## Updated at UTC 2026-07-04T07:46:25.696163

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-12252 7.8 0.00% 2 0 2026-07-04T02:16:23.603000 In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes (Stanfo
CVE-2025-71380 8.8 0.00% 2 0 2026-07-04T02:16:23.477000 The Execute Command node in n8n allows authenticated users to execute arbitrary
CVE-2025-71375 8.1 0.00% 2 0 2026-07-04T02:16:23.347000 picklescan before 0.0.34 fails to detect the _operator.methodcaller built-in fun
CVE-2025-71373 8.1 0.00% 2 0 2026-07-04T02:16:23.220000 picklescan before 0.0.33 fails to detect operator.methodcaller function calls in
CVE-2025-71372 8.1 0.00% 2 0 2026-07-04T02:16:23.097000 Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef
CVE-2025-71356 8.1 0.00% 2 0 2026-07-04T02:16:22.063000 picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symboli
CVE-2026-14605 7.8 0.00% 2 0 2026-07-03T21:31:36 A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulner
CVE-2026-58426 9.6 0.00% 2 0 2026-07-03T21:17:05.770000 Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository art
CVE-2026-57986 7.5 0.00% 1 0 2026-07-03T21:17:01.780000 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-57984 7.5 0.00% 1 0 2026-07-03T21:17:01.550000 Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacke
CVE-2026-14606 7.8 0.00% 2 0 2026-07-03T20:16:52.237000 A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this i
CVE-2026-46331 7.8 0.26% 2 9 2026-07-03T15:32:59 In the Linux kernel, the following vulnerability has been resolved: net/sched:
CVE-2026-14459 8.8 0.00% 2 1 2026-07-03T15:31:59 Improper neutralization of argument delimiters in a command ('argument injection
CVE-2026-49815 7.2 0.00% 1 0 2026-07-03T15:16:32.720000 Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release ver
CVE-2026-14460 8.8 0.00% 2 1 2026-07-03T15:16:32.367000 Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Rese
CVE-2026-13341 7.4 0.00% 3 0 2026-07-03T12:31:51 A vulnerability exists in the Kong Konnect Model Context Protocol (MCP) server p
CVE-2026-14544 9.8 0.00% 2 0 2026-07-03T09:31:35 A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnera
CVE-2026-9725 9.1 0.00% 1 0 2026-07-03T06:32:11 The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress
CVE-2026-14432 8.8 0.25% 1 0 2026-07-03T04:17:51.457000 Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote at
CVE-2026-14428 8.3 0.26% 1 0 2026-07-03T04:17:50.907000 Insufficient validation of untrusted input in Dawn in Google Chrome on Android p
CVE-2026-14426 7.5 0.22% 1 0 2026-07-03T04:17:50.543000 Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote at
CVE-2026-14424 9.6 0.21% 1 0 2026-07-03T04:17:50.160000 Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a
CVE-2026-14420 9.6 0.25% 1 0 2026-07-03T04:17:49.127000 Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 all
CVE-2026-14416 9.6 0.24% 1 0 2026-07-03T04:17:48.653000 Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a rem
CVE-2026-14398 9.6 0.21% 1 0 2026-07-03T04:17:44.787000 Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote
CVE-2026-13368 None 0.00% 2 0 2026-07-03T00:31:57 WatchGuard Fireware OS contains a race condition leading to a use-after-free vul
CVE-2026-54998 8.8 0.00% 1 0 2026-07-03T00:31:57 Incorrect authorization in Microsoft Exchange Online allows an authorized attack
CVE-2026-45499 9.9 0.00% 1 0 2026-07-03T00:31:53 Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker
CVE-2026-13768 10.0 0.00% 1 1 2026-07-03T00:16:52.270000 Gardyn devices expose a privileged iothubowner key. Access to this key will allo
CVE-2026-57100 9.9 0.00% 1 0 2026-07-02T23:16:51.267000 Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (Sync
CVE-2026-41106 9.3 0.00% 1 0 2026-07-02T23:16:50.867000 Url redirection to untrusted site ('open redirect') in M365 Copilot allows an un
CVE-2026-57517 9.8 0.59% 1 0 2026-07-02T21:33:17 Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability
CVE-2026-58460 7.7 0.14% 1 0 2026-07-02T21:16:57.080000 react-native-receive-sharing-intent contains a path traversal vulnerability that
CVE-2026-52830 9.4 0.42% 1 0 2026-07-02T20:38:51 ## Summary fast-mcp-telegram validates HTTP Bearer tokens by joining the raw to
CVE-2026-59099 9.1 0.36% 1 0 2026-07-02T20:17:08.240000 Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that al
CVE-2026-12537 7.8 0.13% 1 0 2026-07-02T19:46:27.890000 Improper Neutralization used in an OS Command in the container launcher in Googl
CVE-2026-55957 7.3 0.43% 1 0 2026-07-02T19:01:45.887000 Missing Critical Step in Authentication vulnerability in Apache Tomcat when the
CVE-2026-14191 7.8 0.29% 2 0 2026-07-02T18:45:21.210000 An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in
CVE-2026-44941 8.4 0.49% 1 0 2026-07-02T18:36:28 A relative path traversal in the "keyhint" option in repomd.xml parsing of libzy
CVE-2026-14430 8.8 0.29% 1 0 2026-07-02T18:36:25 Integer overflow in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote
CVE-2026-58455 9.8 1.19% 1 0 2026-07-02T17:42:23.640000 Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulne
CVE-2026-10134 10.0 0.31% 2 0 2026-07-02T17:03:09.633000 IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to read every secret ava
CVE-2026-55112 7.5 0.19% 1 0 2026-07-02T16:54:47.880000 A malicious actor with access to the network and low privileges and under certai
CVE-2026-56842 7.5 0.19% 1 0 2026-07-02T16:54:47.880000 A malicious actor with access to the network and under certain conditions could
CVE-2026-56004 8.8 0.38% 1 0 2026-07-02T15:32:20 A shellcode injection in the mercurial handler of the obs tar_scm source service
CVE-2026-56841 8.8 0.24% 1 0 2026-07-02T15:32:20 A malicious actor with access to the network and low privileges could exploit an
CVE-2026-54403 8.6 0.48% 1 0 2026-07-02T15:32:20 A malicious actor with access to the network could exploit a Path Traversal vuln
CVE-2026-5524 9.8 0.54% 1 1 2026-07-02T15:32:20 The Divi Form Builder plugin for WordPress is vulnerable to Arbitrary File Uploa
CVE-2026-50027 9.8 0.00% 1 0 2026-07-02T15:26:24 ## Missing Authentication on Document API Endpoints Allows Unauthenticated Memor
CVE-2026-6682 7.6 0.21% 2 0 2026-07-02T14:37:48.377000 In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume
CVE-2026-57683 9.3 0.25% 1 0 2026-07-02T12:31:09 Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions.
CVE-2026-43503 8.8 0.14% 4 8 2026-07-02T12:17:20.070000 In the Linux kernel, the following vulnerability has been resolved: net: skbuff
CVE-2026-13774 8.1 0.30% 1 0 2026-07-02T05:16:26.800000 Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an
CVE-2026-14431 8.8 0.27% 1 0 2026-07-02T03:32:33 Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote at
CVE-2026-14423 9.6 0.22% 1 0 2026-07-02T00:31:50 Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote
CVE-2026-14425 9.6 0.22% 2 0 2026-07-02T00:31:50 Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote
CVE-2026-14417 9.6 0.21% 2 0 2026-07-02T00:31:50 Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote
CVE-2026-14429 8.3 0.23% 1 0 2026-07-02T00:31:50 Insufficient validation of untrusted input in Skia in Google Chrome prior to 150
CVE-2026-14427 8.3 0.24% 1 0 2026-07-02T00:31:50 Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a r
CVE-2026-14439 None 0.60% 1 0 2026-07-02T00:31:50 A path traversal vulnerability exists in the Git Service component shared by Alt
CVE-2026-14390 9.6 0.24% 1 0 2026-07-02T00:31:49 Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote
CVE-2026-14419 9.6 0.21% 2 0 2026-07-02T00:31:49 Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote
CVE-2026-54428 7.5 0.41% 1 0 2026-07-01T21:36:16 Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder
CVE-2026-45659 8.8 3.22% 11 3 2026-07-01T21:35:53 Deserialization of untrusted data in Microsoft Office SharePoint allows an autho
CVE-2026-44935 9.9 0.57% 1 0 2026-07-01T20:45:42 ### Impact A vulnerability in Fleet for Rancher Manager affects multi-tenancy en
CVE-2026-10539 9.0 0.24% 1 0 2026-07-01T19:59:44.537000 A Control-M/Server communication command does not sufficiently filter or sanitiz
CVE-2026-20191 7.5 0.76% 1 0 2026-07-01T18:31:59 A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote
CVE-2025-23351 9.0 0.27% 2 0 2026-07-01T18:31:55 NVIDIA ConnectX and BlueField contain a vulnerability in the command interface w
CVE-2025-23350 9.0 0.27% 1 0 2026-07-01T18:31:55 NVIDIA ConnectX and BlueField contain a vulnerability in the command interface w
CVE-2026-24270 9.8 0.84% 1 0 2026-07-01T18:31:55 NVIDIA AIStore framework contains a vulnerability where an attacker could bypass
CVE-2026-13775 9.8 0.31% 1 0 2026-07-01T18:31:27 Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote a
CVE-2026-8451 7.5 0.50% 8 4 2026-07-01T18:31:24 Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to
CVE-2026-50003 9.8 0.43% 2 0 2026-07-01T18:17:31.553000 A malicious or compromised server can make a DCMTK client using bit-preserving C
CVE-2026-50110 9.2 0.13% 1 0 2026-07-01T18:17:31.553000 Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous int
CVE-2026-54399 7.5 0.41% 1 0 2026-07-01T18:16:34.317000 Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser i
CVE-2026-48276 10.0 0.92% 1 0 2026-07-01T18:16:32.993000 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted
CVE-2025-15666 5.3 0.12% 3 0 2026-07-01T15:16:23.077000 A security vulnerability has been detected in Open Asset Import Library Assimp u
CVE-2026-41991 4.7 0.10% 1 0 2026-07-01T14:02:24.450000 GNU gzip contains a vulnerability in the gzexe utility related to insecure tempo
CVE-2026-6070 9.1 0.41% 1 0 2026-07-01T13:56:17.493000 The WP-BusinessDirectory plugin for WordPress is vulnerable to Unauthenticated A
CVE-2026-11387 9.8 0.38% 1 1 2026-07-01T09:30:33 The SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart
CVE-2026-7840 9.8 1.20% 1 0 2026-07-01T06:31:41 UltraVNC repeater through 1.8.2.2 contains a global buffer overflow in its embed
CVE-2026-55200 8.1 0.73% 5 3 2026-07-01T05:16:22.513000 libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write
CVE-2026-10109 9.8 0.86% 1 0 2026-06-30T21:31:44 IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote
CVE-2026-12243 7.5 0.51% 1 0 2026-06-30T20:10:25.837000 NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete
CVE-2026-48282 10.0 1.02% 1 0 2026-06-30T18:31:42 ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limi
CVE-2026-48286 10.0 0.71% 1 0 2026-06-30T18:31:37 Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected
CVE-2026-50566 9.9 0.29% 1 0 2026-06-30T18:20:39 ### Summary A follow-up bypass of the round-4 PodSpec hardening (GHSA-gx55-f84r
CVE-2026-50564 9.9 0.27% 1 0 2026-06-30T18:19:33 ### Summary Fission's `Environment` CRD exposes `spec.runtime.podSpec` and `spe
CVE-2026-54475 7.5 0.59% 1 0 2026-06-30T15:30:45 Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ A
CVE-2026-8037 9.6 29.64% 8 1 template 2026-06-30T15:30:32 OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC
CVE-2026-7656 8.1 0.23% 1 0 2026-06-30T14:22:59.490000 The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_inpu
CVE-2026-8402 9.8 0.32% 1 0 2026-06-30T14:12:56.833000 Improper neutralization of special elements used in an SQL command ('SQL injecti
CVE-2026-9711 9.8 0.44% 1 0 2026-06-30T14:08:13.510000 The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress (full
CVE-2026-46529 7.8 0.53% 1 1 2026-06-30T13:18:50.817000 Atril Document Viewer is the default document reader of the MATE desktop environ
CVE-2026-48558 10.0 1.16% 6 1 2026-06-30T13:03:11.437000 SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an aut
CVE-2026-56137 7.8 0.68% 1 0 2026-06-30T09:31:41 RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS command i
CVE-2026-12818 None 0.25% 1 0 2026-06-30T09:31:41 Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerab
CVE-2026-12819 None 0.31% 2 0 2026-06-30T09:31:36 Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port
CVE-2026-12114 4.4 0.21% 1 0 2026-06-30T03:37:24 The Team Members – Multi Language Supported Team Plugin plugin for WordPress is
CVE-2025-15467 9.8 47.62% 1 6 2026-06-30T03:36:32 Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AE
CVE-2025-61732 8.6 0.47% 1 0 2026-06-30T03:16:56.440000 A discrepancy between how Go and C/C++ comments were parsed allowed for code smu
CVE-2026-13762 9.8 0.44% 4 0 2026-06-29T21:32:12 Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF
CVE-2026-13763 9.8 0.47% 4 0 2026-06-29T21:32:12 Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer
CVE-2026-11834 0 0.41% 1 1 2026-06-26T22:16:30.897000 A command injection vulnerability has been identified in the DHCP option process
CVE-2026-48769 9.9 0.00% 1 0 2026-06-26T19:13:19 ### Summary An arbitrary file write exists in the Incus client when a malicious
CVE-2026-48755 9.9 0.00% 1 0 2026-06-26T19:03:32 ### Summary Improper validation of user-provided backup compression algorithm l
CVE-2026-44161 7.2 0.00% 1 0 2026-06-26T16:36:11 The `out_http` output plugin allows the use of placeholders (such as `${tag}`) i
CVE-2026-57878 9.8 0.53% 1 0 2026-06-26T16:16:36.820000 An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in
CVE-2026-50242 10.0 0.42% 1 0 2026-06-26T13:20:46.867000 In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.14812
CVE-2026-39955 9.8 0.32% 1 0 2026-06-26T05:16:27.173000 Cacti is an open source performance and fault management framework. Versions 1.2
CVE-2026-39938 9.8 0.44% 1 1 2026-06-26T05:16:26.907000 Cacti is an open source performance and fault management framework. Versions 1.2
CVE-2026-12244 8.8 0.30% 1 0 2026-06-26T02:07:23.190000 If NSD is configured as secondary for a zone, the primary of that zone can crash
CVE-2026-20230 8.6 41.69% 4 3 2026-06-25T21:31:23 A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco U
CVE-2026-54588 9.6 0.31% 1 0 2026-06-25T20:18:11.603000 Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions
CVE-2026-41120 9.8 0.26% 1 0 2026-06-25T15:32:09 Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance
CVE-2026-45051 None 0.00% 1 0 2026-06-24T17:25:29 ## Summary **Description** A deserialization of untrusted data vulnerability (
CVE-2026-35025 8.1 0.33% 1 0 2026-06-24T15:31:50 ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerabi
CVE-2026-35019 8.1 0.43% 1 0 2026-06-23T16:16:59.460000 NetComm NF20MESH routers running firmware R6B031 and earlier contain an authenti
CVE-2026-42824 6.5 7.64% 1 0 2026-06-19T21:16:42.893000 Missing authentication for critical function in M365 Copilot allows an unauthori
CVE-2026-20253 9.8 88.17% 1 5 template 2026-06-18T18:35:18 In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform
CVE-2026-48907 9.8 80.42% 1 17 template 2026-06-17T14:06:35.153000 A vulnerability in the JCE editor extension for Joomla allows the creation of ne
CVE-2026-6307 8.8 0.36% 1 2 2026-06-17T11:00:38.113000 Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a re
CVE-2026-50751 9.3 70.10% 2 7 template 2026-06-17T10:57:46.373000 A logic flow weakness in Remote Access and Mobile Access certificate validation
CVE-2026-46242 7.8 0.12% 2 0 2026-06-17T10:53:23.777000 In the Linux kernel, the following vulnerability has been resolved: eventpoll:
CVE-2026-35273 9.8 92.33% 2 4 template 2026-06-17T10:40:19.560000 Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleS
CVE-2026-33017 9.8 98.41% 1 12 template 2026-06-17T10:36:47.177000 Langflow is a tool for building and deploying AI-powered agents and workflows. I
CVE-2026-10520 10.0 99.04% 1 6 template 2026-06-17T10:12:16.930000 An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6
CVE-2025-68941 4.9 0.24% 1 0 2026-06-17T09:59:51.847000 Gitea before 1.22.3 mishandles access to a private resource upon receiving an AP
CVE-2025-5777 7.5 99.90% 3 25 template 2026-06-17T09:48:43.670000 Insufficient input validation leading to memory overread when the NetScaler is c
CVE-2025-4674 8.6 0.27% 1 0 2026-06-17T09:33:46.027000 The go command may execute unexpected commands when operating in untrusted VCS r
CVE-2024-56406 8.4 0.47% 1 0 2026-06-17T08:12:08.977000 A heap buffer overflow vulnerability was discovered in Perl. Release branches
CVE-2024-1442 6.0 0.80% 1 0 2026-06-17T07:04:15.300000 A user with the permissions to create a data source can use Grafana API to crea
CVE-2022-29170 6.6 1.12% 1 1 2026-06-17T04:39:44.167000 Grafana is an open-source platform for monitoring and observability. In Grafana
CVE-2022-26148 9.8 53.44% 1 0 template 2026-06-17T04:34:46.890000 An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. T
CVE-2022-24812 8.0 2.32% 1 0 2026-06-17T04:32:34.510000 Grafana is an open-source platform for monitoring and observability. When fine-g
CVE-2020-27846 9.8 4.87% 1 0 2026-06-17T03:09:43.880000 A signature verification vulnerability exists in crewjam/saml. This flaw allows
CVE-2026-50656 7.8 3.39% 2 1 2026-06-16T21:31:57 Microsoft is aware of an elevation of privilege in the Microsoft Malware Protect
CVE-2026-48611 9.8 0.66% 2 2 2026-06-12T06:33:21 Improper authentication checks in the OAuth implementation allow account hijacki
CVE-2026-46215 7.8 0.13% 1 1 2026-06-10T21:32:27 In the Linux kernel, the following vulnerability has been resolved: drm: Set ol
CVE-2026-34182 9.1 0.24% 2 0 2026-06-10T18:32:45 Issue Summary: Cryptographic Message Services (CMS) processing fails to perform
CVE-2026-49160 7.5 48.44% 1 1 2026-06-09T18:31:11 Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to d
CVE-2026-45504 8.8 0.46% 1 1 2026-06-09T18:30:58 Server-side request forgery (ssrf) in Microsoft Exchange Server allows an author
CVE-2026-25089 9.8 23.39% 1 2 2026-06-09T18:30:47 A improper neutralization of special elements used in an os command ('os command
CVE-2026-10523 9.9 47.19% 1 3 2026-06-09T18:30:39 An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10
CVE-2026-31694 7.8 0.13% 1 1 2026-06-01T18:32:31 In the Linux kernel, the following vulnerability has been resolved: fuse: rejec
CVE-2026-0826 None 26.47% 1 0 2026-06-01T15:30:49 In certain scenarios when the admin has enabled Interactive Connectivity Establi
CVE-2026-46817 9.8 0.68% 4 2 2026-05-29T18:31:20 Vulnerability in the Oracle Payments product of Oracle E-Business Suite (compone
CVE-2026-6637 8.8 0.38% 1 0 2026-05-14T15:31:59 Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged datab
CVE-2026-33825 7.8 6.75% 3 5 2026-04-23T00:31:18 Insufficient granularity of access control in Microsoft Defender allows an autho
CVE-2026-1229 None 0.40% 1 0 2026-03-02T15:26:57 The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produc
CVE-2026-24418 None 0.36% 1 2 2026-02-10T01:17:51 ### Summary Critical Error-Based SQL Injection vulnerability in the Scadenzario
CVE-2025-68121 4.8 0.77% 1 0 2026-02-06T18:31:38 During session resumption in crypto/tls, if the underlying Config has its Client
CVE-2025-41115 10.0 17.29% 1 2 2025-11-27T08:40:01 SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in Apri
CVE-2023-29300 9.8 99.98% 1 0 template 2025-10-22T00:33:52 Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0
CVE-2023-29298 7.5 99.75% 1 1 template 2025-10-22T00:33:51 Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0
CVE-2023-26360 8.6 97.34% 1 6 template 2025-10-22T00:33:50 Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and ea
CVE-2022-28391 9.8 3.50% 1 0 2025-06-09T18:32:01 BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if nets
CVE-2024-9264 9.9 97.78% 1 12 template 2025-03-14T20:26:23 The SQL Expressions experimental feature of Grafana allows for the evaluation of
CVE-2023-3128 9.4 4.09% 1 1 2025-02-13T19:00:47 Grafana is validating Azure AD accounts based on the email claim. On Azure AD,
CVE-2024-2658 None 0.42% 1 2 2025-01-30T18:32:09 A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1
CVE-2022-31097 7.3 68.60% 1 0 2024-11-18T16:26:42 Today we are releasing Grafana 8.3.10, 8.4.10, 8.5.9 and 9.0.3. This patch relea
CVE-2022-21703 6.8 2.28% 1 0 2024-02-01T00:16:02 Today we are releasing Grafana 8.3.5 and 7.5.15. This patch release includes MED
CVE-2018-15727 9.8 64.28% 1 1 2023-10-02T12:01:52 Grafana before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because a
CVE-2019-3855 8.8 9.22% 1 0 2023-02-01T05:04:28 An integer overflow flaw which could lead to an out of bounds write was discover
CVE-2022-28660 9.8 1.06% 1 0 2023-01-27T05:02:23 The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.
CVE-2026-10055 0 0.00% 4 0 N/A
CVE-2026-50548 0 0.64% 2 0 N/A
CVE-2026-50549 0 0.64% 1 0 N/A
CVE-2026-53657 0 0.00% 2 0 N/A
CVE-2026-58418 0 0.00% 1 0 N/A
CVE-2026-44024 0 0.00% 1 0 N/A
CVE-2026-57149 0 0.00% 1 0 N/A
CVE-2022-23498 0 1.13% 1 0 N/A
CVE-2026-5430 0 0.00% 1 0 N/A
CVE-2026-13136 0 0.00% 1 0 N/A
CVE-2026-8023 0 0.69% 1 1 N/A

CVE-2026-12252
(7.8 HIGH)

EPSS: 0.00%

updated 2026-07-04T02:16:23.603000

2 posts

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes (StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser) are vulnerable to untrusted JAR code execution. These classes accept user-controllable JAR paths and execute them via the `java()` function, which invokes `subprocess.Popen()` without integrity verification. Th

thehackerwire@mastodon.social at 2026-07-04T07:00:27.000Z ##

🟠 CVE-2026-12252 - High (7.8)

