The flaw enables unauthorized access to sensitive credentials and internal endpoints by manipulating the HTTP Host header.

**If you're running applications built on Starlette, FastAPI, or LLM tools like vLLM, LiteLLM, or MCP servers, update Starlette to version 1.0.1 ASAP. While updating, put a reverse proxy (Nginx or Cloudflare) in front of your application to block malformed Host headers, and test your endpoints with the free scanner at BadHost.org.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##
newsycombinator@framapiaf.org at 2026-05-27T09:00:49.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass
Link: badhost.org/
Comments: news.ycombinator.com/item?id=4

##
lobsters@mastodon.social at 2026-05-27T07:55:10.000Z ##

CVE-2026-48710 Starlette Host-Header Auth Bypass lobste.rs/s/cmsgwo #python #web
badhost.org

##
hnbot@chrispelli.fun at 2026-05-27T07:15:19.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass - badhost.org/

#hackernews

##
h4ckernews@mastodon.social at 2026-05-27T07:14:19.000Z ##

BadHost – CVE-2026-48710: Starlette Host-Header Auth Bypass

badhost.org/

#HackerNews #BadHost #CVE-2026-48710 #Starlette #Security #Vulnerability #Auth #Bypass

##
sayzard@mastodon.sayzard.org at 2026-05-27T06:39:32.000Z ##

BadHost: One Char Bypasses Host-Based Security Across the Python AI Stack

Python AI 생태계에서 FastAPI의 핵심 라이브러리인 Starlette의 호스트 헤더 처리 취약점(CVE-2026-48710, BadHost)이 발견됐다. 단일 문자 삽입만으로 경로 기반 인증 우회, SSRF, 원격 코드 실행 등이 가능해 LLM 인프라와 AI 서비스에 심각한 보안 위협을 준다. 취약점은 Starlette 1.0.1 버전에서 패치되었으나, CVSS 점수는 실제 영향보다 낮게 평가되어 생태계 전반에 경고가 부족했다. 운영자는 즉시 패치 적용과 함께 request.url 대신 request.scope["path"] 사용, 역방향 프록시 배치 등 방어 조치를 권고한다.

secwest.net/starlette

#security #python #fastapi #starlette #llm

##
sayzard@mastodon.sayzard.org at 2026-05-27T06:39:19.000Z ##

Disclosing the Badhost Vulnerability in Starlette

Starlette의 BadHost 취약점(CVE-2026-48710)은 HTTP Host 헤더의 입력 검증 부족으로 인해 FastAPI, LiteLLM, vLLM 등 주요 Python LLM 인프라에서 인증 우회, SSRF, RCE 공격이 가능하다. 이 취약점은 Starlette 1.0.1 버전으로 업데이트하거나 request.url.path 대신 request.scope["path"]를 사용하는 방식으로 완화할 수 있다. BadHost.org와 X41 D-Sec에서 제공하는 도구로 취약점 점검이 가능하며, HTTP/1.1 준수 리버스 프록시 배치도 권장된다.

ostif.org/disclosing-the-badho

#starlette #security #vulnerability #llm #fastapi

##

CVE-2026-46402
(0 None)

EPSS: 0.00%

4 posts

N/A

offseq at 2026-05-28T06:00:26.533Z ##

⚠️ HIGH severity: Microsoft UFO 3.0.1-4-ge2626659 has a path traversal vuln (CVE-2026-46402). Authenticated users can write files outside logs/. No patch yet — restrict access & monitor input. radar.offseq.com/threat/cve-20

##
thehackerwire@mastodon.social at 2026-05-28T00:00:12.000Z ##

🟠 CVE-2026-46402 - High (8.1)

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO uses the user-controlled task_name value directly when constructing session log paths. An authenticated client can sup...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-05-28T06:00:26.000Z ##

⚠️ HIGH severity: Microsoft UFO 3.0.1-4-ge2626659 has a path traversal vuln (CVE-2026-46402). Authenticated users can write files outside logs/. No patch yet — restrict access & monitor input. radar.offseq.com/threat/cve-20 #OffSeq #Microsoft #PathTraversal #CVE202646402

##
thehackerwire@mastodon.social at 2026-05-28T00:00:12.000Z ##

🟠 CVE-2026-46402 - High (8.1)

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO uses the user-controlled task_name value directly when constructing session log paths. An authenticated client can sup...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44590
(0 None)

EPSS: 0.00%

2 posts

N/A

1 repos

https://github.com/Astaruf/CVE-2026-44590

thehackerwire@mastodon.social at 2026-05-28T05:00:38.000Z ##

🔴 CVE-2026-44590 - Critical (9.3)

Sherlock hunts down social media accounts by username across social networks. Prior to 0.16.1, the GitHub Actions workflow validate_modified_targets.yml is vulnerable to command injection via the pull_request_target trigger. Any GitHub user can ex...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T05:00:38.000Z ##

