## Updated at UTC 2026-03-27T04:08:46.501403

Access data as JSON

CVE CVSS EPSS Posts Repos Nuclei Updated Description
CVE-2026-33728 0 0.00% 2 0 2026-03-27T01:16:20.203000 dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.4
CVE-2026-33701 0 0.00% 2 0 2026-03-27T01:16:19.313000 OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation a
CVE-2026-34352 8.4 0.00% 2 0 2026-03-27T00:31:32 In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observ
CVE-2026-4903 8.8 0.00% 2 0 2026-03-27T00:31:32 A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the f
CVE-2026-4902 8.8 0.00% 2 0 2026-03-27T00:31:32 A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function
CVE-2025-12805 8.1 0.00% 2 0 2026-03-27T00:31:32 A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vuln
CVE-2026-28377 7.5 0.00% 2 0 2026-03-27T00:31:32 A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintex
CVE-2026-33945 9.9 0.00% 2 0 2026-03-27T00:16:23.633000 Incus is a system container and virtual machine manager. Incus instances have an
CVE-2026-1961 8.0 0.00% 2 0 2026-03-27T00:16:21.937000 A flaw was found in Foreman. A remote attacker could exploit a command injection
CVE-2026-3650 7.5 0.00% 3 0 2026-03-26T22:16:31.370000 A memory leak exists in the Grassroots DICOM library (GDCM). The bug occurs when
CVE-2026-33669 9.8 0.00% 2 0 2026-03-26T22:16:29.887000 SiYuan is a personal knowledge management system. Prior to version 3.6.2, docume
CVE-2025-55262 8.3 0.00% 2 0 2026-03-26T21:32:35 HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploi
CVE-2026-28877 5.5 0.02% 1 0 2026-03-26T21:32:29 An authorization issue was addressed with improved state management. This issue
CVE-2025-41368 8.1 0.02% 2 0 2026-03-26T21:31:26 Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36,
CVE-2025-41359 7.8 0.00% 2 0 2026-03-26T21:31:26 Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36,
CVE-2026-33509 7.5 0.06% 1 0 2026-03-26T20:47:02.337000 pyLoad is a free and open-source download manager written in Python. From versio
CVE-2026-32748 7.5 1.80% 2 0 2026-03-26T20:43:15.687000 Squid is a caching proxy for the Web. Prior to version 7.5, due to premature rel
CVE-2026-33942 9.8 0.57% 2 0 2026-03-26T20:42:31.563000 Saloon is a PHP library that gives users tools to build API integrations and SDK
CVE-2026-33413 8.8 0.00% 2 0 2026-03-26T20:39:29.473000 etcd is a distributed key-value store for the data of a distributed system. Prio
CVE-2026-33631 8.7 0.00% 2 0 2026-03-26T20:16:16.110000 ClearanceKit intercepts file-system access events on macOS and enforces per-proc
CVE-2026-33491 7.8 0.00% 2 0 2026-03-26T19:17:04.333000 Zen C is a systems programming language that compiles to human-readable GNU C/C1
CVE-2026-32522 8.6 0.02% 2 0 2026-03-26T19:17:01.930000 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') v
CVE-2026-33871 None 0.00% 1 0 2026-03-26T18:49:21 ### Summary A remote user can trigger a Denial of Service (DoS) against a Netty
CVE-2026-33870 7.5 0.00% 1 0 2026-03-26T18:48:56 ## Summary Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer
CVE-2026-2995 7.7 0.02% 2 0 2026-03-26T18:31:35 GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 bef
CVE-2026-33487 7.5 0.00% 2 0 2026-03-26T18:16:30.070000 goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6
CVE-2026-4867 7.5 0.00% 2 0 2026-03-26T17:16:42.983000 Impact: A bad regular expression is generated any time you have three or more p
CVE-2026-3108 8.0 0.00% 2 0 2026-03-26T17:16:41.797000 Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.
CVE-2026-29785 7.5 0.07% 2 0 2026-03-26T17:13:31.983000 NATS-Server is a High-Performance server for NATS.io, a cloud and edge native me
CVE-2025-15101 8.8 0.02% 2 0 2026-03-26T16:43:20.300000 A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web
CVE-2026-33696 10.0 0.46% 1 0 2026-03-26T16:41:02 ## Impact An authenticated user with permission to create or modify workflows co
CVE-2026-33932 7.6 0.03% 1 0 2026-03-26T16:27:53.530000 OpenEMR is a free and open source electronic health records and medical practice
CVE-2026-29187 8.1 0.02% 2 1 2026-03-26T16:19:59.843000 OpenEMR is a free and open source electronic health records and medical practice
CVE-2026-34055 8.1 0.03% 1 0 2026-03-26T16:16:58.693000 OpenEMR is a free and open source electronic health records and medical practice
CVE-2026-22790 8.8 0.00% 2 0 2026-03-26T16:16:04.967000 EVerest is an EV charging software stack. Prior to version 2026.02.0, `HomeplugM
CVE-2026-24068 8.8 0.02% 2 0 2026-03-26T15:31:40 The VSL privileged helper does utilize NSXPC for IPC. The implementation of the
CVE-2026-4247 7.5 0.01% 2 0 2026-03-26T15:31:39 When a challenge ACK is to be sent tcp_respond() constructs and sends the challe
CVE-2026-4652 7.5 0.02% 2 0 2026-03-26T15:31:38 On a system exposing an NVMe/TCP target, a remote client can trigger a kernel pa
CVE-2025-55261 8.1 0.00% 2 0 2026-03-26T15:30:48 HCL Aftermarket DPC is affected by Missing Functional Level Access Control which
CVE-2026-27664 7.5 0.00% 2 0 2026-03-26T15:16:34.340000 A vulnerability has been identified in CPCI85 Central Processing/Communication (
CVE-2026-26008 7.5 0.00% 2 0 2026-03-26T15:16:32.510000 EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an ou
CVE-2026-4747 8.8 0.05% 2 0 2026-03-26T15:13:15.790000 Each RPCSEC_GSS data packet is validated by a routine which checks a signature i
CVE-2026-32680 7.8 0.01% 2 0 2026-03-26T15:13:15.790000 The installer of RATOC RAID Monitoring Manager for Windows allows to customize t
CVE-2026-33660 0 0.11% 1 0 2026-03-26T15:13:15.790000 n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.
CVE-2026-33526 0 1.98% 1 0 2026-03-26T15:13:15.790000 Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-Afte
CVE-2026-20125 7.7 0.14% 1 0 2026-03-26T15:13:15.790000 A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS X
CVE-2026-3857 8.1 0.01% 3 0 2026-03-26T15:13:15.790000 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10
CVE-2026-32530 8.8 0.02% 2 0 2026-03-26T14:16:11.603000 Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms
CVE-2026-32523 9.9 0.02% 2 0 2026-03-26T14:16:11.417000 Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM
CVE-2026-2511 7.5 0.00% 2 0 2026-03-26T14:16:10.017000 The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is
CVE-2026-33017 9.8 6.14% 8 4 2026-03-26T13:26:16.393000 Langflow is a tool for building and deploying AI-powered agents and workflows. I
CVE-2026-4700 9.8 0.02% 1 0 2026-03-26T13:16:30.367000 Mitigation bypass in the Networking: HTTP component. This vulnerability affects
CVE-2026-33344 8.1 0.02% 1 0 2026-03-26T13:03:13.500000 Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0
CVE-2026-4862 8.8 0.04% 2 0 2026-03-26T12:30:35 A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-21090
CVE-2026-4809 9.8 0.39% 4 0 2026-03-26T12:30:35 plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous fil
CVE-2026-4861 8.8 0.04% 2 0 2026-03-26T09:30:34 A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability
CVE-2026-28760 7.8 0.01% 2 0 2026-03-26T09:30:33 The installer of RATOC RAID Monitoring Manager for Windows searches the current
CVE-2026-4840 8.8 0.15% 2 0 2026-03-26T06:30:27 A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affe
CVE-2026-2931 8.8 0.04% 1 0 2026-03-26T06:30:27 The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object
CVE-2026-4484 9.8 0.04% 1 0 2026-03-26T03:30:34 The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in
CVE-2026-4758 8.8 0.25% 1 0 2026-03-26T00:31:03 The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion
CVE-2025-33248 7.8 0.05% 1 0 2026-03-25T21:58:36.280000 NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script wher
CVE-2026-24151 7.8 0.05% 1 0 2026-03-25T21:57:49.383000 NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may
CVE-2026-33286 9.1 0.04% 1 0 2026-03-25T21:33:33 ### Summary An arbitrary method execution vulnerability has been found which af
CVE-2026-32536 10.0 0.04% 1 0 2026-03-25T21:31:40 Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green
CVE-2026-32538 7.5 0.03% 1 0 2026-03-25T21:31:39 Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMT
CVE-2026-32537 7.5 0.11% 1 0 2026-03-25T21:31:39 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-32546 7.5 0.03% 2 0 2026-03-25T21:31:39 Missing Authorization vulnerability in StellarWP Restrict Content restrict-conte
CVE-2026-20687 7.1 0.01% 1 1 2026-03-25T21:31:33 A use after free issue was addressed with improved memory management. This issue
CVE-2026-32573 9.1 0.04% 2 0 2026-03-25T21:30:36 Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio
CVE-2026-32539 9.3 0.03% 1 0 2026-03-25T21:30:36 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-32513 8.8 0.05% 1 0 2026-03-25T21:30:35 Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List
CVE-2026-25366 10.0 0.05% 1 0 2026-03-25T21:30:35 Improper Control of Generation of Code ('Code Injection') vulnerability in Theme
CVE-2026-32525 10.0 0.05% 1 0 2026-03-25T21:30:35 Improper Control of Generation of Code ('Code Injection') vulnerability in jetmo
CVE-2026-4719 7.5 0.01% 1 0 2026-03-25T21:30:28 Incorrect boundary conditions in the Graphics: Text component. This vulnerabilit
CVE-2026-4705 9.8 0.02% 1 0 2026-03-25T21:30:27 Undefined behavior in the WebRTC: Signaling component. This vulnerability affect
CVE-2026-32534 8.5 0.03% 1 0 2026-03-25T21:16:44.673000 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-32531 8.1 0.11% 1 0 2026-03-25T21:16:44.300000 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-33671 7.5 0.00% 2 0 2026-03-25T21:12:09 ### Impact `picomatch` is vulnerable to Regular Expression Denial of Service (Re
CVE-2026-33497 None 0.01% 1 0 2026-03-25T20:54:06 ### Summary In the download_profile_picture function of the /profile_pictures/{f
CVE-2026-33484 7.5 0.02% 1 0 2026-03-25T20:53:48 ### Summary The `/api/v1/files/images/{flow_id}/{file_name}` endpoint serves ima
CVE-2026-33418 7.5 0.04% 1 0 2026-03-25T20:53:42 ## Summary The `ensureSize()` function in `@dicebear/converter` used a regex-ba
CVE-2026-33316 8.1 0.03% 1 0 2026-03-25T20:53:33 ### Summary A flaw in Vikunja’s password reset logic allows disabled users to r
CVE-2026-33310 8.8 0.05% 1 0 2026-03-25T20:52:31 ### Summary The shell() syntax within parameter default values appears to be aut
CVE-2026-4723 9.8 0.01% 1 0 2026-03-25T20:16:37.603000 Use-after-free in the JavaScript Engine component. This vulnerability affects Fi
CVE-2026-4716 9.1 0.02% 1 0 2026-03-25T20:16:37.020000 Incorrect boundary conditions, uninitialized memory in the JavaScript Engine com
CVE-2026-27044 9.9 0.05% 2 0 2026-03-25T20:16:26.917000 Improper Control of Generation of Code ('Code Injection') vulnerability in Total
CVE-2026-25447 9.1 0.04% 2 0 2026-03-25T20:16:26.740000 Improper Control of Generation of Code ('Code Injection') vulnerability in Jonat
CVE-2026-25001 8.5 0.05% 1 0 2026-03-25T20:16:26.370000 Improper Control of Generation of Code ('Code Injection') vulnerability in Saad
CVE-2026-33686 8.8 0.00% 2 0 2026-03-25T20:01:05 ### Summary A path traversal vulnerability exists in the FileUtil class of the c
CVE-2026-33687 8.8 0.00% 2 0 2026-03-25T20:00:24 ### Summary The `code16/sharp` Laravel admin panel package contains a vulnerabi
CVE-2026-33673 7.7 0.00% 4 0 2026-03-25T19:41:50 ### Impact Multiple stored Cross-Site Scripting (stored XSS) vulnerabilities in
CVE-2026-33670 9.8 0.00% 4 0 2026-03-25T19:38:01 ### Details The /api/file/readDir interface was used to traverse and retrieve t
CVE-2026-33661 8.6 0.00% 2 0 2026-03-25T19:30:09 ## Summary The `verify_wechat_sign()` function in `src/Functions.php` unconditi
CVE-2026-4712 7.5 0.01% 1 0 2026-03-25T19:16:52.517000 Information disclosure in the Widget: Cocoa component. This vulnerability affect
CVE-2026-4704 7.5 0.01% 1 0 2026-03-25T19:16:52.327000 Denial-of-service in the WebRTC: Signaling component. This vulnerability affects
CVE-2026-3988 7.5 0.04% 3 0 2026-03-25T18:32:08 GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5
CVE-2026-20012 8.6 0.10% 1 0 2026-03-25T18:31:51 A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco
CVE-2026-20084 8.6 0.11% 1 0 2026-03-25T18:31:51 A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allo
CVE-2026-26832 9.8 0.19% 1 1 2026-03-25T18:31:51 node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tessera
CVE-2026-20086 8.6 0.10% 1 0 2026-03-25T18:31:47 A vulnerability in the processing of Control and Provisioning of Wireless Access
CVE-2025-32991 9.1 0.21% 1 0 2026-03-25T18:31:46 In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful AP
CVE-2026-3608 7.5 0.02% 1 0 2026-03-25T18:16:32.853000 Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-
CVE-2026-33287 7.5 0.04% 1 0 2026-03-25T17:44:24 ### Summary The `replace_first` filter in LiquidJS uses JavaScript's `String.pro
CVE-2026-33285 7.5 0.04% 1 0 2026-03-25T17:40:53 ### Summary LiquidJS's `memoryLimit` security mechanism can be completely bypas
CVE-2026-27889 7.5 0.07% 1 0 2026-03-25T17:07:53 ### Background NATS.io is a high performance open source pub-sub distributed co
CVE-2026-2417 0 0.10% 1 0 2026-03-25T15:41:58.280000 A Missing Authentication for Critical Function vulnerability in Pharos Controls
CVE-2026-24158 7.5 0.04% 1 0 2026-03-25T15:41:58.280000 NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint whe
CVE-2026-33678 8.1 0.03% 1 0 2026-03-25T15:41:58.280000 Vikunja is an open-source self-hosted task management platform. Prior to version
CVE-2026-3104 7.5 0.03% 1 0 2026-03-25T15:41:33.977000 A specially crafted domain can be used to cause a memory leak in a BIND resolver
CVE-2026-26830 9.8 0.25% 1 2 2026-03-25T15:41:33.977000 pdf-image (npm package) through version 2.0.0 allows OS command injection via th
CVE-2026-2072 8.2 0.04% 1 0 2026-03-25T15:41:33.977000 Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor (
CVE-2026-28864 3.3 0.01% 1 0 2026-03-25T15:32:30 This issue was addressed with improved permissions checking. This issue is fixed
CVE-2026-1519 7.5 0.04% 1 0 2026-03-25T15:31:36 If a BIND resolver is performing DNSSEC validation and encounters a maliciously
CVE-2026-2343 5.3 0.03% 1 0 2026-03-25T15:31:30 The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download
CVE-2026-26306 7.8 0.02% 1 0 2026-03-25T06:30:35 The installer for OM Workspace (Windows Edition) Ver 2.4 and earlier insecurely
CVE-2026-33218 7.5 0.12% 2 0 2026-03-24T21:45:30 ### Background NATS.io is a high performance open source pub-sub distributed co
CVE-2026-33216 8.6 0.03% 2 0 2026-03-24T21:42:11 ### Background NATS.io is a high performance open source pub-sub distributed co
CVE-2026-4725 10.0 0.01% 1 0 2026-03-24T21:32:29 Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This v
CVE-2026-33554 7.5 0.04% 1 0 2026-03-24T21:32:29 ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response
CVE-2026-4698 9.8 0.02% 1 0 2026-03-24T21:32:28 JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability a
CVE-2026-4701 9.8 0.02% 1 0 2026-03-24T21:32:28 Use-after-free in the JavaScript Engine component. This vulnerability affects Fi
CVE-2026-4717 9.8 0.02% 1 0 2026-03-24T21:32:28 Privilege escalation in the Netmonitor component. This vulnerability affects Fir
CVE-2026-4715 9.1 0.02% 1 0 2026-03-24T21:32:28 Uninitialized memory in the Graphics: Canvas2D component. This vulnerability aff
CVE-2026-4714 7.5 0.01% 1 0 2026-03-24T21:32:28 Incorrect boundary conditions in the Audio/Video component. This vulnerability a
CVE-2026-4713 7.5 0.01% 1 0 2026-03-24T21:32:28 Incorrect boundary conditions in the Graphics component. This vulnerability affe
CVE-2026-4711 9.8 0.02% 1 0 2026-03-24T21:32:28 Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefo
CVE-2026-4722 8.8 0.02% 1 0 2026-03-24T21:32:28 Privilege escalation in the IPC component. This vulnerability affects Firefox <
CVE-2025-33254 7.5 0.03% 1 0 2026-03-24T21:31:36 NVIDIA Triton Inference Server contains a vulnerability where an attacker may ca
CVE-2026-24157 7.8 0.12% 1 0 2026-03-24T21:31:36 NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an at
CVE-2025-33247 7.8 0.24% 1 0 2026-03-24T21:31:35 NVIDIA Megatron LM contains a vulnerability in quantization configuration loadin
CVE-2025-33244 9.1 0.03% 1 0 2026-03-24T21:31:35 NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker co
CVE-2025-33238 7.5 0.03% 1 0 2026-03-24T21:31:35 NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability wh
CVE-2026-24152 7.8 0.05% 1 0 2026-03-24T21:31:35 NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attac
CVE-2026-24150 7.8 0.05% 1 0 2026-03-24T21:31:35 NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attac
CVE-2026-24141 7.8 0.06% 1 0 2026-03-24T21:31:35 NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONN
CVE-2026-24159 7.8 0.12% 1 0 2026-03-24T21:31:35 NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remot
CVE-2026-22559 8.8 0.07% 1 0 2026-03-24T21:31:35 An Improper Input Validation vulnerability in UniFi Network Server may allow una
CVE-2026-4702 9.8 0.02% 1 0 2026-03-24T21:31:22 JIT miscompilation in the JavaScript Engine component. This vulnerability affect
CVE-2026-33634 None 0.07% 4 1 2026-03-24T17:53:15 ## Summary On March 19, 2026, a threat actor used compromised credentials to pu
CVE-2026-33056 6.5 0.01% 1 0 2026-03-24T16:17:11.623000 tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and
CVE-2026-4283 9.1 0.10% 1 0 2026-03-24T15:53:48.067000 The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to unauthorized acc
CVE-2026-27784 7.8 0.01% 1 0 2026-03-24T15:53:48.067000 The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_ht
CVE-2026-27651 7.5 0.03% 1 0 2026-03-24T15:30:36 When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open
CVE-2026-32647 7.8 0.01% 1 0 2026-03-24T15:30:36 NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module
CVE-2026-4681 None 0.38% 1 0 2026-03-24T00:30:28 A critical remote code execution (RCE) vulnerability has been reported in PTC Wi
CVE-2026-3055 None 0.02% 4 0 2026-03-23T21:30:58 Insufficient input validation in NetScaler ADC and NetScaler Gateway when config
CVE-2026-25075 7.5 0.12% 2 1 2026-03-23T21:30:57 strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerabil
CVE-2025-15605 None 0.01% 1 0 2026-03-23T18:30:39 A hardcoded cryptographic key within the configuration mechanism on TP-Link Arch
CVE-2025-15517 None 0.04% 1 0 2026-03-23T18:30:39 A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210
CVE-2026-32746 9.8 0.03% 3 5 2026-03-23T15:31:40 telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMO
CVE-2026-33494 10.0 0.00% 4 0 2026-03-20T20:51:26 ## Description Ory Oathkeeper is vulnerable to an authorization bypass via HTTP
CVE-2026-33496 8.1 0.00% 2 0 2026-03-20T20:51:08 ## Description Ory Oathkeeper is vulnerable to authentication bypass due to cac
CVE-2026-33468 8.1 0.00% 2 0 2026-03-20T20:48:56 ## Summary Kysely's `DefaultQueryCompiler.sanitizeStringLiteral()` only escapes
CVE-2026-33442 8.1 0.00% 2 0 2026-03-20T20:48:35 ## Summary The `sanitizeStringLiteral` method in Kysely's query compiler escape
CVE-2025-31277 8.8 0.27% 1 0 2026-03-20T18:32:18 The issue was addressed with improved memory handling. This issue is fixed in wa
CVE-2026-33331 8.2 0.01% 1 0 2026-03-20T17:25:56 A Stored Cross-Site Scripting (XSS) vulnerability exists in the OpenAPI document
CVE-2026-20131 10.0 0.65% 3 3 2026-03-19T18:32:21 A vulnerability in the web-based management interface of Cisco Secure Firewall M
CVE-2026-32628 8.8 0.03% 2 0 2026-03-16T20:33:27.493000 AnythingLLM is an application that turns pieces of content into context that any
CVE-2026-32116 8.1 0.08% 1 0 2026-03-16T18:02:21.613000 Magic Wormhole makes it possible to get arbitrary-sized files and directories fr
CVE-2026-26123 5.5 0.05% 1 0 2026-03-10T21:32:18 Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized a
CVE-2026-20079 10.0 0.06% 2 1 2026-03-04T18:32:03 A vulnerability in the web interface of Cisco Secure Firewall Management Center
CVE-2026-27598 None 0.11% 1 0 2026-02-27T20:40:25 The `CreateNewDAG` API endpoint (`POST /api/v1/dags`) does not validate the DAG
CVE-2025-43529 8.8 0.17% 1 8 2025-12-18T14:59:05.617000 A use-after-free issue was addressed with improved memory management. This issue
CVE-2025-55182 10.0 65.08% 2 100 template 2025-12-10T02:00:02.557000 A pre-authentication remote code execution vulnerability exists in React Server
CVE-2023-46604 10.0 94.44% 2 34 template 2025-11-04T00:30:41 Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may all
CVE-2023-32434 7.8 61.25% 2 2 2025-10-23T18:48:05.013000 An integer overflow was addressed with improved input validation. This issue is
CVE-2023-38606 5.5 0.12% 1 0 2025-10-22T00:33:51 This issue was addressed with improved state management. This issue is fixed in
CVE-2024-6387 8.1 57.63% 1 95 2025-09-30T13:52:23.540000 A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd).
CVE-2025-41241 4.4 0.05% 1 0 2025-07-29T15:32:54 VMware vCenter contains a denial-of-service vulnerability. A malicious actor who
CVE-2023-38646 9.8 94.25% 2 41 template 2024-02-15T18:30:40 Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 all
CVE-2026-33897 0 0.00% 2 0 N/A
CVE-2026-33396 0 0.00% 2 0 N/A
CVE-2026-23995 0 0.00% 4 0 N/A
CVE-2026-22593 0 0.00% 2 0 N/A
CVE-2026-33009 0 0.00% 2 0 N/A
CVE-2026-33416 0 0.00% 4 0 N/A
CVE-2026-33636 0 0.00% 4 0 N/A
CVE-2026-33149 0 0.00% 2 0 N/A
CVE-2026-33152 0 0.00% 4 0 N/A
CVE-2026-33506 0 0.00% 2 0 N/A
CVE-2026-4926 0 0.00% 2 0 N/A
CVE-2026-33530 0 0.00% 2 0 N/A
CVE-2026-15519 0 0.00% 2 0 N/A
CVE-2026-15518 0 0.00% 2 0 N/A
CVE-2026-33918 0 0.03% 2 0 N/A
CVE-2026-33917 0 0.03% 2 1 N/A
CVE-2026-34056 0 0.03% 1 0 N/A
CVE-2026-23514 0 0.04% 1 0 N/A
CVE-2026-33348 0 0.03% 1 0 N/A
CVE-2026-33913 0 0.03% 1 0 N/A
CVE-2026-24750 0 0.04% 1 0 N/A
CVE-2026-30976 0 0.06% 1 0 N/A
CVE-2026-30975 0 0.06% 1 0 N/A
CVE-2026-33656 0 0.00% 1 1 N/A
CVE-2026-28373 0 0.00% 1 0 N/A
CVE-2026-33329 0 0.07% 1 0 N/A