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes (StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser) are vulnerable to untrusted JAR code execution. These cla...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-04T07:00:27.000Z ##

🟠 CVE-2026-12252 - High (7.8)

In nltk/nltk versions 3.9.3 and earlier, five Stanford interface classes (StanfordPOSTagger, StanfordNERTagger, StanfordParser, StanfordDependencyParser, and StanfordNeuralDependencyParser) are vulnerable to untrusted JAR code execution. These cla...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-71380
(8.8 HIGH)

EPSS: 0.00%

updated 2026-07-04T02:16:23.477000

2 posts

The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading to data exfiltration, service disruption, or complete system compromise.

thehackerwire@mastodon.social at 2026-07-04T07:00:11.000Z ##

🟠 CVE-2025-71380 - High (8.8)

The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-04T07:00:11.000Z ##

🟠 CVE-2025-71380 - High (8.8)

The Execute Command node in n8n allows authenticated users to execute arbitrary commands on the host system where n8n runs. Attackers with user access or compromised credentials can exploit this node to run malicious commands, potentially leading ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-71375
(8.1 HIGH)

EPSS: 0.00%

updated 2026-07-04T02:16:23.347000

2 posts

picklescan before 0.0.34 fails to detect the _operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using _operator.methodcaller that evade detection and execute arbitrary code when loaded by pickle.load().

thehackerwire@mastodon.social at 2026-07-04T06:00:34.000Z ##

🟠 CVE-2025-71375 - High (8.1)

picklescan before 0.0.34 fails to detect the _operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using _operator.methodcaller that evade detection and execute arbitr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-04T06:00:34.000Z ##

🟠 CVE-2025-71375 - High (8.1)

picklescan before 0.0.34 fails to detect the _operator.methodcaller built-in function when scanning pickle files for malicious code. Attackers can craft malicious pickle payloads using _operator.methodcaller that evade detection and execute arbitr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-71373
(8.1 HIGH)

EPSS: 0.00%

updated 2026-07-04T02:16:23.220000

2 posts

picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle payloads using operator.methodcaller that execute arbitrary code when loaded, compromising systems relying on picklescan for validation.

thehackerwire@mastodon.social at 2026-07-04T06:00:22.000Z ##

🟠 CVE-2025-71373 - High (8.1)

picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle payloads using operator.methodcaller that execute arbitrary co...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-04T06:00:22.000Z ##

🟠 CVE-2025-71373 - High (8.1)

picklescan before 0.0.33 fails to detect operator.methodcaller function calls in pickle files, allowing attackers to bypass security checks. Remote attackers can craft malicious pickle payloads using operator.methodcaller that execute arbitrary co...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-71372
(8.1 HIGH)

EPSS: 0.00%

updated 2026-07-04T02:16:23.097000

2 posts

Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypassing Picklescan's safety checks and enabling supply-chain poisoning of shared model files.

thehackerwire@mastodon.social at 2026-07-04T06:00:09.000Z ##

🟠 CVE-2025-71372 - High (8.1)

Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypa...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-04T06:00:09.000Z ##

🟠 CVE-2025-71372 - High (8.1)

Picklescan before 0.0.33 fails to detect the numpy.f2py.crackfortran.getlincoef gadget in pickle __reduce__ methods, allowing arbitrary code execution. Attackers can craft malicious pickle files that execute arbitrary Python code when loaded, bypa...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-71356
(8.1 HIGH)

EPSS: 0.00%

updated 2026-07-04T02:16:22.063000

2 posts

picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code when loaded by victims.

thehackerwire@mastodon.social at 2026-07-04T07:00:37.000Z ##

🟠 CVE-2025-71356 - High (8.1)

picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code when loaded ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-04T07:00:37.000Z ##

🟠 CVE-2025-71356 - High (8.1)

picklescan before 0.0.28 fails to detect malicious torch.fx.experimental.symbolic_shapes.ShapeEnv.evaluate_guards_expression function calls in pickle files. Attackers can embed undetected code in pickle files that executes remote code when loaded ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14605
(7.8 HIGH)

EPSS: 0.00%

updated 2026-07-03T21:31:36

2 posts

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1c_can.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit is publicly available and might be used. The vendor was contacted early about

thehackerwire@mastodon.social at 2026-07-03T21:00:10.000Z ##

🟠 CVE-2026-14605 - High (7.8)

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1c_can.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buff...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-03T21:00:10.000Z ##

🟠 CVE-2026-14605 - High (7.8)

A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1c_can.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buff...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58426
(9.6 CRITICAL)

EPSS: 0.00%

updated 2026-07-03T21:17:05.770000

2 posts

Gitea Actions Artifacts V4 signed URL HMAC ambiguity allows cross-repository artifact read and cross-task upload-state write

offseq at 2026-07-04T00:00:37.662Z ##

CVE-2026-58426 | CRITICAL in Gitea 1.22.0: Ambiguous HMAC signing enables cross-repo artifact reads & cross-task upload tampering. No patch available — restrict access, monitor activity. Details: radar.offseq.com/threat/cve-20

##

offseq@infosec.exchange at 2026-07-04T00:00:37.000Z ##

CVE-2026-58426 | CRITICAL in Gitea 1.22.0: Ambiguous HMAC signing enables cross-repo artifact reads & cross-task upload tampering. No patch available — restrict access, monitor activity. Details: radar.offseq.com/threat/cve-20 #OffSeq #CVE202658426 #Gitea #infosec

##

CVE-2026-57986
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-03T21:17:01.780000

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

hugovalters@mastodon.social at 2026-07-03T23:06:56.000Z ##

CVE-2026-57986 - Use After Free in Microsoft Edge. Unauthorized network RCE. CVSS 7.5. No patch available. Monitor closely. #CVE #MicrosoftEdge #infosec

valtersit.com/cve/CVE-2026-579

##

CVE-2026-57984
(7.5 HIGH)

EPSS: 0.00%

updated 2026-07-03T21:17:01.550000

1 posts

Use after free in Microsoft Edge (Chromium-based) allows an unauthorized attacker to execute code over a network.

hugovalters@mastodon.social at 2026-07-04T05:13:37.000Z ##

CVE-2026-57984 - Use After Free in Microsoft Edge. Unauthorized RCE over network. CVSS 7.5. No patch available. Mitigate now. #CVE #MicrosoftEdge #infosec

valtersit.com/cve/CVE-2026-579

##

CVE-2026-14606
(7.8 HIGH)

EPSS: 0.00%

updated 2026-07-03T20:16:52.237000

2 posts

A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CAN_Receive in the library bsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the public and may be used for a

thehackerwire@mastodon.social at 2026-07-03T21:00:20.000Z ##

🟠 CVE-2026-14606 - High (7.8)

A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CAN_Receive in the library bsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipula...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-03T21:00:20.000Z ##

🟠 CVE-2026-14606 - High (7.8)

A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CAN_Receive in the library bsp/synwit/libraries/SWM341_CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipula...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-46331
(7.8 HIGH)

EPSS: 0.26%

updated 2026-07-03T15:32:59

2 posts

In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption tcf_pedit_act() computes the COW range for skb_ensure_writable() once before the key loop using tcfp_off_max_hint, but the hint does not account for the runtime header offset added by typed keys. This can leave part of the write region un-COW'd. Fix by moving skb

9 repos

https://github.com/seguridadentrerios/CVE-2026-46331

https://github.com/g0thamRabb1t/cve-2026-46331-pedit-cow-auditd-detection

https://github.com/HORKimhab/CVE-2026-46331

https://github.com/0xBlackash/CVE-2026-46331

https://github.com/V0IDNETWORK/CVE-2026-46331

https://github.com/Quaerendir/cve-2026-46331-audit

https://github.com/vulnquest58/dirtyclone-exploit

https://github.com/douglasmun/pagecache-lpe-containment-kit

https://github.com/sgkdev/packet_edit_meme

nemo@mas.to at 2026-06-30T08:18:02.000Z ##

Root-Zugriff ist möglich: Exploits zu CVE-2026-46331 (Linux-Kernel) wurden geleakt und betreffen u.a. Debian, Ubuntu & RHEL. Ein Patch ist teils schon drin, Updates fehlen aber noch nicht überall—Admins sollten schnell absichern. 🔧🚨 golem.de/news/root-zugriff-moe #Linux #Security #CVE #SysAdmin

##

cyberveille@mastobot.ping.moi at 2026-06-29T17:30:20.000Z ##

📢 CVE-2026-46331 ' pedit COW ' : élévation de privilèges root dans le noyau Linux
📝 ## 🔍 Contexte

Source : The Hacker News, publiée le 26 juin 2026.
📖 cyberveille : cyberveille.ch/posts/2026-06-2
🌐 source : thehackernews.com/2026/06/new-
#CVE_2026_46331 #IOC #Cyberveille

##

CVE-2026-14459
(8.8 HIGH)

EPSS: 0.00%

updated 2026-07-03T15:31:59

2 posts

Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0.5.

1 repos

https://github.com/dasokkk/CVE-2026-14459-14460-pardus-software

thehackerwire@mastodon.social at 2026-07-03T17:00:19.000Z ##

🟠 CVE-2026-14459 - High (8.8)

Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection.

This issue affects pardus-software: from &lt;= ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-03T17:00:19.000Z ##

🟠 CVE-2026-14459 - High (8.8)

Improper neutralization of argument delimiters in a command ('argument injection') vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection.

This issue affects pardus-software: from &lt;= ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-49815
(7.2 HIGH)

EPSS: 0.00%

updated 2026-07-03T15:16:32.720000

1 posts

Dell PowerProtect Data Domain, versions 7.7.1.0 through 8.7, LTS2026 release version 8.6.1.0 through 8.6.1.10, LTS2025 release version 8.3.1.0 through 8.3.1.30, LTS2024 release versions 7.13.1.0 through 7.13.1.70 contain an improper neutralization of special Elements used in an OS command ('OS command Injection') vulnerability. A high privileged attacker with remote access could potentially exploi

hugovalters@mastodon.social at 2026-07-03T17:11:21.000Z ##

CVE-2026-49815 - OS Command Injection in Dell PowerProtect Data Domain. CVSS 7.2. High-privilege remote attack. No patch available yet. Monitor and restrict access immediately. #CVE #Dell #infosec

valtersit.com/cve/CVE-2026-498

##

CVE-2026-14460
(8.8 HIGH)

EPSS: 0.00%

updated 2026-07-03T15:16:32.367000

2 posts

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection. This issue affects pardus-software: from <= 1.0.4 before 1.0.5.

1 repos

https://github.com/dasokkk/CVE-2026-14459-14460-pardus-software

thehackerwire@mastodon.social at 2026-07-03T17:00:28.000Z ##

🟠 CVE-2026-14460 - High (8.8)

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection.

This issue affects pardus-software: from &lt;= 1.0.4 before 1.0.5.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-07-03T17:00:28.000Z ##

🟠 CVE-2026-14460 - High (8.8)

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute pardus-software allows Argument Injection.

This issue affects pardus-software: from &lt;= 1.0.4 before 1.0.5.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-13341
(7.4 HIGH)

EPSS: 0.00%

updated 2026-07-03T12:31:51

3 posts

A vulnerability exists in the Kong Konnect Model Context Protocol (MCP) server prior to version 1.0.0, which could allow a remote attacker to perform an indirect prompt injection attack and execute unintended API requests.

offseq at 2026-07-03T13:30:28.872Z ##

KongHQ mcp-konnect (<1.0.0) has a HIGH severity flaw (CVE-2026-13341, CVSS 7.4) allowing remote prompt injection with risk to confidentiality. No patch — monitor vendor updates. radar.offseq.com/threat/cve-20

##

hugovalters@mastodon.social at 2026-07-03T12:11:18.000Z ##

CVE-2026-13341 - Unauthorized access in Kong Konnect MCP server. Indirect prompt injection could lead to unintended API requests. CVSS 7.4. No patch yet. Monitor and mitigate immediately. #CVE #Kong #infosec

valtersit.com/cve/CVE-2026-133

##

offseq@infosec.exchange at 2026-07-03T13:30:28.000Z ##

KongHQ mcp-konnect (<1.0.0) has a HIGH severity flaw (CVE-2026-13341, CVSS 7.4) allowing remote prompt injection with risk to confidentiality. No patch — monitor vendor updates. radar.offseq.com/threat/cve-20 #OffSeq #KongHQ #Infosec #Vulnerability

##

CVE-2026-14544
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-07-03T09:31:35

2 posts

A flaw was found in HPLIP (HP Linux Imaging and Printing Software). This vulnerability, an incomplete fix for CVE-2026-8631, may allow a remote attacker to escalate privileges or achieve arbitrary code execution. This can occur through an integer overflow in the hpcups processing path when handling specially crafted print data.

offseq at 2026-07-03T10:30:27.774Z ##

CVE-2026-14544: CRITICAL integer overflow in HPLIP (RHEL 10) enables remote code execution or privilege escalation via crafted print data 🖨️. Patch status not confirmed. Stay updated: radar.offseq.com/threat/cve-20

##

offseq@infosec.exchange at 2026-07-03T10:30:27.000Z ##

CVE-2026-14544: CRITICAL integer overflow in HPLIP (RHEL 10) enables remote code execution or privilege escalation via crafted print data 🖨️. Patch status not confirmed. Stay updated: radar.offseq.com/threat/cve-20 #OffSeq #CVE202614544 #LinuxSecurity

##

CVE-2026-9725
(9.1 CRITICAL)

EPSS: 0.00%

updated 2026-07-03T06:32:11

1 posts

The Printcart Web to Print Product Designer for WooCommerce plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to, and including, 2.5.2 This is due to insufficient path validation in the store_design_data() function, which constructs a filesystem path from the user-supplied 'nbd_item_key' POST parameter sanitized only with sanitize_text_field() — which does not strip path

offseq@infosec.exchange at 2026-07-03T06:00:25.000Z ##

CRITICAL: CVE-2026-9725 in Printcart Web to Print Product Designer for WooCommerce ≤2.5.2 enables unauthenticated file deletion via path traversal. No patch yet — restrict AJAX endpoints & monitor logs. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #CVE2026_9725 #PathTraversal

##

CVE-2026-14432
(8.8 HIGH)

EPSS: 0.25%

updated 2026-07-03T04:17:51.457000

1 posts

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

thehackerwire@mastodon.social at 2026-07-02T04:02:28.000Z ##

🟠 CVE-2026-14432 - High (8.8)

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Medium)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14428
(8.3 HIGH)

EPSS: 0.26%

updated 2026-07-03T04:17:50.907000

1 posts

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

thehackerwire@mastodon.social at 2026-07-02T01:01:37.000Z ##

🟠 CVE-2026-14428 - High (8.3)

Insufficient validation of untrusted input in Dawn in Google Chrome on Android prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium sec...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14426
(7.5 HIGH)

EPSS: 0.22%

updated 2026-07-03T04:17:50.543000

1 posts

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

thehackerwire@mastodon.social at 2026-07-02T03:00:08.000Z ##

🟠 CVE-2026-14426 - High (7.5)

Use after free in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who convinced a user to engage in specific UI gestures to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14424
(9.6 CRITICAL)

EPSS: 0.21%

updated 2026-07-03T04:17:50.160000

1 posts

Use after free in Dawn in Google Chrome on Mac prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

offseq@infosec.exchange at 2026-07-02T04:30:25.000Z ##

CVE-2026-14424: HIGH severity use-after-free in Chrome (Mac <150.0.7871.46) enables sandbox escape via crafted HTML. Update to 150.0.7871.46+ now. radar.offseq.com/threat/cve-20 #OffSeq #Chrome #Infosec #Vuln

##

CVE-2026-14420
(9.6 CRITICAL)

EPSS: 0.25%

updated 2026-07-03T04:17:49.127000

1 posts

Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

thehackerwire@mastodon.social at 2026-07-02T04:02:39.000Z ##

🔴 CVE-2026-14420 - Critical (9.6)

Out of bounds read and write in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14416
(9.6 CRITICAL)

EPSS: 0.24%

updated 2026-07-03T04:17:48.653000

1 posts

Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

thehackerwire@mastodon.social at 2026-07-02T02:00:43.000Z ##

🔴 CVE-2026-14416 - Critical (9.6)

Out of bounds read in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Low)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14398
(9.6 CRITICAL)

EPSS: 0.21%

updated 2026-07-03T04:17:44.787000

1 posts

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

offseq@infosec.exchange at 2026-07-02T09:00:27.000Z ##

CRITICAL use-after-free in Chrome ANGLE (CVE-2026-14398) enables remote sandbox escape via crafted HTML. Affected: versions before 150.0.7871.46. Patch ASAP! Details: radar.offseq.com/threat/cve-20 #OffSeq #Chrome #Vuln #CVE202614398

##

CVE-2026-13368(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-07-03T00:31:57

2 posts

WatchGuard Fireware OS contains a race condition leading to a use-after-free vulnerability in LDAP authentication for the Mobile User VPN with IKEv2. A remote unauthenticated attacker could exploit this vulnerability to execute arbitrary code in the context of the iked process on Fireboxes that have a Mobile VPN with IKEv2 configured to use an external LDAP authentication server. This vulnerabili

DailyCyberSecurity@infosec.exchange at 2026-07-03T02:07:11.000Z ##

WatchGuard Firebox vulnerabilities include a critical unauthenticated RCE (CVE-2026-13368, CVSS 9.2) plus six more Fireware OS flaws. Patch now.

#WatchGuard #Firebox #CVE202613368 #FirewareOS #CyberSecurity

securityonline.info/watchguard

##

offseq@infosec.exchange at 2026-07-03T01:30:27.000Z ##

CVE-2026-13368 (CRITICAL, CVSS 9.2): WatchGuard Fireware OS LDAP auth flaw in Mobile VPN with IKEv2 allows remote code execution (iked process). Disable affected configs or restrict access until patch. radar.offseq.com/threat/cve-20 #OffSeq #WatchGuard #CVE202613368 #Infosec

##

CVE-2026-54998
(8.8 HIGH)

EPSS: 0.00%

updated 2026-07-03T00:31:57

1 posts

Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

thehackerwire@mastodon.social at 2026-07-03T00:00:17.000Z ##

🟠 CVE-2026-54998 - High (8.8)

Incorrect authorization in Microsoft Exchange Online allows an authorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-45499
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-07-03T00:31:53

1 posts

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

thehackerwire@mastodon.social at 2026-07-03T00:00:06.000Z ##

🔴 CVE-2026-45499 - Critical (9.9)

Server-side request forgery (ssrf) in Azure OpenAI allows an authorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-13768
(10.0 CRITICAL)

EPSS: 0.00%

updated 2026-07-03T00:16:52.270000

1 posts

Gardyn devices expose a privileged iothubowner key. Access to this key will allow a malicious user to invoke an IoTHub Registry Manager function which returns connection information for all Gardyn Home Kit and Studio devices. Access to this key also allows a malicious user to execute arbitrary commands on a specific connected device and may allow the malicious user to pivot to other devices on the

1 repos

https://github.com/MichaelAdamGroberman/CVE-2026-13768

offseq@infosec.exchange at 2026-07-03T00:00:42.000Z ##

CVE-2026-13768: Gardyn Home Firmware (CRITICAL, CVSS 10) exposes a privileged iothubowner key, enabling attackers to control devices & move laterally on networks. No patch yet. Monitor and segment IoT devices. radar.offseq.com/threat/cve-20 #OffSeq #IoTSecurity #CVE202613768

##

CVE-2026-57100
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-07-02T23:16:51.267000

1 posts

Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.

thehackerwire@mastodon.social at 2026-07-03T00:00:28.000Z ##

🔴 CVE-2026-57100 - Critical (9.9)

Server-side request forgery (ssrf) in Microsoft Entra Provisioning Service (SyncFabric) allows an authorized attacker to elevate privileges over a network.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-41106
(9.3 CRITICAL)

EPSS: 0.00%

updated 2026-07-02T23:16:50.867000

1 posts

Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.

hugovalters@mastodon.social at 2026-07-03T14:07:58.000Z ##

CVE-2026-41106 - Critical open redirect in M365 Copilot. Unpatched. CVSS 9.3. Attackers can elevate privileges via URL redirection. Update immediately. #CVE #Microsoft #infosec

valtersit.com/cve/CVE-2026-411

##

CVE-2026-57517
(9.8 CRITICAL)

EPSS: 0.59%

updated 2026-07-02T21:33:17

1 posts

Control Web Panel before 0.9.8.1225 contains a blind SQL injection vulnerability that allows unauthenticated remote attackers to execute arbitrary SQL queries by submitting unsanitized input through the userRes POST parameter at the user endpoint. Attackers can exploit MySQL root privileges obtained via the injection to write arbitrary files using INTO DUMPFILE, enabling deployment of a PHP webshe

CVE-2026-58460
(7.7 HIGH)

EPSS: 0.14%

updated 2026-07-02T21:16:57.080000

1 posts

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted _display_name value containing dot-dot path components through a malicious ContentProvider. Attackers can fire an explicit ACTION_SEND intent at the consuming app's exported share-receiver activity to

thehackerwire@mastodon.social at 2026-07-02T22:00:14.000Z ##

🟠 CVE-2026-58460 - High (7.7)

react-native-receive-sharing-intent contains a path traversal vulnerability that allows a co-resident malicious application to write files outside the intended cache directory by supplying a crafted _display_name value containing dot-dot path comp...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-52830
(9.4 CRITICAL)

EPSS: 0.42%

updated 2026-07-02T20:38:51

1 posts

## Summary fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token `telegram`, but it does not reject path separators or normalize the path before checking whether the session file exists. A remote HTTP client can therefore authenticate as the default legacy session with a token such as `../fast-mcp-tel

thehackerwire@mastodon.social at 2026-07-02T22:00:24.000Z ##

🔴 CVE-2026-52830 - Critical (9.4)

fast-mcp-telegram is a Telegram MCP Server. Prior to 0.19.1, fast-mcp-telegram validates HTTP Bearer tokens by joining the raw token string into a session-file path. The verifier rejects the exact reserved token telegram, but it does not reject pa...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-59099
(9.1 CRITICAL)

EPSS: 0.36%

updated 2026-07-02T20:17:08.240000

1 posts

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers can collect multiple client-side webflow execution tokens from the unauthenticated login page and perform known-plaintext analysis to decrypt the webflow

thehackerwire@mastodon.social at 2026-07-02T22:00:33.000Z ##

🔴 CVE-2026-59099 - Critical (9.1)

Apereo CAS 7.3.0 before 8.0.0-RC6 contains a cryptographic vulnerability that allows remote unauthenticated attackers to recover plaintext conversation state by exploiting AES-GCM initialization vector reuse across the server lifetime. Attackers c...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-12537
(7.8 HIGH)

EPSS: 0.13%

updated 2026-07-02T19:46:27.890000

1 posts

Improper Neutralization used in an OS Command in the container launcher in Google Gemini CLI (versions prior to 0.39.1) and run-gemini-cli GitHub Action (versions prior to 0.1.22) on headless CI platforms allows an unprivileged attacker to achieve pre-sandbox host-level code execution a maliciously crafted .gemini/.env file.

beyondmachines1@infosec.exchange at 2026-06-30T10:01:36.000Z ##

Google Patches Maximum-Severity RCE Vulnerability in Gemini CLI and GitHub Actions

Google patched a maximum-severity RCE vulnerability (CVE-2026-12537) in Gemini CLI and its GitHub Action that allowed attackers to execute host-level commands via malicious workspace configurations. The flaw exploited implicit trust in headless CI/CD environments to steal secrets and compromise build pipelines.