🔴 CVE-2026-44590 - Critical (9.3)

Sherlock hunts down social media accounts by username across social networks. Prior to 0.16.1, the GitHub Actions workflow validate_modified_targets.yml is vulnerable to command injection via the pull_request_target trigger. Any GitHub user can ex...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45108
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-28T05:00:29.000Z ##

🟠 CVE-2026-45108 - High (8.4)

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant (DAG) flow that allowed a user wi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T05:00:29.000Z ##

🟠 CVE-2026-45108 - High (8.4)

Himmelblau is an interoperability suite for Microsoft Azure Entra ID and Intune. From 2.0.0 to before 3.1.5 and 2.3.11, Himmelblau contained an authentication bypass vulnerability in the Device Authorization Grant (DAG) flow that allowed a user wi...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45104
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-28T03:01:24.000Z ##

🟠 CVE-2026-45104 - High (7.5)

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls _SLDApplyRuleValues(psRule, psLayer, 1); for any carrying — it assumes msSLDParseRule added one class. When the rule ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T03:01:24.000Z ##

🟠 CVE-2026-45104 - High (7.5)

MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls _SLDApplyRuleValues(psRule, psLayer, 1); for any carrying — it assumes msSLDParseRule added one class. When the rule ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45102
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-28T03:01:14.000Z ##

🔴 CVE-2026-45102 - Critical (9.9)

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T03:01:14.000Z ##

🔴 CVE-2026-45102 - Critical (9.9)

OneUptime is an open-source monitoring and observability platform. Prior to 10.0.98, OneUptime uses the Node.js' vm module as an isolation primitive. This API was not designed for that and can be escaped via error objects and infinite recursion. T...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44888
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-28T03:01:04.000Z ##

🔴 CVE-2026-44888 - Critical (9.8)

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile() endpoint writes user-supplied numeric config values (e.g., SMTP_PORT) directly into
pialert.conf without validation. Since pia...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T03:01:04.000Z ##

🔴 CVE-2026-44888 - Critical (9.8)

Pi.Alert is a WIFI / LAN intruder detector with web service monitoring. Prior to 2026-05-07, Pi.Alert's SaveConfigFile() endpoint writes user-supplied numeric config values (e.g., SMTP_PORT) directly into
pialert.conf without validation. Since pia...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-46414
(0 None)

EPSS: 0.00%

4 posts

N/A

offseq at 2026-05-28T03:00:27.926Z ##

🛡️ CVE-2026-46414 (HIGH): Auth bypass in Microsoft UFO 3.0.1-4-ge2626659. Attackers can spoof roles & hijack device tasks via WebSocket. No patch yet — restrict server token & trusted client access. More: radar.offseq.com/threat/cve-20

##
thehackerwire@mastodon.social at 2026-05-28T00:00:21.000Z ##

🟠 CVE-2026-46414 - High (8.8)

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-05-28T03:00:27.000Z ##

🛡️ CVE-2026-46414 (HIGH): Auth bypass in Microsoft UFO 3.0.1-4-ge2626659. Attackers can spoof roles & hijack device tasks via WebSocket. No patch yet — restrict server token & trusted client access. More: radar.offseq.com/threat/cve-20 #OffSeq #CVE202646414 #MicrosoftUFO #Vuln

##
thehackerwire@mastodon.social at 2026-05-28T00:00:21.000Z ##

🟠 CVE-2026-46414 - High (8.8)

Microsoft UFO open-source framework for intelligent automation across devices and platforms. In 3.0.1-4-ge2626659, Microsoft UFO's WebSocket control plane trusts client-supplied identity and role fields in task messages. A client connection can re...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48064
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-28T00:01:16.000Z ##

🟠 CVE-2026-48064 - High (8.1)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display managers such as gdm-password or lightdm to bypass pro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T00:01:16.000Z ##

🟠 CVE-2026-48064 - High (8.1)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.9.1, when a PAM service is configured with deny_remote=false in pam_usb (commonly done for display managers such as gdm-password or lightdm to bypass pro...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45322
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-28T00:00:02.000Z ##

🟠 CVE-2026-45322 - High (7.8)

Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in the shell action replay path. In affected releas...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-28T00:00:02.000Z ##

🟠 CVE-2026-45322 - High (7.8)

Microsoft UFO open-source framework for intelligent automation across devices and platforms. Microsoft UFO tagged releases up to and including v3.0.0 contain an OS command injection vulnerability in the shell action replay path. In affected releas...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44713
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T22:00:51.000Z ##

🟠 CVE-2026-44713 - High (8.8)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the socket-path component directly into a shell comman...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T22:00:51.000Z ##

🟠 CVE-2026-44713 - High (8.8)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, src/tmux.c reads the user's $TMUX environment variable, splits it on commas, and interpolates the socket-path component directly into a shell comman...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44711
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T22:00:30.000Z ##