CVE-2026-33728
(0 None)

EPSS: 0.00%

updated 2026-03-27T01:16:20.203000

2 posts

dd-trace-java is a Datadog APM client for Java. In versions of dd-trace-java 0.40.0 through prior to 1.60.2, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker with network access to a JMX or RMI port on an instrumented JVM could exploit this to potentially achieve remote code execu

offseq at 2026-03-27T01:30:30.215Z ##

⚠️ CRITICAL: CVE-2026-33728 in DataDog dd-trace-java (0.40.0 - <1.60.3) allows unauth RCE via unsafe deserialization if JMX/RMI port is exposed on JDK ≤16. Upgrade to 1.60.3+ & restrict access! radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-03-27T01:30:30.000Z ##

⚠️ CRITICAL: CVE-2026-33728 in DataDog dd-trace-java (0.40.0 - <1.60.3) allows unauth RCE via unsafe deserialization if JMX/RMI port is exposed on JDK ≤16. Upgrade to 1.60.3+ & restrict access! radar.offseq.com/threat/cve-20 #OffSeq #Java #Infosec #CVE202633728

##

CVE-2026-33701
(0 None)

EPSS: 0.00%

updated 2026-03-27T01:16:19.313000

2 posts

OpenTelemetry Java Instrumentation provides OpenTelemetry auto-instrumentation and instrumentation libraries for Java. In versions prior to 2.26.1, the RMI instrumentation registered a custom endpoint that deserialized incoming data without applying serialization filters. On JDK version 16 and earlier, an attacker with network access to a JMX or RMI port on an instrumented JVM could exploit this t

offseq at 2026-03-27T03:00:29.933Z ##

🚨 CRITICAL: CVE-2026-33701 affects opentelemetry-java-instrumentation <2.26.1. Unauthenticated RCE possible on Java ≤16 via unsafe RMI deserialization. Upgrade to 2.26.1+ or disable RMI now! Details: radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-03-27T03:00:29.000Z ##

🚨 CRITICAL: CVE-2026-33701 affects opentelemetry-java-instrumentation <2.26.1. Unauthenticated RCE possible on Java ≤16 via unsafe RMI deserialization. Upgrade to 2.26.1+ or disable RMI now! Details: radar.offseq.com/threat/cve-20 #OffSeq #Java #RCE #Vuln

##

CVE-2026-34352
(8.4 HIGH)

EPSS: 0.00%

updated 2026-03-27T00:31:32

2 posts

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

thehackerwire@mastodon.social at 2026-03-26T23:18:07.000Z ##

🟠 CVE-2026-34352 - High (8.5)

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:18:07.000Z ##

🟠 CVE-2026-34352 - High (8.5)

In TigerVNC before 1.16.2, Image.cxx in x0vncserver allows other users to observe or manipulate the screen contents, or cause an application crash, because of incorrect permissions.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4903
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-27T00:31:32

2 posts

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been published and may be used.

thehackerwire@mastodon.social at 2026-03-26T23:17:11.000Z ##

🟠 CVE-2026-4903 - High (8.8)

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:17:11.000Z ##

🟠 CVE-2026-4903 - High (8.8)

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4902
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-27T00:31:32

2 posts

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public and may be used.

thehackerwire@mastodon.social at 2026-03-26T23:17:01.000Z ##

🟠 CVE-2026-4902 - High (8.8)

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:17:01.000Z ##

🟠 CVE-2026-4902 - High (8.8)

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-12805
(8.1 HIGH)

EPSS: 0.00%

updated 2026-03-27T00:31:32

2 posts

A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the llama-stack service endpoint. As a result, a user in one namespace can access another user’s Llama Stack instance and potentially view or manipulate sen

thehackerwire@mastodon.social at 2026-03-26T22:21:06.000Z ##

🟠 CVE-2025-12805 - High (8.1)

A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:21:06.000Z ##

🟠 CVE-2025-12805 - High (8.1)

A flaw was found in Red Hat OpenShift AI (RHOAI) llama-stack-operator. This vulnerability allows unauthorized access to Llama Stack services deployed in other namespaces via direct network requests, because no NetworkPolicy restricts access to the...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28377
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-27T00:31:32

2 posts

A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3. Thanks to william_goodfellow for reporting this vulnerability.

thehackerwire@mastodon.social at 2026-03-26T22:20:02.000Z ##

🟠 CVE-2026-28377 - High (7.5)

A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3.

Thanks to william_goodfellow...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:20:02.000Z ##

🟠 CVE-2026-28377 - High (7.5)

A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3.

Thanks to william_goodfellow...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33945
(9.9 CRITICAL)

EPSS: 0.00%

updated 2026-03-27T00:16:23.633000

2 posts

Incus is a system container and virtual machine manager. Incus instances have an option to provide credentials to systemd in the guest. For containers, this is handled through a shared directory. Prior to version 6.23.0, an attacker can set a configuration key named something like `systemd.credential.../../../../../../root/.bashrc` to cause Incus to write outside of the `credentials` directory ass

offseq at 2026-03-27T00:00:42.077Z ##

🚨 CVE-2026-33945 (CRITICAL, CVSS 10): lxc incus <6.23.0 is vulnerable to path traversal, enabling attackers to write as root & escalate privileges. Upgrade to 6.23.0+ ASAP, restrict config access! radar.offseq.com/threat/cve-20

##
offseq@infosec.exchange at 2026-03-27T00:00:42.000Z ##

🚨 CVE-2026-33945 (CRITICAL, CVSS 10): lxc incus <6.23.0 is vulnerable to path traversal, enabling attackers to write as root & escalate privileges. Upgrade to 6.23.0+ ASAP, restrict config access! radar.offseq.com/threat/cve-20 #OffSeq #CVE202633945 #ContainerSecurity

##

CVE-2026-1961
(8.0 HIGH)

EPSS: 0.00%

updated 2026-03-27T00:16:21.937000

2 posts

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman se

thehackerwire@mastodon.social at 2026-03-26T23:16:01.000Z ##

🟠 CVE-2026-1961 - High (8)

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource provid...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:16:01.000Z ##

🟠 CVE-2026-1961 - High (8)

A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource provid...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3650
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-26T22:16:31.370000

3 posts

A memory leak exists in the Grassroots DICOM library (GDCM). The bug occurs when parsing malformed DICOM files with non-standard VR types in file meta information. The vulnerability leads to vast memory allocations and resource depletion, triggering a denial-of-service condition. A maliciously crafted file can fill the heap in a single read operation without properly releasing it.

thehackerwire@mastodon.social at 2026-03-26T22:18:27.000Z ##

🟠 CVE-2026-3650 - High (7.5)

A memory leak exists in the Grassroots DICOM library (GDCM). The bug occurs when parsing malformed DICOM files with non-standard VR types in file meta information. The vulnerability leads to vast memory allocations and resource depletion, triggeri...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:18:27.000Z ##

🟠 CVE-2026-3650 - High (7.5)

A memory leak exists in the Grassroots DICOM library (GDCM). The bug occurs when parsing malformed DICOM files with non-standard VR types in file meta information. The vulnerability leads to vast memory allocations and resource depletion, triggeri...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
technadu@infosec.exchange at 2026-03-26T11:32:07.000Z ##

CVE-2026-3650 in Grassroots DICOM (GDCM):

• Memory leak via malformed DICOM parsing
• CVSS 7.5 → DoS risk
• No patch, no maintainer response
• Impacts healthcare imaging pipelines
Mitigate via isolation + strict input controls.

Source: hipaajournal.com/grassroots-di

Follow @technadu for more.

#InfoSec #HealthcareSecurity #Vulnerability

##

CVE-2026-33669
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-03-26T22:16:29.887000

2 posts

SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6.2 patches the issue.

thehackerwire@mastodon.social at 2026-03-26T22:19:53.000Z ##

🔴 CVE-2026-33669 - Critical (9.8)

SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:19:53.000Z ##

🔴 CVE-2026-33669 - Critical (9.8)

SiYuan is a personal knowledge management system. Prior to version 3.6.2, document IDs were retrieved via the /api/file/readDir interface, and then the /api/block/getChildBlocks interface was used to view the content of all documents. Version 3.6....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-55262
(8.3 HIGH)

EPSS: 0.00%

updated 2026-03-26T21:32:35

2 posts

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database.

thehackerwire@mastodon.social at 2026-03-26T23:01:08.000Z ##

🟠 CVE-2025-55262 - High (8.3)

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:01:08.000Z ##

🟠 CVE-2025-55262 - High (8.3)

HCL Aftermarket DPC is affected by SQL Injection which allows attacker to exploit this vulnerability to retrieve sensitive information from the database.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28877
(5.5 MEDIUM)

EPSS: 0.02%

updated 2026-03-26T21:32:29

1 posts

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data.

rosyna@mastodon.social at 2026-03-25T02:11:10.000Z ##

I updated the “Device Name” section of my “How to Fingerprint iOS Users” article to note that iOS 26.4 fixes CVE-2026-28877, which leaked the device name without needing a proper entitlement.

paradisefacade.com/blog/2026/3

##

CVE-2025-41368
(8.1 HIGH)

EPSS: 0.02%

updated 2026-03-26T21:31:26

2 posts

Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically affecting the executable located at 'C:\Program Files (x86)\shttps_mg\http.exe service'. This misconfiguration allows a local attacker to place a malicious executable with the same name in a higher priority directory, causing the service to execute the malicious file instead of the legitimate one. Exploiti

thehackerwire@mastodon.social at 2026-03-26T23:20:43.000Z ##

🟠 CVE-2025-41368 - High (8.1)

Problem in the Small HTTP Server v3.06.36 service. An authenticated path traversal vulnerability in '/' allows remote users to bypass the intended restrictions of SecurityManager and display any file if they have the appropriate permissions outsid...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:20:43.000Z ##

🟠 CVE-2025-41368 - High (8.1)

Problem in the Small HTTP Server v3.06.36 service. An authenticated path traversal vulnerability in '/' allows remote users to bypass the intended restrictions of SecurityManager and display any file if they have the appropriate permissions outsid...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-41359
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-26T21:31:26

2 posts

Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically affecting the executable located at 'C:\Program Files (x86)\shttps_mg\http.exe service'. This misconfiguration allows a local attacker to place a malicious executable with the same name in a higher priority directory, causing the service to execute the malicious file instead of the legitimate one. Exploiti

thehackerwire@mastodon.social at 2026-03-26T23:16:10.000Z ##

🟠 CVE-2025-41359 - High (7.8)

Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically affecting the executable located at 'C:\Program Files (x86)\shttps_mg\http.exe service'. This misconfiguration allows a local attacker to place a maliciou...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:16:10.000Z ##

🟠 CVE-2025-41359 - High (7.8)

Vulnerability related to an unquoted service path in Small HTTP Server 3.06.36, specifically affecting the executable located at 'C:\Program Files (x86)\shttps_mg\http.exe service'. This misconfiguration allows a local attacker to place a maliciou...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33509
(7.5 HIGH)

EPSS: 0.06%

updated 2026-03-26T20:47:02.337000

1 posts

pyLoad is a free and open-source download manager written in Python. From version 0.4.0 to before version 0.5.0b3.dev97, the set_config_value() API endpoint allows users with the non-admin SETTINGS permission to modify any configuration option without restriction. The reconnect.script config option controls a file path that is passed directly to subprocess.run() in the thread manager's reconnect l

thehackerwire@mastodon.social at 2026-03-24T20:26:20.000Z ##

🟠 CVE-2026-33509 - High (7.5)

pyLoad is a free and open-source download manager written in Python. From version 0.4.0 to before version 0.5.0b3.dev97, the set_config_value() API endpoint allows users with the non-admin SETTINGS permission to modify any configuration option wit...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32748
(7.5 HIGH)

EPSS: 1.80%

updated 2026-03-26T20:43:15.687000

2 posts

Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid de

thehackerwire@mastodon.social at 2026-03-27T00:00:14.000Z ##

🟠 CVE-2026-32748 - High (7.5)

Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remot...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-27T00:00:14.000Z ##

🟠 CVE-2026-32748 - High (7.5)

Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remot...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33942
(9.8 CRITICAL)

EPSS: 0.57%

updated 2026-03-26T20:42:31.563000

2 posts

Saloon is a PHP library that gives users tools to build API integrations and SDKs. Versions prior to 4.0.0 used PHP's unserialize() in AccessTokenAuthenticator::unserialize() to restore OAuth token state from cache or storage, with allowed_classes => true. An attacker who can control the serialized string (e.g. by overwriting a cached token file or via another injection) can supply a serialized "g

thehackerwire@mastodon.social at 2026-03-27T00:00:04.000Z ##

🔴 CVE-2026-33942 - Critical (9.8)

Saloon is a PHP library that gives users tools to build API integrations and SDKs. Versions prior to 4.0.0 used PHP's unserialize() in AccessTokenAuthenticator::unserialize() to restore OAuth token state from cache or storage, with allowed_classes...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-27T00:00:04.000Z ##

🔴 CVE-2026-33942 - Critical (9.8)

Saloon is a PHP library that gives users tools to build API integrations and SDKs. Versions prior to 4.0.0 used PHP's unserialize() in AccessTokenAuthenticator::unserialize() to restore OAuth token state from cache or storage, with allowed_classes...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33413
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-26T20:39:29.473000

2 posts

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose the gRPC API to untrusted or partially trusted clients. In unpatched etcd clusters with etcd auth enabled, unauthorized users are able to call MemberList

thehackerwire@mastodon.social at 2026-03-26T22:22:36.000Z ##

🟠 CVE-2026-33413 - High (8.8)

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:22:36.000Z ##

🟠 CVE-2026-33413 - High (8.8)

etcd is a distributed key-value store for the data of a distributed system. Prior to versions 3.4.42, 3.5.28, and 3.6.9, unauthorized users may bypass authentication or authorization checks and call certain etcd functions in clusters that expose t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33631
(8.7 HIGH)

EPSS: 0.00%

updated 2026-03-26T20:16:16.110000

2 posts

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting ES_EVENT_TYPE_AUTH_OPEN events. Seven additional file operation event types were not intercepted, allowing any locally running process to bypass the con

thehackerwire@mastodon.social at 2026-03-26T20:35:18.000Z ##

🟠 CVE-2026-33631 - High (8.7)

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T20:35:18.000Z ##

🟠 CVE-2026-33631 - High (8.7)

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. In versions on the 4.1 branch and earlier, the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33491
(7.8 HIGH)

EPSS: 0.00%

updated 2026-03-26T19:17:04.333000

2 posts

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrary code by providing a specially crafted Zen C source file (`.zc`) with excessively long struct, function, or trait identifiers. Users are advised to upda

thehackerwire@mastodon.social at 2026-03-26T21:00:43.000Z ##

🟠 CVE-2026-33491 - High (7.8)

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrar...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T21:00:43.000Z ##

🟠 CVE-2026-33491 - High (7.8)

Zen C is a systems programming language that compiles to human-readable GNU C/C11. Prior to version 0.4.4, a stack-based buffer overflow vulnerability in the Zen C compiler allows attackers to cause a compiler crash or potentially execute arbitrar...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32522
(8.6 HIGH)

EPSS: 0.02%

updated 2026-03-26T19:17:01.930000

2 posts

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This issue affects WooCommerce Support Ticket System: from n/a through < 18.5.

thehackerwire@mastodon.social at 2026-03-27T00:01:09.000Z ##

🟠 CVE-2026-32522 - High (8.6)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This issue affects WooCommerce Support Ticket System...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-27T00:01:09.000Z ##

🟠 CVE-2026-32522 - High (8.6)

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in vanquish WooCommerce Support Ticket System woocommerce-support-ticket-system allows Path Traversal.This issue affects WooCommerce Support Ticket System...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33871(CVSS UNKNOWN)

EPSS: 0.00%

updated 2026-03-26T18:49:21

1 posts

### Summary A remote user can trigger a Denial of Service (DoS) against a Netty HTTP/2 server by sending a flood of `CONTINUATION` frames. The server's lack of a limit on the number of `CONTINUATION` frames, combined with a bypass of existing size-based mitigations using zero-byte frames, allows an user to cause excessive CPU consumption with minimal bandwidth, rendering the server unresponsive.

chrisvest@mastodon.social at 2026-03-25T00:33:41.000Z ##

We're released Netty 4.2.11 and 4.1.132. These contain many bug fixes, and fixes for two CVEs both rated *high*:

- CVE-2026-33871: HTTP/2 CONTINUATION frame flood Denial of Service.
- CVE-2026-33870: HTTP/1.1 Request Smuggling vulnerability in chunked encoding parsing.