**If you use the Gemini CLI or its GitHub Action in your development pipelines, immediately upgrade to Gemini CLI version 0.39.1 (or 0.40.0-preview.3) and the run-gemini-cli action to version 0.1.22 to patch CVE-2026-12537. Only enable workspace trust for repositories you fully control. Review your automated workflows to make sure they never run shell commands on untrusted inputs.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-55957
(7.3 HIGH)

EPSS: 0.43%

updated 2026-07-02T19:01:45.887000

1 posts

Missing Critical Step in Authentication vulnerability in Apache Tomcat when the JNDIRealm was configured to authenticate binds using GSSAPI allowed attackers to authenticate without provided the correct password. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.4, from 10.1.0-M1 through 10.1.36, from 9.0.0.M1 through 9.0.100, from 8.5.0 through 8.5.100, from 7.0.0 through 7.0.109. U

CVE-2026-14191
(7.8 HIGH)

EPSS: 0.29%

updated 2026-07-02T18:45:21.210000

2 posts

An out-of-bounds heap write exists in the RAR5 recovery-volume (.rev) parser in WinRAR and UnRAR (RecVolumes5::ReadHeader in recvol5.cpp). The RecItems vector is sized only when the first .rev file in a set is processed; subsequent .rev files supply an independent RecNum value that is validated against that file's own TotalCount field but never against the actual size of RecItems. A crafted set of

linux@activitypub.awakari.com at 2026-07-02T12:38:12.000Z ## WinRAR flaw could allow attackers to take control of your computer A new WinRAR update fixes a serious security flaw, but without automatic updates many users could miss the patch. Rarlab has relea...

#Bugs #News #cve-2026-14191 #unrar #winRAR

Origin | Interest | Match ##

DailyCyberSecurity@infosec.exchange at 2026-07-02T01:05:31.000Z ##

A WinRAR vulnerability (CVE-2026-14191) causes a heap overflow via crafted .rev recovery files. Update WinRAR and UnRAR to version 7.23 now.

#WinRAR #UnRAR #CVE202614191 #HeapOverflow #RAR5 #RARLAB #Vulnerability

securityonline.info/winrar-vul

##

CVE-2026-44941
(8.4 HIGH)

EPSS: 0.49%

updated 2026-07-02T18:36:28

1 posts

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root.

thehackerwire@mastodon.social at 2026-07-02T17:01:01.000Z ##

🟠 CVE-2026-44941 - High (8.4)

A relative path traversal in the "keyhint" option in repomd.xml parsing of libzypp before 17.38.12 can be used by attackers able to supply a malicious repository to inject or overwrite files in the target system as root.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14430
(8.8 HIGH)

EPSS: 0.29%

updated 2026-07-02T18:36:25

1 posts

Integer overflow in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

thehackerwire@mastodon.social at 2026-07-02T03:00:19.000Z ##

🟠 CVE-2026-14430 - High (8.8)

Integer overflow in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-58455
(9.8 CRITICAL)

EPSS: 1.19%

updated 2026-07-02T17:42:23.640000

1 posts

Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by exploiting a missing exit() after an authentication redirect in loader.php combined with unsanitized input passed to shell_exec() in ajax/compose.php. Attackers can seed the required session flag through the incomplete auth check, then inject

thehackerwire@mastodon.social at 2026-07-02T17:00:52.000Z ##

🔴 CVE-2026-58455 - Critical (9.8)

Dockwatch through 0.6.567 contains an unauthenticated OS command injection vulnerability that allows remote attackers to execute arbitrary shell commands by exploiting a missing exit() after an authentication redirect in loader.php combined with u...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-10134
(10.0 CRITICAL)

EPSS: 0.31%

updated 2026-07-02T17:03:09.633000

2 posts

IBM Langflow OSS 1.0.0 through 1.9.3 allows an attacker to read every secret available to the Langflow process, read and modify every flow, conversation, message, file upload, and saved component in the Langflow database, can connect to internal services, abuse cloud metadata endpoints, laterally move to other tenants on the same Langflow instance, and Establish persistence by modifying the public

DailyCyberSecurity at 2026-07-04T02:15:30.144Z ##

Multiple Langflow OSS vulnerabilities, including the critical CVE-2026-10134 flaw, expose servers to code execution. Patch immediately.

securityonline.info/langflow-o

##

DailyCyberSecurity@infosec.exchange at 2026-07-04T02:15:30.000Z ##

Multiple Langflow OSS vulnerabilities, including the critical CVE-2026-10134 flaw, expose servers to code execution. Patch immediately.

#Langflow #Vulnerabilities #CyberSecurity #CVE202610134 #InfoSec

securityonline.info/langflow-o

##

CVE-2026-55112
(7.5 HIGH)

EPSS: 0.19%

updated 2026-07-02T16:54:47.880000

1 posts

A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS with UniFi Protect Application to escalate privileges on the host device.

thehackerwire@mastodon.social at 2026-07-02T17:02:09.000Z ##

🟠 CVE-2026-55112 - High (7.5)

A malicious actor with access to the network and low privileges and under certain conditions could exploit an Improper Access Control vulnerability found in UniFi OS with UniFi Protect Application to escalate privileges on the host device.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-56842
(7.5 HIGH)

EPSS: 0.19%

updated 2026-07-02T16:54:47.880000

1 posts

A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access had been removed.

thehackerwire@mastodon.social at 2026-07-02T17:01:50.000Z ##

🟠 CVE-2026-56842 - High (7.5)

A malicious actor with access to the network and under certain conditions could exploit an Incorrect Authorization vulnerability found in UniFi Network Application to persist privileges within UniFi Network Application after such access had been r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-56004
(8.8 HIGH)

EPSS: 0.38%

updated 2026-07-02T15:32:20

1 posts

A shellcode injection in the mercurial handler of the obs tar_scm source service before version 0.12.4 could be used by attackers able to provide a _service file to execute code as the source service or the local user checking out the malicious services

thehackerwire@mastodon.social at 2026-07-02T17:01:59.000Z ##

🔴 CVE-2026-56004 - Critical (10)

A shellcode injection in the mercurial handler of the obs tar_scm source service before version 0.12.4 could be used by attackers able to provide a _service file to execute code as the source service or the local user checking out the malicious se...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-56841
(8.8 HIGH)

EPSS: 0.24%

updated 2026-07-02T15:32:20

1 posts

A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device.

thehackerwire@mastodon.social at 2026-07-02T17:01:11.000Z ##

🟠 CVE-2026-56841 - High (8.8)

A malicious actor with access to the network and low privileges could exploit an authenticated SQL Injection vulnerability found in UniFi Protect Application to escalate privileges on the host device.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-54403
(8.6 HIGH)

EPSS: 0.48%

updated 2026-07-02T15:32:20

1 posts

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances.

phillip@social.lol at 2026-07-02T16:26:30.000Z ##

@cR0w ../ spotted!

Summary 7 of 25

A malicious actor with access to the network could exploit a Path Traversal vulnerability found in certain devices running UniFi OS to bypass authentication of such UniFi OS devices or instances.

CVE-2026-54403

##

CVE-2026-5524
(9.8 CRITICAL)

EPSS: 0.54%

updated 2026-07-02T15:32:20

1 posts

The Divi Form Builder plugin for WordPress is vulnerable to Arbitrary File Upload leading to Remote Code Execution in all versions up to and including 5.1.8. This is due to insufficient file extension validation in the do_image_upload() function where user-supplied input from the acceptFileTypes POST parameter is directly interpolated into a regular expression used to validate uploaded files. Atta

1 repos

https://github.com/caterscam/CVE-2026-5524-PoC

offseq@infosec.exchange at 2026-07-02T13:30:31.000Z ##

CVE-2026-5524: Divi Form Builder <=5.1.8 has a CRITICAL file upload vuln (CVSS 9.8). Unauth RCE possible via PHP extensions not blocked by .htaccess, esp. on Nginx. Restrict uploads, monitor for patch. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Infosec #CVE2026_5524

##

CVE-2026-50027
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-07-02T15:26:24

1 posts

## Missing Authentication on Document API Endpoints Allows Unauthenticated Memory Read/Write/Delete ### Summary All HTTP routes under `/api/documents/*` in `mcp-memory-service` are served without any authentication dependency, even when the server is configured with an API key (`MCP_API_KEY`) or OAuth. An unauthenticated remote attacker can upload arbitrary content into the memory store (write),

offseq@infosec.exchange at 2026-07-03T03:00:26.000Z ##

CVE-2026-50027: mcp-memory-service (<10.67.1) has a CRITICAL auth bypass in /api/documents/* 🚨. Unauthenticated attackers can read, write, delete memory data. Restrict access or disable endpoints until fixed. radar.offseq.com/threat/ghsa-8 #OffSeq #CVE202650027 #APIsecurity

##

CVE-2026-6682
(7.6 HIGH)

EPSS: 0.21%

updated 2026-07-02T14:37:48.377000

2 posts

In FatFS R0.16 and earlier contains a FAT32 integer overflow bug in mount_volume() where fasize *= fs->n_fats can wrap, leading to attacker-controlled file-size metadata and unsafe read lengths in downstream callers. This maps to CWE-190 (Integer Overflow or Wraparound). Estimated CVSS v3.1 vector: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H (7.6, High). Remote delivery is also possible in OTA/up

nemo@mas.to at 2026-07-04T05:23:11.000Z ##

🧩 Runzero warnt: Eine KI-gestützte Suche fand eine gefährliche Lücke im FatFs-Treiber. Schon das Anschließen eines USB-Sticks soll genügen, um über CVE-2026-6682 (CVSS 7,6) Schadcode einzuschleusen. Patch derzeit unklar. Angriff auch via manipulierte OTA-Updates möglich. 🔥
golem.de/news/angriff-per-usb-
#Security #IoT #Embedded #USB #CVE #Vulnerability

##

nemo@mas.to at 2026-07-04T05:23:11.000Z ##

🧩 Runzero warnt: Eine KI-gestützte Suche fand eine gefährliche Lücke im FatFs-Treiber. Schon das Anschließen eines USB-Sticks soll genügen, um über CVE-2026-6682 (CVSS 7,6) Schadcode einzuschleusen. Patch derzeit unklar. Angriff auch via manipulierte OTA-Updates möglich. 🔥
golem.de/news/angriff-per-usb-
#Security #IoT #Embedded #USB #CVE #Vulnerability

##

CVE-2026-57683
(9.3 CRITICAL)

EPSS: 0.25%

updated 2026-07-02T12:31:09

1 posts

Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions.

offseq@infosec.exchange at 2026-07-02T12:00:30.000Z ##

CVE-2026-57683: CRITICAL SQL injection (CVSS 9.3) in Epsiloncool WP Fast Total Search ≤1.80.280 enables unauthenticated exploitation. Patch pending — monitor for fixes and restrict access. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Infosec #Vuln

##

CVE-2026-43503
(8.8 HIGH)

EPSS: 0.14%

updated 2026-07-02T12:17:20.070000

4 posts

In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers Two frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail to propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()->flags when moving frags from source to destination. __pskb_copy_fclone() defers the rest of the shinfo metadata to skb_copy_header(

8 repos

https://github.com/mooder1/dirtyclone-CVE-2026-43503

https://github.com/entra1337/DirtyClone

https://github.com/aexdyhaxor/CVE-2026-43503-DirtyClone

https://github.com/sec0x/CVE-2026-43503

https://github.com/gl1tch0x1/DirtyClone

https://github.com/0xBlackash/CVE-2026-43503

https://github.com/SecureWithUmer/CVE-2026-43503

https://github.com/douglasmun/pagecache-lpe-containment-kit

ChrisShort@hachyderm.io at 2026-07-01T14:51:20.000Z ##

Dissecting and Exploiting Linux LPE Variant: DirtyClone (CVE-2026-43503) - JFrog Security Research #devopsish research.jfrog.com/post/dissec

##

beyondmachines1@infosec.exchange at 2026-06-30T12:01:36.000Z ##

DirtyClone Vulnerability Grants Root Access via Linux Kernel Networking Stack

JFrog researchers report DirtyClone (CVE-2026-43503), a high-severity Linux kernel vulnerability that allows local users to gain root privileges by corrupting the system page cache through the networking stack. It's a major risk to multi-tenant cloud and containerized environments.

**Patch your Linux kernel right away: update to your distribution's fixed version (for example, Ubuntu 24.04 needs 6.8.0-124.124 or later) and then reboot, because a patched-but-unrebooted machine is still vulnerable. Confirm with `uname -r`. If you can't patch immediately, reduce the risk by setting `kernel.unprivileged_userns_clone=0` to block the privilege path this attack relies on.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

secdb@infosec.exchange at 2026-06-30T09:59:26.000Z ##

🚨 DirtyClone (CVE-2026-43503)

In the Linux kernel, the following vulnerability has been resolved:

net: skbuff: propagate shared-frag marker through frag-transfer helpers

ℹ️ Additional info on ZEN SecDB secdb.nttzen.cloud/updates/9a1

#nttdata #zen #secdb
#infosec #dirtyclone #linux #lpe #cve202643503

##

DarkWebInformer@infosec.exchange at 2026-06-29T18:49:01.000Z ##

‼️ CVE-2026-43503: Python PoC for DirtyClone, a Linux kernel LPE via page-cache corruption exploit

GitHub: github.com/entra1337/DirtyClone

##

CVE-2026-13774
(8.1 HIGH)

EPSS: 0.30%

updated 2026-07-02T05:16:26.800000

1 posts

Use after free in Extensions in Google Chrome prior to 150.0.7871.47 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: Critical)

hrbrmstr@rud.is at 2026-07-02T16:56:15.000Z ##

Unjamming the Chrome Releases Blog

For the second time in a row, a post by cr0w on Mastodon regarding the Chrome release blog appearing to not render anything resulted in me firing up lynx to show a sub-second load and render, then finally doing something a bit more tangible about the situation.

The 81-Second Wall

The Google Blogger pages load an ancient copy of jQuery (1.11.3, from 2015) synchronously in the <head>, alongside a 53KB widgets.js Blogger framework. Then, posts like this one — https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html — stuff 433 CVE entries into the DOM — 670KB of HTML, 5,045 nodes. The Blogger WidgetManager processes all of that against the DOM using jQuery’s notoriously slow selector engine, and the main thread stays locked for 81 seconds. Nothing else runs. Not even the HTTP request for the DoubleClick tracking pixel queued behind it (because ofc there’s a DoubleClick tracking pixel).

The Safari Navigation Timing API numbers make it embarrassingly concrete:

  • responseEnd: 143ms
  • domInteractive: 231ms
  • domContentLoaded: 81,280ms

That’s 81 seconds between “DOM is ready” and “page is loaded.” All burning prescious CPU cycles with zero network activity during that window.

Why This Matters (Again)

This is the second time I’ve felt compelled to dig into this particular mess. The Chrome Releases page is a real/tangible operational resource — security teams, vulnerability managers, and researchers (somewhat, at least) depend on it for CVE data. When it’s broken, it creates a bottleneck for people who have real jobs to do.

The 433 CVE entries choking the page are exactly what people came to read. But they’re baked into the HTML as rendered text, not exposed as structured data anywhere. So even when the page eventually loads, you’re still scraping HTML to get at anything useful.

unjam

unjam solves that problem. It’s a small CLI that connects to a Blogger page and extracts structured data — both the widget configuration from the _WidgetManager._SetDataContext inline script and the CVE entries from Chrome Release posts — without touching a browser at all.

It’s a single Deno binary for macOS, Linux, and Windows. No dependencies, no configuration overhead, just download and run:

unjam --cve https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html
[
  {
    "issueId": "506558270",
    "issueUrl": "https://issues.chromium.org/issues/506558270",
    "severity": "Critical",
    "cveId": "CVE-2026-13774",
    "description": "Use after free in Extensions.",
    "reporter": "Google",
    "reportedOn": "2026-04-26"
  },
  {
    "issueId": "511766407",
    "issueUrl": "https://issues.chromium.org/issues/511766407",
    "severity": "Critical",
    "cveId": "CVE-2026-13775",
    "description": "Use after free in GPU.",
    "reporter": "Google",
    "reportedOn": "2026-05-10"
  },
  …
]

Getting CVE data from one of these posts used to mean waiting 81 seconds for a browser tab to finish wrestling with jQuery, then hand-scraping HTML. Now it takes about a second and returns clean JSON. The --cve flag parses each entry into structured fields — CVE ID, severity, description, issue tracker URL, reporter, and date reported — ready to pipe into jq, load into a database, or feed into whatever vulnerability management pipeline you’re running.

The tool also handles the general case: any Blogger page carrying the _WidgetManager._SetDataContext inline script can be unwedged with the default mode, which converts the JavaScript object literal into proper JSON. That turned out to be useful enough to bake in as default functionality.

The project’s at https://git.sr.ht/~hrbrmstr/unjam and has pre-built binaries for popular platforms.

I don’t expect this page to stay broken forever…I mean, someone at Google will eventually update the template (right, Anakin? right? Anakin?), and may even quietly drop the DoubleClick pixel (LOL) — but until then, unjam fills the gap cleanly.

##

CVE-2026-14431
(8.8 HIGH)

EPSS: 0.27%

updated 2026-07-02T03:32:33

1 posts

Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

thehackerwire@mastodon.social at 2026-07-02T04:02:18.000Z ##

🟠 CVE-2026-14431 - High (8.8)

Type Confusion in V8 in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14423
(9.6 CRITICAL)

EPSS: 0.22%

updated 2026-07-02T00:31:50

1 posts

Type Confusion in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

offseq@infosec.exchange at 2026-07-02T10:30:26.000Z ##

CVE-2026-14423: Type confusion in Chrome (pre-150.0.7871.46) enables sandbox escape via crafted HTML. HIGH severity — update Chrome ASAP to patch. Details: radar.offseq.com/threat/cve-20 #OffSeq #Chrome #Vuln #BrowserSecurity

##

CVE-2026-14425
(9.6 CRITICAL)

EPSS: 0.22%

updated 2026-07-02T00:31:50

2 posts

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

offseq@infosec.exchange at 2026-07-02T06:00:24.000Z ##

Use-after-free in Chrome’s ANGLE (CVE-2026-14425, HIGH) allows remote sandbox escape via crafted HTML in versions before 150.0.7871.46. Patch status unclear — update Chrome past this version. More: radar.offseq.com/threat/cve-20 #OffSeq #Chrome #Vuln #Infosec

##

thehackerwire@mastodon.social at 2026-07-02T01:00:58.000Z ##

🔴 CVE-2026-14425 - Critical (9.6)

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14417
(9.6 CRITICAL)

EPSS: 0.21%

updated 2026-07-02T00:31:50

2 posts

Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

offseq@infosec.exchange at 2026-07-02T03:00:27.000Z ##

CVE-2026-14417: CRITICAL use-after-free in Chrome’s Dawn (pre-150.0.7871.46). Remote attackers can potentially escape the sandbox — patch ASAP. Details: radar.offseq.com/threat/cve-20 #OffSeq #Chrome #CVE202614417 #Infosec

##

thehackerwire@mastodon.social at 2026-07-02T02:00:55.000Z ##

🔴 CVE-2026-14417 - Critical (9.6)

Use after free in Dawn in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14429
(8.3 HIGH)

EPSS: 0.23%

updated 2026-07-02T00:31:50

1 posts

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

thehackerwire@mastodon.social at 2026-07-02T02:00:15.000Z ##

🟠 CVE-2026-14429 - High (8.3)

Insufficient validation of untrusted input in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security sever...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14427
(8.3 HIGH)

EPSS: 0.24%

updated 2026-07-02T00:31:50

1 posts

Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

thehackerwire@mastodon.social at 2026-07-02T01:01:14.000Z ##

🟠 CVE-2026-14427 - High (8.3)

Heap buffer overflow in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-14439(CVSS UNKNOWN)

EPSS: 0.60%

updated 2026-07-02T00:31:50

1 posts

A path traversal vulnerability exists in the Git Service component shared by Altium Enterprise Server and Altium 365. The service accepts a sequence of post-clone file-manipulation operations that use user-supplied paths without validation, allowing an authenticated user with basic git access to move arbitrary files outside the intended repository area. This file-move primitive can be used to

offseq@infosec.exchange at 2026-07-02T00:00:36.000Z ##

CVE-2026-14439: CRITICAL path traversal in Altium Enterprise Server & Altium 365 Git Service. Authenticated users can achieve RCE & cross-tenant data access. Upgrade Altium Server to v8.1.1; cloud already remediated. radar.offseq.com/threat/cve-20 #OffSeq #CVE202614439 #infosec #remediation

##

CVE-2026-14390
(9.6 CRITICAL)

EPSS: 0.24%

updated 2026-07-02T00:31:49

1 posts

Use after free in ANGLE in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: High)

offseq@infosec.exchange at 2026-07-02T07:30:28.000Z ##

CVE-2026-14390: Use-after-free in Chrome ANGLE (High severity, ≤150.0.7871.45) can enable sandbox escape via crafted HTML. Update to 150.0.7871.46+ to mitigate. No active exploits reported. radar.offseq.com/threat/cve-20 #OffSeq #GoogleChrome #Infosec #Vulnerability

##

CVE-2026-14419
(9.6 CRITICAL)

EPSS: 0.21%

updated 2026-07-02T00:31:49

2 posts

Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

thehackerwire@mastodon.social at 2026-07-02T02:01:12.000Z ##

🔴 CVE-2026-14419 - Critical (9.6)

Use after free in Skia in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-07-02T01:30:24.000Z ##

CVE-2026-14419: CRITICAL use-after-free in Chrome <150.0.7871.46 (Skia) enables remote sandbox escape via crafted HTML. Patch immediately to prevent code execution outside the browser. radar.offseq.com/threat/cve-20 #OffSeq #Chrome #CVE202614419 #Infosec

##

CVE-2026-54428
(7.5 HIGH)

EPSS: 0.41%

updated 2026-07-01T21:36:16

1 posts

Allocation of resources without limits or throttling in the HTTP/2 HPACK decoder in Apache HttpComponents Core (5.4.2 and earlier, 5.5-beta1 and earlier) allows an remote attacker to cause a denial of service through memory exhaustion by sending oversized compressed header blocks before the HTTP/2 SETTINGS acknowledgement causes the configured header list size limit to be applied.