🟠 CVE-2026-44711 - High (7.9)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T22:00:30.000Z ##

🟠 CVE-2026-44711 - High (7.9)

pam_usb provides hardware authentication for Linux using ordinary removable media. Prior to 0.8.7, symlink attacks on pad directory and pad files enable authentication bypass and root file corruption. This vulnerability is fixed in 0.8.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-46425
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T19:01:42.000Z ##

🔴 CVE-2026-46425 - Critical (9.9)

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM (checks the Enterprise feature flag and SCIM config) and doInScimContext (se...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T19:01:42.000Z ##

🔴 CVE-2026-46425 - Critical (9.9)

Budibase is an open-source low-code platform. Prior to 3.38.2, packages/worker/src/api/routes/global/scim.ts attaches only two middlewares to the SCIM router: requireSCIM (checks the Enterprise feature flag and SCIM config) and doInScimContext (se...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48153
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T19:01:32.000Z ##

🟠 CVE-2026-48153 - High (8.5)

Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check that every other outbound fetch path in the codeba...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T19:01:32.000Z ##

🟠 CVE-2026-48153 - High (8.5)

Budibase is an open-source low-code platform. Prior to 3.39.0, fetchToken in the OAuth2 SDK makes a POST to a builder-supplied URL with plain node-fetch, skipping the blacklist.isBlacklisted check that every other outbound fetch path in the codeba...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48151
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T19:00:31.000Z ##

🟠 CVE-2026-48151 - High (7.5)

Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for all paths matching /api/webhooks/schema. As a r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T19:00:31.000Z ##

🟠 CVE-2026-48151 - High (7.5)

Budibase is an open-source low-code platform. Prior to 3.39.0, the webhook schema-building endpoint is registered under builderRoutes, but the generic authorization middleware skips authorization for all paths matching /api/webhooks/schema. As a r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48150
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T19:00:20.000Z ##

🔴 CVE-2026-48150 - Critical (9)

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both g...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T19:00:20.000Z ##

🔴 CVE-2026-48150 - Critical (9)

Budibase is an open-source low-code platform. Prior to 3.39.0, /api/public/v1/roles/assign is guarded by the builderOrAdmin middleware, which passes any user who is a builder for the app id in the x-budibase-app-id header. That check admits both g...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-48149
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T19:00:10.000Z ##

🟠 CVE-2026-48149 - High (8.1)

Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/src/Markdown/MarkdownViewer.svelte:22). Any colu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-05-27T19:00:10.000Z ##

🟠 CVE-2026-48149 - High (8.1)

Budibase is an open-source low-code platform. Prior to 3.39.0, the Budibase Text component renders markdown by assigning marked.parse(markdown) straight to innerHTML with no sanitizer (packages/bbui/src/Markdown/MarkdownViewer.svelte:22). Any colu...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41613
(0 None)

EPSS: 0.07%

1 posts

N/A

euroinfosec@infosec.exchange at 2026-05-27T12:07:01.000Z ##

Vulnerability alert: Developers using Microsoft's code editor could hand an attacker full control of their machine by clicking a single install link, with nothing in the confirmation screen to warn them. Microsoft patched the flaw (CVE-2026-41613). databreachtoday.com/microsoft-

##

CVE-2026-40820
(0 None)

EPSS: 0.00%

2 posts

N/A

certvde@infosec.exchange at 2026-05-27T08:12:04.000Z ##

#OT #Advisory VDE-2026-058
Helmholz: Multiple SQLi vulnerabilities in myREX24V2/myREX24V2.virtual

Multiple SQLi vulnerabilities have been discovered in Helmholz myREX24V2/myREX24V2.virtual
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF helmholz.csaf-tp.certvde.com/.

##
certvde@infosec.exchange at 2026-05-27T08:11:12.000Z ##

#OT #Advisory VDE-2026-044
MB connect line: Multiple SQLi vulnerabilities in mbCONNECT24/mymbCONNECT24

Multiple SQLi vulnerabilities have been discovered in MB connect line mbCONNECT24/mymbCONNECT24.
#CVE CVE-2026-40850, CVE-2026-40819, CVE-2026-40818, CVE-2026-40817, CVE-2026-40816, CVE-2026-40815, CVE-2026-40814, CVE-2026-40813, CVE-2026-40812, CVE-2026-40811, CVE-2026-40810, CVE-2026-40836, CVE-2026-40834, CVE-2026-40833, CVE-2026-40849, CVE-2026-40848, CVE-2026-40847, CVE-2026-40846, CVE-2026-40845, CVE-2026-40844, CVE-2026-40843, CVE-2026-40842, CVE-2026-40841, CVE-2026-40840, CVE-2026-40839, CVE-2026-40838, CVE-2026-40837, CVE-2026-40835, CVE-2026-40832, CVE-2026-40831, CVE-2026-40830, CVE-2026-40829, CVE-2026-40828, CVE-2026-40827, CVE-2026-40825, CVE-2026-40824, CVE-2026-40823, CVE-2026-40826, CVE-2026-40822, CVE-2026-40821, CVE-2026-40820

certvde.com/en/advisories/vde-

#CSAF mbconnectline.csaf-tp.certvde.