Release notes for 4.2.11: netty.io/news/2026/03/24/4-2-1
Release notes for 4.1.132: netty.io/news/2026/03/24/4-1-1

Also of note: We had 17 people contribute to Netty 4.2.11, of which 5 are new first time contributors 😲

#netty #java

##

CVE-2026-33870
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-26T18:48:56

1 posts

## Summary Netty incorrectly parses quoted strings in HTTP/1.1 chunked transfer encoding extension values, enabling request smuggling attacks. ## Background This vulnerability is a new variant discovered during research into the "Funky Chunks" HTTP request smuggling techniques: - <https://w4ke.info/2025/06/18/funky-chunks.html> - <https://w4ke.info/2025/10/29/funky-chunks-2.html> The original

chrisvest@mastodon.social at 2026-03-25T00:33:41.000Z ##

We're released Netty 4.2.11 and 4.1.132. These contain many bug fixes, and fixes for two CVEs both rated *high*:

- CVE-2026-33871: HTTP/2 CONTINUATION frame flood Denial of Service.
- CVE-2026-33870: HTTP/1.1 Request Smuggling vulnerability in chunked encoding parsing.

Release notes for 4.2.11: netty.io/news/2026/03/24/4-2-1
Release notes for 4.1.132: netty.io/news/2026/03/24/4-1-1

Also of note: We had 17 people contribute to Netty 4.2.11, of which 5 are new first time contributors 😲

#netty #java

##

CVE-2026-2995
(7.7 HIGH)

EPSS: 0.02%

updated 2026-03-26T18:31:35

2 posts

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addresses to targeted user accounts due to improper sanitization of HTML content.

thehackerwire@mastodon.social at 2026-03-25T21:02:24.000Z ##

🟠 CVE-2026-2995 - High (7.7)

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addresses to targeted user accounts due to improper...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T20:59:57.000Z ##

🟠 CVE-2026-2995 - High (7.7)

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addresses to targeted user accounts due to improper...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33487
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-26T18:16:30.070000

2 posts

goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the `validateSignature` function in `validate.go` goes through the references in the `SignedInfo` block to find one that matches the signed element's ID. In Go versions before 1.22, or when `go.mod` uses an older version, there is a loop variable capture issue. The code takes the address of the loop variable `_ref`

thehackerwire@mastodon.social at 2026-03-26T21:20:27.000Z ##

🟠 CVE-2026-33487 - High (7.5)

goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the `validateSignature` function in `validate.go` goes through the references in the `SignedInfo` block to find one that matches the signed element's ID. In Go ver...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T21:20:27.000Z ##

🟠 CVE-2026-33487 - High (7.5)

goxmlsig provides XML Digital Signatures implemented in Go. Prior to version 1.6.0, the `validateSignature` function in `validate.go` goes through the references in the `SignedInfo` block to find one that matches the signed element's ID. In Go ver...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4867
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-26T17:16:42.983000

2 posts

Impact: A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period (.). For example, /:a-:b-:c or /:a-:b-:c-:d. The backtrack protection added in path-to-regexp@0.1.12 only prevents ambiguity for two parameters. With three or more, the generated lookahead does not block single separator characters, so captu

thehackerwire@mastodon.social at 2026-03-26T22:00:26.000Z ##

🟠 CVE-2026-4867 - High (7.5)

Impact:

A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period (.). For example, /:a-:b-:c or /:a-:b-:c-:d. The backtrack protection added in path-to-r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:00:26.000Z ##

🟠 CVE-2026-4867 - High (7.5)

Impact:

A bad regular expression is generated any time you have three or more parameters within a single segment, separated by something that is not a period (.). For example, /:a-:b-:c or /:a-:b-:c-:d. The backtrack protection added in path-to-r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3108
(8.0 HIGH)

EPSS: 0.00%

updated 2026-03-26T17:16:41.797000

2 posts

Mattermost versions 11.2.x <= 11.2.2, 10.11.x <= 10.11.10, 11.4.x <= 11.4.0, 11.3.x <= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator terminals via crafted messages containing ANSI and OSC escape sequences that enable screen manipulation, fake prompts, and clipboard hijacking.. Mattermost Advisory ID: MM

thehackerwire@mastodon.social at 2026-03-26T22:01:04.000Z ##

🟠 CVE-2026-3108 - High (8)

Mattermost versions 11.2.x &lt;= 11.2.2, 10.11.x &lt;= 10.11.10, 11.4.x &lt;= 11.4.0, 11.3.x &lt;= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator termin...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:01:04.000Z ##

🟠 CVE-2026-3108 - High (8)

Mattermost versions 11.2.x &lt;= 11.2.2, 10.11.x &lt;= 10.11.10, 11.4.x &lt;= 11.4.0, 11.3.x &lt;= 11.3.1 fail to sanitize user-controlled post content in the mmctl commands terminal output which allows attackers to manipulate administrator termin...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29785
(7.5 HIGH)

EPSS: 0.07%

updated 2026-03-26T17:13:31.983000

2 posts

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled (not default), then anyone who can connect can crash the nats-server by triggering a panic. This happens pre-authentication and requires that compression be enabled (which it is, by default, when leafnodes

thehackerwire@mastodon.social at 2026-03-25T20:21:39.000Z ##

🟠 CVE-2026-29785 - High (7.5)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled (not default), then anyone who can connect can crash ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T20:20:55.000Z ##

🟠 CVE-2026-29785 - High (7.5)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled (not default), then anyone who can connect can crash ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15101
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-26T16:43:20.300000

2 posts

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS router models. This vulnerability potentially allows actions to be performed with the existing privileges of an authenticated user on the affected device, including the ability to execute system commands through unintended mechanisms. Refer to the 'Security Update for ASUS Router F

thehackerwire@mastodon.social at 2026-03-26T23:55:32.000Z ##

🟠 CVE-2025-15101 - High (8.8)

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS router models. This vulnerability potentially allows actions to be performed with the existing privileges of an authenticated use...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:55:32.000Z ##

🟠 CVE-2025-15101 - High (8.8)

A Cross-Site Request Forgery (CSRF) vulnerability has been identified in the Web management interface of certain ASUS router models. This vulnerability potentially allows actions to be performed with the existing privileges of an authenticated use...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33696
(10.0 CRITICAL)

EPSS: 0.46%

updated 2026-03-26T16:41:02

1 posts

## Impact An authenticated user with permission to create or modify workflows could exploit a prototype pollution vulnerability in the GSuiteAdmin node. By supplying a crafted parameter as part of node configuration, an attacker could write attacker-controlled values onto `Object.prototype`. An attacker could use this prototype pollution to achieve remote code execution on the n8n instance. ## Pa

offseq@infosec.exchange at 2026-03-26T00:00:42.000Z ##

🚩 CRITICAL: CVE-2026-33696 in n8n-io n8n (CVSS 9.4) - Prototype pollution enables remote code execution via XML/GSuiteAdmin nodes. Patch to 2.14.1, 2.13.3, or 1.123.27+. Restrict permissions & disable XML node as temp fix. radar.offseq.com/threat/cve-20 #OffSeq #n8n #CVE2026_33696

##

CVE-2026-33932
(7.6 HIGH)

EPSS: 0.03%

updated 2026-03-26T16:27:53.530000

1 posts

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document preview allows an attacker who can upload or send a CCDA document to execute arbitrary JavaScript in a clinician's browser session when the document is previewed. The XSL stylesheet sanitizes attributes f

thehackerwire@mastodon.social at 2026-03-26T01:01:16.000Z ##

🟠 CVE-2026-33932 - High (7.6)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document preview allows an attacker who can upload or send a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29187
(8.1 HIGH)

EPSS: 0.02%

updated 2026-03-26T16:19:59.843000

2 posts

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php). The vulnerability allows an authenticated attacker to execute arbitrary SQL commands by manipulating the HTTP parameter keys rather than the values. Ve

1 repos

https://github.com/ChrisSub08/CVE-2026-29187_SqlInjectionVulnerabilityOpenEMR7.0.4

thehackerwire@mastodon.social at 2026-03-25T23:35:39.000Z ##

🟠 CVE-2026-29187 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php)...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T23:20:27.000Z ##

🟠 CVE-2026-29187 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php)...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34055
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-26T16:16:58.693000

1 posts

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the legacy patient notes functions in `library/pnotes.inc.php` perform updates and deletes using `WHERE id = ?` without verifying that the note belongs to a patient the user is authorized to access. Multiple web UI callers pass user-controlled note IDs directly to thes

thehackerwire@mastodon.social at 2026-03-26T01:00:23.000Z ##

🟠 CVE-2026-34055 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the legacy patient notes functions in `library/pnotes.inc.php` perform updates and deletes using `WHERE id = ?` with...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22790
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-26T16:16:04.967000

2 posts

EVerest is an EV charging software stack. Prior to version 2026.02.0, `HomeplugMessage::setup_payload` trusts `len` after an `assert`; in release builds the check is removed, so oversized SLAC payloads are `memcpy`'d into a ~1497-byte stack buffer, corrupting the stack and enabling remote code execution from network-provided frames. Version 2026.02.0 contains a patch.

thehackerwire@mastodon.social at 2026-03-26T22:21:46.000Z ##

🟠 CVE-2026-22790 - High (8.8)

EVerest is an EV charging software stack. Prior to version 2026.02.0, `HomeplugMessage::setup_payload` trusts `len` after an `assert`; in release builds the check is removed, so oversized SLAC payloads are `memcpy`'d into a ~1497-byte stack buffer...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:21:46.000Z ##

🟠 CVE-2026-22790 - High (8.8)

EVerest is an EV charging software stack. Prior to version 2026.02.0, `HomeplugMessage::setup_payload` trusts `len` after an `assert`; in release builds the check is removed, so oversized SLAC payloads are `memcpy`'d into a ~1497-byte stack buffer...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24068
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-26T15:31:40

2 posts

The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate clients at all. This means that any process can connect to this service using the configured protocol. A malicious process is able to call all the functi

thehackerwire@mastodon.social at 2026-03-26T23:21:00.000Z ##

🟠 CVE-2026-24068 - High (8.8)

The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:21:00.000Z ##

🟠 CVE-2026-24068 - High (8.8)

The VSL privileged helper does utilize NSXPC for IPC. The implementation of the "shouldAcceptNewConnection" function, which is used by the NSXPC framework to validate if a client should be allowed to connect to the XPC listener, does not validate ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4247
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-26T15:31:39

2 posts

When a challenge ACK is to be sent tcp_respond() constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf. If an attacker is either on path with an established TCP connection, or can themselves establish a TCP connection, to an affected FreeBSD machine, they can easily craft and send packets which

thehackerwire@mastodon.social at 2026-03-26T23:21:29.000Z ##

🟠 CVE-2026-4247 - High (7.5)

When a challenge ACK is to be sent tcp_respond() constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf.

If an attacker is either on path with ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:21:29.000Z ##

🟠 CVE-2026-4247 - High (7.5)

When a challenge ACK is to be sent tcp_respond() constructs and sends the challenge ACK and consumes the mbuf that is passed in. When no challenge ACK should be sent the function returns and leaks the mbuf.

If an attacker is either on path with ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4652
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-26T15:31:38

2 posts

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID. An attacker with network access to the NVMe/TCP target can trigger an unauthenticated Denial of Service condition on the affected machine.

thehackerwire@mastodon.social at 2026-03-26T23:55:15.000Z ##

🟠 CVE-2026-4652 - High (7.5)

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID.

An attacker with network access to the NVMe/TCP target can trigger an unauthenticated ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:55:15.000Z ##

🟠 CVE-2026-4652 - High (7.5)

On a system exposing an NVMe/TCP target, a remote client can trigger a kernel panic by sending a CONNECT command for an I/O queue with a bogus or stale CNTLID.

An attacker with network access to the NVMe/TCP target can trigger an unauthenticated ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-55261
(8.1 HIGH)

EPSS: 0.00%

updated 2026-03-26T15:30:48

2 posts

HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data.

thehackerwire@mastodon.social at 2026-03-26T23:00:57.000Z ##

🟠 CVE-2025-55261 - High (8.1)

HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:00:57.000Z ##

🟠 CVE-2025-55261 - High (8.1)

HCL Aftermarket DPC is affected by Missing Functional Level Access Control which will allow attacker to escalate his privileges and may compromise the application and may steal and manipulate the data.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27664
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-26T15:16:34.340000

2 posts

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), SICORE Base system (All versions < V26.10.0). The affected application contains an out-of-bounds write vulnerability while parsing specially crafted XML inputs. This could allow an unauthenticated attacker to exploit this issue by sending a malicious XML request, which may cause the service to c

thehackerwire@mastodon.social at 2026-03-26T22:15:54.000Z ##

🟠 CVE-2026-27664 - High (7.5)

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions &lt; V26.10), SICORE Base system (All versions &lt; V26.10.0). The affected application contains an out-of-bounds write vulnerability while parsing specia...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:15:54.000Z ##

🟠 CVE-2026-27664 - High (7.5)

A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions &lt; V26.10), SICORE Base system (All versions &lt; V26.10.0). The affected application contains an out-of-bounds write vulnerability while parsing specia...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26008
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-26T15:16:32.510000

2 posts

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access (std::vector) that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the network. Version 2026.2.0 contains a patch.

thehackerwire@mastodon.social at 2026-03-26T22:21:27.000Z ##

🟠 CVE-2026-26008 - High (7.5)

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access (std::vector) that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the networ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:21:27.000Z ##

🟠 CVE-2026-26008 - High (7.5)

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have an out-of-bounds access (std::vector) that leads to possible remote crash/memory corruption. This is because the CSMS sends UpdateAllowedEnergyTransferModes over the networ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4747
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-26T15:13:15.790000

2 posts

Each RPCSEC_GSS data packet is validated by a routine which checks a signature in the packet. This routine copies a portion of the packet into a stack buffer, but fails to ensure that the buffer is sufficiently large, and a malicious client can trigger a stack overflow. Notably, this does not require the client to authenticate itself first. As kgssapi.ko's RPCSEC_GSS implementation is vulnerabl

thehackerwire@mastodon.social at 2026-03-26T23:55:23.000Z ##

🟠 CVE-2026-4747 - High (8.8)

Each RPCSEC_GSS data packet is validated by a routine which checks a signature in the packet. This routine copies a portion of the packet into a stack buffer, but fails to ensure that the buffer is sufficiently large, and a malicious client can t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:55:23.000Z ##

🟠 CVE-2026-4747 - High (8.8)

Each RPCSEC_GSS data packet is validated by a routine which checks a signature in the packet. This routine copies a portion of the packet into a stack buffer, but fails to ensure that the buffer is sufficiently large, and a malicious client can t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32680
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-26T15:13:15.790000

2 posts

The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can alter contents of that folder. It may allow a non-administrative user to execute an arbitrary code with SYSTEM privilege.

offseq@infosec.exchange at 2026-03-26T07:30:29.000Z ##

HIGH severity alert: RATOC RAID Monitoring Manager for Windows (<2.00.009.260220) can leave custom install folders with insecure ACLs, letting non-admins run code as SYSTEM. Check permissions & update! CVE-2026-32680 radar.offseq.com/threat/cve-20 #OffSeq #Vuln #Windows #SysAdmin

##
thehackerwire@mastodon.social at 2026-03-26T07:19:40.000Z ##

🟠 CVE-2026-32680 - High (7.8)

The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33660
(0 None)

EPSS: 0.11%

updated 2026-03-26T15:13:15.790000

1 posts

n8n is an open source workflow automation platform. Prior to versions 2.14.1, 2.13.3, and 1.123.26, an authenticated user with permission to create or modify workflows could use the Merge node's "Combine by SQL" mode to read local files on the n8n host and achieve remote code execution. The AlaSQL sandbox did not sufficiently restrict certain SQL statements, allowing an attacker to access sensitiv

offseq@infosec.exchange at 2026-03-26T03:00:33.000Z ##

⚠️ CRITICAL RCE in n8n (CVE-2026-33660): Auth'd users can exploit Merge node SQL to read files & execute code on n8n host. Patch to 2.14.1/2.13.3/1.123.26 ASAP. Limit permissions if you can't patch yet. radar.offseq.com/threat/cve-20 #OffSeq #n8n #infosec #CVE202633660

##

CVE-2026-33526
(0 None)

EPSS: 1.98%

updated 2026-03-26T15:13:15.790000

1 posts

Squid is a caching proxy for the Web. Prior to version 7.5, due to heap Use-After-Free, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Denial of Service attack against the Squid service using ICP protocol. This attack is limited to Squid deployments that explicitly enable ICP support (i.e. configure non

offseq@infosec.exchange at 2026-03-26T01:30:27.000Z ##

🚨 CVE-2026-33526: Critical Use-After-Free in Squid (<7.5) allows remote attackers to crash Squid via ICP traffic. icp_access rules are ineffective. Upgrade to 7.5+ or disable ICP (icp_port=0) ASAP! radar.offseq.com/threat/cve-20 #OffSeq #Squid #Vuln #DoS

##

CVE-2026-20125
(7.7 HIGH)

EPSS: 0.14%

updated 2026-03-26T15:13:15.790000

1 posts

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malformed HTTP req

thehackerwire@mastodon.social at 2026-03-25T22:00:32.000Z ##

🟠 CVE-2026-20125 - High (7.7)

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) conditio...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3857
(8.1 HIGH)

EPSS: 0.01%

updated 2026-03-26T15:13:15.790000

3 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authenticated users due to insufficient CSRF protection.

thehackerwire@mastodon.social at 2026-03-25T20:43:42.000Z ##

🟠 CVE-2026-3857 - High (8.1)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authen...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T20:42:13.000Z ##

🟠 CVE-2026-3857 - High (8.1)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authen...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T20:21:07.000Z ##

🟠 CVE-2026-3857 - High (8.1)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authen...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32530
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-26T14:16:11.603000

2 posts

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through <= 1.1.18.

thehackerwire@mastodon.social at 2026-03-27T00:00:25.000Z ##

🟠 CVE-2026-32530 - High (8.8)

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through &lt;= 1.1.18.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-27T00:00:25.000Z ##

🟠 CVE-2026-32530 - High (8.8)

Incorrect Privilege Assignment vulnerability in WPFunnels Creator LMS creatorlms allows Privilege Escalation.This issue affects Creator LMS: from n/a through &lt;= 1.1.18.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32523
(9.9 CRITICAL)