DailyCyberSecurity@infosec.exchange at 2026-07-02T16:12:17.000Z ##

Apache HttpComponents Core vulnerabilities CVE-2026-54399 and CVE-2026-54428 allow remote denial of service through memory exhaustion. Upgrade now.

#Apache #HttpComponents #DoS #CVE202654399 #CyberSecurity

securityonline.info/apache-htt

##

CVE-2026-45659
(8.8 HIGH)

EPSS: 3.22%

updated 2026-07-01T21:35:53

11 posts

Deserialization of untrusted data in Microsoft Office SharePoint allows an authorized attacker to execute code over a network.

3 repos

https://github.com/jenniferreire26/CVE-2026-45659

https://github.com/HORKimhab/CVE-2026-45659

https://github.com/mistbarbarianspot/CVE-2026-45659-SharePoint-RCE

cyberveille@mastobot.ping.moi at 2026-07-03T17:30:20.000Z ##

📢 CISA ajoute CVE-2026-45659 au KEV : RCE activement exploitée dans SharePoint Server
📝 ## 📰 Contexte

Source : SOCRadar, publié le 2 juillet 2026.
📖 cyberveille : cyberveille.ch/posts/2026-07-0
🌐 source : socradar.io/blog/cisa-sharepoi
#CISA_KEV #CVE_2026_45659 #Cyberveille

##

youranonnewsirc@nerdculture.de at 2026-07-03T16:04:38.000Z ##

OpenAI voluntarily limited new AI models at government request on July 2. Cybersecurity threats remain high with critical Citrix Bleed 2 (CVE-2025-5777) and Microsoft SharePoint RCE (CVE-2026-45659) vulnerabilities being actively exploited, as reported on July 2-3. Google, in collaboration with the FBI, disrupted NetNut, a major residential proxy network spanning 2 million devices. Geopolitically, Iran issued warnings to ships regarding unapproved routes in the Strait of Hormuz on July 3.

#AnonNews_irc #Cybersecurity #News

##

netsecio@mastodon.social at 2026-07-03T14:12:59.000Z ##

📰 CISA Adds Actively Exploited SharePoint RCE Flaw to KEV Catalog, Mandates Urgent Patching

⚠️ CISA adds high-severity SharePoint RCE flaw (CVE-2026-45659) to its KEV catalog due to active exploitation! Authenticated attackers can execute code. Federal agencies must patch by July 4. #SharePoint #CyberSecurity #PatchNow

🌐 cyber[.]netsecops[.]io

🔗 cyber.netsecops.io/articles/ci

##

beyondmachines1 at 2026-07-03T12:01:41.410Z ##

CISA Reports Active Exploitation of SharePoint RCE Flaw

CISA warned that attackers are exploiting a high-severity SharePoint vulnerability (CVE-2026-45659) that allows authenticated users to run arbitrary code.

**If you run on-premises Microsoft SharePoint Server (Subscription Edition, 2019, or 2016), this is urgent. Your Sharepoint is under attack. Apply Microsoft's security update for CVE-2026-45659 immediately. Prioritize any internet-facing SharePoint instances first, and confirm every server is updated to the latest secure version. If possible, isolate SharePoint from the Internet.**

beyondmachines.net/event_detai

##

youranonnewsirc@nerdculture.de at 2026-07-03T16:04:38.000Z ##

OpenAI voluntarily limited new AI models at government request on July 2. Cybersecurity threats remain high with critical Citrix Bleed 2 (CVE-2025-5777) and Microsoft SharePoint RCE (CVE-2026-45659) vulnerabilities being actively exploited, as reported on July 2-3. Google, in collaboration with the FBI, disrupted NetNut, a major residential proxy network spanning 2 million devices. Geopolitically, Iran issued warnings to ships regarding unapproved routes in the Strait of Hormuz on July 3.

#AnonNews_irc #Cybersecurity #News

##

beyondmachines1@infosec.exchange at 2026-07-03T12:01:41.000Z ##

CISA Reports Active Exploitation of SharePoint RCE Flaw

CISA warned that attackers are exploiting a high-severity SharePoint vulnerability (CVE-2026-45659) that allows authenticated users to run arbitrary code.

**If you run on-premises Microsoft SharePoint Server (Subscription Edition, 2019, or 2016), this is urgent. Your Sharepoint is under attack. Apply Microsoft's security update for CVE-2026-45659 immediately. Prioritize any internet-facing SharePoint instances first, and confirm every server is updated to the latest secure version. If possible, isolate SharePoint from the Internet.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

guru@thecybersecguru.com at 2026-07-03T09:21:47.000Z ##

DHS Confirms HSIN Breach: Inside the Hack That Hit America’s Homeland Security Coordination Platform Weeks Before the World Cup Final

DHS confirms a breach of HSIN, its SharePoint-linked intelligence network. Technical analysis of CVE-2026-45659, World Cup exposure, and the 2023 precedent

thecybersecguru.com/news/hsin-

##

thecybermind@infosec.exchange at 2026-07-02T12:34:21.000Z ##

C-Suite Alert: CVE-2026-45659 is actively exploited. CISA BOD 26-04 mandates immediate action. Is your organization compliant? My executive briefing provides the risk assessment and strategic roadmap to secure your SharePoint assets and mitigate enterprise liability. thecybermind.co/x3h5
#Governance #InfoSec #SharePoint

##

DailyCyberSecurity@infosec.exchange at 2026-07-02T02:29:31.000Z ##

CISA flags an actively exploited SharePoint vulnerability (CVE-2026-45659) enabling remote code execution. Patch SharePoint Server 2016 now.

#SharePoint #Microsoft #CVE202645659 #CISAKEV #RCE #ExploitedInTheWild #Vulnerability

securityonline.info/sharepoint

##

secdb@infosec.exchange at 2026-07-01T21:02:16.000Z ##

🚨 [CISA-2026:0701] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-45659 (secdb.nttzen.cloud/cve/detail/)
- Name: Microsoft SharePoint Server Deserialization of Untrusted Data Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: SharePoint Server
- Notes: msrc.microsoft.com/update-guid ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260701 #cisa20260701 #cve_2026_45659 #cve202645659

##

cisakevtracker@mastodon.social at 2026-07-01T20:00:51.000Z ##

CVE ID: CVE-2026-45659
Vendor: Microsoft
Product: SharePoint Server
Date Added: 2026-07-01
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-44935
(9.9 CRITICAL)

EPSS: 0.57%

updated 2026-07-01T20:45:42

1 posts

### Impact A vulnerability in Fleet for Rancher Manager affects multi-tenancy environments where different tenants share the same downstream clusters (e.g., different privileged or untrusted teams inside the same organization). On unpatched versions, tenants could bypass restrictions to access any config map or secret across all namespaces on the downstream cluster. They can create cluster-wide

thehackerwire@mastodon.social at 2026-07-02T18:00:13.000Z ##

🔴 CVE-2026-44935 - Critical (9.9)

Missing validation of "valuesFrom" references in Helm Deployer of SUSE Rancher Fleet 0.15 before 0.15.2, 0.14 before 0.14.6, 0.13 before 0.13.11 and 0.12 before 0.12.15 could be used by owners of one tenant to access fleet credentials of other ten...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-10539
(9.0 CRITICAL)

EPSS: 0.24%

updated 2026-07-01T19:59:44.537000

1 posts

A Control-M/Server communication command does not sufficiently filter or sanitize user-supplied input. Under certain conditions, this issue may allow an unauthenticated attacker to execute unauthorized commands on the affected server, potentially leading to compromise of the server.  This vulnerability affects Control-M/Server versions 9.0.20.x to 9.0.21.200 (included) and potentially earlier u

offseq@infosec.exchange at 2026-07-01T09:00:27.000Z ##

CVE-2026-10539: CRITICAL auth bypass in BMC Control-M/Server (v9.0.20 – 9.0.21.200). Unauthenticated attackers can execute commands. Patch status unconfirmed — monitor vendor. radar.offseq.com/threat/cve-20 #OffSeq #CVE202610539 #infosec #vuln

##

CVE-2026-20191
(7.5 HIGH)

EPSS: 0.76%

updated 2026-07-01T18:31:59

1 posts

A vulnerability in Cisco Catalyst Center could allow an unauthenticated, remote attacker to read arbitrary files from a restricted container.&nbsp; This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending a crafted HTTP request to an affected device. A successful exploit could allow the attacker to read arbitrary files fr

DailyCyberSecurity@infosec.exchange at 2026-07-02T02:03:03.000Z ##

Cisco fixes a Cisco Catalyst Center vulnerability (CVE-2026-20191, CVSS 7.5) and seven ClamAV vulnerabilities causing DoS in Secure Endpoint Connectors.

#Cisco #CatalystCenter #ClamAV #CVE202620191 #CyberSecurity

securityonline.info/cisco-cata

##

CVE-2025-23351
(9.0 None)

EPSS: 0.27%

updated 2026-07-01T18:31:55

2 posts

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device.

DailyCyberSecurity@infosec.exchange at 2026-07-01T17:03:47.000Z ##

Recent NVIDIA security updates address critical vulnerabilities, including CVE-2025-23351. Apply patches to secure your ConnectX and BlueField devices.

#NVIDIA #CyberSecurity #Vulnerability #CVE #InfoSec

securityonline.info/nvidia-sec

##

AAKL@infosec.exchange at 2026-06-30T16:30:24.000Z ##

Broadcom has a long list of advisories for a bunch of vulnerabilities, included critical and high-severity holes support.broadcom.com/web/ecx/s

CISA:

Several industrial vulnerabilities have been added cisa.gov/

Cisco:

Econolite has been tagged for zero-day reports talosintelligence.com/vulnerab @TalosSecurity

Dell:

- CRITICAL: Security Update for Dell Encryption for Multiple libexpat Vulnerabilities dell.com/support/kbdoc/en-us/0

Two others:

- dell.com/support/kbdoc/en-us/0

- dell.com/support/kbdoc/en-us/0

Nvidia:

There are several advisories today, three of them critical:

CRITICAL:

- CVE-2026-24270: NVIDIA AIStore Framework - June 2026 nvidia.custhelp.com/app/answer

- CVE-2025-23351, CVE-2025-23350: NVIDIA Networking BlueField and ConnectX - June 2026 nvidia.custhelp.com/app/answer

- NVIDIA Megatron Bridge - June 2026, affecting multiple CVEs nvidia.custhelp.com/app/answer

More: nvidia.com/en-us/product-secur

Yesterday:

Apple:

Several security updates: support.apple.com/en-us/100100 #infosec #vulnerability #Apple #Nvidia #Dell #Cisco #CISA #Broadcom

##

CVE-2025-23350
(9.0 None)

EPSS: 0.27%

updated 2026-07-01T18:31:55

1 posts

NVIDIA ConnectX and BlueField contain a vulnerability in the command interface where a local user with virtual function (VF) access may cause a write out of bounds by crafted input. A successful exploit of this vulnerability may lead to arbitrary code execution on the device.

AAKL@infosec.exchange at 2026-06-30T16:30:24.000Z ##

Broadcom has a long list of advisories for a bunch of vulnerabilities, included critical and high-severity holes support.broadcom.com/web/ecx/s

CISA:

Several industrial vulnerabilities have been added cisa.gov/

Cisco:

Econolite has been tagged for zero-day reports talosintelligence.com/vulnerab @TalosSecurity

Dell:

- CRITICAL: Security Update for Dell Encryption for Multiple libexpat Vulnerabilities dell.com/support/kbdoc/en-us/0

Two others:

- dell.com/support/kbdoc/en-us/0

- dell.com/support/kbdoc/en-us/0

Nvidia:

There are several advisories today, three of them critical:

CRITICAL:

- CVE-2026-24270: NVIDIA AIStore Framework - June 2026 nvidia.custhelp.com/app/answer

- CVE-2025-23351, CVE-2025-23350: NVIDIA Networking BlueField and ConnectX - June 2026 nvidia.custhelp.com/app/answer

- NVIDIA Megatron Bridge - June 2026, affecting multiple CVEs nvidia.custhelp.com/app/answer

More: nvidia.com/en-us/product-secur

Yesterday:

Apple:

Several security updates: support.apple.com/en-us/100100 #infosec #vulnerability #Apple #Nvidia #Dell #Cisco #CISA #Broadcom

##

CVE-2026-24270
(9.8 CRITICAL)

EPSS: 0.84%

updated 2026-07-01T18:31:55

1 posts

NVIDIA AIStore framework contains a vulnerability where an attacker could bypass authentication. A successful exploit of this vulnerability might lead to denial of service, escalation of privileges, information disclosure, and data tampering.

AAKL@infosec.exchange at 2026-06-30T16:30:24.000Z ##

Broadcom has a long list of advisories for a bunch of vulnerabilities, included critical and high-severity holes support.broadcom.com/web/ecx/s

CISA:

Several industrial vulnerabilities have been added cisa.gov/

Cisco:

Econolite has been tagged for zero-day reports talosintelligence.com/vulnerab @TalosSecurity

Dell:

- CRITICAL: Security Update for Dell Encryption for Multiple libexpat Vulnerabilities dell.com/support/kbdoc/en-us/0

Two others:

- dell.com/support/kbdoc/en-us/0

- dell.com/support/kbdoc/en-us/0

Nvidia:

There are several advisories today, three of them critical:

CRITICAL:

- CVE-2026-24270: NVIDIA AIStore Framework - June 2026 nvidia.custhelp.com/app/answer

- CVE-2025-23351, CVE-2025-23350: NVIDIA Networking BlueField and ConnectX - June 2026 nvidia.custhelp.com/app/answer

- NVIDIA Megatron Bridge - June 2026, affecting multiple CVEs nvidia.custhelp.com/app/answer

More: nvidia.com/en-us/product-secur

Yesterday:

Apple:

Several security updates: support.apple.com/en-us/100100 #infosec #vulnerability #Apple #Nvidia #Dell #Cisco #CISA #Broadcom

##

CVE-2026-13775
(9.8 CRITICAL)

EPSS: 0.31%

updated 2026-07-01T18:31:27

1 posts

Use after free in GPU in Google Chrome prior to 150.0.7871.47 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. (Chromium security severity: Critical)

hrbrmstr@rud.is at 2026-07-02T16:56:15.000Z ##

Unjamming the Chrome Releases Blog

For the second time in a row, a post by cr0w on Mastodon regarding the Chrome release blog appearing to not render anything resulted in me firing up lynx to show a sub-second load and render, then finally doing something a bit more tangible about the situation.

The 81-Second Wall

The Google Blogger pages load an ancient copy of jQuery (1.11.3, from 2015) synchronously in the <head>, alongside a 53KB widgets.js Blogger framework. Then, posts like this one — https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html — stuff 433 CVE entries into the DOM — 670KB of HTML, 5,045 nodes. The Blogger WidgetManager processes all of that against the DOM using jQuery’s notoriously slow selector engine, and the main thread stays locked for 81 seconds. Nothing else runs. Not even the HTTP request for the DoubleClick tracking pixel queued behind it (because ofc there’s a DoubleClick tracking pixel).

The Safari Navigation Timing API numbers make it embarrassingly concrete:

  • responseEnd: 143ms
  • domInteractive: 231ms
  • domContentLoaded: 81,280ms

That’s 81 seconds between “DOM is ready” and “page is loaded.” All burning prescious CPU cycles with zero network activity during that window.

Why This Matters (Again)

This is the second time I’ve felt compelled to dig into this particular mess. The Chrome Releases page is a real/tangible operational resource — security teams, vulnerability managers, and researchers (somewhat, at least) depend on it for CVE data. When it’s broken, it creates a bottleneck for people who have real jobs to do.

The 433 CVE entries choking the page are exactly what people came to read. But they’re baked into the HTML as rendered text, not exposed as structured data anywhere. So even when the page eventually loads, you’re still scraping HTML to get at anything useful.

unjam

unjam solves that problem. It’s a small CLI that connects to a Blogger page and extracts structured data — both the widget configuration from the _WidgetManager._SetDataContext inline script and the CVE entries from Chrome Release posts — without touching a browser at all.

It’s a single Deno binary for macOS, Linux, and Windows. No dependencies, no configuration overhead, just download and run:

unjam --cve https://chromereleases.googleblog.com/2026/06/stable-channel-update-for-desktop_0175352312.html
[
  {
    "issueId": "506558270",
    "issueUrl": "https://issues.chromium.org/issues/506558270",
    "severity": "Critical",
    "cveId": "CVE-2026-13774",
    "description": "Use after free in Extensions.",
    "reporter": "Google",
    "reportedOn": "2026-04-26"
  },
  {
    "issueId": "511766407",
    "issueUrl": "https://issues.chromium.org/issues/511766407",
    "severity": "Critical",
    "cveId": "CVE-2026-13775",
    "description": "Use after free in GPU.",
    "reporter": "Google",
    "reportedOn": "2026-05-10"
  },
  …
]

Getting CVE data from one of these posts used to mean waiting 81 seconds for a browser tab to finish wrestling with jQuery, then hand-scraping HTML. Now it takes about a second and returns clean JSON. The --cve flag parses each entry into structured fields — CVE ID, severity, description, issue tracker URL, reporter, and date reported — ready to pipe into jq, load into a database, or feed into whatever vulnerability management pipeline you’re running.

The tool also handles the general case: any Blogger page carrying the _WidgetManager._SetDataContext inline script can be unwedged with the default mode, which converts the JavaScript object literal into proper JSON. That turned out to be useful enough to bake in as default functionality.

The project’s at https://git.sr.ht/~hrbrmstr/unjam and has pre-built binaries for popular platforms.

I don’t expect this page to stay broken forever…I mean, someone at Google will eventually update the template (right, Anakin? right? Anakin?), and may even quietly drop the DoubleClick pixel (LOL) — but until then, unjam fills the gap cleanly.

##

CVE-2026-8451
(7.5 HIGH)

EPSS: 0.50%

updated 2026-07-01T18:31:24

8 posts

Insufficient input validation in NetScaler ADC and NetScaler Gateway leading to memory overread if NetScaler ADC or NetScaler Gateway is configured as a SAML IDP

4 repos

https://github.com/0xBlackash/CVE-2026-8451

https://github.com/watchtowrlabs/watchTowr-vs-Netscaler-CVE-2026-8451

https://github.com/derekpreston81/CVE_ADC_IOC_2026

https://github.com/attarwahyup/Netscaler-CVE-2026-8451

netsecio@mastodon.social at 2026-07-03T14:12:49.000Z ##

📰 CitrixBleed-Like Flaw (CVE-2026-8451) Exploited Within 24 Hours

New CitrixBleed-like flaw CVE-2026-8451 in NetScaler is being exploited in the wild less than 24 hours after disclosure! The bug can leak sensitive memory. Patch and terminate all sessions NOW. 🚨 #Citrix #NetScaler #CyberSecurity #CVE

🌐 cyber[.]netsecops[.]io

🔗 cyber.netsecops.io/articles/ne

##

DailyCyberSecurity@infosec.exchange at 2026-07-02T17:12:43.000Z ##

Citrix NetScaler vulnerability CVE-2026-8451 is exploited in the wild after a public PoC exposed a pre-auth memory overread. Patch now.

#Citrix #NetScaler #CVE20268451 #CitrixBleed #CyberSecurity

securityonline.info/citrix-net

##

centaury@infosec.exchange at 2026-07-02T12:14:14.000Z ##

CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) labs.watchtowr.com/citrixbleed #bot #cybersecurity #infosec

##

campuscodi@mastodon.social at 2026-07-02T11:26:01.000Z ##

Citrix has patched a series of bugs this week, including another CitrixBleed-like vulnerability that can allow remote attackers to leak a device's memory and find goodies inside, such as auth or config data.

This impacts NetScaler ADC devices.

labs.watchtowr.com/citrixbleed

support.citrix.com/support-hom

##

DarkWebInformer@infosec.exchange at 2026-07-02T00:22:35.000Z ##

‼️ CVE-2026-8451: Citrix Netscaler overread Detection Artifact Generator Tool

GitHub: github.com/watchtowrlabs/watch

Full writeup: labs.watchtowr.com/citrixbleed

CVE-2026-8451 is a NetScaler ADC and NetScaler Gateway memory overread flaw caused by insufficient input validation, affecting appliances configured as a SAML Identity Provider.

The risk is sensitive memory disclosure, with researchers showing NetScaler can be tricked into returning process memory that should never leave the appliance.

##

GossiTheDog@cyberplace.social at 2026-06-30T21:20:37.000Z ##

mum: what impact did you have on the cybersecurity industry?

me: LOGOS

if you have SAML IDP enabled on Netscaler, you want to patch CVE-2026-8451 labs.watchtowr.com/citrixbleed

This is already being exploited in the wild, one of my honeypots got MFA bypassed with it.

Edit: actually looking at it it looks like the honeypot got owned via a different vuln but you should probably patch this too.

##

_r_netsec@infosec.exchange at 2026-06-30T19:43:05.000Z ##

CitrixBleed To Infinity And Beyond (Citrix NetScaler Pre-Auth Memory Overread CVE-2026-8451) - watchTowr Labs labs.watchtowr.com/citrixbleed

##

DailyCyberSecurity@infosec.exchange at 2026-06-30T16:59:12.000Z ##

Six NetScaler vulnerabilities allow denial of service, memory overreads, and an unauthenticated file read. Patch NetScaler ADC and Gateway now.

#NetScaler #NetScalerADC #NetScalerGateway #Citrix #CVE20268451 #DenialOfService #Vulnerability

securityonline.info/netscaler-

##

CVE-2026-50003
(9.8 CRITICAL)

EPSS: 0.43%

updated 2026-07-01T18:17:31.553000

2 posts

A malicious or compromised server can make a DCMTK client using bit-preserving C-GET storage mode write files outside the chosen output directory, using both relative (../) paths and absolute paths.

CVE-2026-50110
(9.2 CRITICAL)

EPSS: 0.13%

updated 2026-07-01T18:17:31.553000

1 posts

Storage Concentrator (SC & SCVM) contains hardcoded credentials for numerous internal services embedded within a configuration file. While the credentials are stored in an encoded format, the encoding can be reversed to plaintext. The exposed credentials span a broad range of internal services, including database accounts, licensing, replication services, and third-party integrations, meaning succ

offseq@infosec.exchange at 2026-07-01T00:00:36.000Z ##

StoneFly Storage Concentrator (SC & SCVM) faces a CRITICAL vulnerability (CVE-2026-50110): hardcoded, encoded credentials allow potential access to databases & internal services. No patch yet — restrict config file access, increase monitoring. radar.offseq.com/threat/cve-20 #OffSeq #CVE #infosec

##

CVE-2026-54399
(7.5 HIGH)

EPSS: 0.41%

updated 2026-07-01T18:16:34.317000

1 posts

Uncontrolled Resource Consumption vulnerability in the HTTP/1.1 message parser in Apache HttpComponents Core (5.4.2 and earlier, 5.5-beta1 and earlier) allows an remote attacker to cause a denial of service through memory exhaustion by sending messages with excessive number of headers / excessive header length

DailyCyberSecurity@infosec.exchange at 2026-07-02T16:12:17.000Z ##

Apache HttpComponents Core vulnerabilities CVE-2026-54399 and CVE-2026-54428 allow remote denial of service through memory exhaustion. Upgrade now.