##

CVE-2026-44450
(0 None)

EPSS: 0.07%

1 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T06:00:25.000Z ##

🔴 CVE-2026-44450 - Critical (9.9)

Lumiverse is a full-featured AI chat application. Prior to 0.9.7, the MCP server creation endpoint validates the command field against an allowlist of binary names but forwards the args array to the child process without any validation. Every bina...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44847
(0 None)

EPSS: 0.08%

1 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T06:00:00.000Z ##

🟠 CVE-2026-44847 - High (7.5)

MaxKB is an open-source AI assistant for enterprise. Prior to 2.9.0, MaxKB's webhook trigger endpoint (/api/trigger/v1/webhook/{trigger_id}) is accessible without authentication. The WebhookAuth class unconditionally returns (None, {}), which Djan...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43988
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-05-27T04:00:45.000Z ##

🟠 CVE-2026-43988 - High (7.5)

Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the ASN.1/OER parsing pipeline of Vanetza. When processing malformed network packets containing co...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-44905
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-05-26T23:00:18.000Z ##

🟠 CVE-2026-44905 - High (7.5)

Vanetza is an open-source implementation of the ETSI C-ITS protocol suite. In 26.02 and earlier, a denial-of-service vulnerability was identified in the cryptographic verification pipeline of Vanetza. When processing incoming V2X messages, the ASN...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-43935
(0 None)

EPSS: 0.13%

1 posts

N/A

thehackerwire@mastodon.social at 2026-05-26T16:59:47.000Z ##

🟠 CVE-2026-43935 - High (8.1)

e107 is a content management system (CMS). Prior to 2.3.4, a Host Header Injection vulnerability in the password reset page allows attackers to manipulate the Host header to generate password reset links pointing to attacker-controlled domains. Th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33416
(0 None)

EPSS: 0.02%

1 posts

N/A

certvde@infosec.exchange at 2026-05-26T08:01:19.000Z ##

#OT #Advisory VDE-2026-053
METTLER TOLEDO: EVA Karl Fischer titrators affected by libpng vulnerabilities

Titration software versions prior to 2.0.2.6 are affected by libpng vulnerabilities CVE-2026-33416 and CVE-2026-33636.
#CVE CVE-2026-33636, CVE-2026-33416

certvde.com/en/advisories/vde-

#CSAF mettler-toledo.csaf-tp.certvde

##

CVE-2026-40172
(0 None)

EPSS: 0.01%

1 posts

N/A

hugovalters@mastodon.social at 2026-05-25T18:25:29.000Z ##

Is your self-hosted network actually secure?
A brand new CVE-2026-40172 just dropped for Authentik, targeting Single Sign-On (SSO) gateways. Don't let hackers compromise your Proxmox cluster.More ww.valtersit.com/ #infosec #devops #proxmox #valtersit #CVE #CVEAlert #devsecops #hackers #sysadmins #sysadmin #developers

##

CVE-2026-5222
(0 None)

EPSS: 0.04%

2 posts

N/A

rustaceans@mastodon.social at 2026-05-25T16:05:57.000Z ##

JUST IN: Security Advisory for Cargo (CVE-2026-5222)

>> Cargo CVE-2026-5222: Sparse registry URL normalization flaw lets attackers steal credentials from third-party registries under niche conditions. Fixed in Rust 1.96.

#rustlang #rustlang

##
rustaceans@mastodon.social at 2026-05-25T16:05:57.000Z ##

Link: blog.rust-lang.org/2026/05/25/

##

CVE-2026-5223
(0 None)

EPSS: 0.04%

3 posts

N/A

rustaceans@mastodon.social at 2026-05-25T16:03:16.000Z ##

JUST IN: Security Advisory for Cargo (CVE-2026-5223)

>> Cargo CVE-2026-5223: Malicious crates with symlinks can override other crates from the same third-party registry. Fixed in Rust 1.96.0.

#rustlang #rust

##
rustaceans@mastodon.social at 2026-05-25T16:03:17.000Z ##

Link: blog.rust-lang.org/2026/05/25/

##
Mozilla@activitypub.awakari.com at 2026-05-25T00:00:00.000Z ## The Rust Programming Language Blog: Security Advisory for Cargo (CVE-2026-5223) The Rust Security Response Team was notified that Cargo incorrectly handled symlinks inside of crate tarballs downloa...


Origin | Interest | Match ##
Visit counter For Websites