EPSS: 0.02%

updated 2026-03-26T14:16:11.417000

2 posts

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through <= 6.9.2.

thehackerwire@mastodon.social at 2026-03-27T00:01:19.000Z ##

🔴 CVE-2026-32523 - Critical (9.9)

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through &lt;= 6.9.2.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-27T00:01:19.000Z ##

🔴 CVE-2026-32523 - Critical (9.9)

Unrestricted Upload of File with Dangerous Type vulnerability in denishua WPJAM Basic wpjam-basic allows Using Malicious Files.This issue affects WPJAM Basic: from n/a through &lt;= 6.9.2.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2511
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-26T14:16:10.017000

2 posts

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the `multiformid` parameter in the `storeTickets()` function in all versions up to, and including, 3.0.4. This is due to the user-supplied `multiformid` value being passed to `esc_sql()` without enclosing the result in quotes in the SQL query, rendering the escaping ineffective against

thehackerwire@mastodon.social at 2026-03-26T23:00:47.000Z ##

🟠 CVE-2026-2511 - High (7.5)

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the `multiformid` parameter in the `storeTickets()` function in all versions up to, and including, 3.0.4. This is due to the user-su...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:00:47.000Z ##

🟠 CVE-2026-2511 - High (7.5)

The JS Help Desk – AI-Powered Support & Ticketing System plugin for WordPress is vulnerable to SQL Injection via the `multiformid` parameter in the `storeTickets()` function in all versions up to, and including, 3.0.4. This is due to the user-su...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33017
(9.8 CRITICAL)

EPSS: 6.14%

updated 2026-03-26T13:26:16.393000

8 posts

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions prior to 1.9.0, the POST /api/v1/build_public_tmp/{flow_id}/flow endpoint allows building public flows without requiring authentication. When the optional data parameter is supplied, the endpoint uses attacker-controlled flow data (containing arbitrary Python code in node definitions) instead of the stored f

4 repos

https://github.com/omer-efe-curkus/CVE-2026-33017-Langflow-RCE-PoC

https://github.com/MaxMnMl/langflow-CVE-2026-33017-poc

https://github.com/SimoesCTT/Sovereign-Echo-33017

https://github.com/rootdirective-sec/CVE-2026-33017-Lab

secdb at 2026-03-26T22:21:34.642Z ##

🚨 [CISA-2026:0325] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-33017 (secdb.nttzen.cloud/cve/detail/)
- Name: Langflow Code Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: github.com/langflow-ai/langflo ; nvd.nist.gov/vuln/detail/CVE-2

##
gtronix at 2026-03-26T20:01:42.890Z ##

"CISA: New Langflow flaw actively exploited to hijack AI workflows"

"[...] The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agents."

bleepingcomputer.com/news/secu

##
undercodenews@mastodon.social at 2026-03-26T19:56:44.000Z ##

Critical Langflow Vulnerability Exploited by Hackers, CISA Warns

A newly discovered flaw in the popular AI workflow tool Langflow is causing alarm in cybersecurity circles. The Cybersecurity and Infrastructure Security Agency (CISA) has issued a high-priority warning about CVE-2026-33017, a critical vulnerability that allows hackers to execute arbitrary code remotely. With Langflow widely used by AI developers worldwide, the flaw represents a serious threat to…

undercodenews.com/critical-lan

##
thegeektribune@mastodon.social at 2026-03-26T17:46:13.000Z ##

CVE-2026-33017: Unauthenticated RCE in Langflow’s Public Flow Endpoint Explained…
#technology #thegeektribune
hackernoon.com/cve-2026-33017-

##
secdb@infosec.exchange at 2026-03-26T22:21:34.000Z ##

🚨 [CISA-2026:0325] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-33017 (secdb.nttzen.cloud/cve/detail/)
- Name: Langflow Code Injection Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Langflow
- Product: Langflow
- Notes: github.com/langflow-ai/langflo ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260325 #cisa20260325 #cve_2026_33017 #cve202633017

##
gtronix@infosec.exchange at 2026-03-26T20:01:42.000Z ##

"CISA: New Langflow flaw actively exploited to hijack AI workflows"

"[...] The Cybersecurity and Infrastructure Security Agency (CISA) is warning that hackers are actively exploiting a critical vulnerability identified as CVE-2026-33017, which affects the Langflow framework for building AI agents."

bleepingcomputer.com/news/secu

#Cybersecurity

##
cisakevtracker@mastodon.social at 2026-03-25T18:00:49.000Z ##

CVE ID: CVE-2026-33017
Vendor: Langflow
Product: Langflow
Date Added: 2026-03-25
Notes: github.com/langflow-ai/langflo ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##
AAKL@infosec.exchange at 2026-03-25T17:45:20.000Z ##

CISA has updated the KEV catalogue.

- CVE-2026-33017: Langflow Code Injection Vulnerability cve.org/CVERecord?id=CVE-2026- #CISA #infosec #vulnerability

##

CVE-2026-4700
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-26T13:16:30.367000

1 posts

Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

thehackerwire@mastodon.social at 2026-03-24T23:00:21.000Z ##

🔴 CVE-2026-4700 - Critical (9.8)

Mitigation bypass in the Networking: HTTP component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33344
(8.1 HIGH)

EPSS: 0.02%

updated 2026-03-26T13:03:13.500000

1 posts

Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0 to before version 2.3.1, the fix for CVE-2026-27598 added ValidateDAGName to CreateNewDAG and rewrote generateFilePath to use filepath.Base. This patched the CREATE path. The remaining API endpoints - GET, DELETE, RENAME, EXECUTE - all pass the {fileName} URL path parameter to locateDAG without calling ValidateDAGName

thehackerwire@mastodon.social at 2026-03-24T20:29:21.000Z ##

🟠 CVE-2026-33344 - High (8.1)

Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0 to before version 2.3.1, the fix for CVE-2026-27598 added ValidateDAGName to CreateNewDAG and rewrote generateFilePath to use filepath.Base. This patched the CREATE p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4862
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-26T12:30:35

2 posts

A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file /goform/formConfigDnsFilterGlobal of the component Parameter Handler. Such manipulation of the argument GroupName leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.

thehackerwire@mastodon.social at 2026-03-26T23:21:12.000Z ##

🟠 CVE-2026-4862 - High (8.8)

A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file /goform/formConfigDnsFilterGlobal of the component Parameter Handler. Such manipulation of the argument Gr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:21:12.000Z ##

🟠 CVE-2026-4862 - High (8.8)

A security vulnerability has been detected in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file /goform/formConfigDnsFilterGlobal of the component Parameter Handler. Such manipulation of the argument Gr...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4809
(9.8 CRITICAL)

EPSS: 0.39%

updated 2026-03-26T12:30:35

4 posts

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can submit a file containing executable PHP code while declaring a benign image MIME type, resulting in arbitrary file upload. If the uploaded file is stored

thehackerwire@mastodon.social at 2026-03-26T23:20:52.000Z ##

🔴 CVE-2026-4809 - Critical (9.8)

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq at 2026-03-26T21:00:17.116Z ##

🚨 CRITICAL vuln in plank/laravel-mediable <=6.4.0 (CVE-2026-4809): attackers can upload malicious PHP files by spoofing MIME types. No patch yet. Disable client MIME trust & enforce server-side checks! Details: radar.offseq.com/threat/cve-20

##
thehackerwire@mastodon.social at 2026-03-26T23:20:52.000Z ##

🔴 CVE-2026-4809 - Critical (9.8)

plank/laravel-mediable through version 6.4.0 can allow upload of a dangerous file type when an application using the package accepts or prefers a client-supplied MIME type during file upload handling. In that configuration, a remote attacker can s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-03-26T21:00:17.000Z ##

🚨 CRITICAL vuln in plank/laravel-mediable <=6.4.0 (CVE-2026-4809): attackers can upload malicious PHP files by spoofing MIME types. No patch yet. Disable client MIME trust & enforce server-side checks! Details: radar.offseq.com/threat/cve-20 #OffSeq #CVE20264809 #Laravel #RCE

##

CVE-2026-4861
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-26T09:30:34

2 posts

A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /cgi-bin/nas.cgi. This manipulation of the argument Content-Length causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but di

thehackerwire@mastodon.social at 2026-03-26T23:21:20.000Z ##

🟠 CVE-2026-4861 - High (8.8)

A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /cgi-bin/nas.cgi. This manipulation of the argument Content-Length causes stack-based buffer overflow. The attack can be initiat...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:21:20.000Z ##

🟠 CVE-2026-4861 - High (8.8)

A weakness has been identified in Wavlink WL-NU516U1 260227. This vulnerability affects the function ftext of the file /cgi-bin/nas.cgi. This manipulation of the argument Content-Length causes stack-based buffer overflow. The attack can be initiat...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28760
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-26T09:30:33

2 posts

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege.

offseq@infosec.exchange at 2026-03-26T09:00:28.000Z ##

🛡️ HIGH-severity: CVE-2026-28760 in RATOC RAID Monitoring Manager for Windows (<2.00.009.260220) allows DLL hijacking — local attackers may run code as admin. Patch ASAP, restrict installer access, and audit installs. radar.offseq.com/threat/cve-20 #OffSeq #infosec #vuln #windows

##
thehackerwire@mastodon.social at 2026-03-26T07:19:31.000Z ##

🟠 CVE-2026-28760 - High (7.8)

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4840
(8.8 HIGH)

EPSS: 0.15%

updated 2026-03-26T06:30:27

2 posts

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. The

offseq@infosec.exchange at 2026-03-26T06:00:30.000Z ##

🔥 CVE-2026-4840: HIGH-severity OS command injection in Netcore Power 15AX (≤3.0.0.6938). No patch, public exploit out. Remote code execution possible — immediate mitigation needed! Full compromise risk. Details: radar.offseq.com/threat/cve-20 #OffSeq #Netcore #Security #CVE20264840

##
thehackerwire@mastodon.social at 2026-03-26T05:17:52.000Z ##

🟠 CVE-2026-4840 - High (8.8)

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr res...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2931
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-26T06:30:27

1 posts

The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with customer-level permissions or above to change user passwords and potentially

thehackerwire@mastodon.social at 2026-03-26T05:18:02.000Z ##

🟠 CVE-2026-2931 - High (8.8)

The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and acce...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4484
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-03-26T03:30:34

1 posts

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepare_object_for_database' function. This makes it possible for authenticated attackers, with Student-level access and above, to elevate their privileges to that of an admini

thehackerwire@mastodon.social at 2026-03-26T03:00:03.000Z ##

🔴 CVE-2026-4484 - Critical (9.8)

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepare_object_for_data...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4758
(8.8 HIGH)

EPSS: 0.25%

updated 2026-03-26T00:31:03

1 posts

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code exec

thehackerwire@mastodon.social at 2026-03-26T01:00:42.000Z ##

🟠 CVE-2026-4758 - High (8.8)

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possibl...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-33248
(7.8 HIGH)

EPSS: 0.05%

updated 2026-03-25T21:58:36.280000

1 posts

NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.

thehackerwire@mastodon.social at 2026-03-24T22:06:32.000Z ##

🟠 CVE-2025-33248 - High (7.8)

NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalati...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24151
(7.8 HIGH)

EPSS: 0.05%

updated 2026-03-25T21:57:49.383000

1 posts

NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may cause an RCE by convincing a user to load a maliciously crafted input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.

thehackerwire@mastodon.social at 2026-03-24T22:01:27.000Z ##

🟠 CVE-2026-24151 - High (7.8)

NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may cause an RCE by convincing a user to load a maliciously crafted input. A successful exploit of this vulnerability may lead to code execution, escalation of privileges...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33286
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-03-25T21:33:33

1 posts

### Summary An arbitrary method execution vulnerability has been found which affects Graphiti's JSONAPI write functionality. An attacker can craft a malicious JSONAPI payload with arbitrary relationship names to invoke any public method on the underlying model instance, class or its associations. ### Impact Any application exposing Graphiti write endpoints (create/update/delete) to untrusted us

Matchbook3469@mastodon.social at 2026-03-26T22:57:38.000Z ##

🔴 New security advisory:

CVE-2026-33286 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #ZeroDay #ThreatIntel

##

CVE-2026-32536
(10.0 CRITICAL)

EPSS: 0.04%

updated 2026-03-25T21:31:40

1 posts

Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a through <= 2.08.

thehackerwire@mastodon.social at 2026-03-25T21:43:40.000Z ##

🔴 CVE-2026-32536 - Critical (9.9)

Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green Downloads halfdata-paypal-green-downloads allows Using Malicious Files.This issue affects Green Downloads: from n/a through &lt;= 2.08.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32538
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-25T21:31:39

1 posts

Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp-mailer allows Retrieve Embedded Sensitive Data.This issue affects SMTP Mailer: from n/a through <= 1.1.24.

thehackerwire@mastodon.social at 2026-03-25T21:44:23.000Z ##

🟠 CVE-2026-32538 - High (7.5)

Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMTP Mailer smtp-mailer allows Retrieve Embedded Sensitive Data.This issue affects SMTP Mailer: from n/a through &lt;= 1.1.24.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32537
(7.5 HIGH)

EPSS: 0.11%

updated 2026-03-25T21:31:39

1 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Portfolio, Photo Gallery & Post Grid: from n/a through <= 3.5.1.

thehackerwire@mastodon.social at 2026-03-25T21:43:49.000Z ##

🟠 CVE-2026-32537 - High (7.5)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in nK Visual Portfolio, Photo Gallery & Post Grid visual-portfolio allows PHP Local File Inclusion.This issue affects Visual Port...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32546
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-25T21:31:39

2 posts

Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through <= 3.2.22.

thehackerwire@mastodon.social at 2026-03-25T20:44:00.000Z ##

🟠 CVE-2026-32546 - High (7.5)

Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through &lt;= 3.2.22.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T20:42:31.000Z ##

🟠 CVE-2026-32546 - High (7.5)

Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through &lt;= 3.2.22.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20687
(7.1 HIGH)

EPSS: 0.01%

updated 2026-03-25T21:31:33

1 posts

A use after free issue was addressed with improved memory management. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, tvOS 26.4, watchOS 26.4. An app may be able to cause unexpected system termination or write kernel memory.

1 repos

https://github.com/zeroxjf/CVE-2026-20687-AppleSEPKeyStore-UAF

offseq@infosec.exchange at 2026-03-25T03:00:30.000Z ##

CVE-2026-20687 (CRITICAL): Use-after-free in Apple iOS/iPadOS/macOS/tvOS/watchOS lets malicious apps crash devices or write kernel memory. Patch to iOS/iPadOS 18.7.7/26.4, macOS Sequoia 15.7.5, Tahoe 26.4+ ASAP. radar.offseq.com/threat/cve-20 #OffSeq #AppleSecurity #InfoSec

##

CVE-2026-32573
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-03-25T21:30:36

2 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through <= 8.2.7.

offseq@infosec.exchange at 2026-03-26T04:30:28.000Z ##

🚨 CRITICAL: CVE-2026-32573 in Nelio AB Testing plugin (≤8.2.7) enables code injection on WordPress sites. No active exploits, but risk of remote code execution. Monitor for patches & harden configs. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Vuln

##
thehackerwire@mastodon.social at 2026-03-25T20:42:40.000Z ##

🔴 CVE-2026-32573 - Critical (9.1)

Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through &lt;= 8.2.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32539
(9.3 CRITICAL)

EPSS: 0.03%

updated 2026-03-25T21:30:36

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PublishPress PublishPress Revisions revisionary allows Blind SQL Injection.This issue affects PublishPress Revisions: from n/a through <= 3.7.23.

thehackerwire@mastodon.social at 2026-03-25T20:42:49.000Z ##

🔴 CVE-2026-32539 - Critical (9.3)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PublishPress PublishPress Revisions revisionary allows Blind SQL Injection.This issue affects PublishPress Revisions: from n/a through &lt;= 3.7.23.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32513
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-25T21:30:35

1 posts

Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through <= 6.1.7.

thehackerwire@mastodon.social at 2026-03-25T21:44:41.000Z ##

🟠 CVE-2026-32513 - High (8.8)

Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through &lt;= 6.1.7.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25366
(10.0 CRITICAL)

EPSS: 0.05%

updated 2026-03-25T21:30:35

1 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through <= 2.7.1.

thehackerwire@mastodon.social at 2026-03-25T21:00:18.000Z ##

🔴 CVE-2026-25366 - Critical (9.9)

Improper Control of Generation of Code ('Code Injection') vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through &lt;= 2.7.1.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32525
(10.0 CRITICAL)

EPSS: 0.05%

updated 2026-03-25T21:30:35

1 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through <= 3.5.6.1.

thehackerwire@mastodon.social at 2026-03-25T20:42:58.000Z ##

🔴 CVE-2026-32525 - Critical (9.9)

Improper Control of Generation of Code ('Code Injection') vulnerability in jetmonsters JetFormBuilder jetformbuilder allows Code Injection.This issue affects JetFormBuilder: from n/a through &lt;= 3.5.6.1.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4719
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-25T21:30:28

1 posts

Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

thehackerwire@mastodon.social at 2026-03-24T23:00:10.000Z ##

🟠 CVE-2026-4719 - High (7.5)

Incorrect boundary conditions in the Graphics: Text component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4705
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-25T21:30:27

1 posts

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

thehackerwire@mastodon.social at 2026-03-24T23:15:09.000Z ##

🔴 CVE-2026-4705 - Critical (9.8)

Undefined behavior in the WebRTC: Signaling component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32534
(8.5 HIGH)

EPSS: 0.03%

updated 2026-03-25T21:16:44.673000

1 posts

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through <= 3.0.3.

thehackerwire@mastodon.social at 2026-03-25T21:43:30.000Z ##

🟠 CVE-2026-32534 - High (8.5)

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in JoomSky JS Help Desk js-support-ticket allows Blind SQL Injection.This issue affects JS Help Desk: from n/a through &lt;= 3.0.3.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32531
(8.1 HIGH)

EPSS: 0.11%

updated 2026-03-25T21:16:44.300000

1 posts

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kunco kunco allows PHP Local File Inclusion.This issue affects Kunco: from n/a through < 1.4.5.

thehackerwire@mastodon.social at 2026-03-25T21:44:32.000Z ##

🟠 CVE-2026-32531 - High (8.1)

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in gavias Kunco kunco allows PHP Local File Inclusion.This issue affects Kunco: from n/a through &lt; 1.4.5.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33671
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-25T21:12:09

2 posts

### Impact `picomatch` is vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `+()` and `*()`, especially when combined with overlapping alternatives or nested extglobs, are compiled into regular expressions that can exhibit catastrophic backtracking on non-matching input. Examples of problematic p

thehackerwire@mastodon.social at 2026-03-26T22:19:23.000Z ##

🟠 CVE-2026-33671 - High (7.5)

Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:19:23.000Z ##

🟠 CVE-2026-33671 - High (7.5)

Picomatch is a glob matcher written JavaScript. Versions prior to 4.0.4, 3.0.2, and 2.3.2 are vulnerable to Regular Expression Denial of Service (ReDoS) when processing crafted extglob patterns. Certain patterns using extglob quantifiers such as `...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33497(CVSS UNKNOWN)

EPSS: 0.01%

updated 2026-03-25T20:54:06

1 posts

### Summary In the download_profile_picture function of the /profile_pictures/{folder_name}/{file_name} endpoint, the folder_name and file_name parameters are not strictly filtered, which allows the secret_key to be read across directories. ### Details src/backend/base/langflow/api/v1/files.py ![image](https://github.com/user-attachments/assets/19bc387c-93d8-475b-bab0-2675669c1c36) storage loca

thehackerwire@mastodon.social at 2026-03-24T21:00:15.000Z ##

🟠 CVE-2026-33497 - High (7.5)

Langflow is a tool for building and deploying AI-powered agents and workflows. Prior to version 1.7.1, in the download_profile_picture function of the /profile_pictures/{folder_name}/{file_name} endpoint, the folder_name and file_name parameters a...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33484
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-25T20:53:48