#Apache #HttpComponents #DoS #CVE202654399 #CyberSecurity

securityonline.info/apache-htt

##

CVE-2026-48276
(10.0 CRITICAL)

EPSS: 0.92%

updated 2026-07-01T18:16:32.993000

1 posts

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Unrestricted Upload of File with Dangerous Type vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

offseq@infosec.exchange at 2026-07-01T12:00:32.000Z ##

CRITICAL vulnerabilities patched in Adobe ColdFusion (2025/2023) & Campaign Classic (7.4.3 build 9397). Multiple CVSS 10.0 flaws incl. CVE-2026-48286, CVE-2026-48276 – 83. No active exploits, but patch ASAP. radar.offseq.com/threat/adobe- #OffSeq #Adobe #ColdFusion #Vuln

##

CVE-2025-15666
(5.3 MEDIUM)

EPSS: 0.12%

updated 2026-07-01T15:16:23.077000

3 posts

A security vulnerability has been detected in Open Asset Import Library Assimp up to 5.4.3. Affected by this vulnerability is the function Assimp::SceneCombiner::Copy of the file code/Common/SceneCombiner.cpp of the component Model File Handler. Such manipulation of the argument width/height leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed

aud@fire.asta.lgbt at 2026-07-04T04:04:14.432Z ##

@Andres4NY@social.ridetrans.it https://nvd.nist.gov/vuln/detail/CVE-2025-15666

Congrats to anyone who ever wondered if ‘ass imp’ would show up on a .gov site, I guess.

##

Andres4NY@social.ridetrans.it at 2026-07-04T02:13:51.000Z ##

@aud *stares in CVE-2025-15666*

##

Andres4NY@social.ridetrans.it at 2026-07-04T02:13:51.000Z ##

@aud *stares in CVE-2025-15666*

##

CVE-2026-41991
(4.7 MEDIUM)

EPSS: 0.10%

updated 2026-07-01T14:02:24.450000

1 posts

GNU gzip contains a vulnerability in the gzexe utility related to insecure temporary file handling. When the mktemp utility is not available in the user’s PATH, gzexe falls back to constructing a temporary file path based solely on the process ID (PID). This predictable filename is created without exclusive access or existence checks. A local attacker can pre‑create the predicted temporary file pa

DailyCyberSecurity@infosec.exchange at 2026-07-02T08:20:24.000Z ##

A GNU gzip vulnerability (CVE-2026-41991) lets a local attacker overwrite files through a gzexe symlink attack. Update to the patched gzip release now.

#GNUgzip #gzip #CVE202641991 #CVE202641992 #gzexe #LinuxSecurity #Vulnerability

securityonline.info/gnu-gzip-v

##

CVE-2026-6070
(9.1 CRITICAL)

EPSS: 0.41%

updated 2026-07-01T13:56:17.493000

1 posts

The WP-BusinessDirectory plugin for WordPress is vulnerable to Unauthenticated Arbitrary File Deletion in versions up to and including 4.0.1. This is due to insufficient path validation in the remove() method of the JBusinessDirectoryControllerUpload class. The task=upload.remove endpoint is accessible without authentication via the plugin's frontend routing system. The _filename parameter is acce

offseq@infosec.exchange at 2026-07-01T06:00:25.000Z ##

CVE-2026-6070: WP-BusinessDirectory plugin (≤4.0.1) has a CRITICAL unauthenticated file deletion flaw (CVSS 9.1). Attackers can delete wp-config.php via path traversal. Restrict endpoint & monitor logs until patched. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #CVE20266070 #infosec

##

CVE-2026-11387
(9.8 CRITICAL)

EPSS: 0.38%

updated 2026-07-01T09:30:33

1 posts

The SMS Alert – SMS & OTP for WooCommerce, Order Notifications & Abandoned Cart Recovery plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.9.5. This is due to the plugin not properly validating a user's identity prior to updating their details like reset the password of any user account, including administrators, and gain full a

1 repos

https://github.com/1beelze/CVE-2026-11387

offseq@infosec.exchange at 2026-07-01T10:30:33.000Z ##

CVE-2026-11387 | SMS Alert – SMS & OTP for WooCommerce <=3.9.5 has a CRITICAL auth flaw (CVSS 9.8): Unauth attackers can take over any WP account if OTP resets & phone numbers are enabled. Disable OTP resets ASAP. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Infosec

##

CVE-2026-7840
(9.8 CRITICAL)

EPSS: 1.20%

updated 2026-07-01T06:31:41

1 posts

UltraVNC repeater through 1.8.2.2 contains a global buffer overflow in its embedded HTTP administration server. The functions wi_senderr() and wi_replyhdr() in repeater/webgui/webutils.c write the caller-supplied HTTP request URI into a fixed 1000-byte global buffer (hdrbuf) via unchecked sprintf calls. The HTTP receive buffer accepts URIs up to approximately 150 KB (WI_RXBUFSIZE = 153600), so an

CVE-2026-55200
(8.1 HIGH)

EPSS: 0.73%

updated 2026-07-01T05:16:22.513000

5 posts

libssh2 through 1.11.1, fixed in commit 7acf3df contains an out-of-bounds write vulnerability in ssh2_transport_read() that fails to enforce upper bounds on packet_length field. Remote attackers can send crafted SSH packets with excessively large packet_length values to corrupt heap memory and achieve remote code execution.

3 repos

https://github.com/xd20111/CVE-2026-55200

https://github.com/kaleth4/CVE-2026-55200

https://github.com/0xBlackash/CVE-2026-55200

harrysintonen@infosec.exchange at 2026-06-30T20:29:19.000Z ##

No, the libssh2 vulnerability CVE-2026-55200 isn't end of the world.

1. You need to defeat ASLR to successfully exploit it. The PoC works only when you disable ASLR. In most realistic use cases you need additional off-band infoleak from the app using libssh2.
2. You also must somehow convince the victim to connect to your malicious server, OR compromise some existing server to perform the attack.

Calling this a "CRITICAL VULNERABILITY" is dumb.

##

eslerm@cyberplace.social at 2026-06-30T19:05:23.000Z ##

@bascule libssh2 was the most concerning dependency needed to add cargo to Ubuntu main (lp#1991650).

In 2018 @chrisccoulson reported CVE-2019-3855 through -3863. CVE-2019-3855 is the same bug as today's: a server-controlled packet_length with no upper bound, overflowing the transport read. 1.8.1 added a bounds check. CVE-2026-55200 is the same check missing 7 years later, on the chacha20-poly1305 path. That path is post-KEX, so at least host-key verification gates it (unlike 3855).

##

nemo@mas.to at 2026-06-30T08:34:42.000Z ##

🚨 Critical update: A proof-of-concept exploit has been released for a libssh2 vulnerability (CVE-2026-55200, CVSS 9.8). Attackers can abuse oversized SSH “packet_length” to corrupt heap memory. 📌 Patch status varies—check updates now: heise.de/en/news/Critical-libs #CyberSecurity #Vulnerability #libssh2 #CVE

##

nemo@mas.to at 2026-06-30T08:31:54.000Z ##

🚨 Kritische libssh2-Lücke: Ein Proof-of-Concept-Exploit wurde veröffentlicht. Ursache: fehlende Begrenzung von „packet_length“ in ssh2_transport_read()—Angreifer können manipulierte SSH-Pakete senden und Speicher auf dem Heap durcheinanderbringen (CVE-2026-55200, CVSS 9.8). Update prüfen: heise.de/news/Kritische-libssh 🔐 #CyberSecurity #Vulnerability #CVE #SSH #libssh2

##

sambowne@infosec.exchange at 2026-06-30T00:49:53.000Z ##

Public PoC Released for Critical libssh2 CVE-2026-55200 Client-Side SSH Flaw thehackernews.com/2026/06/publ

##

CVE-2026-10109
(9.8 CRITICAL)

EPSS: 0.86%

updated 2026-06-30T21:31:44

1 posts

IBM Db2 11.5.0 through 11.5.9, and 12.1.0 through 12.1.4 is vulnerable to remote code execution due to improper pre-auth DRDA handshake handling.

DailyCyberSecurity@infosec.exchange at 2026-07-02T02:40:40.000Z ##

A critical IBM Db2 RCE flaw (CVE-2026-10109) allows pre-auth code execution. IBM patched it plus two other Db2 bugs. Update 11.5 and 12.1 now.

securityonline.info/ibm-db2-rc

##

CVE-2026-12243
(7.5 HIGH)

EPSS: 0.51%

updated 2026-06-30T20:10:25.837000

1 posts

NLTK version 3.9.4 is vulnerable to a path traversal attack due to an incomplete fix for GitHub Issue #3504. The `_UNSAFE_NO_PROTOCOL_RE` regex in `nltk/data.py` checks for literal `../` sequences but fails to account for percent-encoded traversal sequences such as `..%2f`. The `url2pathname()` function decodes these sequences after the validation step, allowing an attacker to bypass the protectio

offseq@infosec.exchange at 2026-06-30T01:30:26.000Z ##

CVE-2026-12243: NLTK 3.9.4 suffers from a HIGH severity path traversal bug — percent-encoded sequences like ..%2f bypass directory checks, allowing arbitrary file reads in NLP apps/Jupyter/CLI. Audit usages & restrict resource loading. radar.offseq.com/threat/cve-20 #OffSeq #NLTK #Python

##

CVE-2026-48282
(10.0 CRITICAL)

EPSS: 1.02%

updated 2026-06-30T18:31:42

1 posts

ColdFusion versions 2025.9, 2023.20 and earlier are affected by an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability that could lead to arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

DailyCyberSecurity@infosec.exchange at 2026-07-03T04:10:03.000Z ##

A critical CVSS 10 ColdFusion arbitrary code execution flaw (CVE-2026-48282) is actively exploited in the wild. Update immediately to prevent attacks.

#ColdFusion #CVE202648282 #CyberSecurity #Vulnerability #Infosec

securityonline.info/coldfusion

##

CVE-2026-48286
(10.0 CRITICAL)

EPSS: 0.71%

updated 2026-06-30T18:31:37

1 posts

Adobe Campaign Classic (ACC) versions 7.4.3 build 9396 and earlier are affected by an Incorrect Authorization vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction. Scope is changed.

offseq@infosec.exchange at 2026-07-01T12:00:32.000Z ##

CRITICAL vulnerabilities patched in Adobe ColdFusion (2025/2023) & Campaign Classic (7.4.3 build 9397). Multiple CVSS 10.0 flaws incl. CVE-2026-48286, CVE-2026-48276 – 83. No active exploits, but patch ASAP. radar.offseq.com/threat/adobe- #OffSeq #Adobe #ColdFusion #Vuln

##

CVE-2026-50566
(9.9 CRITICAL)

EPSS: 0.29%

updated 2026-06-30T18:20:39

1 posts

### Summary A follow-up bypass of the round-4 PodSpec hardening (GHSA-gx55-f84r-v3r7, GHSA-wmgg-3p4h-48x7, GHSA-v455-mv2v-5g92). Those advisories validate and sanitize the `PodSpec` (`spec.runtime.podSpec` / `spec.builder.podSpec` / `function.spec.podSpec`), but the Environment CRD also exposes `spec.runtime.container` and `spec.builder.container` — a standalone `Container` merged into the runtim

offseq@infosec.exchange at 2026-07-01T03:00:25.000Z ##

CVE-2026-50566 (CRITICAL): Fission <1.24.0 allows SecurityContext bypass, letting attackers with Environment CRD access create privileged pods — risking container escape & cluster takeover. Patch to 1.24.0 & tighten RBAC. radar.offseq.com/threat/ghsa-m #OffSeq #Kubernetes #InfoSec

##

CVE-2026-50564
(9.9 CRITICAL)

EPSS: 0.27%

updated 2026-06-30T18:19:33

1 posts

### Summary Fission's `Environment` CRD exposes `spec.runtime.podSpec` and `spec.builder.podSpec`, which are merged into the Kubernetes pod specs for runtime and builder pods. The merge logic propagated `hostNetwork`, `hostPID`, `hostIPC`, container `privileged`, and `serviceAccountName` from the user-supplied podspec with no filtering, and `Environment.Validate` performed no security-relevant c

offseq@infosec.exchange at 2026-07-01T04:30:28.000Z ##

CVE-2026-50564 (CRITICAL): Fission <1.24.0 lets CRD users deploy privileged pods via unfiltered podSpec, leading to node escape & full compromise. Patch to v1.24.0. Restrict permissions if upgrade not possible. radar.offseq.com/threat/ghsa-g #OffSeq #Kubernetes #CVE202650564 #CloudSec

##

CVE-2026-54475
(7.5 HIGH)

EPSS: 0.59%

updated 2026-06-30T15:30:45

1 posts

Missing Authorization vulnerability in Apache ActiveMQ Broker, Apache ActiveMQ All, Apache ActiveMQ. Apache ActiveMQ Classic temporary destinations are expected to be isolated to the connection that created them. The isolation can be broken as this is only checked in the client, allowing a different connection to consume from another connection's temporary destination. This issue affects Apache A

CVE-2026-8037
(9.6 CRITICAL)

EPSS: 29.64%

updated 2026-06-30T15:30:32

8 posts

OS Command Injection Remote Code Execution Vulnerability in API in Progress ADC Products allows an un-authenticated attacker to execute arbitrary commands on the LoadMaster appliance by exploiting unsanitized input in multiple command endpoints

Nuclei template

1 repos

https://github.com/HORKimhab/CVE-2026-8037

threatnoir@infosec.exchange at 2026-07-02T23:05:15.000Z ##

⚠️ CRITICAL: Progress Kemp LoadMaster Pre-Auth RCE Flaw Faces Active Exploitation Attempts

A critical pre-auth RCE vulnerability (CVE-2026-8037, CVSS 9.6) in Progress Kemp LoadMaster is actively being exploited. The flaw allows unauthenticated attackers to execute arbitrary OS commands via the /accessv2 API endpoint. Any organization running Kemp LoadMaster is at immediate risk.

threatnoir.com/focus

#infosec #cybersecurity

##

beyondmachines1@infosec.exchange at 2026-07-02T09:01:09.000Z ##

Progress Kemp LoadMaster Vulnerability Actively Exploited

Progress Software's Kemp LoadMaster is reportedly actively attacked following the release of a proof-of-concept for a remote code execution flaw (CVE-2026-8037).

**This is now urgent. Make sure all your Kemp LoadMaster appliances are updated to the latest versions immediately, because you are being hacked. If you do not require the management API for daily operations, disable it or isolate it behind a secure VPN so it is reachable only from trusted internal networks.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

DailyCyberSecurity@infosec.exchange at 2026-07-01T16:52:31.000Z ##

Kemp LoadMaster RCE Vulnerability Exploited in the Wild After Public PoC Release

#KempLoadMaster #CVE20268037 #RCE #InfoSec #CyberSecurity

securityonline.info/kemp-loadm

##

AAKL@infosec.exchange at 2026-07-01T15:10:32.000Z ##

eSentire, from yesterday: Progress Kemp LoadMaster Vulnerability Targeted (CVE-2026-8037) esentire.com/security-advisori #infosec #vulnerability

##

cyberveille@mastobot.ping.moi at 2026-07-01T10:30:21.000Z ##

📢 CVE-2026-8037 : RCE pré-authentifiée dans Progress Kemp LoadMaster via heap non initialisé
📝 ## 🔍 Contexte

Le 29 juin 2026, watchTowr Labs publie une anal...
📖 cyberveille : cyberveille.ch/posts/2026-07-0
🌐 source : labs.watchtowr.com/enterprise-
#CVE_2026_8037 #IOC #Cyberveille

##

threatnoir@infosec.exchange at 2026-06-30T22:05:45.000Z ##

⚠️ CRITICAL: Progress Kemp LoadMaster Flaw Could Let Attackers Run Root Commands Pre-Auth

Critical unauthenticated RCE in Progress Kemp LoadMaster (CVE-2026-8037) allows attackers to execute arbitrary root commands via API input sanitization bypass. A public proof-of-concept exists. All LoadMaster instances are at risk unless patched immediately.

threatnoir.com/focus

#infosec #cybersecurity

##

AAKL@infosec.exchange at 2026-06-30T16:58:59.000Z ##

WatchTower posted this yesterday, if you missed it:

Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) labs.watchtowr.com/enterprise- #infosec #vulnerability #threatresearch

##

_r_netsec@infosec.exchange at 2026-06-29T19:28:05.000Z ##

Enterprise Tech In, Shell Out (Progress Kemp LoadMaster Uninitialized Heap to Pre-Auth RCE CVE-2026-8037) - watchTowr Labs labs.watchtowr.com/enterprise-

##

CVE-2026-7656
(8.1 HIGH)

EPSS: 0.23%

updated 2026-06-30T14:22:59.490000

1 posts

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was '((length/hop/source/target checks) && (icmp_hdr-code != 0))'. Because every legitimate ND message carries ICMPv6 code 0, an a

offseq@infosec.exchange at 2026-06-30T03:00:29.000Z ##

CVE-2026-7656 (HIGH, CVSS 8.1) in Zephyr OS: Incorrect IPv6 ND logic lets attackers inject forged router/neighbor messages, risking MITM, redirection, and DoS. Patch pending. Restrict untrusted access, monitor ND. radar.offseq.com/threat/cve-20 #OffSeq #ZephyrOS #CVE20267656

##

CVE-2026-8402
(9.8 CRITICAL)

EPSS: 0.32%

updated 2026-06-30T14:12:56.833000

1 posts

Improper neutralization of special elements used in an SQL command ('SQL injection') vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. SYSGUARD 6001 allows Blind SQL Injection. This issue affects SYSGUARD 6001: from 2.0.2 before 6.1.16.0.  NOTE: The vendor was contacted and it was learned that the product is not supported.

offseq@infosec.exchange at 2026-06-30T12:00:26.000Z ##

CVE-2026-8402: Eksagate SYSGUARD 6001 (2.0.2 – <6.1.16.0) has a CRITICAL SQL injection (CVSS 9.8). Unsupported by vendor — no fix expected. Isolate or replace affected systems. radar.offseq.com/threat/cve-20 #OffSeq #CVE20268402 #SQLi #Infosec

##

CVE-2026-9711
(9.8 CRITICAL)

EPSS: 0.44%

updated 2026-06-30T14:08:13.510000

1 posts

The EventON - WordPress Virtual Event Calendar Plugin plugin for WordPress (full) is vulnerable to SQL Injection via the WordPress 'search' parameter in versions up to, and including, 5.0.11 due to insufficient escaping on the user supplied parameter and lack of preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already

offseq@infosec.exchange at 2026-06-30T10:30:28.000Z ##

CVE-2026-9711: CRITICAL SQL Injection in EventON (Pro) WordPress plugin ≤5.0.11. Unauthenticated attackers can exploit 'search' param if "Enable additional search queries" is enabled. Disable this feature until patched. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Vuln

##

CVE-2026-46529
(7.8 HIGH)

EPSS: 0.53%

updated 2026-06-30T13:18:50.817000

1 posts

Atril Document Viewer is the default document reader of the MATE desktop environment for Linux. A single-click remote code execution vulnerability in versions prior to 1.26.3 and 1.28.4 allows an attacker to achieve arbitrary code execution as the user by tricking them into clicking a link inside a malicious PDF document. The PDF can be packaged as a polyglot file that is simultaneously a valid PD

1 repos

https://github.com/N1et/CVE-2026-46529

tux@arram.senta-la.cloud at 2026-06-29T16:22:02.000Z ##

Michael Catanzaro: Single-Click Code Execution Exploit for Evince, Atril, and Xreader

“CVE-2026-46529 is an argument injection vulnerability in Evince, Atril, and Xreader caused by missing shell quoting when composing a command line. The reporter, João Medeiros, has published a GitHub repo for the CVE and a blog post with the story of how he discovered the flaw and developed the exploit. (…)”

#RSSBridge via Planet GNOME

blogs.gnome.org/mcatanzaro/202

##

CVE-2026-48558
(10.0 CRITICAL)

EPSS: 1.16%

updated 2026-06-30T13:03:11.437000

6 posts

SimpleHelp versions 5.5.15 and prior and 6.0 pre-release versions contain an authentication bypass vulnerability in the OIDC authentication flow. When OIDC authentication is configured, identity tokens submitted during login are accepted without verifying their cryptographic signature. In a vulnerable configuration, a remote, unauthenticated attacker can submit a forged token containing arbitrary

1 repos

https://github.com/J4ck3LSyN-Gen2/CVE-2026-48558

AAKL@infosec.exchange at 2026-06-30T15:48:23.000Z ##

This is tracked as CVE-2026-48558.

Blackpoint, published yesterday: A Djinn in the Machine: TaskWeaver’s Node.js Intrusion Chain blackpointcyber.com/blog/a-dji

More:

Infosecurity-Magazine: Critical SimpleHelp Vulnerability Exploited For Malware Delivery infosecurity-magazine.com/news #infosec #vulnerability #JavaScript #malware

##

thecybermind@infosec.exchange at 2026-06-30T05:54:34.000Z ##

🚨 EXECUTIVE ALERT: CISA has added CVE-2026-48558 (SimpleHelp Bypass) to the KEV matrix. This is a critical governance emergency exposing entire client supply chains to hijacking. Protect your enterprise assets now. Full C-SUITE risk management directives are live: thecybermind.co/jily

##

thecybermind@infosec.exchange at 2026-06-30T03:39:53.000Z ##

🚨 CRITICAL RMM ALERT: CISA has added CVE-2026-48558 (SimpleHelp Admin Bypass) to the KEV matrix. Attackers are forging tokens to hijack environments. Lock down your perimeter. Full T-SUITE forensic detection logs, n8n playbooks, and mitigation scripts are live: thecybermind.co/jily

##

DailyCyberSecurity@infosec.exchange at 2026-06-30T01:44:24.000Z ##

CVE-2026-48558, a SimpleHelp authentication bypass, is exploited in the wild to deploy TaskWeaver and Djinn Stealer. CISA added it to KEV. Patch now.