1 posts

### Summary The `/api/v1/files/images/{flow_id}/{file_name}` endpoint serves image files without any authentication or ownership check. Any unauthenticated request with a known flow_id and file_name returns the image with HTTP 200. ### Details `src/backend/base/langflow/api/v1/files.py:138-164` — `download_image` takes `flow_id`: UUID as a bare path parameter with no Depends(get_flow) or `Current

thehackerwire@mastodon.social at 2026-03-24T21:00:04.000Z ##

🟠 CVE-2026-33484 - High (7.5)

Langflow is a tool for building and deploying AI-powered agents and workflows. In versions 1.0.0 through 1.8.1, the `/api/v1/files/images/{flow_id}/{file_name}` endpoint serves image files without any authentication or ownership check. Any unauthe...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33418
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-25T20:53:42

1 posts

## Summary The `ensureSize()` function in `@dicebear/converter` used a regex-based approach to rewrite SVG `width`/`height` attributes, capping them at 2048px to prevent denial of service. This size capping could be bypassed by crafting SVG input that causes the regex to match a non-functional occurrence of `<svg` before the actual SVG root element. When the SVG is subsequently rendered via `@res

thehackerwire@mastodon.social at 2026-03-24T20:15:52.000Z ##

🟠 CVE-2026-33418 - High (7.5)

DiceBear is an avatar library for designers and developers. Prior to version 9.4.2, the `ensureSize()` function in `@dicebear/converter` used a regex-based approach to rewrite SVG `width`/`height` attributes, capping them at 2048px to prevent deni...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33316
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-25T20:53:33

1 posts

### Summary A flaw in Vikunja’s password reset logic allows disabled users to regain access to their accounts. The `ResetPassword()` function sets the user’s status to `StatusActive` after a successful password reset without verifying whether the account was previously disabled. By requesting a reset token through `/api/v1/user/password/token` and completing the reset via `/api/v1/user/password/r

thehackerwire@mastodon.social at 2026-03-24T20:29:39.000Z ##

🟠 CVE-2026-33316 - High (8.1)

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.0, a flaw in Vikunja’s password reset logic allows disabled users to regain access to their accounts. The `ResetPassword()` function sets the user’s status to...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33310
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-25T20:52:31

1 posts

### Summary The shell() syntax within parameter default values appears to be automatically expanded during the catalog parsing process. If a catalog contains a parameter default such as shell(<command>), the command may be executed when the catalog source is accessed. This means that if a user loads a malicious catalog YAML, embedded commands could execute on the host system. This behavior could p

thehackerwire@mastodon.social at 2026-03-24T20:15:43.000Z ##

🟠 CVE-2026-33310 - High (8.8)

Intake is a package for finding, investigating, loading and disseminating data. Prior to version 2.0.9, the shell() syntax within parameter default values appears to be automatically expanded during the catalog parsing process. If a catalog contai...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4723
(9.8 CRITICAL)

EPSS: 0.01%

updated 2026-03-25T20:16:37.603000

1 posts

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Thunderbird < 149.

thehackerwire@mastodon.social at 2026-03-24T21:10:54.000Z ##

🔴 CVE-2026-4723 - Critical (9.8)

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox &lt; 149.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4716
(9.1 CRITICAL)

EPSS: 0.02%

updated 2026-03-25T20:16:37.020000

1 posts

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

thehackerwire@mastodon.social at 2026-03-24T22:53:07.000Z ##

🔴 CVE-2026-4716 - Critical (9.1)

Incorrect boundary conditions, uninitialized memory in the JavaScript Engine component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27044
(9.9 CRITICAL)

EPSS: 0.05%

updated 2026-03-25T20:16:26.917000

2 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Remote Code Inclusion.This issue affects Total Poll Lite: from n/a through <= 4.12.0.

thehackerwire@mastodon.social at 2026-03-25T21:02:33.000Z ##

🔴 CVE-2026-27044 - Critical (9.9)

Improper Control of Generation of Code ('Code Injection') vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Remote Code Inclusion.This issue affects Total Poll Lite: from n/a through &lt;= 4.12.0.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T21:00:06.000Z ##

🔴 CVE-2026-27044 - Critical (9.9)

Improper Control of Generation of Code ('Code Injection') vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Remote Code Inclusion.This issue affects Total Poll Lite: from n/a through &lt;= 4.12.0.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25447
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-03-25T20:16:26.740000

2 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a through <= 2.3.9.

thehackerwire@mastodon.social at 2026-03-25T21:02:44.000Z ##

🔴 CVE-2026-25447 - Critical (9.1)

Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a through &lt;= 2.3.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T21:00:16.000Z ##

🔴 CVE-2026-25447 - Critical (9.1)

Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a through &lt;= 2.3.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25001
(8.5 HIGH)

EPSS: 0.05%

updated 2026-03-25T20:16:26.370000

1 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Saad Iqbal Post Snippets post-snippets allows Remote Code Inclusion.This issue affects Post Snippets: from n/a through <= 4.0.12.

thehackerwire@mastodon.social at 2026-03-25T21:00:28.000Z ##

🟠 CVE-2026-25001 - High (8.5)

Improper Control of Generation of Code ('Code Injection') vulnerability in Saad Iqbal Post Snippets post-snippets allows Remote Code Inclusion.This issue affects Post Snippets: from n/a through &lt;= 4.0.12.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33686
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-25T20:01:05

2 posts

### Summary A path traversal vulnerability exists in the FileUtil class of the code16/sharp package. The application fails to sanitize file extensions properly, allowing path separators to be passed into the storage layer. ### Detail In `src/Utils/FileUtil.php`, the `FileUtil::explodeExtension()` function extracts a file's extension by splitting the filename at the last dot. However, the extracte

thehackerwire@mastodon.social at 2026-03-26T22:18:08.000Z ##

🟠 CVE-2026-33686 - High (8.8)

Sharp is a content management framework built for Laravel as a package. Versions prior to 9.20.0 have a path traversal vulnerability in the FileUtil class. The application fails to sanitize file extensions properly, allowing path separators to be...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:18:08.000Z ##

🟠 CVE-2026-33686 - High (8.8)

Sharp is a content management framework built for Laravel as a package. Versions prior to 9.20.0 have a path traversal vulnerability in the FileUtil class. The application fails to sanitize file extensions properly, allowing path separators to be...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33687
(8.8 HIGH)

EPSS: 0.00%

updated 2026-03-25T20:00:24

2 posts

### Summary The `code16/sharp` Laravel admin panel package contains a vulnerability in its file upload endpoint that allows authenticated users to bypass all file type restrictions. ### Details The upload endpoint within the `ApiFormUploadController` accepts a client-controlled `validation_rule` parameter. This parameter is directly passed into the Laravel validator without sufficient server-sid

thehackerwire@mastodon.social at 2026-03-26T22:18:17.000Z ##

🟠 CVE-2026-33687 - High (8.8)

Sharp is a content management framework built for Laravel as a package. Versions prior to 9.20.0 contain a vulnerability in the file upload endpoint that allows authenticated users to bypass all file type restrictions. The upload endpoint within t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:18:17.000Z ##

🟠 CVE-2026-33687 - High (8.8)

Sharp is a content management framework built for Laravel as a package. Versions prior to 9.20.0 contain a vulnerability in the file upload endpoint that allows authenticated users to bypass all file type restrictions. The upload endpoint within t...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33673
(7.7 HIGH)

EPSS: 0.00%

updated 2026-03-25T19:41:50

4 posts

### Impact Multiple stored Cross-Site Scripting (stored XSS) vulnerabilities in the BO: an attacker who can inject data into the database, via limited back-office access or a previously existing vulnerability, can exploit unprotected variables in back-office templates. ### Patches Patched on 8.2.5 and 9.1.0 ### Workarounds None ### References None

thehackerwire@mastodon.social at 2026-03-26T22:20:57.000Z ##

🟠 CVE-2026-33673 - High (7.6)

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting (stored XSS) vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-of...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:19:33.000Z ##

🟠 CVE-2026-33673 - High (7.6)

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting (stored XSS) vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-of...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:20:57.000Z ##

🟠 CVE-2026-33673 - High (7.6)

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting (stored XSS) vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-of...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:19:33.000Z ##

🟠 CVE-2026-33673 - High (7.6)

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting (stored XSS) vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-of...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33670
(9.8 CRITICAL)

EPSS: 0.00%

updated 2026-03-25T19:38:01

4 posts

### Details The /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. ### PoC ```python #!/usr/bin/env python3 """POC: SiYuan /api/file/readDir 未鉴权目录遍历""" import requests, json, sys def poc(target): base = target.rstrip("/") url = f"{base}/api/file/readDir" def read_dir(path, depth=0, max_depth=4): try:

offseq at 2026-03-26T22:30:12.004Z ##

🚨 CRITICAL: CVE-2026-33670 in SiYuan (<3.6.2) lets remote attackers exploit /api/file/readDir for path traversal, exposing sensitive files. Patch to 3.6.2+ ASAP! Details: radar.offseq.com/threat/cve-20

##
thehackerwire@mastodon.social at 2026-03-26T22:19:14.000Z ##

🔴 CVE-2026-33670 - Critical (9.8)

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. Version 3.6.2 patches the issue.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-03-26T22:30:12.000Z ##

🚨 CRITICAL: CVE-2026-33670 in SiYuan (<3.6.2) lets remote attackers exploit /api/file/readDir for path traversal, exposing sensitive files. Patch to 3.6.2+ ASAP! Details: radar.offseq.com/threat/cve-20 #OffSeq #vuln #infosec #SiYuan

##
thehackerwire@mastodon.social at 2026-03-26T22:19:14.000Z ##

🔴 CVE-2026-33670 - Critical (9.8)

SiYuan is a personal knowledge management system. Prior to version 3.6.2, the /api/file/readDir interface was used to traverse and retrieve the file names of all documents under a notebook. Version 3.6.2 patches the issue.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33661
(8.6 HIGH)

EPSS: 0.00%

updated 2026-03-25T19:30:09

2 posts

## Summary The `verify_wechat_sign()` function in `src/Functions.php` unconditionally **skips all signature verification** when the PSR-7 request reports `localhost` as the host. An attacker can exploit this by sending a crafted HTTP request to the WeChat Pay callback endpoint with a `Host: localhost` header, bypassing the RSA signature check entirely. This allows forging fake WeChat Pay payment

thehackerwire@mastodon.social at 2026-03-26T22:19:43.000Z ##

🟠 CVE-2026-33661 - High (8.6)

Pay is an open-source payment SDK extension package for various Chinese payment services. Prior to version 3.7.20, the `verify_wechat_sign()` function in `src/Functions.php` unconditionally skips all signature verification when the PSR-7 request r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:19:43.000Z ##

🟠 CVE-2026-33661 - High (8.6)

Pay is an open-source payment SDK extension package for various Chinese payment services. Prior to version 3.7.20, the `verify_wechat_sign()` function in `src/Functions.php` unconditionally skips all signature verification when the PSR-7 request r...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4712
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-25T19:16:52.517000

1 posts

Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

thehackerwire@mastodon.social at 2026-03-24T22:19:54.000Z ##

🟠 CVE-2026-4712 - High (7.5)

Information disclosure in the Widget: Cocoa component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4704
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-25T19:16:52.327000

1 posts

Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox < 149, Firefox ESR < 140.9, Thunderbird < 149, and Thunderbird < 140.9.

thehackerwire@mastodon.social at 2026-03-24T23:02:43.000Z ##

🟠 CVE-2026-4704 - High (7.5)

Denial-of-service in the WebRTC: Signaling component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3988
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-25T18:32:08

3 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance unresponsive due to improper input validation in GraphQL request processing.

thehackerwire@mastodon.social at 2026-03-25T20:43:51.000Z ##

🟠 CVE-2026-3988 - High (7.5)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T20:42:22.000Z ##

🟠 CVE-2026-3988 - High (7.5)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T20:21:17.000Z ##

🟠 CVE-2026-3988 - High (7.5)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20012
(8.6 HIGH)

EPSS: 0.10%

updated 2026-03-25T18:31:51

1 posts

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition on an affected device. This vulnerab

thehackerwire@mastodon.social at 2026-03-25T23:00:33.000Z ##

🟠 CVE-2026-20012 - High (8.6)

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could al...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20084
(8.6 HIGH)

EPSS: 0.11%

updated 2026-03-25T18:31:51

1 posts

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service (DoS) condition. This vulnerability is due to improper handling of BOOTP packets on Cisco Catalyst 9000 Series Switches. An attacker could exploit this vulnerability by sending BOOTP request p

thehackerwire@mastodon.social at 2026-03-25T22:00:41.000Z ##

🟠 CVE-2026-20084 - High (8.6)

A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause BOOTP packets to be forwarded between VLANs, resulting in a denial of service (DoS) condition.

This vulnerability is...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26832
(9.8 CRITICAL)

EPSS: 0.19%

updated 2026-03-25T18:31:51

1 posts

node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize() function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a shell command string and passed to child_process.exec() without proper sanitization

1 repos

https://github.com/zebbernCVE/CVE-2026-26832

thehackerwire@mastodon.social at 2026-03-25T21:00:38.000Z ##

🔴 CVE-2026-26832 - Critical (9.8)

node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize() function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a s...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20086
(8.6 HIGH)

EPSS: 0.10%

updated 2026-03-25T18:31:47

1 posts

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of a malformed CAPWAP packet. An attacker could exploi

thehackerwire@mastodon.social at 2026-03-25T23:00:24.000Z ##

🟠 CVE-2026-20086 - High (8.6)

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-32991
(9.1 CRITICAL)

EPSS: 0.21%

updated 2026-03-25T18:31:46

1 posts

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution.

thehackerwire@mastodon.social at 2026-03-26T00:00:25.000Z ##

🔴 CVE-2025-32991 - Critical (9)

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3608
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-25T18:16:32.853000

1 posts

Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2.

offseq@infosec.exchange at 2026-03-25T10:30:31.000Z ##

🚨 CVE-2026-3608: HIGH-severity vuln in ISC Kea DHCP (2.6.0 – 2.6.4, 3.0.0 – 3.0.2). Remote attackers can crash daemons, causing DoS. Restrict API/HA access, monitor traffic, and prep failover. Details: radar.offseq.com/threat/cve-20 #OffSeq #CVE #DHCP #Infosec

##

CVE-2026-33287
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-25T17:44:24

1 posts

### Summary The `replace_first` filter in LiquidJS uses JavaScript's `String.prototype.replace()` which interprets `$&` as a backreference to the matched substring. The filter only charges `memoryLimit` for the input string length, not the amplified output. An attacker can achieve exponential memory amplification (up to 625,000:1) while staying within the `memoryLimit` budget, leading to denial of

thehackerwire@mastodon.social at 2026-03-26T01:36:13.000Z ##

🟠 CVE-2026-33287 - High (7.5)

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, the `replace_first` filter in LiquidJS uses JavaScript's `String.prototype.replace()` which interprets `$&` as a back reference to the ma...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33285
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-25T17:40:53

1 posts

### Summary LiquidJS's `memoryLimit` security mechanism can be completely bypassed by using reverse range expressions (e.g., `(100000000..1)`), allowing an attacker to allocate unlimited memory. Combined with a string flattening operation (e.g., `replace` filter), this causes a **V8 Fatal error that crashes the Node.js process**, resulting in complete denial of service from a single HTTP request.

thehackerwire@mastodon.social at 2026-03-26T01:18:13.000Z ##

🟠 CVE-2026-33285 - High (7.5)

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, LiquidJS's `memoryLimit` security mechanism can be completely bypassed by using reverse range expressions (e.g., `(100000000..1)`), allow...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27889
(7.5 HIGH)

EPSS: 0.07%

updated 2026-03-25T17:07:53

1 posts

### Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. When using WebSockets, a malicious client can trigger a server crash with crafted frames, before authentication. ### Problem Description A missing sanity check on a WebSockets frame could trigger a server panic in the nats-server. Th

thehackerwire@mastodon.social at 2026-03-25T20:20:56.000Z ##

🟠 CVE-2026-27889 - High (7.5)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Starting in version 2.2.0 and prior to versions 2.11.14 and 2.12.5, a missing sanity check on a WebSockets frame could trigger a server panic in the na...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2417
(0 None)

EPSS: 0.10%

updated 2026-03-25T15:41:58.280000

1 posts

A Missing Authentication for Critical Function vulnerability in Pharos Controls Mosaic Show Controller firmware version 2.15.3 could allow an unauthenticated attacker to bypass authentication and execute arbitrary commands with root privileges.

beyondmachines1@infosec.exchange at 2026-03-25T09:01:25.000Z ##

Pharos Controls Patches Critical Root Access Flaw in Mosaic Show Controllers

Pharos Controls patched a critical vulnerability (CVE-2026-2417) in its Mosaic Show Controller that allows unauthenticated attackers to execute arbitrary commands with root privileges.

**Make sure all Pharos Mosaic Show Controllers are isolated from the internet and accessible from trusted networks only. Check your version, if you are running 2.15.3, you are at risk. Plan an update the firmware to version 2.16 or later.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-24158
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-25T15:41:58.280000

1 posts

NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a large compressed payload. A successful exploit of this vulnerability may lead to denial of service.

thehackerwire@mastodon.social at 2026-03-24T22:04:46.000Z ##

🟠 CVE-2026-24158 - High (7.5)

NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint where an attacker may cause a denial of service by providing a large compressed payload. A successful exploit of this vulnerability may lead to denial of service.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33678
(8.1 HIGH)

EPSS: 0.03%

updated 2026-03-25T15:41:58.280000

1 posts

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, `TaskAttachment.ReadOne()` queries attachments by ID only (`WHERE id = ?`), ignoring the task ID from the URL path. The permission check in `CanRead()` validates access to the task specified in the URL, but `ReadOne()` loads a different attachment that may belong to a task in another project. This allows any au

ivycyber@privacysafe.social at 2026-03-24T20:45:55.000Z ##

🛡️ #Cybersecurity news & tips across the #fediverse

“🟠 CVE-2026-33678 - High (8.1) Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, `TaskAttachment.ReadOne()` queries attachments by ID only (`WHERE id = ?`), ignoring the task ID fro...”

mastodon.social/@thehackerwire

🤖 via RSS feed. Not an endorsement.

##

CVE-2026-3104
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-25T15:41:33.977000

1 posts

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.

thehackerwire@mastodon.social at 2026-03-26T00:00:35.000Z ##

🟠 CVE-2026-3104 - High (7.5)

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.
This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.
BIND 9 versions 9...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26830
(9.8 CRITICAL)

EPSS: 0.25%

updated 2026-03-25T15:41:33.977000

1 posts

pdf-image (npm package) through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format() to interpolate user-controlled file paths into shell command strings that are executed via child_process.exec()

2 repos

https://github.com/zebbernCVE/CVE-2026-26830

https://github.com/zebbernCVE/npm-cve-2026-26830-26833

thehackerwire@mastodon.social at 2026-03-25T23:00:41.000Z ##

🔴 CVE-2026-26830 - Critical (9.8)

pdf-image (npm package) through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format() to interpolate user-controlled file paths into shel...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2072
(8.2 HIGH)

EPSS: 0.04%

updated 2026-03-25T15:41:33.977000

1 posts

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor (Analytics probe component), Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00.

offseq@infosec.exchange at 2026-03-25T04:30:30.000Z ##

⚠️ HIGH-severity XSS (CVE-2026-2072, CVSS 8.2) in Hitachi Infrastructure Analytics Advisor & Ops Center Analyzer <11.0.5-00. Exploitable by low-privilege users. Patch when available, restrict access, enable WAF. radar.offseq.com/threat/cve-20 #OffSeq #XSS #Vuln #Hitachi

##

CVE-2026-28864
(3.3 LOW)

EPSS: 0.01%

updated 2026-03-25T15:32:30

1 posts

This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A local attacker may gain access to user's Keychain items.

offseq@infosec.exchange at 2026-03-25T06:00:31.000Z ##

🔒 CVE-2026-28864 (HIGH): Local attackers can access Apple Keychain items on iOS, iPadOS, macOS, visionOS, watchOS. Patch to latest OS releases now to protect credentials. No known exploits yet. radar.offseq.com/threat/cve-20 #OffSeq #Apple #Security #Keychain

##

CVE-2026-1519
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-25T15:31:36

1 posts

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.

thehackerwire@mastodon.social at 2026-03-26T00:01:34.000Z ##

🟠 CVE-2026-1519 - High (7.5)

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2343
(5.3 MEDIUM)

EPSS: 0.03%

updated 2026-03-25T15:31:30

1 posts

The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download invoices action that generates ZIP archives containing exported invoice PDFs. The ZIP files are named predictably making it possible to brute force and retreive PII.

offseq@infosec.exchange at 2026-03-25T07:30:29.000Z ##

⚠️ HIGH: CVE-2026-2343 in PeproDev Ultimate Invoice ≤2.2.5 exposes PII via predictable ZIP archive names in bulk downloads. No auth needed — risk of mass data leaks! Disable feature, restrict access, monitor logs. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Vuln

##

CVE-2026-26306
(7.8 HIGH)

EPSS: 0.02%

updated 2026-03-25T06:30:35

1 posts

The installer for OM Workspace (Windows Edition) Ver 2.4 and earlier insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the user invoking the installer.

offseq@infosec.exchange at 2026-03-25T09:00:28.000Z ##

⚠️ CVE-2026-26306 (HIGH): OM Workspace (Windows ≤2.4) vulnerable to DLL hijacking. Local attackers can execute code via unsafe installer DLL loading. Patch urgently or restrict installs & use Safe DLL Search Mode. radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #Windows

##

CVE-2026-33218
(7.5 HIGH)

EPSS: 0.12%

updated 2026-03-24T21:45:30

2 posts

### Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The nats-server allows hub/spoke topologies using "leafnode" connections by other nats-servers. ### Problem Description A client which can connect to the leafnode port can crash the nats-server with a certain malformed message pre-auth

thehackerwire@mastodon.social at 2026-03-25T20:21:31.000Z ##

🟠 CVE-2026-33218 - High (7.5)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a client which can connect to the leafnode port can crash the nats-server with a certain malformed message pre-au...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T20:20:45.000Z ##

🟠 CVE-2026-33218 - High (7.5)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a client which can connect to the leafnode port can crash the nats-server with a certain malformed message pre-au...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33216
(8.6 HIGH)

EPSS: 0.03%

updated 2026-03-24T21:42:11

2 posts

### Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The nats-server provides an MQTT client interface. ### Problem Description For MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating identity statement (JWT) and exposed via monit

thehackerwire@mastodon.social at 2026-03-25T20:21:22.000Z ##

🟠 CVE-2026-33216 - High (8.6)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, for MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-25T20:20:35.000Z ##

🟠 CVE-2026-33216 - High (8.6)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, for MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4725
(10.0 CRITICAL)

EPSS: 0.01%

updated 2026-03-24T21:32:29

1 posts

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149.

thehackerwire@mastodon.social at 2026-03-24T21:11:03.000Z ##

🔴 CVE-2026-4725 - Critical (10)

Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This vulnerability affects Firefox &lt; 149.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33554
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-24T21:32:29

1 posts

ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number of hardware manufacturers to support system management. It is most commonly used for sensor reading (e.g., CPU temperatures through the ipmi-sensors comm

thehackerwire@mastodon.social at 2026-03-24T20:58:32.000Z ##

🟠 CVE-2026-33554 - High (7.5)

ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response messages. The Intelligent Platform Management Interface (IPMI) specification defines a set of interfaces for platform management. It is implemented by a large number ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4698
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-24T21:32:28

1 posts

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability affects Firefox < 149, Firefox ESR < 115.34, and Firefox ESR < 140.9.

Matchbook3469@mastodon.social at 2026-03-26T15:51:58.000Z ##

🔴 New security advisory:

CVE-2026-4698 affects Mozilla Firefox.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
yazoul.net/advisory/cve/cve-20

#Cybersecurity #ZeroDay #ThreatIntel

##

CVE-2026-4701
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-24T21:32:28

1 posts

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

thehackerwire@mastodon.social at 2026-03-24T23:02:23.000Z ##

🔴 CVE-2026-4701 - Critical (9.8)

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4717
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-24T21:32:28

1 posts

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

thehackerwire@mastodon.social at 2026-03-24T23:00:00.000Z ##

🔴 CVE-2026-4717 - Critical (9.8)

Privilege escalation in the Netmonitor component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4715
(9.1 CRITICAL)

EPSS: 0.02%

updated 2026-03-24T21:32:28

1 posts

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

thehackerwire@mastodon.social at 2026-03-24T22:52:58.000Z ##

🔴 CVE-2026-4715 - Critical (9.1)

Uninitialized memory in the Graphics: Canvas2D component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4714
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-24T21:32:28

1 posts

Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

thehackerwire@mastodon.social at 2026-03-24T22:52:47.000Z ##

🟠 CVE-2026-4714 - High (7.5)

Incorrect boundary conditions in the Audio/Video component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4713
(7.5 HIGH)

EPSS: 0.01%

updated 2026-03-24T21:32:28

1 posts

Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

thehackerwire@mastodon.social at 2026-03-24T22:20:03.000Z ##

🟠 CVE-2026-4713 - High (7.5)

Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4711
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-24T21:32:28

1 posts

Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

thehackerwire@mastodon.social at 2026-03-24T22:19:44.000Z ##

🔴 CVE-2026-4711 - Critical (9.8)

Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4722
(8.8 HIGH)

EPSS: 0.02%

updated 2026-03-24T21:32:28

1 posts

Privilege escalation in the IPC component. This vulnerability affects Firefox < 149.

thehackerwire@mastodon.social at 2026-03-24T21:10:46.000Z ##

🟠 CVE-2026-4722 - High (8.8)

Privilege escalation in the IPC component. This vulnerability affects Firefox &lt; 149.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-33254
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-24T21:31:36

1 posts

NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause internal state corruption. A successful exploit of this vulnerability may lead to a denial of service.

thehackerwire@mastodon.social at 2026-03-24T22:06:41.000Z ##

🟠 CVE-2025-33254 - High (7.5)

NVIDIA Triton Inference Server contains a vulnerability where an attacker may cause internal state corruption. A successful exploit of this vulnerability may lead to a denial of service.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24157
(7.8 HIGH)

EPSS: 0.12%

updated 2026-03-24T21:31:36

1 posts

NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering.

thehackerwire@mastodon.social at 2026-03-24T22:01:47.000Z ##

🟠 CVE-2026-24157 - High (7.8)

NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an attacker could cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-33247
(7.8 HIGH)

EPSS: 0.24%

updated 2026-03-24T21:31:35

1 posts

NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, and data tampering.

thehackerwire@mastodon.social at 2026-03-24T22:06:23.000Z ##

🟠 CVE-2025-33247 - High (7.8)

NVIDIA Megatron LM contains a vulnerability in quantization configuration loading, which could allow remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure, ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-33244
(9.1 CRITICAL)

EPSS: 0.03%

updated 2026-03-24T21:31:35

1 posts

NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, data tampering, and information disclosure.

thehackerwire@mastodon.social at 2026-03-24T22:05:06.000Z ##

🔴 CVE-2025-33244 - Critical (9)

NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnera...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-33238
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-24T21:31:35

1 posts

NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability where an attacker may cause an exception. A successful exploit of this vulnerability may lead to denial of service.

thehackerwire@mastodon.social at 2026-03-24T22:04:56.000Z ##

🟠 CVE-2025-33238 - High (7.5)

NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability where an attacker may cause an exception. A successful exploit of this vulnerability may lead to denial of service.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24152
(7.8 HIGH)

EPSS: 0.05%

updated 2026-03-24T21:31:35

1 posts

NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.

thehackerwire@mastodon.social at 2026-03-24T22:01:37.000Z ##

🟠 CVE-2026-24152 - High (7.8)

NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of priv...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24150
(7.8 HIGH)

EPSS: 0.05%

updated 2026-03-24T21:31:35

1 posts

NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, and data tampering.

thehackerwire@mastodon.social at 2026-03-24T22:00:15.000Z ##

🟠 CVE-2026-24150 - High (7.8)

NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attacker may cause an RCE by convincing a user to load a maliciously crafted file. A successful exploit of this vulnerability may lead to code execution, escalation of priv...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24141
(7.8 HIGH)

EPSS: 0.06%

updated 2026-03-24T21:31:35

1 posts

NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, data tampering, and information disclosure.

thehackerwire@mastodon.social at 2026-03-24T22:00:02.000Z ##

🟠 CVE-2026-24141 - High (7.8)

NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONNX quantization feature, where a user could cause unsafe deserialization by providing a specially crafted input file. A successful exploit of this vulnerability might l...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24159
(7.8 HIGH)

EPSS: 0.12%

updated 2026-03-24T21:31:35

1 posts

NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering.

thehackerwire@mastodon.social at 2026-03-24T21:59:51.000Z ##

🟠 CVE-2026-24159 - High (7.8)

NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remote code execution. A successful exploit of this vulnerability might lead to code execution, escalation of privileges, information disclosure and data tampering.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22559
(8.8 HIGH)

EPSS: 0.07%

updated 2026-03-24T21:31:35

1 posts

An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link. Affected Products: UniFi Network Server (Version 10.1.85 and earlier) Mitigation: Update UniFi Network Server to Version 10.1.89 or later.

thehackerwire@mastodon.social at 2026-03-24T20:29:30.000Z ##

🟠 CVE-2026-22559 - High (8.8)

An Improper Input Validation vulnerability in UniFi Network Server may allow unauthorized access to an account if the account owner is socially engineered into clicking a malicious link.

Affected Products:
UniFi Network Server (Version 10.1....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4702
(9.8 CRITICAL)

EPSS: 0.02%

updated 2026-03-24T21:31:22

1 posts

JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox < 149 and Firefox ESR < 140.9.

thehackerwire@mastodon.social at 2026-03-24T23:02:33.000Z ##

🔴 CVE-2026-4702 - Critical (9.8)

JIT miscompilation in the JavaScript Engine component. This vulnerability affects Firefox &lt; 149, Firefox ESR &lt; 140.9, Thunderbird &lt; 149, and Thunderbird &lt; 140.9.

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33634(CVSS UNKNOWN)

EPSS: 0.07%

updated 2026-03-24T17:53:15

4 posts

## Summary On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in `aquasecurity/trivy-action` to credential-stealing malware, and replace all 7 tags in `aquasecurity/setup-trivy` with malicious commits. On March 22, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.5 and v

1 repos

https://github.com/ugurrates/teampcp-supply-chain-attack

secdb at 2026-03-26T22:21:34.460Z ##

🚨 [CISA-2026:0326] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-33634 (secdb.nttzen.cloud/cve/detail/)
- Name: Aquasecurity Trivy Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Aquasecurity
- Product: Trivy
- Notes: This vulnerability involves a supply‑chain compromise in a product that may be used across multiple products and environments. Additional vendor‑provided guidance must be followed to ensure full remediation. For more information, please see: github.com/advisories/GHSA-69f ; nvd.nist.gov/vuln/detail/CVE-2

##
cisakevtracker@mastodon.social at 2026-03-26T17:00:50.000Z ##

CVE ID: CVE-2026-33634
Vendor: Aquasecurity
Product: Trivy
Date Added: 2026-03-26
Notes: This vulnerability involves a supply‑chain compromise in a product that may be used across multiple products and environments. Additional vendor‑provided guidance must be followed to ensure full remediation. For more information, please see: github.com/advisories/GHSA-69f ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##
secdb@infosec.exchange at 2026-03-26T22:21:34.000Z ##

🚨 [CISA-2026:0326] CISA Adds One Known Exploited Vulnerability to Catalog (secdb.nttzen.cloud/security-ad)

CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. These types of vulnerabilities are a frequent attack vector for malicious cyber actors and pose significant risk to the federal enterprise.

⚠️ CVE-2026-33634 (secdb.nttzen.cloud/cve/detail/)
- Name: Aquasecurity Trivy Embedded Malicious Code Vulnerability
- Action: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.
- Known To Be Used in Ransomware Campaigns? Unknown
- Vendor: Aquasecurity
- Product: Trivy
- Notes: This vulnerability involves a supply‑chain compromise in a product that may be used across multiple products and environments. Additional vendor‑provided guidance must be followed to ensure full remediation. For more information, please see: github.com/advisories/GHSA-69f ; nvd.nist.gov/vuln/detail/CVE-2

#SecDB #InfoSec #CVE #CISA_KEV #cisa_20260326 #cisa20260326 #cve_2026_33634 #cve202633634

##
cisakevtracker@mastodon.social at 2026-03-26T17:00:50.000Z ##

CVE ID: CVE-2026-33634
Vendor: Aquasecurity
Product: Trivy
Date Added: 2026-03-26
Notes: This vulnerability involves a supply‑chain compromise in a product that may be used across multiple products and environments. Additional vendor‑provided guidance must be followed to ensure full remediation. For more information, please see: github.com/advisories/GHSA-69f ; nvd.nist.gov/vuln/detail/CVE-2
CVE URL: nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-33056
(6.5 MEDIUM)

EPSS: 0.01%

updated 2026-03-24T16:17:11.623000

1 posts

tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and below, when unpacking a tar archive, the tar crate's unpack_dir function uses fs::metadata() to check whether a path that already exists is a directory. Because fs::metadata() follows symbolic links, a crafted tarball containing a symlink entry followed by a directory entry with the same name causes the crate to treat

rustaceans@mastodon.social at 2026-03-26T10:11:36.000Z ##

link: blog.rust-lang.org/2026/03/21/

##

CVE-2026-4283
(9.1 CRITICAL)

EPSS: 0.10%

updated 2026-03-24T15:53:48.067000

1 posts

The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the `super-unsubscribe` AJAX action accepting a `process_now` parameter from unauthenticated users, which bypasses the intended email-confirmation flow and immediately triggers irreversible account anonymization. This makes it possible for un

offseq@infosec.exchange at 2026-03-25T01:30:30.000Z ##

🚨 CRITICAL: CVE-2026-4283 in WP DSGVO Tools (GDPR) plugin allows unauthenticated attackers to irreversibly destroy non-admin accounts via 'super-unsubscribe' AJAX. All versions ≤3.1.38 affected. Remove '[unsubscribe_form]' & monitor for abuse. radar.offseq.com/threat/cve-20 #OffSeq #WordPress #Infosec

##

CVE-2026-27784
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-24T15:53:48.067000

1 posts

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file.

thehackerwire@mastodon.social at 2026-03-24T20:58:49.000Z ##

🟠 CVE-2026-27784 - High (7.8)

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. Th...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27651
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-24T15:30:36

1 posts

When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentication server permits retry by returning the Auth-Wait response header. Note: Software versions which have reached End of Technical Support (EoTS) are not

thehackerwire@mastodon.social at 2026-03-24T20:59:53.000Z ##

🟠 CVE-2026-27651 - High (7.5)

When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentic...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32647
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-24T15:30:36

1 posts

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affects NGINX Open Source and NGINX Plus if it is built with the ngx_http_mp4_module module and the mp4 di

thehackerwire@mastodon.social at 2026-03-24T20:58:40.000Z ##

🟠 CVE-2026-32647 - High (7.8)

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4681(CVSS UNKNOWN)

EPSS: 0.38%

updated 2026-03-24T00:30:28

1 posts

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0, 13.1.1.0, 13.1.2.0, 13.1.3.0; FlexPLM: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.0.0, 12.0.2.0, 12.0.3.0, 1

beyondmachines1@infosec.exchange at 2026-03-25T12:01:46.000Z ##

PTC Warns of Imminent RCE Threat in Windchill and FlexPLM Systems

PTC reports a critical RCE vulnerability (CVE-2026-4681) in Windchill and FlexPLM software, leading to emergency warnings from German police due to an imminent threat of exploitation.

**If you're running PTC Windchill or FlexPLM, make sure these systems are isolated from the internet and accessible from trusted networks only. This one is a perfect 10.0 severity with no patch yet, so apply the recommended rewrite rules to block the WindchillGW and WindchillAuthGW servlet paths immediately. Also check your servers for signs of compromise like GW.class, payload.bin, or dpr_*.jsp files, and if you can't apply the workarounds, shut down the affected services until PTC releases an official patch.**
#cybersecurity #infosec #attack #activeexploit
beyondmachines.net/event_detai

##

CVE-2026-3055(CVSS UNKNOWN)

EPSS: 0.02%

updated 2026-03-23T21:30:58

4 posts

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

hackerworkspace at 2026-03-26T18:53:12.879Z ##

March 26 Advisory: Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability [CVE-2026-3055] - Censys

censys.com/advisory/cve-2026-3

Short summary: hackerworkspace.com/article/ma

##
hackerworkspace@infosec.exchange at 2026-03-26T18:53:12.000Z ##

March 26 Advisory: Citrix NetScaler ADC and Gateway Out-of-Bounds Read Vulnerability [CVE-2026-3055] - Censys

censys.com/advisory/cve-2026-3

Short summary: hackerworkspace.com/article/ma

#cybersecurity #vulnerability #exploit

##
benzogaga33@mamot.fr at 2026-03-26T10:40:04.000Z ##

CVE-2026-3055 : appliquez ce patch Citrix avant qu’il ne soit trop tard it-connect.fr/cve-2026-3055-ap #ActuCybersécurité #Vulnérabilités #Cybersécurité

##
mttaggart@infosec.exchange at 2026-03-25T16:44:59.000Z ##

Aww yiss another critical Citrix vuln.

bleepingcomputer.com/news/secu

Detection/remediation details here: docs.netscaler.com/en-us/netsc

##

CVE-2026-25075
(7.5 HIGH)

EPSS: 0.12%

updated 2026-03-23T21:30:57

2 posts

strongSwan versions 4.5.0 prior to 6.0.5 contain an integer underflow vulnerability in the EAP-TTLS AVP parser that allows unauthenticated remote attackers to cause a denial of service by sending crafted AVP data with invalid length fields during IKEv2 authentication. Attackers can exploit the failure to validate AVP length fields before subtraction to trigger excessive memory allocation or NULL p

1 repos

https://github.com/BishopFox/CVE-2026-25075-check

hackerworkspace at 2026-03-26T21:48:45.179Z ##

strongSwan CVE-2026-25075: Integer Underflow in VPN Authentication

bishopfox.com/blog/strongswan-

Short summary: hackerworkspace.com/article/st

##
hackerworkspace@infosec.exchange at 2026-03-26T21:48:45.000Z ##

strongSwan CVE-2026-25075: Integer Underflow in VPN Authentication

bishopfox.com/blog/strongswan-

Short summary: hackerworkspace.com/article/st

#cybersecurity #vulnerability #exploit

##

CVE-2025-15605(CVSS UNKNOWN)

EPSS: 0.01%

updated 2026-03-23T18:30:39

1 posts

A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the confidentiality and integrity of device configuration data.

agowa338@chaos.social at 2026-03-26T09:05:52.000Z ##

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

feedly.com/cve/CVE-2026-15518 and feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

##

CVE-2025-15517(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-03-23T18:30:39

1 posts

A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker may perform privileged HTTP actions without authentication, including firmware upload and configuration operations.

beyondmachines1@infosec.exchange at 2026-03-26T08:01:47.000Z ##

TP-Link Patches Multiple Flaws Including Authentication Bypass in Archer NX Routers

TP-Link patched four high-severity vulnerabilities in its Archer NX router series, including a authentication bypass (CVE-2025-15517) that allows unauthenticated attackers to upload malicious firmware and take full control of the device.