#SimpleHelp #CVE202648558 #InfoStealer #RMMSecurity #ExploitedInTheWild #CyberSecurity

securityonline.info/simplehelp

##

secdb@infosec.exchange at 2026-06-29T21:01:57.000Z ##

🚨 [CISA-2026:0629] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-48558 (secdb.nttzen.cloud/cve/detail/)
- Name: SimpleHelp Authentication Bypass Vulnerability
- Action: Apply mitigations in accordance with vendor instructions, ensuring compliance with CISA’s BOD 26-04 Prioritizing Security Updates Based on Risk (see URL in Notes) guidance and CISA’s “Forensics Triage Requirements” (see URL in Notes). Follow applicable BOD 26-04 guidance for cloud services or discontinue use of the product if mitigations are unavailable. Stakeholders are responsible for evaluating each asset&#39;s internet exposure and ensuring adherence to BOD 26-04 patching guidelines.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: SimpleHelp
- Product: SimpleHelp
- Notes: simple-help.com/security/simpl ; BOD 26-04: cisa.gov/news-events/directive ; Forensics Triage Requirements: cisa.gov/news-events/directive ; nvd.nist.gov/vuln/detail/CVE-2

#ZEN #SecDB #InfoSec #CVE #CISA_KEV #cisa_20260629 #cisa20260629 #cve_2026_48558 #cve202648558

##

cisakevtracker@mastodon.social at 2026-06-29T20:00:51.000Z ##

CVE ID: CVE-2026-48558
Vendor: SimpleHelp
Product: SimpleHelp
Date Added: 2026-06-29
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-56137
(7.8 HIGH)

EPSS: 0.68%

updated 2026-06-30T09:31:41

1 posts

RPG MAKER MV and MZ provided by Gotcha Gotcha Games Inc. contain an OS command injection vulnerability. If a user loads a specially crafted save-file, arbitrary OS command may be executed.

hugovalters@mastodon.social at 2026-06-30T17:05:51.000Z ##

CVE-2026-56137 - OS Command Injection in RPG Maker MV/MZ. CVSS 7.8. Loading a malicious save file can execute arbitrary commands. No patch yet. Disable auto-load features. #CVE #infosec #gamedev

valtersit.com/cve/CVE-2026-561

##

CVE-2026-12818(CVSS UNKNOWN)

EPSS: 0.25%

updated 2026-06-30T09:31:41

1 posts

Delta Electronics DVP12SE PLCs are susceptible to a resource allocation vulnerability without limits or throttling (CWE-770) within their Modbus TCP service.

offseq@infosec.exchange at 2026-06-30T09:00:28.000Z ##

Delta DVP-12SE PLCs face a CRITICAL vulnerability (CVE-2026-12818, CVSS 9.3): unlimited resource allocation in Modbus TCP. No patch yet. Reduce exposure and monitor traffic to mitigate risk. radar.offseq.com/threat/cve-20 #OffSeq #ICS #PLC #Vuln

##

CVE-2026-12819(CVSS UNKNOWN)

EPSS: 0.31%

updated 2026-06-30T09:31:36

2 posts

Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticated interaction with security-sensitive PLC functions.

cR0w@infosec.exchange at 2026-06-30T13:02:22.000Z ##

I love OT shit.

nvd.nist.gov/vuln/detail/CVE-2

Delta Electronics DVP12SE PLC exposes a Modbus TCP service over a specified port without authentication or access control, permitting unauthenticated interaction with security-sensitive PLC functions.

##

offseq@infosec.exchange at 2026-06-30T07:30:23.000Z ##

CVE-2026-12819 (CRITICAL, CVSS 9.3) in deltaww DVP-12SE PLC: Modbus TCP service lacks authentication, allowing unauthenticated access to critical PLC functions. Segment networks & restrict access. radar.offseq.com/threat/cve-20 #OffSeq #ICS #Vulnerability #PLCsecurity

##

CVE-2026-12114
(4.4 MEDIUM)

EPSS: 0.21%

updated 2026-06-30T03:37:24

1 posts

The Team Members – Multi Language Supported Team Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 8.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execut

offseq@infosec.exchange at 2026-06-30T04:30:26.000Z ##

CVE-2026-12114: Stored XSS in wpmart Team Members plugin <=8.7 (WordPress). MEDIUM severity. Admins on multi-site or with unfiltered_html disabled can inject scripts. Restrict trusted admin access, monitor for patches. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #XSS

##

CVE-2025-15467
(9.8 CRITICAL)

EPSS: 47.62%

updated 2026-06-30T03:36:32

1 posts

Issue summary: Parsing CMS AuthEnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS AuthEnvelopedData structures that use AEAD ciphers such as AES-GCM, the IV (Initialization Vector) encoded in the ASN.1 para

6 repos

https://github.com/guiimoraes/CVE-2025-15467

https://github.com/materaj2/cve-2025-15467

https://github.com/mr-r3b00t/CVE-2025-15467

https://github.com/balgan/CVE-2025-15467

https://github.com/WostGit/cve-2025-15467-crash

https://github.com/x-stp/cves-2025-11187_15467_69418

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2025-61732
(8.6 HIGH)

EPSS: 0.47%

updated 2026-06-30T03:16:56.440000

1 posts

A discrepancy between how Go and C/C++ comments were parsed allowed for code smuggling into the resulting cgo binary.

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2026-13762
(9.8 CRITICAL)

EPSS: 0.44%

updated 2026-06-29T21:32:12

4 posts

Inconsistent interpretation of HTTP/2 requests in Amazon CloudFront with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that fragment the request body across frames so that only a partial body is inspected. This issue was remediated server-side. No customer action is required.

ChrisShort@hachyderm.io at 2026-07-03T18:25:11.000Z ##

CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #devopsish aws.amazon.com/security/securi

##

ChrisShort@hachyderm.io at 2026-07-03T18:25:11.000Z ##

CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #devopsish aws.amazon.com/security/securi

##

nyanbinary@infosec.exchange at 2026-06-29T20:39:54.000Z ##

CVE-2026-13762/CVE-2026-13763 are not vulnerabilities and shouldn't have been assigned CVEs, fight me

##

awssecurityfeed@infosec.exchange at 2026-06-29T20:15:01.000Z ##

CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF

Bulletin ID: 2026-048-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/29/2026 11:15 PM PDT
Description:
AWS WAF is a web application firewall that monitors the HTTP(S) requests that are forwarded...

aws.amazon.com/security/securi

#aws #security

##

CVE-2026-13763
(9.8 CRITICAL)

EPSS: 0.47%

updated 2026-06-29T21:32:12

4 posts

Inconsistent interpretation of HTTP/2 requests in AWS Application Load Balancer with AWS WAF enabled might allow remote actors to bypass AWS WAF managed rule body inspection via crafted HTTP/2 requests that fragment the request body across frames so that only a partial body is inspected. This issue only impacts HTTP/2 ALB target groups. To remediate this issue, customers should enable the "Insp

ChrisShort@hachyderm.io at 2026-07-03T18:25:11.000Z ##

CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #devopsish aws.amazon.com/security/securi

##

ChrisShort@hachyderm.io at 2026-07-03T18:25:11.000Z ##

CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF #devopsish aws.amazon.com/security/securi

##

nyanbinary@infosec.exchange at 2026-06-29T20:39:54.000Z ##

CVE-2026-13762/CVE-2026-13763 are not vulnerabilities and shouldn't have been assigned CVEs, fight me

##

awssecurityfeed@infosec.exchange at 2026-06-29T20:15:01.000Z ##

CVE-2026-13762 and CVE-2026-13763 - Issue with HTTP/2 multi-frame request body inspection in AWS WAF

Bulletin ID: 2026-048-AWS Scope: AWS Content Type: Important (requires attention) Publication Date: 06/29/2026 11:15 PM PDT
Description:
AWS WAF is a web application firewall that monitors the HTTP(S) requests that are forwarded...

aws.amazon.com/security/securi

#aws #security

##

CVE-2026-11834
(0 None)

EPSS: 0.41%

updated 2026-06-26T22:16:30.897000

1 posts

A command injection vulnerability has been identified in the DHCP option processing logic in multiple TP-Link router models, due to insufficient validation of externally supplied DHCP option data. An adjacent attacker may exploit this vulnerability by supplying crafted DHCP responses, potentially resulting in unauthorized command execution during device initialization or provisioning workflows. Th

1 repos

https://github.com/mattgsys/CVE-2026-11834

sambowne@infosec.exchange at 2026-07-01T23:33:12.000Z ##

TP-Link DHCP Option 66 Unauthenticated RCE (CVE-2026-11834) | mattg.systems mattg.systems/posts/cve-2026-1

##

CVE-2026-48769
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-06-26T19:13:19

1 posts

### Summary An arbitrary file write exists in the Incus client when a malicious image server returns a crafted `Incus-Image-Hash` header. This can lead to arbitrary command execution as root on the server. ### Details - `cmd/incusd/images.go:611-684` handles `source.type=url` by HEADing the user-supplied URL, reading `Incus-Image-Hash` and `Incus-Image-URL`, and passing them to `imageDownload(

CVE-2026-48755
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-06-26T19:03:32

1 posts

### Summary Improper validation of user-provided backup compression algorithm leads to argument injection in the constructed command line. This leads to an arbitrary file write on the host, possibly leading to arbitrary command execution. ### Details Incus validates `compression_algorithm` by parsing it into fields and checking only the first token against an allowlist: ```go fields, err := s

CVE-2026-44161
(7.2 HIGH)

EPSS: 0.00%

updated 2026-06-26T16:36:11

1 posts

The `out_http` output plugin allows the use of placeholders (such as `${tag}`) in the `endpoint` configuration parameter. It was discovered that if the placeholder value is derived from untrusted user input, an attacker can maliciously control the destination hostname of the outbound HTTP requests made by Fluentd. ### Impact This vulnerability allows for a **Server-Side Request Forgery (SSRF)** a

CVE-2026-57878
(9.8 CRITICAL)

EPSS: 0.53%

updated 2026-06-26T16:16:36.820000

1 posts

An unauthenticated stack-based buffer overflow vulnerability exists in thttpd in GeoVision GV-LPC2011 and GV-LPC2211 V1.12 and earlier. The vulnerability is caused by insufficient bounds checking when processing web request parameters in a specific request path. A remote attacker may exploit this vulnerability by sending a crafted HTTP request with overly long input, resulting in memory corruption

CVE-2026-50242
(10.0 CRITICAL)

EPSS: 0.42%

updated 2026-06-26T13:20:46.867000

1 posts

In JetBrains Hub before 2026.1.13757, 2025.3.148033, 2025.2.148048, 2025.1.148120, 2024.3.148430, 2024.2.148429 authentication bypass via direct database access leading to administrative access was possible

DailyCyberSecurity@infosec.exchange at 2026-07-02T00:40:35.000Z ##

JetBrains patched a CVSS 10 authentication bypass and two more flaws (CVE-2026-50242). Its tools reach 15M developers. Update JetBrains Hub now.

#JetBrains #AuthenticationBypass #CVE202650242 #JetBrainsHub #GoLand

securityonline.info/jetbrains-

##

CVE-2026-39955
(9.8 CRITICAL)

EPSS: 0.32%

updated 2026-06-26T05:16:27.173000

1 posts

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have pre-authentication SQL Injection via unanchored FILTER_VALIDATE_REGEXP in graph_view.php. This issue has been fixed in version 1.2.31.

DailyCyberSecurity@infosec.exchange at 2026-06-30T00:25:38.000Z ##

Cacti vulnerabilities in 1.2.30 include pre-auth SQL injection and LFI, both CVSS 9.8 (CVE-2026-39955, CVE-2026-39938). Update to 1.2.31 now.

#Cacti #SQLInjection #LFI #CVE #Cybersecurity #Infosec

securityonline.info/cacti-vuln

##

CVE-2026-39938
(9.8 CRITICAL)

EPSS: 0.44%

updated 2026-06-26T05:16:26.907000

1 posts

Cacti is an open source performance and fault management framework. Versions 1.2.30 and prior have unauthenticated LFI through graph_theme and rrdtool IPC serialization hardening. This issue has been resolved in version 1.2.31.

1 repos

https://github.com/Polosss/By-Poloss..-..CVE-2026-39938

DailyCyberSecurity@infosec.exchange at 2026-06-30T00:25:38.000Z ##

Cacti vulnerabilities in 1.2.30 include pre-auth SQL injection and LFI, both CVSS 9.8 (CVE-2026-39955, CVE-2026-39938). Update to 1.2.31 now.

#Cacti #SQLInjection #LFI #CVE #Cybersecurity #Infosec

securityonline.info/cacti-vuln

##

CVE-2026-12244
(8.8 HIGH)

EPSS: 0.30%

updated 2026-06-26T02:07:23.190000

1 posts

If NSD is configured as secondary for a zone, the primary of that zone can crash NSD with an AXFR containing a DNS message with a special crafted SVCB RR with an rdata size of 65512, that let's an (uint16_t) variable that is used to allocate space needed for the RR wrap (because total size > 65535), causing a heap overflow. The attacker can perform a controlled (RCE class) head write of up to 6550

DailyCyberSecurity@infosec.exchange at 2026-06-30T12:10:34.000Z ##

NLnet Labs patched critical NSD DNS vulnerabilities, including CVE-2026-12244. Update now to protect your multi-tenant secondary DNS deployments.

#NSDDNS #CyberSecurity #Vulnerability #CVE202612244

securityonline.info/nsd-dns-vu

##

CVE-2026-20230
(8.6 HIGH)

EPSS: 41.69%

updated 2026-06-25T21:31:23

4 posts

A vulnerability in Cisco Unified Communications Manager (Unified CM) and Cisco Unified Communications Manager Session Management Edition (Unified CM SME) could allow an unauthenticated, remote attacker to conduct server-side request forgery (SSRF) attacks through an affected device. This vulnerability is due to improper input validation for specific HTTP requests. An attacker could exploit this

3 repos

https://github.com/HORKimhab/CVE-2026-20230

https://github.com/W5M1n9/Cisco-Unified-Communications-Manager-Server-Side-Forgery-Request-Vulnerability-CVE-2026-20230

https://github.com/HalilDeniz/CVE-2026-20230-Scanner

tugatech@masto.pt at 2026-07-02T13:01:11.000Z ##

Cisco confirma exploração ativa de vulnerabilidade nos sistemas Unified CM. A empresa confirmou que agentes maliciosos estão a explorar a vulnerabilidade CVE-2026-20230, que permite ataques de falsificação de pedidos do lado do servidor. 🚨

🔗 tugatech.com.pt/t86670-cisco-c

#nos #vulnerabilidade 

##

AAKL@infosec.exchange at 2026-07-01T15:41:51.000Z ##

New Cisco advisory relating to a June 3 critical vulnerability:

CVE-2026-20230: Cisco Unified Communications Manager Server-Side Request Forgery Vulnerability sec.cloudapps.cisco.com/securi @TalosSecurity #vulnerability #Cisco

##

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

netsecio@mastodon.social at 2026-06-29T17:06:08.000Z ##

📰 Attackers Actively Exploit Critical Cisco Unified CM Flaw to Deploy Webshells

⚠️ ACTIVE EXPLOITATION: A critical SSRF flaw in Cisco Unified CM (CVE-2026-20230) is being used to drop webshells. Attackers are scanning from Tor. Disable the WebDialer service or patch immediately! #Cisco #CyberAttack #Infosec #SSRF

🌐 cyber[.]netsecops[.]io

🔗 cyber.netsecops.io/articles/ac

##

CVE-2026-54588
(9.6 CRITICAL)

EPSS: 0.31%

updated 2026-06-25T20:18:11.603000

1 posts

Poweradmin is a web-based DNS administration tool for PowerDNS server. Versions prior to 4.2.4 and 4.3.3 use the attacker-controlled `HTTP_HOST` request header as the authoritative source for building callback URLs in its OIDC, SAML, and logout authentication flows without any validation. An unauthenticated attacker can poison the `redirect_uri` sent to the Identity Provider, causing the IdP to re

CVE-2026-41120
(9.8 CRITICAL)

EPSS: 0.26%

updated 2026-06-25T15:32:09

1 posts

Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Acceptance of Extraneous Untrusted Data With Trusted Data vulnerability. A low privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote Code Execution.

beyondmachines1@infosec.exchange at 2026-06-30T11:01:38.000Z ##

Dell Patches Critical Remote Code Execution Flaws in Wyse Management Suite

Dell addressed two vulnerabilities in its Wyse Management Suite, including a critical remote code execution flaw (CVE-2026-41120) that allows unauthenticated attackers to take over management servers.

**Make sure all your Wyse Management Suite servers and the thin-client devices they manage are isolated from the internet and reachable only from trusted internal networks. Then update Dell Wyse Management Suite to version 5.5 HF1 ASAP.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-45051(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-06-24T17:25:29

1 posts

## Summary **Description** A deserialization of untrusted data vulnerability (CWE-502) exists in OpenAM's WebAuthn authentication module. Under certain conditions, this may allow an attacker to achieve arbitrary code execution in the context of the application server. This affects OpenAM Community Edition through version 16.0.6 and was patched in version 16.1.1. This is not the default configur

DailyCyberSecurity@infosec.exchange at 2026-07-02T01:40:30.000Z ##

A critical OpenAM WebAuthn RCE flaw (CVE-2026-45051) allows code execution via Java deserialization. Update OpenAM to 16.1.1 to stay protected.

#OpenAM #WebAuthn #RCE #CVE202645051 #CyberSecurity #InfoSec

securityonline.info/openam-web

##

CVE-2026-35025
(8.1 HIGH)

EPSS: 0.33%

updated 2026-06-24T15:31:50

1 posts

ProFTPD through 1.3.9b and 1.3.10rc2 contains an access control bypass vulnerability that allows authenticated FTP users to circumvent Directory ACL restrictions by prefixing paths with /proc/self/root in the RNFR command handler. Attackers can exploit the unresolved symlink components in dir_canonical_path() to cause dir_check() to perform lexical path comparisons that match no configured Directo

DailyCyberSecurity@infosec.exchange at 2026-07-01T00:30:29.000Z ##

A ProFTPD ACL bypass (CVE-2026-35025, CVSS 8.6) lets logged-in FTP users reach files in restricted directories. No patch is out yet; use DefaultRoot.

#ProFTPD #CVE202635025 #ACLBypass #FTP #CyberSecurity

securityonline.info/proftpd-ac

##

CVE-2026-35019
(8.1 HIGH)

EPSS: 0.43%

updated 2026-06-23T16:16:59.460000

1 posts

NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can forge a valid encrypted session cookie using the shared hardcoded key and bypass authentication checks to

DailyCyberSecurity@infosec.exchange at 2026-07-02T01:05:36.000Z ##

A NetComm authentication bypass (CVE-2026-35019, CVSS 9.2) uses a hardcoded AES key to forge admin session cookies. Update to firmware R6B032 now.

#NetComm #RouterSecurity #CyberSecurity #CVE #PatchNow

securityonline.info/netcomm-au

##

CVE-2026-42824
(6.5 MEDIUM)

EPSS: 7.64%

updated 2026-06-19T21:16:42.893000

1 posts

Missing authentication for critical function in M365 Copilot allows an unauthorized attacker to disclose information over a network.

benrothke@infosec.exchange at 2026-06-30T16:11:59.000Z ##

The @varonis Threat Labs teams demonstrated that enterprise #AI assistants can be turned into a precision data exfiltration tool via a crafted link. #CVE-2026-42824 AKA #SearchLeak is a huge vulnerability chain in Microsoft 365 Copilot. HT HT @Kiteworks. cybersec.kiteworks.com/s/micro

##

CVE-2026-20253
(9.8 CRITICAL)

EPSS: 88.17%

updated 2026-06-18T18:35:18

1 posts

In Splunk Enterprise versions below 10.2.4 and 10.0.7, and Splunk Cloud Platform versions below 10.4.2604.3 and 10.2.2510.14, an unauthenticated user could create or truncate arbitrary files through a PostgreSQL sidecar service endpoint.<br><br>The vulnerability exists because the PostgreSQL sidecar service endpoint lacks authentication controls, allowing any network-reachable user to invoke file

Nuclei template

5 repos

https://github.com/pssec-io/CVE-2026-20253

https://github.com/HORKimhab/CVE-2026-20253

https://github.com/0xBlackash/CVE-2026-20253

https://github.com/fevar54/CVE-2026-20253-Splunk-Enterprise-Pre-Auth-RCE-

https://github.com/watchtowrlabs/watchTowr-vs-Splunk-CVE-2026-20253

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-6307
(8.8 HIGH)

EPSS: 0.36%

updated 2026-06-17T11:00:38.113000

1 posts

Type Confusion in Turbofan in Google Chrome prior to 147.0.7727.101 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

2 repos

https://github.com/0xsha/CVE-2026-6307

https://github.com/J4ck3LSyN-Gen2/CVE-2026-6307-Longinus

lobsters@mastodon.social at 2026-06-29T15:10:11.000Z ##

Longinus: 2 Boundaries in One Bug, Piercing Chrome’s Renderer and V8 Sandbox with a Single Vulnerability, CVE-2026-6307 lobste.rs/s/uaoe9y #security #web
nebusec.ai/research/v8-cve-202

##

CVE-2026-50751
(9.3 CRITICAL)

EPSS: 70.10%

updated 2026-06-17T10:57:46.373000

2 posts

A logic flow weakness in Remote Access and Mobile Access certificate validation in deprecated IKEv1 key exchange allows an unauthenticated remote attacker to bypass user authentication and establish a remote access VPN connection without a valid user password.

Nuclei template

7 repos

https://github.com/fernstedt/CVE-2026-50751

https://github.com/hlkysipv/CVE-2026-50751-Check-Point-IKEv1-Authentication-Bypass

https://github.com/watchtowrlabs/watchTowr-vs-Check-Point-CVE-2026-50751

https://github.com/0xBlackash/CVE-2026-50751

https://github.com/WadesWeaponShed/CheckPoint-CVE-Webscanner

https://github.com/WadesWeaponShed/CVE-2026-50751-Mitigation-Scripts

https://github.com/fevar54/CVE-2026-50751---Check-Point-IKEv1-Authentication-Bypass-Exploit

patrickcmiller@infosec.exchange at 2026-07-01T23:42:01.000Z ##

Why patch directives only go so far cyberscoop.com/why-security-pa

##

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-46242
(7.8 HIGH)

EPSS: 0.12%

updated 2026-06-17T10:53:23.777000

2 posts

In the Linux kernel, the following vulnerability has been resolved: eventpoll: fix ep_remove struct eventpoll / struct file UAF ep_remove() (via ep_remove_file()) cleared file->f_ep under file->f_lock but then kept using @file inside the critical section (is_file_epoll(), hlist_del_rcu() through the head, spin_unlock). A concurrent __fput() taking the eventpoll_release() fastpath in that window

Analyst207@mastodon.social at 2026-07-03T20:43:30.000Z ##

Linux Flaw Exposes Unprivileged Users to Root Access

A newly discovered Linux flaw, CVE-2026-46242, allows ordinary users to gain root access to a machine, and even Android devices are vulnerable. This alarming vulnerability, known as Bad Epoll, can be exploited with ease, but thankfully, a working fix is now available.

osintsights.com/linux-flaw-exp

#LinuxFlaw #Cve202646242 #Epoll #KernelVulnerability #RootAccess

##

us@newsbeep.org at 2026-07-04T04:41:05.000Z ##

New “Bad Epoll” Linux Kernel Flaw Lets Unprivileged Users Gain Root, Hits Android

A newly disclosed Linux kernel flaw called Bad Epoll (CVE-2026-46242) lets an ordinary user with no special access…
#NewsBeep #News #US #USA #UnitedStates #UnitedStatesOfAmerica #Technology
newsbeep.com/us/742153/

##

CVE-2026-35273
(9.8 CRITICAL)

EPSS: 92.33%

updated 2026-06-17T10:40:19.560000

2 posts

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Updates Environment Management). Supported versions that are affected are 8.61 and 8.62. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in takeover of Peopl

Nuclei template

4 repos

https://github.com/ekomsSavior/POC_cve_2026_35273

https://github.com/12hrformat/CVE-2026-35273-POC

https://github.com/HORKimhab/CVE-2026-35273

https://github.com/0xBlackash/CVE-2026-35273

blog@insicurezzadigitale.com at 2026-07-02T12:55:36.000Z ##

ShinyHunters e lo zero-day PeopleSoft: il regolatore assicurativo USA tra le 100+ vittime di UNC6240

Sfruttando CVE-2026-35273, una RCE non autenticata in Oracle PeopleSoft, il collettivo ShinyHunters/UNC6240 ha colpito oltre 100 organizzazioni prima ancora del rilascio della patch. Tra le vittime la NAIC, il regolatore assicurativo USA: 3,1 TB di dati esfiltrati e agenzie di rating in stallo.

insicurezzadigitale.com/shinyh

##

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-33017
(9.8 CRITICAL)

EPSS: 98.41%

updated 2026-06-17T10:36:47.177000

1 posts

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data (containing arbitrary Python code in node definitions) instead of the stored f

Nuclei template

12 repos

https://github.com/oscar-mine/CVE-2026-33017-Exploit

https://github.com/rootdirective-sec/CVE-2026-33017-Lab

https://github.com/r3nsi15/CVE-2026-33017-langflow-rce

https://github.com/EQSTLab/CVE-2026-33017

https://github.com/omer-efe-curkus/CVE-2026-33017-Langflow-RCE-PoC

https://github.com/c0gnit00/CVE-2026-33017

https://github.com/MaxMnMl/langflow-CVE-2026-33017-poc

https://github.com/masterwok/PoC-CVE-2026-33017

https://github.com/z4yd3/PoC-CVE-2026-33017

https://github.com/Jorrit-VM/CVE-2026-33017

https://github.com/SimoesCTT/Sovereign-Echo-33017

https://github.com/0xBlackash/CVE-2026-33017

CVE-2026-10520
(10.0 CRITICAL)

EPSS: 99.04%

updated 2026-06-17T10:12:16.930000

1 posts

An OS Command Injection vulnerability in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated user to achieve root-level remote code execution

Nuclei template

6 repos

https://github.com/gagaltotal/CVE-2026-10523-Ivanti-sentry

https://github.com/watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523

https://github.com/0xBlackash/CVE-2026-10520

https://github.com/emilliewatson96/spryCVE-2026-10520

https://github.com/HORKimhab/CVE-2026-10520-10523

https://github.com/error-inside/CVE-2026-10520

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2025-68941
(4.9 MEDIUM)

EPSS: 0.24%

updated 2026-06-17T09:59:51.847000

1 posts

Gitea before 1.22.3 mishandles access to a private resource upon receiving an API token with scope limited to public resources.

EUVD_Bot@mastodon.social at 2026-07-03T22:01:27.000Z ##

🚨 EUVD-2026-41623

📊 Score: 4.3/10 (CVSS v3.1)
📦 Product: Gitea Open Source Git Server
🏢 Vendor: Gitea
📅 Updated: 2026-07-03

📝 Gitea versions up to and including 1.26.1 do not apply public-only token filtering consistently to the user organization API, leaving an incomplete fix for CVE-2025-68941.

🔗 euvd.enisa.europa.eu/vulnerabi

#cybersecurity #infosec #euvd #cve #vulnerability

##

CVE-2025-5777
(7.5 HIGH)

EPSS: 99.90%

updated 2026-06-17T09:48:43.670000

3 posts

Insufficient input validation leading to memory overread when the NetScaler is configured as a Gateway (VPN virtual server, ICA Proxy, CVPN, RDP Proxy) OR AAA virtual server

Nuclei template

25 repos

https://github.com/Anshika2709/Citrixbleed2-CVE-2025-5777

https://github.com/rootxsushant/Citrix-NetScaler-Memory-Leak-CVE-2025-5777

https://github.com/bughuntar/CVE-2025-5777

https://github.com/FrenzisRed/CVE-2025-5777

https://github.com/mingshenhk/CitrixBleed-2-CVE-2025-5777-PoC-

https://github.com/sentinel-aidefense/CVE-2025-5777

https://github.com/rob0tstxt/POC-CVE-2025-5777

https://github.com/SleepNotF0und/CVE-2025-5777

https://github.com/RaR1991/citrix_bleed_2

https://github.com/fox-it/citrix-netscaler-triage

https://github.com/orange0Mint/CitrixBleed-2-CVE-2025-5777

https://github.com/RickGeex/CVE-2025-5777-CitrixBleed

https://github.com/mr-r3b00t/CVE-2025-5777

https://github.com/soltanali0/CVE-2025-5777-Exploit

https://github.com/win3zz/CVE-2025-5777

https://github.com/Chocapikk/CVE-2025-5777

https://github.com/0xBlackash/CVE-2025-5777

https://github.com/0xgh057r3c0n/CVE-2025-5777

https://github.com/ndr-repo/CVE-2025-5777

https://github.com/rashedhasan090/CVE-2025-5777

https://github.com/Shivshantp/CVE-2025-5777-TrendMicro-ApexCentral-RCE

https://github.com/nocerainfosec/cve-2025-5777

https://github.com/cyberleelawat/ExploitVeer

https://github.com/idobarel/CVE-2025-5777

https://github.com/below0day/Honeypot-Logs-CVE-2025-5777

Matchbook3469@mastodon.social at 2026-07-03T17:28:15.000Z ##

🔵 THREAT INTELLIGENCE

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

Vulnerability | CRITICAL

Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to...

Full analysis:
yazoul.net/news/article/ransom

#ThreatIntel #SecurityNews #IncidentResponse

##

youranonnewsirc@nerdculture.de at 2026-07-03T16:04:38.000Z ##

OpenAI voluntarily limited new AI models at government request on July 2. Cybersecurity threats remain high with critical Citrix Bleed 2 (CVE-2025-5777) and Microsoft SharePoint RCE (CVE-2026-45659) vulnerabilities being actively exploited, as reported on July 2-3. Google, in collaboration with the FBI, disrupted NetNut, a major residential proxy network spanning 2 million devices. Geopolitically, Iran issued warnings to ships regarding unapproved routes in the Strait of Hormuz on July 3.

#AnonNews_irc #Cybersecurity #News

##

youranonnewsirc@nerdculture.de at 2026-07-03T16:04:38.000Z ##

OpenAI voluntarily limited new AI models at government request on July 2. Cybersecurity threats remain high with critical Citrix Bleed 2 (CVE-2025-5777) and Microsoft SharePoint RCE (CVE-2026-45659) vulnerabilities being actively exploited, as reported on July 2-3. Google, in collaboration with the FBI, disrupted NetNut, a major residential proxy network spanning 2 million devices. Geopolitically, Iran issued warnings to ships regarding unapproved routes in the Strait of Hormuz on July 3.

#AnonNews_irc #Cybersecurity #News

##

CVE-2025-4674
(8.6 HIGH)

EPSS: 0.27%

updated 2026-06-17T09:33:46.027000

1 posts

The go command may execute unexpected commands when operating in untrusted VCS repositories. This occurs when possibly dangerous VCS configuration is present in repositories. This can happen when a repository was fetched via one VCS (e.g. Git), but contains metadata for another VCS (e.g. Mercurial). Modules which are retrieved using the go command line, i.e. via "go get", are not affected.

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2024-56406
(8.4 HIGH)

EPSS: 0.47%

updated 2026-06-17T08:12:08.977000

1 posts

A heap buffer overflow vulnerability was discovered in Perl. Release branches 5.34, 5.36, 5.38 and 5.40 are affected, including development versions from 5.33.1 through 5.41.10. When there are non-ASCII bytes in the left-hand-side of the `tr` operator, `S_do_trans_invmap` can overflow the destination pointer `d`.    $ perl -e '$_ = "\x{FF}" x 1000000; tr/\xFF/\x{100}/;'    Segmentation fault

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2024-1442
(6.0 MEDIUM)

EPSS: 0.80%

updated 2026-06-17T07:04:15.300000

1 posts

A user with the permissions to create a data source can use Grafana API to create a data source with UID set to *. Doing this will grant the user access to read, query, edit and delete all data sources within the organization.

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2022-29170
(6.6 MEDIUM)

EPSS: 1.12%

updated 2026-06-17T04:39:44.167000

1 posts

Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesn’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicio

1 repos

https://github.com/yijikeji/CVE-2022-29170

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2022-26148
(9.8 CRITICAL)

EPSS: 53.44%

updated 2026-06-17T04:34:46.890000

1 posts

An issue was discovered in Grafana through 7.3.4, when integrated with Zabbix. The Zabbix password can be found in the api_jsonrpc.php HTML source code. When the user logs in and allows the user to register, one can right click to view the source code and use Ctrl-F to search for password in api_jsonrpc.php to discover the Zabbix account password and URL address.

Nuclei template

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2022-24812
(8.0 HIGH)

EPSS: 2.32%

updated 2026-06-17T04:32:34.510000

1 posts

Grafana is an open-source platform for monitoring and observability. When fine-grained access control is enabled and a client uses Grafana API Key to make requests, the permissions for that API Key are cached for 30 seconds for the given organization. Because of the way the cache ID is constructed, the consequent requests with any API Key evaluate to the same permissions as the previous requests.

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2020-27846
(9.8 CRITICAL)

EPSS: 4.87%

updated 2026-06-17T03:09:43.880000

1 posts

A signature verification vulnerability exists in crewjam/saml. This flaw allows an attacker to bypass SAML Authentication. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2026-50656
(7.8 HIGH)

EPSS: 3.39%

updated 2026-06-16T21:31:57

2 posts

Microsoft is aware of an elevation of privilege in the Microsoft Malware Protection Engine in Microsoft Defender publicly referred to as &quot;RoguePlanet &quot;. We are working to provide a high quality security update that addresses this vulnerability. We will provide information in this CVE when the update is available.

1 repos

https://github.com/0xBlackash/CVE-2026-50656

interpipes@thx.gg at 2026-06-30T14:27:30.000Z ##

It has now been two whole weeks since #microsoft assigned CVE-2026-50656 to the Defender exploit #RoguePlanet and there are still no patches to be had for this SYSTEM privilege escalation, but none of this is stopping Defender for Endpoint screaming at me about it.

There needs to be a button for "remind me about this when Microsoft bothers to release a fix for this" rather than fixed time periods that start from 30 days

##

youranonnewsirc@nerdculture.de at 2026-06-30T07:06:01.000Z ##

Here's a summary of the latest geopolitical, technology, and cybersecurity news from the last 24 hours:

Geopolitical: US and Iran halted Strait of Hormuz clashes for talks (June 29). Israel conducted airstrikes in South Lebanon despite a peace accord (June 29).

Tech/Cyber: OpenAI restricted its GPT-5.6 Sol AI model; Anthropic's Mythos 5 gained limited US approval amid cybersecurity vetting (June 29). A Millenium RAT variant infected over 62,000 devices, and a Microsoft Defender zero-day (CVE-2026-50656) is actively exploited (June 29). EPA launched a national cyber drill for water utilities (June 29).

#AnonNews_irc #Cybersecurity #News

##

CVE-2026-48611
(9.8 CRITICAL)

EPSS: 0.66%

updated 2026-06-12T06:33:21

2 posts

Improper authentication checks in the OAuth implementation allow account hijacking even when OAuth is not configured or enabled leading to unauthorized access in default installations.

2 repos

https://github.com/citruscitruscitruscitruscitrusci/CVE-2026-48611-poc

https://github.com/Diznev/CVE-2026-48611-EXPLOIT

beyondmachines1 at 2026-07-03T11:01:41.828Z ##

Critical phpBB Authentication Bypass Allows Instant Account Takeover

phpBB version 3.3.17 patches a critical authentication bypass (CVE-2026-48611) that allows unauthenticated attackers to take over any account, including administrators, by manipulating the auth_provider parameter.

**If you run a phpBB forum (versions 3.1.0 through 3.3.16, or 4.0.0-a2), this is important and urgent. Update to version 3.3.17 immediately. If you can't patch right away, delete the apache.php and ldap.php files from the phpbb/auth/provider/ directory, and check your server logs for suspicious auth_provider=apache and mode=login_link requests. If found, reset all user sessions and assume those accounts are compromised.**

beyondmachines.net/event_detai

##

beyondmachines1@infosec.exchange at 2026-07-03T11:01:41.000Z ##

Critical phpBB Authentication Bypass Allows Instant Account Takeover

phpBB version 3.3.17 patches a critical authentication bypass (CVE-2026-48611) that allows unauthenticated attackers to take over any account, including administrators, by manipulating the auth_provider parameter.

**If you run a phpBB forum (versions 3.1.0 through 3.3.16, or 4.0.0-a2), this is important and urgent. Update to version 3.3.17 immediately. If you can't patch right away, delete the apache.php and ldap.php files from the phpbb/auth/provider/ directory, and check your server logs for suspicious auth_provider=apache and mode=login_link requests. If found, reset all user sessions and assume those accounts are compromised.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-46215
(7.8 HIGH)

EPSS: 0.13%

updated 2026-06-10T21:32:27

1 posts

In the Linux kernel, the following vulnerability has been resolved: drm: Set old handle to NULL before prime swap in change_handle There was a potential race condition in change_handle. The ioctl briefly had a single object with two idr entries; a concurrent gem_close could delete the object and remove one of the handles while leaving the other one dangling, which could subsequently be dereferen

1 repos

https://github.com/0xCyberstan/CVE-2026-46215-POC

lobsters@mastodon.social at 2026-06-29T20:15:10.000Z ##

Unprivileged root via a use-after-free in DRM GEM change_handle (CVE-2026-46215) lobste.rs/s/hh5yyq #linux #security
cyberstan.co.uk/drm-lpe-linux/

##

CVE-2026-34182
(9.1 CRITICAL)

EPSS: 0.24%

updated 2026-06-10T18:32:45

2 posts

Issue Summary: Cryptographic Message Services (CMS) processing fails to perform sufficient input validation on the cipher and tag length fields of AuthEnvelopedData containers, leading to various potential compromises. Impact Summary: Attackers making use of these vulnerabilities may achieve key-equivalent functionality for a given CMS recipient and/or bypass integrity validation for a given mess

freepg at 2026-07-03T11:50:28.928Z ##

2.5.21-freepg has been released.

It contains all the latest bug fixes from upstream GnuPG, plus the usual FreePG patches.

Note that the FreePG project considers the 2.5.x branch to be experimental, and does not enable non-standard OpenPGP algorithms unless “--compliance=gnupg” is explicitly set.

Release notes
=============

Noteworthy changes in version 2.5.21-freepg (2026-07-03)
--------------------------------------------------------

* No FreePG-specific changes.

gitlab.com/freepg/gnupg/-/rele

Upstream's release notes follow.

----

Noteworthy changes in version 2.5.21 (2026-07-02)
-------------------------------------------------

* New and extended features:

- gpg, gpgsm: Use partial file on decryption, remove on failure.
Disable with "--compatibility-flags=no-partial-file-guard".
[T7873]

- gpg: Use the INT_RCP_FPR subpacket in revocation signatures.
[T8252]

- Create a pkgversioninfo.txt file when building using the speedo
build system.

* Bug fixes:

- gpg: Fix potential use-after-free in batch key generation when
handling the keyserver URL option. [T8277]

- gpgsm: Fix regression in gpgsm_verify with expired certificates.
[T8188]

- gpgsm: Require a minimum tag length for GCM decryption.
[rG4c7e68cf3d, CVE-2026-34182]

- scd: Limit the size of returned APDU objects from faulty cards.
[T8281]

- scd: Fix condition to retrieve ATR. [rGca25a7a61b]

- scd:openpgp: Fix regression in CHV1 retry counter byte index.
[rG245330ebea]

- agent: Make batch import of Kyber keys work. [T8029]

- dirmngr: Add a validation check in get_dns_cert_standard.
[T8303]

- gpgconf: Raise an error on certain parse errors. [T8261]

- Fix use of usleep in file remove function on Windows. Regression
since 2.5.13. [rGab9ce5f5e7]

Release-info: dev.gnupg.org/T8262

##

freepg@infosec.exchange at 2026-07-03T11:50:28.000Z ##

#GnuPG 2.5.21-freepg has been released.

It contains all the latest bug fixes from upstream GnuPG, plus the usual FreePG patches.

Note that the FreePG project considers the 2.5.x branch to be experimental, and does not enable non-standard OpenPGP algorithms unless “--compliance=gnupg” is explicitly set.

Release notes
=============

Noteworthy changes in version 2.5.21-freepg (2026-07-03)
--------------------------------------------------------

* No FreePG-specific changes.

gitlab.com/freepg/gnupg/-/rele

Upstream's release notes follow.

----

Noteworthy changes in version 2.5.21 (2026-07-02)
-------------------------------------------------

* New and extended features:

- gpg, gpgsm: Use partial file on decryption, remove on failure.
Disable with "--compatibility-flags=no-partial-file-guard".
[T7873]

- gpg: Use the INT_RCP_FPR subpacket in revocation signatures.
[T8252]

- Create a pkgversioninfo.txt file when building using the speedo
build system.

* Bug fixes:

- gpg: Fix potential use-after-free in batch key generation when
handling the keyserver URL option. [T8277]

- gpgsm: Fix regression in gpgsm_verify with expired certificates.
[T8188]

- gpgsm: Require a minimum tag length for GCM decryption.
[rG4c7e68cf3d, CVE-2026-34182]

- scd: Limit the size of returned APDU objects from faulty cards.
[T8281]

- scd: Fix condition to retrieve ATR. [rGca25a7a61b]

- scd:openpgp: Fix regression in CHV1 retry counter byte index.
[rG245330ebea]

- agent: Make batch import of Kyber keys work. [T8029]

- dirmngr: Add a validation check in get_dns_cert_standard.
[T8303]

- gpgconf: Raise an error on certain parse errors. [T8261]

- Fix use of usleep in file remove function on Windows. Regression
since 2.5.13. [rGab9ce5f5e7]

Release-info: dev.gnupg.org/T8262

##

CVE-2026-49160
(7.5 HIGH)

EPSS: 48.44%

updated 2026-06-09T18:31:11

1 posts

Uncontrolled resource consumption in HTTP/2 allows an unauthorized attacker to deny service over a network.

1 repos

https://github.com/dhmosfunk/CVE-2026-49160-CVE-2026-47291-HTTP.sys

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-45504
(8.8 HIGH)

EPSS: 0.46%

updated 2026-06-09T18:30:58

1 posts

Server-side request forgery (ssrf) in Microsoft Exchange Server allows an authorized attacker to elevate privileges over a network.