**If you own a TP-Link Archer NX router (NX600, NX500, NX210, or NX200), make sure it is isolated from the internet and accessible from trusted networks only. Then plan a quick patch to the latest firmware from the official TP-Link Support portal for your specific hardware version. Disable remote management and ensure the admin interface is only reachable from your internal network.**
#cybersecurity #infosec #advisory #vulnerability
beyondmachines.net/event_detai

##

CVE-2026-32746
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-03-23T15:31:40

3 posts

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

5 repos

https://github.com/jeffaf/cve-2026-32746

https://github.com/danindiana/cve-2026-32746-mitigation

https://github.com/chosenonehacks/CVE-2026-32746

https://github.com/watchtowrlabs/watchtowr-vs-telnetd-CVE-2026-32746

https://github.com/ekomsSavior/telnet_scan

lobsters@mastodon.social at 2026-03-25T10:30:12.000Z ##

A 32-Year-Old Bug Walks Into A Telnet Server (GNU inetutils CVE-2026-32746) lobste.rs/s/udbivp #c #security
labs.watchtowr.com/a-32-year-o

##
whitequark@treehouse.systems at 2026-03-25T05:58:33.000Z ##

Yes, the vulnerability is so old, it dates from a time when networks charged on a ‘per-packet basis’.

labs.watchtowr.com/a-32-year-o

##
0xabad1dea@infosec.exchange at 2026-03-25T05:56:26.000Z ##

enjoyed this telnetd analysis. (if you can’t believe anyone has a legitimate operational reason to run telnet, you live in a cozy world indeed) labs.watchtowr.com/a-32-year-o

##

CVE-2026-33494
(10.0 CRITICAL)

EPSS: 0.00%

updated 2026-03-20T20:51:26

4 posts

## Description Ory Oathkeeper is vulnerable to an authorization bypass via HTTP path traversal. An attacker can craft a URL containing path traversal sequences (e.g. `/public/../admin/secrets`) that resolves to a protected path after normalization, but is matched against a permissive rule because the raw, un-normalized path is used during rule evaluation. ## Preconditions Ory Oathkeeper rules a

thehackerwire@mastodon.social at 2026-03-26T21:20:37.000Z ##

🔴 CVE-2026-33494 - Critical (10)

ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Versions prior to 26.2.0 are vulnerable to an authorization bypass via HTTP path traversal. An attacker...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq at 2026-03-26T18:01:13.648Z ##

CRITICAL: ory oathkeeper (<26.2.0) vulnerable to path traversal (CVE-2026-33494). Attackers can bypass authorization via crafted URLs. Upgrade to 26.2.0+ immediately. radar.offseq.com/threat/cve-20

##
thehackerwire@mastodon.social at 2026-03-26T21:20:37.000Z ##

🔴 CVE-2026-33494 - Critical (10)

ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Versions prior to 26.2.0 are vulnerable to an authorization bypass via HTTP path traversal. An attacker...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-03-26T18:01:13.000Z ##

CRITICAL: ory oathkeeper (<26.2.0) vulnerable to path traversal (CVE-2026-33494). Attackers can bypass authorization via crafted URLs. Upgrade to 26.2.0+ immediately. radar.offseq.com/threat/cve-20 #OffSeq #CVE202633494 #infosec #vulnerability

##

CVE-2026-33496
(8.1 HIGH)

EPSS: 0.00%

updated 2026-03-20T20:51:08

2 posts

## Description Ory Oathkeeper is vulnerable to authentication bypass due to cache key confusion. The `oauth2_introspection` authenticator cache does not distinguish tokens that were validated with different introspection URLs. An attacker can therefore legitimately use a token to prime the cache, and subsequently use the same token for rules that use a different introspection server. ## Precondi

thehackerwire@mastodon.social at 2026-03-26T22:00:16.000Z ##

🟠 CVE-2026-33496 - High (8.1)

ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Versions prior to 26.2.0 are vulnerable to authentication bypass due to cache key confusion. The `oaut...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:00:16.000Z ##

🟠 CVE-2026-33496 - High (8.1)

ORY Oathkeeper is an Identity & Access Proxy (IAP) and Access Control Decision API that authorizes HTTP requests based on sets of Access Rules. Versions prior to 26.2.0 are vulnerable to authentication bypass due to cache key confusion. The `oaut...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33468
(8.1 HIGH)

EPSS: 0.00%

updated 2026-03-20T20:48:56

2 posts

## Summary Kysely's `DefaultQueryCompiler.sanitizeStringLiteral()` only escapes single quotes by doubling them (`'` → `''`) but does not escape backslashes. When used with the MySQL dialect (where `NO_BACKSLASH_ESCAPES` is OFF by default), an attacker can use a backslash to escape the trailing quote of a string literal, breaking out of the string context and injecting arbitrary SQL. This affects

thehackerwire@mastodon.social at 2026-03-26T22:00:36.000Z ##

🟠 CVE-2026-33468 - High (8.1)

Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's `DefaultQueryCompiler.sanitizeStringLiteral()` only escapes single quotes by doubling them (`'` → `''`) but does not escape backslashes. When used with the My...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:00:36.000Z ##

🟠 CVE-2026-33468 - High (8.1)

Kysely is a type-safe TypeScript SQL query builder. Prior to version 0.28.14, Kysely's `DefaultQueryCompiler.sanitizeStringLiteral()` only escapes single quotes by doubling them (`'` → `''`) but does not escape backslashes. When used with the My...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33442
(8.1 HIGH)

EPSS: 0.00%

updated 2026-03-20T20:48:35

2 posts

## Summary The `sanitizeStringLiteral` method in Kysely's query compiler escapes single quotes (`'` → `''`) but does not escape backslashes. On MySQL with the default `BACKSLASH_ESCAPES` SQL mode, an attacker can inject a backslash before a single quote to neutralize the escaping, breaking out of the JSON path string literal and injecting arbitrary SQL. ## Details When a user calls `.key(value)

thehackerwire@mastodon.social at 2026-03-26T22:01:14.000Z ##

🟠 CVE-2026-33442 - High (8.1)

Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the `sanitizeStringLiteral` method in Kysely's query compiler escapes single quotes (`'` → `''`) but does not escape backslashes. On MySQL with the default `BAC...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:01:14.000Z ##

🟠 CVE-2026-33442 - High (8.1)

Kysely is a type-safe TypeScript SQL query builder. In versions 0.28.12 and 0.28.13, the `sanitizeStringLiteral` method in Kysely's query compiler escapes single quotes (`'` → `''`) but does not escape backslashes. On MySQL with the default `BAC...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-31277
(8.8 HIGH)

EPSS: 0.27%

updated 2026-03-20T18:32:18

1 posts

The issue was addressed with improved memory handling. This issue is fixed in watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.

mttaggart@infosec.exchange at 2026-03-24T21:48:09.000Z ##

@gknauss I think the thing is to move to 18.7.3, which is patched.

For devices running versions of iOS prior to 18.6, DarkSword uses CVE-2025-31277, a JIT optimization/type confusion bug which was patched by Apple in iOS 18.6. For devices running iOS 18.6-18.7, DarkSword uses CVE-2025-43529, a garbage collection bug in the Data Flow Graph (DFG) JIT layer of JavaScriptCore which was patched by Apple in iOS 18.7.3 and 26.2 after it was reported by GTIG. Both exploits develop their own fakeobj/addrof primitives, and then build arbitrary read/write primitives the same way on top of them.

I'm unaware of a compelling reason or hardware limitation to not upgrade from 18.6 to 18.7

cloud.google.com/blog/topics/t

##

CVE-2026-33331
(8.2 HIGH)

EPSS: 0.01%

updated 2026-03-20T17:25:56

1 posts

A Stored Cross-Site Scripting (XSS) vulnerability exists in the OpenAPI documentation generation of orpc. If an attacker can control any field within the OpenAPI specification (such as info.description), they can break out of the JSON context and execute arbitrary JavaScript when a user views the generated API documentation. In the packages/openapi/src/plugins/openapi-reference.ts file, the render

thehackerwire@mastodon.social at 2026-03-24T20:26:39.000Z ##

🟠 CVE-2026-33331 - High (8.2)

oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.9, a stored cross-site scripting (XSS) vulnerability exists in the OpenAPI documentation generation of orpc. If an attacker ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20131
(10.0 CRITICAL)

EPSS: 0.65%

updated 2026-03-19T18:32:21

3 posts

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Java obj

3 repos

https://github.com/p3Nt3st3r-sTAr/CVE-2026-20131-POC

https://github.com/Sushilsin/CVE-2026-20131

https://github.com/sak110/CVE-2026-20131

netsecio@mastodon.social at 2026-03-26T15:43:19.000Z ##

📰 Cisco Firewall Zero-Day Exploited by Interlock Ransomware for Over a Month Before Patch

🚨 ZERO-DAY: A critical Cisco Firewall flaw (CVE-2026-20131) was exploited by Interlock ransomware for 36 days before a patch. CISA has added it to the KEV catalog. Patch now and restrict management interface access! #0day #Ransomware #Cisco

🔗 cyber.netsecops.io/articles/ci

##
AAKL@infosec.exchange at 2026-03-25T17:50:52.000Z ##

Grab a coffee. Cisco has a long list of advisories today, one is critical, several are high-severity.

This was first published on March 4:

Critical: CVE-2026-20131: Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability sec.cloudapps.cisco.com/securi

More: sec.cloudapps.cisco.com/securi @TalosSecurity

Also, Cisco has tagged GeoVision and MediaArea for zero-day reports talosintelligence.com/vulnerab #Zeroday #Cisco #infosec #vulnerability

@cR0w

##
LLMs@activitypub.awakari.com at 2026-03-25T12:04:33.000Z ## Ransomware Interlock explota Zero-Day crítico en Cisco FMC (CVE-2026-20131) El equipo de respuesta a incidentes de Cisco (PSIRT) ha emitido un parche de emergencia extraordinario para abordar una ...

#Seguridad

Origin | Interest | Match ##

CVE-2026-32628
(8.8 HIGH)

EPSS: 0.03%

updated 2026-03-16T20:33:27.493000

2 posts

AnythingLLM is an application that turns pieces of content into context that any LLM can use as references during chatting. In 1.11.1 and earlier, a SQL injection vulnerability in the built-in SQL Agent plugin allows any user who can invoke the agent to execute arbitrary SQL commands on connected databases. The getTableSchemaSql() method in all three database connectors (MySQL, PostgreSQL, MSSQL)

mastokukei@social.josko.org at 2026-03-26T18:02:12.000Z ##

(CVE-2025-41241), LiteLLM SQL injection (CVE-2026-32628)
- **Embedded/IoT libraries**: Multiple Arduino/ESP32 libraries (e.g., `Politician`, `WS281xProcessor`, `FujitsuAC`, `Haier2Supla`)
- **PostgreSQL tools**: `pgsemantic` (vector search), `PostGraphile` v5
- **TeX/LaTeX updates**: Multiple font packages (e.g., `tex-ebgaramond`, `tex-fontspec`, `tex-japanese-otf`)
- **Cloud-native development**: CNCF report, Kubernetes ingress migration, Vitess database sharding
- **Rust [3/4]

##
LLMs@activitypub.awakari.com at 2026-03-26T09:43:00.000Z ## A 56,000-Star AI App Shipped With a Textbook SQL Injection Flaw A 56,000-star LLM app ships with raw string concatenation in its database connector. I found it, reported it, got the CVE. Here is th...

#cybersecurity #ai-security #offensive-security #vulnerability-research #anythingllm-cve #cve-2026-32628 #ai-agent-security #sql-injection-flaw

Origin | Interest | Match ##

CVE-2026-32116
(8.1 HIGH)

EPSS: 0.08%

updated 2026-03-16T18:02:21.613000

1 posts

Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. From 0.21.0 to before 0.23.0, receiving a file (wormhole receive) from a malicious party could result in overwriting critical local files, including ~/.ssh/authorized_keys and .bashrc. This could be used to compromise the receiver's computer. Only the sender of the file (the party who runs w

magicwormhole@fosstodon.org at 2026-03-25T19:58:28.000Z ##

This month's exciting release fixes our first official[1] CVE for magic wormhole!

To improve your local machine's safety, please upgrade to magic wormhole 0.23.0

pypi.org/project/magic-wormhol

[1] nvd.nist.gov/vuln/detail/CVE-2

##

CVE-2026-26123
(5.5 MEDIUM)

EPSS: 0.05%

updated 2026-03-10T21:32:18

1 posts

Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.

BugBountyShorts@infosec.exchange at 2026-03-25T23:40:25.000Z ##

Microsoft Authenticator’s Unclaimed Deep Link: A Full Account Takeover Story (CVE-2026–26123)
This vulnerability is an Authentication Bypass, specifically a session hijacking issue affecting the Microsoft Authenticator app. The root cause was improper handling of deep links within the application, which allowed malicious actors to craft unclaimed deep links containing account tokens. When users clicked these links, their active sessions were hijacked, resulting in full account takeover without requiring any user interaction other than clicking a link. To exploit this, an attacker could generate a malicious deep link with an embedded account token and share it via SMS or email. The session hijack occurred due to the application's failure to verify the authenticity of deep links before processing them. This vulnerability has been assigned CVE-2026–26123. Microsoft rewarded $50,000 for this find and immediately patched the issue. To prevent similar vulnerabilities, it is crucial to thoroughly validate and sanitize all user-controlled inputs, including deep links. Key lesson: Always verify the authenticity of user-supplied data before processing it. #BugBounty #Cybersecurity #AuthenticationBypass #SessionHijacking #Infosec

infosecwriteups.com/microsoft-

##

CVE-2026-20079
(10.0 CRITICAL)

EPSS: 0.06%

updated 2026-03-04T18:32:03

2 posts

A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypass authentication and execute script files on an affected device to obtain root access to the underlying operating system. This vulnerability is due to an improper system process that is created at boot time. An attacker could exploit this vulnerab

1 repos

https://github.com/Sushilsin/CVE-2026-20079

catc0n at 2026-03-26T22:49:46.902Z ##

After 2+ weeks of semi-painful exploit development, @yeslikethefood and team have a full RCA out for Cisco Secure Firewall Management Center (FMC) CVE-2026-20079.

The bug is a CVSS 10, but there are significant prerequisites that may limit exploitability in real-world scenarios. There are between 300 and 700 FMC systems on the public internet as of today.

vulncheck.com/blog/cisco-fmc-a

##
catc0n@infosec.exchange at 2026-03-26T22:49:46.000Z ##

After 2+ weeks of semi-painful exploit development, @yeslikethefood and team have a full RCA out for Cisco Secure Firewall Management Center (FMC) CVE-2026-20079.

The bug is a CVSS 10, but there are significant prerequisites that may limit exploitability in real-world scenarios. There are between 300 and 700 FMC systems on the public internet as of today.

vulncheck.com/blog/cisco-fmc-a

##

CVE-2026-27598(CVSS UNKNOWN)

EPSS: 0.11%

updated 2026-02-27T20:40:25

1 posts

The `CreateNewDAG` API endpoint (`POST /api/v1/dags`) does not validate the DAG name before passing it to the file store. While `RenameDAG` calls `core.ValidateDAGName()` to reject names containing path separators (line 273 in `dags.go`), `CreateNewDAG` skips this validation entirely and passes user input directly to `dagStore.Create()`. In `internal/persis/filedag/store.go`, the `generateFilePat

thehackerwire@mastodon.social at 2026-03-24T20:29:21.000Z ##

🟠 CVE-2026-33344 - High (8.1)

Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0 to before version 2.3.1, the fix for CVE-2026-27598 added ValidateDAGName to CreateNewDAG and rewrote generateFilePath to use filepath.Base. This patched the CREATE p...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-43529
(8.8 HIGH)

EPSS: 0.17%

updated 2025-12-18T14:59:05.617000

1 posts

A use-after-free issue was addressed with improved memory management. This issue is fixed in watchOS 26.2, Safari 26.2, iOS 18.7.3 and iPadOS 18.7.3, iOS 26.2 and iPadOS 26.2, macOS Tahoe 26.2, visionOS 26.2, tvOS 26.2. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated at

8 repos

https://github.com/SgtBattenHA/Analysis

https://github.com/bjrjk/CVE-2025-43529

https://github.com/kmeps4/bugtest

https://github.com/sakyu7/sakyu7.github.io

https://github.com/SimoesCTT/Convergent-Time-Theory-Enhanced-iOS-Safari-RCE-CVE-2025-43529-

https://github.com/SimoesCTT/CTT-Apple-Silicon-Refraction

https://github.com/zeroxjf/WebKit-UAF-ANGLE-OOB-Analysis

https://github.com/jir4vv1t/CVE-2025-43529

mttaggart@infosec.exchange at 2026-03-24T21:48:09.000Z ##

@gknauss I think the thing is to move to 18.7.3, which is patched.

For devices running versions of iOS prior to 18.6, DarkSword uses CVE-2025-31277, a JIT optimization/type confusion bug which was patched by Apple in iOS 18.6. For devices running iOS 18.6-18.7, DarkSword uses CVE-2025-43529, a garbage collection bug in the Data Flow Graph (DFG) JIT layer of JavaScriptCore which was patched by Apple in iOS 18.7.3 and 26.2 after it was reported by GTIG. Both exploits develop their own fakeobj/addrof primitives, and then build arbitrary read/write primitives the same way on top of them.

I'm unaware of a compelling reason or hardware limitation to not upgrade from 18.6 to 18.7

cloud.google.com/blog/topics/t

##

CVE-2025-55182
(10.0 CRITICAL)

EPSS: 65.08%

updated 2025-12-10T02:00:02.557000

2 posts

A pre-authentication remote code execution vulnerability exists in React Server Components versions 19.0.0, 19.1.0, 19.1.1, and 19.2.0 including the following packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The vulnerable code unsafely deserializes payloads from HTTP requests to Server Function endpoints.