1 repos

https://github.com/hawktrace/CVE-2026-45504

DailyCyberSecurity@infosec.exchange at 2026-07-03T00:10:34.000Z ##

HawkTrace publicly disclosed Microsoft Exchange vulnerability CVE-2026-45504 with PoC exploit code. The SSRF flaw reads arbitrary files. Patch now.
#MicrosoftExchange #CVE202645504 #SSRF #Cybersecurity #PoC #Infosec

securityonline.info/microsoft-

##

CVE-2026-25089
(9.8 CRITICAL)

EPSS: 23.39%

updated 2026-06-09T18:30:47

1 posts

A improper neutralization of special elements used in an os command ('os command injection') vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may allow an unauthenticated attacker to execute unauthorized commands via specifically crafted HTTP req

2 repos

https://github.com/HORKimhab/CVE-2026-25089

https://github.com/0xBlackash/CVE-2026-25089

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-10523
(9.9 CRITICAL)

EPSS: 47.19%

updated 2026-06-09T18:30:39

1 posts

An Authentication Bypass vulnerability (CWE-288) in Ivanti Sentry before the R10.5.2, R10.6.2 and R10.7.1 versions allows a remote unauthenticated attacker to create arbitrary administrative accounts and obtain full administrative access

3 repos

https://github.com/gagaltotal/CVE-2026-10523-Ivanti-sentry

https://github.com/watchtowrlabs/watchTowr-vs-Ivanti-Sentry-RCE-CVE-2026-10520-CVE-2026-10523

https://github.com/HORKimhab/CVE-2026-10520-10523

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-31694
(7.8 HIGH)

EPSS: 0.13%

updated 2026-06-01T18:32:31

1 posts

In the Linux kernel, the following vulnerability has been resolved: fuse: reject oversized dirents in page cache fuse_add_dirent_to_cache() computes a serialized dirent size from the server-controlled namelen field and copies the dirent into a single page-cache page. The existing logic only checks whether the dirent fits in the remaining space of the current page and advances to a fresh page if

1 repos

https://github.com/0xCyberstan/CVE-2026-31694-POC

lobsters@mastodon.social at 2026-07-02T01:00:14.000Z ##

Unprivileged root via an out-of-bounds write in the FUSE readdir cache (CVE-2026-31694) lobste.rs/s/0kc445 #linux #security
cyberstan.co.uk/fuse-readdir-o

##

CVE-2026-0826(CVSS UNKNOWN)

EPSS: 26.47%

updated 2026-06-01T15:30:49

1 posts

In certain scenarios when the admin has enabled Interactive Connectivity Establishment (ICE), a buffer overflow could enable remote code execution on Poly Voice products on the Linux platform.

secdb@infosec.exchange at 2026-07-01T00:02:03.000Z ##

📈 CVE Published in last 30 days (2026-06-01 - 2026-07-01)
See more at secdb.nttzen.cloud/dashboard

Total CVEs:

Severity:
- Critical: 855
- High: 3079
- Medium: 2559
- Low: 534
- None: 684

Status:
- : 344
- Analyzed: 2815
- Awaiting Analysis: 562
- Deferred: 3102
- Modified: 173
- Received: 551
- Rejected: 49
- Undergoing Analysis: 115

CISA KEVs:
- CISA-2026:0601 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0602 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0603 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0605 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0608 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0609 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0611 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0612 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0615 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0616 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0618 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0623 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0625 (secdb.nttzen.cloud/security-ad)
- CISA-2026:0629 (secdb.nttzen.cloud/security-ad)

Top CNAs:
- GitHub, Inc.: 1163
- Patchstack: 731
- VulnCheck: 612
- Chrome: 584
- kernel.org: 514
- VulDB: 468
- N/A: 344
- MITRE: 329
- Wordfence: 256
- Oracle: 242

Top Affected Products:
- UNKNOWN: 4698
- Google Chrome: 583
- Google Android: 118
- Microsoft Windows 11 26h1: 111
- Microsoft Windows Server 2025: 109
- Microsoft Windows 11 24h2: 105
- Microsoft Windows 11 25h2: 105
- Microsoft Windows Server 2022: 104
- Microsoft Windows 11 23h2: 99
- Microsoft Windows 10 22h2: 91

Top EPSS Score:
- CVE-2026-10520 - 98.94 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-35273 - 92.33 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20253 - 88.17 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-48907 - 80.43 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-50751 - 71.05 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-49160 - 48.44 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-10523 - 47.19 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-20230 - 41.69 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-0826 - 26.47 % (secdb.nttzen.cloud/cve/detail/)
- CVE-2026-25089 - 23.39 % (secdb.nttzen.cloud/cve/detail/)

#ZEN #SecDB #InfoSec

##

CVE-2026-46817
(9.8 CRITICAL)

EPSS: 0.68%

updated 2026-05-29T18:31:20

4 posts

Vulnerability in the Oracle Payments product of Oracle E-Business Suite (component: File Transmission). Supported versions that are affected are 12.2.3-12.2.15. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Payments. Successful attacks of this vulnerability can result in takeover of Oracle Payments. CVSS 3.1 Base Score 9.8 (Con

2 repos

https://github.com/HORKimhab/CVE-2026-46817

https://github.com/0xBlackash/CVE-2026-46817

1ban_news@mastodon.social at 2026-07-03T07:59:31.000Z ##

Oracle E-Business Suite under attack via critical flaw before exploit code emerged

1ban.news/oracle-ebs-attack-cv
#1ban #oracle #ebs #attack #cve #tech

##

offseq@infosec.exchange at 2026-07-01T13:30:13.000Z ##

CRITICAL CVE-2026-46817 in Oracle E-Business Suite: Over 900 exposed instances face active exploit attempts via HTTP. Attackers can fully compromise systems. Apply May 2026 patch ASAP. Details: radar.offseq.com/threat/over-9 #OffSeq #Oracle #Vuln #ThreatIntel

##

threatcodex@infosec.exchange at 2026-06-30T13:57:23.000Z ##

Attackers are exploiting a critical flaw in Oracle E-Business Suite, CVE-2026-46817, that allows remote, unauthenticated attackers to take over Oracle Payments.
#CVE_2026_46817
securityaffairs.com/194463/sec

##

beyondmachines1@infosec.exchange at 2026-06-30T08:01:04.000Z ##

Attackers Exploit Critical Takeover Flaw in Oracle E-Business Suite

Researchers report actively exploit of a critical vulnerability (CVE-2026-46817) in Oracle E-Business Suite's financial module.

**If you run Oracle E-Business Suite (versions 12.2.3 through 12.2.15), make sure your EBS instances are isolated from the public internet and reachable only from trusted networks via a VPN or secure gateway. Then apply the May 2026 Critical Security Patch Update ASAP.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

CVE-2026-6637
(8.8 HIGH)

EPSS: 0.38%

updated 2026-05-14T15:31:59

1 posts

Stack buffer overflow in PostgreSQL module "refint" allows an unprivileged database user to execute arbitrary code as the operating system user running the database. A distinct attack is possible if the application declares a user-controlled column as a "refint" cascade primary key and facilitates user-controlled updates to that column. In that case, a SQL injection allows a primary key update v

mastokukei@social.josko.org at 2026-07-03T18:01:55.000Z ##

Blip blop, I'm a #mastobot.
Here is a summary (in beta) of the latest posts in #programmingAtKukei masto.kukei.eu/browse/programm category:
- **AI coding tools & workflows**: Claude Code, GitHub Copilot pricing changes, AI agent frameworks (LangGraph, CrewAI, OpenAI Agents SDK), LLM-driven development risks, AI-generated code bans (Godot Engine, Alibaba).
- **PostgreSQL updates**: PostgreSQL 19 beta (`WAIT FOR LSN`), TimescaleDB 2.28.1, pg_lake extension for Iceberg, CVE-2026-6637 [1/3]

##

CVE-2026-33825
(7.8 HIGH)

EPSS: 6.75%

updated 2026-04-23T00:31:18

3 posts

Insufficient granularity of access control in Microsoft Defender allows an authorized attacker to elevate privileges locally.

5 repos

https://github.com/0xBlackash/CVE-2026-33825

https://github.com/kaleth4/CVE-2026-33825

https://github.com/Letlaka/redsun-bluehammer-undefend-detection-pack

https://github.com/Bilal3755/Detecting_blue_hammer_vuln

https://github.com/Joe1sn/CVE-2026-33825

cyberveille@mastobot.ping.moi at 2026-07-03T17:00:21.000Z ##

📢 CVE-2026-33825 (BlueHammer) dans Microsoft Defender exploitée dans des attaques ransomware
📝 📰 **Source** : SecurityWeek — **Date de publication** : 30 juin 2026

La **CISA** (agence américaine de cyb...
📖 cyberveille : cyberveille.ch/posts/2026-07-0
🌐 source : securityweek.com/bluehammer-vu
#BlueHammer #CISA #Cyberveille

##

threatnoir@infosec.exchange at 2026-06-30T22:05:40.000Z ##

⚠️ CRITICAL: BlueHammer Vulnerability Exploited in Ransomware Attacks

CVE-2026-33825 (BlueHammer) in Microsoft Defender is being actively exploited in ransomware campaigns in the wild. This zero-day was publicly disclosed before patches became available on April 14, and CISA has confirmed active abuse. All Windows environments running vulnerable Defender versions are…

threatnoir.com/focus

#infosec #cybersecurity

##

kev_Stalker@infosec.exchange at 2026-06-29T20:46:18.000Z ##

CVE-2026-33825 - Changed to Known Ransomware Status

Microsoft Defender Insufficient Granularity of Access Control VulnerabilityVendor: MicrosoftProduct: DefenderMicrosoft Defender contains an insufficient granularity of access control vulnerability that could allow an authorized attacker to escalate privileges locally.Status changed from Unknown to Known for ransomware campaign usage.Flip detected on: June 29, 2026 at 20:00:35 UTCDate Added nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-1229(CVSS UNKNOWN)

EPSS: 0.40%

updated 2026-03-02T15:26:57

1 posts

The CombinedMult function in the CIRCL ecc/p384 package (secp384r1 curve) produces an incorrect value for specific inputs. The issue is fixed by using complete addition formulas. ECDH and ECDSA signing relying on this curve are not affected. The bug was fixed in **[v1.6.3](https://github.com/cloudflare/circl/releases/tag/v1.6.3)**.

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2026-24418(CVSS UNKNOWN)

EPSS: 0.36%

updated 2026-02-10T01:17:51

1 posts

### Summary Critical Error-Based SQL Injection vulnerability in the Scadenzario (Payment Schedule) bulk operations module of OpenSTAManager v2.9.8 allows authenticated attackers to extract complete database contents including user credentials, customer PII, and financial records through XML error messages. **Status:** ✅ Confirmed and tested on live instance (v2.9.8) **Vulnerable Parameter:** `id

2 repos

https://github.com/BridgerAlderson/CVE-2026-24418

https://github.com/lukasz-rybak/CVE-2026-24418

DarkWebInformer@infosec.exchange at 2026-06-29T18:55:30.000Z ##

‼️ CVE-2026-24418: OpenSTAManager v2.9.8 and earlier contain a critical Error-Based SQL Injection vulnerability in the bulk operations handler for the Scadenzario (Payment Schedule) module.

GitHub: github.com/BridgerAlderson/CVE

##

CVE-2025-68121
(4.8 MEDIUM)

EPSS: 0.77%

updated 2026-02-06T18:31:38

1 posts

During session resumption in crypto/tls, if the underlying Config has its ClientCAs or RootCAs fields mutated between the initial handshake and the resumed handshake, the resumed handshake may succeed when it should have failed. This may happen when a user calls Config.Clone and mutates the returned Config, or uses Config.GetConfigForClient. This can cause a client to resume a session with a serve

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2025-41115
(10.0 CRITICAL)

EPSS: 17.29%

updated 2025-11-27T08:40:01

1 posts

SCIM provisioning was introduced in Grafana Enterprise and Grafana Cloud in April to improve how organizations manage users and teams in Grafana by introducing automated user lifecycle management. In Grafana versions 12.x where SCIM provisioning is enabled and configured, a vulnerability in user identity handling allows a malicious or compromised SCIM client to provision a user with a numeric ext

2 repos

https://github.com/rockmelodies/Blackash-CVE-2025-41115

https://github.com/I3r1h0n/GrafanaSCIMalform

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2023-29300
(9.8 CRITICAL)

EPSS: 99.98%

updated 2025-10-22T00:33:52

1 posts

Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by a Deserialization of Untrusted Data vulnerability that could result in Arbitrary code execution. Exploitation of this issue does not require user interaction.

Nuclei template

CapTechGroup@mastodon.social at 2026-07-03T12:50:24.000Z ##

Incident breakdown: CVE-2023-26360, CVE-2023-29298, and CVE-2023-29300 in Adobe ColdFusion led to webshell deployment and DisableDefender.ps1 execution. Attackers dumped credentials via Mimikatz driver after silencing...

captechgroup.com/threat-intell

##

CVE-2023-29298
(7.5 HIGH)

EPSS: 99.75%

updated 2025-10-22T00:33:51

1 posts

Adobe ColdFusion versions 2018u16 (and earlier), 2021u6 (and earlier) and 2023.0.0.330468 (and earlier) are affected by an Improper Access Control vulnerability that could result in a Security feature bypass. An attacker could leverage this vulnerability to access the administration CFM and CFC endpoints. Exploitation of this issue does not require user interaction.

Nuclei template

1 repos

https://github.com/CuriousLearnerDev/ColdFusion_EXp

CapTechGroup@mastodon.social at 2026-07-03T12:50:24.000Z ##

Incident breakdown: CVE-2023-26360, CVE-2023-29298, and CVE-2023-29300 in Adobe ColdFusion led to webshell deployment and DisableDefender.ps1 execution. Attackers dumped credentials via Mimikatz driver after silencing...

captechgroup.com/threat-intell

##

CVE-2023-26360
(8.6 HIGH)

EPSS: 97.34%

updated 2025-10-22T00:33:50

1 posts

Adobe ColdFusion versions 2018 Update 15 (and earlier) and 2021 Update 5 (and earlier) are affected by an Improper Access Control vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue does not require user interaction.

Nuclei template

6 repos

https://github.com/joaoaugustom/Adobe_ColdFusion_RCE_Unauthenticated

https://github.com/H3rm1tR3b0rn/CVE-2023-26360-RCE

https://github.com/CuriousLearnerDev/ColdFusion_EXp

https://github.com/RyanRodrigues880/CVE-2023-26360

https://github.com/jakabakos/CVE-2023-26360-adobe-coldfusion-rce-exploit

https://github.com/yosef0x01/CVE-2023-26360

CapTechGroup@mastodon.social at 2026-07-03T12:50:24.000Z ##

Incident breakdown: CVE-2023-26360, CVE-2023-29298, and CVE-2023-29300 in Adobe ColdFusion led to webshell deployment and DisableDefender.ps1 execution. Attackers dumped credentials via Mimikatz driver after silencing...

captechgroup.com/threat-intell

##

CVE-2022-28391
(9.8 CRITICAL)

EPSS: 3.50%

updated 2025-06-09T18:32:01

1 posts

BusyBox through 1.35.0 allows remote attackers to execute arbitrary code if netstat is used to print a DNS PTR record's value to a VT compatible terminal. Alternatively, the attacker could choose to change the terminal's colors.

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2024-9264
(9.9 CRITICAL)

EPSS: 97.78%

updated 2025-03-14T20:26:23

1 posts

The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's

Nuclei template

12 repos

https://github.com/punitdarji/Grafana-CVE-2024-9264

https://github.com/ruizii/CVE-2024-9264

https://github.com/nollium/CVE-2024-9264

https://github.com/z3k0sec/File-Read-CVE-2024-9264

https://github.com/rvzsec/CVE-2024-9264

https://github.com/yeonchoda/CVE-2024-9264

https://github.com/z3k0sec/CVE-2024-9264-RCE-Exploit

https://github.com/Royall-Researchers/CVE-2024-9264

https://github.com/amalpvatayam67/day05-grafana-sqlexpr-lab

https://github.com/patrickpichler/grafana-CVE-2024-9264

https://github.com/Cythonic1/CVE-2024-9264

https://github.com/Exerrdev/CVE-2024-9264-Fixed

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2023-3128
(9.4 CRITICAL)

EPSS: 4.09%

updated 2025-02-13T19:00:47

1 posts

Grafana is validating Azure AD accounts based on the email claim. On Azure AD, the profile email field is not unique and can be easily modified. This leads to account takeover and authentication bypass when Azure AD OAuth is configured with a multi-tenant app.

1 repos

https://github.com/spyata123/CVE-2023-3128

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2024-2658(CVSS UNKNOWN)

EPSS: 0.42%

updated 2025-01-30T18:32:09

1 posts

A misconfiguration in lmadmin.exe of FlexNet Publisher versions prior to 2024 R1 (11.19.6.0) allows the OpenSSL configuration file to load from a non-existent directory. An unauthorized, locally authenticated user with low privileges can potentially create the directory and load a specially crafted openssl.conf file leading to the execution of a malicious DLL (Dynamic-Link Library) with elevated p

2 repos

https://github.com/laoqin1234/Linux-Root-CVE-2024-26581-PoC

https://github.com/madfxr/CVE-2024-26581-Checker

oversecurity@mastodon.social at 2026-07-01T12:35:03.000Z ##

Beware of the license manager: how a Schneider Electric software vulnerability puts industrial facilities at risk

Analysis of CVE-2024-2658 as found in Schneider Electric's Floating License Manager. Discover how this FlexNet Publisher vulnerability potentially...

🔗️ [Securelist] link.is.it/DVUIfS

##

CVE-2022-31097
(7.3 HIGH)

EPSS: 68.60%

updated 2024-11-18T16:26:42

1 posts

Today we are releasing Grafana 8.3.10, 8.4.10, 8.5.9 and 9.0.3. This patch release includes a HIGH severity security fix for a stored Cross Site Scripting in Grafana. Release v.9.0.3, containing this security fix and other patches: - [Download Grafana 9.0.3](https://grafana.com/grafana/download/9.0.3) - [Release notes](https://grafana.com/docs/grafana/next/release-notes/release-notes-9-0-3/) Re

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2022-21703
(6.8 MEDIUM)

EPSS: 2.28%

updated 2024-02-01T00:16:02

1 posts

Today we are releasing Grafana 8.3.5 and 7.5.15. This patch release includes MEDIUM severity security fix for Cross Site Request Forgery for Grafana. Release v.8.3.5, only containing security fixes: - [Download Grafana 8.3.5](https://grafana.com/grafana/download/8.3.5) - [Release notes](https://grafana.com/docs/grafana/latest/release-notes/release-notes-8-3-5/) Release v.7.5.15, only containing

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2018-15727
(9.8 CRITICAL)

EPSS: 64.28%

updated 2023-10-02T12:01:52

1 posts

Grafana before 4.6.4 and 5.x before 5.2.3 allows authentication bypass because an attacker can generate a valid "remember me" cookie knowing only a username of an LDAP or OAuth user. ### Specific Go Packages Affected github.com/grafana/grafana/pkg/api

1 repos

https://github.com/u238/grafana-CVE-2018-15727

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2019-3855
(8.8 HIGH)

EPSS: 9.22%

updated 2023-02-01T05:04:28

1 posts

An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. A remote attacker who compromises a SSH server may be able to execute code on the client system when a user connects to the server.

eslerm@cyberplace.social at 2026-06-30T19:05:23.000Z ##

@bascule libssh2 was the most concerning dependency needed to add cargo to Ubuntu main (lp#1991650).

In 2018 @chrisccoulson reported CVE-2019-3855 through -3863. CVE-2019-3855 is the same bug as today's: a server-controlled packet_length with no upper bound, overflowing the transport read. 1.8.1 added a bounds check. CVE-2026-55200 is the same check missing 7 years later, on the chacha20-poly1305 path. That path is post-KEX, so at least host-key verification gates it (unlike 3855).

##

CVE-2022-28660
(9.8 CRITICAL)

EPSS: 1.06%

updated 2023-01-27T05:02:23

1 posts

The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices mode

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2026-10055
(0 None)

EPSS: 0.00%

4 posts

N/A

thehackerwire@mastodon.social at 2026-07-03T21:00:30.000Z ##

🟠 CVE-2026-10055 - High (8.5)

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq at 2026-07-03T12:00:28.973Z ##

Server-Side Request Forgery (SSRF) in Eclipse Theia 1.26.0 (CVE-2026-10055, HIGH, CVSS 8.5). Attackers with access to the service connection can target internal resources. Restrict access now. radar.offseq.com/threat/cve-20

##

thehackerwire@mastodon.social at 2026-07-03T21:00:30.000Z ##

🟠 CVE-2026-10055 - High (8.5)

In Eclipse Theia since version 1.26.0, the backend /services/request-service RPC accepts an attacker-controlled URL from any client connected to the standard /services messaging endpoint, performs the HTTP request server-side, and returns the full...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-07-03T12:00:28.000Z ##

Server-Side Request Forgery (SSRF) in Eclipse Theia 1.26.0 (CVE-2026-10055, HIGH, CVSS 8.5). Attackers with access to the service connection can target internal resources. Restrict access now. radar.offseq.com/threat/cve-20 #OffSeq #SSRF #EclipseTheia #Cybersecurity

##

CVE-2026-50548
(0 None)

EPSS: 0.64%

2 posts

N/A

offseq@infosec.exchange at 2026-07-03T09:00:29.000Z ##

DuneSlide (CVE-2026-50548/50549): CRITICAL zero-click RCE in Cursor AI editor <3.0. Flaws in sandbox & symlink handling enable attackers to escape IDE, compromise OS. Upgrade to v3.0+ now. radar.offseq.com/threat/critic #OffSeq #Infosec #Vuln #RCE

##

beyondmachines1@infosec.exchange at 2026-07-02T11:01:09.000Z ##

DuneSlide: Zero-Click RCE Vulnerabilities Discovered in Cursor IDE

Cato AI Labs identified two critical vulnerabilities (CVE-2026-50548 and CVE-2026-50549) in Cursor IDE that allow attackers to achieve remote code execution via zero-click prompt injection. The flaws enable sandbox escapes by overwriting system binaries through manipulated working directories and symlink resolution errors.

**If you use Cursor IDE, update ASAP to version 3.0 or later, because these flaws will be attacked very soon. Be cautious about letting the AI agent pull in content from untrusted external sources (like websites or files), since a malicious prompt hidden there is enough to trigger the attack with no other action from you.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-50549
(0 None)

EPSS: 0.64%

1 posts

N/A

beyondmachines1@infosec.exchange at 2026-07-02T11:01:09.000Z ##

DuneSlide: Zero-Click RCE Vulnerabilities Discovered in Cursor IDE

Cato AI Labs identified two critical vulnerabilities (CVE-2026-50548 and CVE-2026-50549) in Cursor IDE that allow attackers to achieve remote code execution via zero-click prompt injection. The flaws enable sandbox escapes by overwriting system binaries through manipulated working directories and symlink resolution errors.

**If you use Cursor IDE, update ASAP to version 3.0 or later, because these flaws will be attacked very soon. Be cautious about letting the AI agent pull in content from untrusted external sources (like websites or files), since a malicious prompt hidden there is enough to trigger the attack with no other action from you.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-53657
(0 None)

EPSS: 0.00%

2 posts

N/A

CVE-2026-58418
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2026-44024
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2026-57149
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-07-01T00:05:37.000Z ##

A critical Plone RCE vulnerability (CVE-2026-57149, CVSS 9.9) allows TALES injection via the Classic portlet. Two more flaws enable DoS and SSRF.

#Plone #RCE #CyberSecurity #CMS #PatchNow

securityonline.info/plone-rce-

##

CVE-2022-23498
(0 None)

EPSS: 1.13%

1 posts

N/A

certvde@infosec.exchange at 2026-06-30T10:51:44.000Z ##

#OT #Advisory VDE-2026-049
Balluff GmbH: Multiple Vulnerabilities Affecting BNI EGW-720-007-K095 and BAV MA-NC-00025-01

Security advisory for Balluff BNI EGW-720-007-K095 and BAV MA-NC-00025-01 firmware versions prior to 2.4.1. This advisory covers multiple vulnerabilities affecting software components used by the device firmware.
#CVE CVE-2025-68121, CVE-2026-1229, CVE-2025-41115, CVE-2025-15467, CVE-2023-3128, CVE-2022-28660, CVE-2022-26148, CVE-2018-15727, CVE-2020-27846, CVE-2024-9264, CVE-2024-1442, CVE-2022-28391, CVE-2022-24812, CVE-2022-23498, CVE-2022-21703, CVE-2022-31097, CVE-2025-61732, CVE-2025-4674, CVE-2022-29170, CVE-2024-56406

certvde.com/en/advisories/vde-

#CSAF balluff.csaf-tp.certvde.com/.w

##

CVE-2026-5430
(0 None)

EPSS: 0.00%

1 posts

N/A

DailyCyberSecurity@infosec.exchange at 2026-06-30T02:45:29.000Z ##

WSO2 patched seven flaws across API Manager and gateways, led by a CVSS 10 JWT auth bypass (CVE-2026-5430). Update WSO2 API Manager now.

#WSO2 #APISecurity #CVE #AuthBypass #Cybersecurity #Infosec

securityonline.info/wso2-api-m

##

CVE-2026-13136
(0 None)

EPSS: 0.00%

1 posts

N/A

CVE-2026-8023
(0 None)

EPSS: 0.69%

1 posts

N/A

1 repos

https://github.com/ret2c/CVE-2026-8023

offseq@infosec.exchange at 2026-06-30T00:00:36.000Z ##

Zephyr HTTP server (4.0.0 – 4.4.x) is affected by CVE-2026-8023 (HIGH): improper path handling enables unauthenticated remote file access via path traversal (../). Patch status unclear — check advisories & restrict exposure. radar.offseq.com/threat/cve-20 #OffSeq #Zephyr #Infosec #PathTraversal

##

Visit counter For Websites