Nuclei template

100 repos

https://github.com/Rsatan/Next.js-Exploit-Tool

https://github.com/gensecaihq/react2shell-scanner

https://github.com/lachlan2k/React2Shell-CVE-2025-55182-original-poc

https://github.com/dwisiswant0/CVE-2025-55182

https://github.com/theman001/CVE-2025-55182

https://github.com/Cr4at0r/Next.js-RCE-Scanner-BurpSuite-Extension-

https://github.com/assetnote/react2shell-scanner

https://github.com/CymulateResearch/React2Shell-Scanner

https://github.com/Updatelap/CVE-2025-55182

https://github.com/timsonner/React2Shell-CVE-2025-55182

https://github.com/shamo0/react2shell-PoC

https://github.com/heiheishushu/rsc_detect_CVE-2025-55182

https://github.com/hualy13/CVE-2025-55182

https://github.com/websecuritylabs/React2Shell-Library

https://github.com/techgaun/cve-2025-55182-scanner

https://github.com/BlackTechX011/React2Shell

https://github.com/Security-Phoenix-demo/react2shell-scanner-rce-react-next-CVE-2025-55182-CVE-2025-66478

https://github.com/hackersatyamrastogi/react2shell-ultimate

https://github.com/surajhacx/react2shellpoc

https://github.com/sudo-Yangziran/CVE-2025-55182POC

https://github.com/acheong08/CVE-2025-55182-poc

https://github.com/EynaExp/CVE-2025-55182-POC

https://github.com/mrknow001/RSC_Detector

https://github.com/hoosin/CVE-2025-55182

https://github.com/rix4uni/CVE-2025-55182

https://github.com/whiteov3rflow/CVE-2025-55182-poc

https://github.com/M4xSec/CVE-2025-55182-React2Shell-RCE-Shell

https://github.com/MemerGamer/CVE-2025-55182

https://github.com/logesh-GIT001/CVE-2025-55182

https://github.com/chrahman/react2shell-CVE-2025-55182-full-rce-script

https://github.com/Tiger-Foxx/exploit-react-CVE-2025-55182

https://github.com/MoLeft/React2Shell-Toolbox

https://github.com/AdityaBhatt3010/React2Shell-CVE-2025-55182-The-Deserialization-Bug-That-Broke-the-Web

https://github.com/ejpir/CVE-2025-55182-research

https://github.com/RavinduRathnayaka/CVE-2025-55182-PoC

https://github.com/kondukto-io/vulnerable-next-js-poc

https://github.com/AliHzSec/CVE-2025-55182

https://github.com/keklick1337/CVE-2025-55182-golang-PoC

https://github.com/Dh4v4l8/CVE-2025-55182-poc-tool

https://github.com/alptexans/RSC-Detect-CVE-2025-55182

https://github.com/AdityaBhatt3010/React2Shell-CVE-2025-55182

https://github.com/aliclub0x00/CVE-2025-55182-POC-NEXTJS

https://github.com/xalgord/React2Shell

https://github.com/Pizz33/CVE-2025-55182-burpscanner

https://github.com/yanoshercohen/React2Shell_CVE-2025-55182

https://github.com/alsaut1/react2shell-lab

https://github.com/kavienanj/CVE-2025-55182

https://github.com/RuoJi6/CVE-2025-55182-RCE-shell

https://github.com/shyambhanushali/React2Shell

https://github.com/freeqaz/react2shell

https://github.com/pyroxenites/Nextjs_RCE_Exploit_Tool

https://github.com/momika233/CVE-2025-55182-bypass

https://github.com/Spritualkb/CVE-2025-55182-exp

https://github.com/anuththara2007-W/CVE-2025-55182-Exploit-extension

https://github.com/Faithtiannn/CVE-2025-55182

https://github.com/alfazhossain/CVE-2025-55182-Exploiter

https://github.com/BeichenDream/CVE-2025-55182-GodzillaMemoryShell

https://github.com/snipevx/React2Shell-POC

https://github.com/Chocapikk/CVE-2025-55182

https://github.com/Archerkong/CVE-2025-55182

https://github.com/jf0x3a/CVE-2025-55182-exploit

https://github.com/Syrins/CVE-2025-55182-React2Shell-RCE

https://github.com/ThemeHackers/CVE-2025-55182

https://github.com/l4rm4nd/CVE-2025-55182

https://github.com/theori-io/reactguard

https://github.com/zack0x01/vuln-app-CVE-2025-55182

https://github.com/xcanwin/CVE-2025-55182-React-RCE

https://github.com/ZihxS/check-react-rce-cve-2025-55182

https://github.com/Cillian-Collins/CVE-2025-55182

https://github.com/BankkRoll/Quickcheck-CVE-2025-55182-React-and-CVE-2025-66478-Next.js

https://github.com/nehkark/CVE-2025-55182

https://github.com/hidden-investigations/react2shell-scanner

https://github.com/zack0x01/CVE-2025-55182-advanced-scanner-

https://github.com/msanft/CVE-2025-55182

https://github.com/cybertechajju/R2C-CVE-2025-55182-66478

https://github.com/emredavut/CVE-2025-55182

https://github.com/sumanrox/rschunter

https://github.com/ejpir/CVE-2025-55182-bypass

https://github.com/VeilVulp/RscScan-cve-2025-55182

https://github.com/CirqueiraDev/MassExploit-CVE-2025-55182

https://github.com/tobiasGuta/Next.js-RSC-RCE-Scanner-Burp-Suite-Extension

https://github.com/sickwell/CVE-2025-55182

https://github.com/xkillbit/cve-2025-55182-scanner

https://github.com/subhdotsol/CVE-2025-55182

https://github.com/zzhorc/CVE-2025-55182

https://github.com/im-ezboy/CVE-2025-55182-zoomeye

https://github.com/MrR0b0t19/CVE-2025-55182-shellinteractive

https://github.com/zr0n/react2shell

https://github.com/vulncheck-oss/cve-2025-55182

https://github.com/jctommasi/react2shellVulnApp

https://github.com/pax-k/react2shell-CVE-2025-55182-full-rce-script

https://github.com/santihabib/CVE-2025-55182-analysis

https://github.com/vijay-shirhatti/RSC-Detect-CVE-2025-55182

https://github.com/kOaDT/poc-cve-2025-55182

https://github.com/songsanggggg/CVE-2025-55182

https://github.com/c0rydoras/CVE-2025-55182

https://github.com/LemonTeatw1/CVE-2025-55182-exploit

https://github.com/StealthMoud/CVE-2025-55182-Scanner

https://github.com/ynsmroztas/NextRce

https://github.com/fatguru/CVE-2025-55182-scanner

AAKL at 2026-03-26T17:21:40.063Z ##

New. This relates to CVE-2023-46604, CVE-2023-38646, and CVE-2025-55182.

VulnCheck: The Return of the Kinsing vulncheck.com/blog/return-of-t @vulncheck

##
AAKL@infosec.exchange at 2026-03-26T17:21:40.000Z ##

New. This relates to CVE-2023-46604, CVE-2023-38646, and CVE-2025-55182.

VulnCheck: The Return of the Kinsing vulncheck.com/blog/return-of-t @vulncheck #infosec #threatresearch #botnet

##

CVE-2023-46604
(10.0 CRITICAL)

EPSS: 94.44%

updated 2025-11-04T00:30:41

2 posts

Apache ActiveMQ is vulnerable to Remote Code Execution.The vulnerability may allow a remote attacker with network access to a broker to run arbitrary shell commands by manipulating serialized class types in the OpenWire protocol to cause the broker to instantiate any class on the classpath.  Users are recommended to upgrade to version 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which fixes this issue.

Nuclei template

34 repos

https://github.com/thinkycx/activemq-rce-cve-2023-46604

https://github.com/mrpentst/CVE-2023-46604

https://github.com/h3x3h0g/ActiveMQ-RCE-CVE-2023-46604-Write-up

https://github.com/vaishnavucv/Project-Vuln-Detection-N-Mitigation_101

https://github.com/pavanaa4k/CVE-2023-46604-LAB

https://github.com/SaumyajeetDas/CVE-2023-46604-RCE-Reverse-Shell-Apache-ActiveMQ

https://github.com/sangrok-jeon/CVE-2023-46604-Analysis

https://github.com/LiritoShawshark/CVE-2023-46604_ActiveMQ_RCE_Recurrence

https://github.com/vulncheck-oss/cve-2023-46604

https://github.com/nitzanoligo/CVE-2023-46604-demo

https://github.com/skrkcb2/CVE-2023-46604

https://github.com/infokek/activemq-honeypot

https://github.com/CCIEVoice2009/CVE-2023-46604

https://github.com/evkl1d/CVE-2023-46604

https://github.com/fiza-naeem0902/Vulnerability-Assessment

https://github.com/justdoit-cai/CVE-2023-46604-Apache-ActiveMQ-RCE-exp

https://github.com/ImuSpirit/ActiveMQ_RCE_Pro_Max

https://github.com/dcm2406/CVE-2023-46604

https://github.com/vjayant93/CVE-2023-46604-POC

https://github.com/stegano5/ExploitScript-CVE-2023-46604

https://github.com/Anekant-Singhai/Exploits

https://github.com/NKeshawarz/CVE-2023-46604-RCE

https://github.com/dcm2406/CVE-Lab

https://github.com/Arlenhiack/ActiveMQ-RCE-Exploit

https://github.com/hh-hunter/cve-2023-46604

https://github.com/Mudoleto/Broker_ApacheMQ

https://github.com/RockyDesigne/SSP-Assignment-3-RCEYouLater

https://github.com/mranv/honeypot.rs

https://github.com/trganda/ActiveMQ-RCE

https://github.com/duck-sec/CVE-2023-46604-ActiveMQ-RCE-pseudoshell

https://github.com/tomasmussi/activemq-cve-2023-46604

https://github.com/cuanh2333/CVE-2023-46604

https://github.com/pulentoski/CVE-2023-46604

https://github.com/minhangxiaohui/ActiveMQ_CVE-2023-46604

AAKL at 2026-03-26T17:21:40.063Z ##

New. This relates to CVE-2023-46604, CVE-2023-38646, and CVE-2025-55182.

VulnCheck: The Return of the Kinsing vulncheck.com/blog/return-of-t @vulncheck

##
AAKL@infosec.exchange at 2026-03-26T17:21:40.000Z ##

New. This relates to CVE-2023-46604, CVE-2023-38646, and CVE-2025-55182.

VulnCheck: The Return of the Kinsing vulncheck.com/blog/return-of-t @vulncheck #infosec #threatresearch #botnet

##

CVE-2023-32434
(7.8 HIGH)

EPSS: 61.25%

updated 2025-10-23T18:48:05.013000

2 posts

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against v

2 repos

https://github.com/alfiecg24/Trigon

https://github.com/rkrakesh524/oob_entry

decio@infosec.exchange at 2026-03-26T14:50:23.000Z ##

👆
🖼️
"Analysis of the kit showed that it relies on the exploitation of many previously patched vulnerabilities and also includes exploits for CVE-2023-32434 and CVE-2023-38606. These two vulnerabilities particularly caught our attention because they had been first first discovered as zero-days used in Operation Triangulation. "
👇
securelist.com/coruna-framewor

ah oueee... ça c'est une jolie "coïncidence" & plot twist

intéressant maintenant de voir quelles etaient les cibles...

#CyberVeille #Triangulation

##
oversecurity@mastodon.social at 2026-03-26T08:20:04.000Z ##

Coruna: the framework used in Operation Triangulation

Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and...

🔗️ [Securelist] link.is.it/XwhkQ8

##

CVE-2023-38606
(5.5 MEDIUM)

EPSS: 0.12%

updated 2025-10-22T00:33:51

1 posts

This issue was addressed with improved state management. This issue is fixed in iOS 16.6 and iPadOS 16.6, macOS Big Sur 11.7.9, macOS Monterey 12.6.8, tvOS 16.6, watchOS 9.6, macOS Ventura 13.5, iOS 15.7.8 and iPadOS 15.7.8. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15

decio@infosec.exchange at 2026-03-26T14:50:23.000Z ##

👆
🖼️
"Analysis of the kit showed that it relies on the exploitation of many previously patched vulnerabilities and also includes exploits for CVE-2023-32434 and CVE-2023-38606. These two vulnerabilities particularly caught our attention because they had been first first discovered as zero-days used in Operation Triangulation. "
👇
securelist.com/coruna-framewor

ah oueee... ça c'est une jolie "coïncidence" & plot twist

intéressant maintenant de voir quelles etaient les cibles...

#CyberVeille #Triangulation

##

CVE-2024-6387
(8.1 HIGH)

EPSS: 57.63%

updated 2025-09-30T13:52:23.540000

1 posts

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period.

95 repos

https://github.com/almogopp/OpenSSH-CVE-2024-6387-Fix

https://github.com/passwa11/cve-2024-6387-poc

https://github.com/identity-threat-labs/Article-RegreSSHion-CVE-2024-6387

https://github.com/ThatNotEasy/CVE-2024-6387

https://github.com/CognisysGroup/CVE-2024-6387-Checker

https://github.com/harshinsecurity/sentinelssh

https://github.com/filipi86/CVE-2024-6387-Vulnerability-Checker

https://github.com/acrono/cve-2024-6387-poc

https://github.com/dream434/CVE-2024-6387

https://github.com/hssmo/cve-2024-6387_AImade

https://github.com/YassDEV221608/CVE-2024-6387_PoC

https://github.com/grupooruss/CVE-2024-6387

https://github.com/s1d6point7bugcrowd/CVE-2024-6387-Race-Condition-in-Signal-Handling-for-OpenSSH

https://github.com/invaderslabs/regreSSHion-CVE-2024-6387-

https://github.com/FerasAlrimali/CVE-2024-6387-POC

https://github.com/jocker2410/CVE-2024-6387_poc

https://github.com/zgzhang/cve-2024-6387-poc

https://github.com/Ngagne-Demba-Dia/CVE-2024-6387-corrigee

https://github.com/TAM-K592/CVE-2024-6387

https://github.com/xaitax/CVE-2024-6387_Check

https://github.com/muyuanlove/CVE-2024-6387fixshell

https://github.com/PrincipalAnthony/CVE-2024-6387-Updated-x64bit

https://github.com/devarshishimpi/CVE-2024-6387-Check

https://github.com/mrmtwoj/CVE-2024-6387

https://github.com/redux-sibi-jose/mitigate_ssh

https://github.com/Remnant-DB/CVE-2024-6387

https://github.com/vkaushik-chef/regreSSHion

https://github.com/alex14324/ssh_poc2024

https://github.com/kuffsit/check_cve_2024_6387

https://github.com/0x4D31/cve-2024-6387_hassh

https://github.com/imv7/CVE-2024-6387

https://github.com/d0rb/CVE-2024-6387

https://github.com/sardine-web/CVE-2024-6387-template

https://github.com/OHHDamnBRO/Noregressh

https://github.com/HadesNull123/CVE-2024-6387_Check

https://github.com/no-one-sec/CVE-2024-6387

https://github.com/kubota/CVE-2024-6387-Vulnerability-Checker

https://github.com/edsonjt81/CVE-2024-6387_Check

https://github.com/Mufti22/CVE-2024-6387-checkher

https://github.com/turbobit/CVE-2024-6387-OpenSSH-Vulnerability-Checker

https://github.com/R4Tw1z/CVE-2024-6387

https://github.com/P4x1s/CVE-2024-6387

https://github.com/prelearn-code/CVE-2024-6387

https://github.com/th3gokul/CVE-2024-6387

https://github.com/4lxprime/regreSSHive

https://github.com/ACHUX21/checker-CVE-2024-6387

https://github.com/n1cks0n/Test_CVE-2024-6387

https://github.com/ahlfors/CVE-2024-6387

https://github.com/t3rry327/cve-2024-6387-poc

https://github.com/DimaMend/cve-2024-6387-poc

https://github.com/daniel-odrinski/CVE-2024-6387-Mitigation-Ansible-Playbook

https://github.com/xonoxitron/regreSSHion-checker

https://github.com/paradessia/CVE-2024-6387-nmap

https://github.com/moften/regreSSHion-CVE-2024-6387

https://github.com/theaog/spirit

https://github.com/X-Projetion/CVE-2023-4596-OpenSSH-Multi-Checker

https://github.com/password123456/cve-security-response-guidelines

https://github.com/YassDEV221608/CVE-2024-6387

https://github.com/l-urk/CVE-2024-6387

https://github.com/l0n3m4n/CVE-2024-6387

https://github.com/bigb0x/CVE-2024-6387

https://github.com/awusan125/test_for6387

https://github.com/betancour/OpenSSH-Vulnerability-test

https://github.com/JackSparrowhk/ssh-CVE-2024-6387-poc

https://github.com/anhvutuan/CVE-2024-6387-poc-1

https://github.com/rumochnaya/openssh-cve-2024-6387.sh

https://github.com/sardine-web/CVE-2024-6387_Check

https://github.com/dawnl3ss/CVE-2024-6387

https://github.com/kinu404/CVE-2024-6387

https://github.com/MaulikxLakhani/SSHScout

https://github.com/xonoxitron/regreSSHion

https://github.com/lflare/cve-2024-6387-poc

https://github.com/xristos8574/regreSSHion-nmap-scanner

https://github.com/lala-amber/CVE-2024-6387

https://github.com/teamos-hub/regreSSHion

https://github.com/AiGptCode/ssh_exploiter_CVE-2024-6387

https://github.com/jack0we/CVE-2024-6387

https://github.com/xiw1ll/CVE-2024-6387_Checker

https://github.com/SkyGodling/CVE-2024-6387-POC

https://github.com/getdrive/CVE-2024-6387-PoC

https://github.com/BrandonLynch2402/cve-2024-6387-nuclei-template

https://github.com/MrR0b0t19/CVE-2024-6387-Exploit-POC

https://github.com/sms2056/CVE-2024-6387

https://github.com/thegenetic/CVE-2024-6387-exploit

https://github.com/wiggels/regresshion-check

https://github.com/identity-threat-labs/CVE-2024-6387-Vulnerability-Checker

https://github.com/azurejoga/CVE-2024-6387-how-to-fix

https://github.com/Symbolexe/CVE-2024-6387

https://github.com/shamo0/CVE-2024-6387_PoC

https://github.com/CiderAndWhisky/regression-scanner

https://github.com/RickGeex/CVE-2024-6387-Checker

https://github.com/zenzue/CVE-2024-6387-Mitigation

https://github.com/sxlmnwb/CVE-2024-6387

https://github.com/dgourillon/mitigate-CVE-2024-6387

https://github.com/Karmakstylez/CVE-2024-6387

glitterbean@wehavecookies.social at 2026-03-27T00:48:28.000Z ##

This: qualys.com/2024/07/01/cve-2024

##

CVE-2025-41241
(4.4 MEDIUM)

EPSS: 0.05%

updated 2025-07-29T15:32:54

1 posts

VMware vCenter contains a denial-of-service vulnerability. A malicious actor who is authenticated through vCenter and has permission to perform API calls for guest OS customisation may trigger this vulnerability to create a denial-of-service condition.

mastokukei@social.josko.org at 2026-03-26T18:02:12.000Z ##

(CVE-2025-41241), LiteLLM SQL injection (CVE-2026-32628)
- **Embedded/IoT libraries**: Multiple Arduino/ESP32 libraries (e.g., `Politician`, `WS281xProcessor`, `FujitsuAC`, `Haier2Supla`)
- **PostgreSQL tools**: `pgsemantic` (vector search), `PostGraphile` v5
- **TeX/LaTeX updates**: Multiple font packages (e.g., `tex-ebgaramond`, `tex-fontspec`, `tex-japanese-otf`)
- **Cloud-native development**: CNCF report, Kubernetes ingress migration, Vitess database sharding
- **Rust [3/4]

##

CVE-2023-38646
(9.8 CRITICAL)

EPSS: 94.25%

updated 2024-02-15T18:30:40

2 posts

Metabase open source before 0.46.6.1 and Metabase Enterprise before 1.46.6.1 allow attackers to execute arbitrary commands on the server, at the server's privilege level. Authentication is not required for exploitation. The other fixed versions are 0.45.4.1, 1.45.4.1, 0.44.7.1, 1.44.7.1, 0.43.7.2, and 1.43.7.2.

Nuclei template

41 repos

https://github.com/junnythemarksman/CVE-2023-38646

https://github.com/CN016/Metabase-H2-CVE-2023-38646-

https://github.com/Pumpkin-Garden/POC_Metabase_CVE-2023-38646

https://github.com/Any3ite/cve-2023-38646-metabase-ReverseShell

https://github.com/DaniTheHack3r/CVE-2023-38646

https://github.com/Shisones/MetabaseRCE_CVE-2023-38646

https://github.com/Chocapikk/CVE-2023-38646

https://github.com/alexandre-pecorilla/CVE-2023-38646

https://github.com/Zenmovie/CVE-2023-38646

https://github.com/threatHNTR/CVE-2023-38646

https://github.com/UserConnecting/Exploit-CVE-2023-38646-Metabase

https://github.com/cleanmgr112/cve-2023-38646-poc

https://github.com/Micky1warrior/metabase-pre-auth-rce-poc

https://github.com/raytheon0x21/CVE-2023-38646

https://github.com/fidjiw/CVE-2023-38646-POC

https://github.com/j0yb0y0h/CVE-2023-38646

https://github.com/Boogipop/MetabaseRceTools

https://github.com/Xuxfff/CVE-2023-38646-Poc

https://github.com/getdrive/PoC

https://github.com/passwa11/CVE-2023-38646

https://github.com/asepsaepdin/CVE-2023-38646

https://github.com/acesoyeo/METABASE-RCE-CVE-2023-38646-

https://github.com/robotmikhro/CVE-2023-38646

https://github.com/AnvithLobo/CVE-2023-38646

https://github.com/0utl4nder/Another-Metabase-RCE-CVE-2023-38646

https://github.com/Ego1stoo/CVE-2023-38646

https://github.com/adriyansyah-mf/CVE-2023-38646--Metabase-

https://github.com/kh4sh3i/CVE-2023-38646

https://github.com/birdm4nw/CVE-2023-38646

https://github.com/JayRyz/CVE-2023-38646-PoC-Metabase

https://github.com/BreezeGalaxy/CVE-2023-38646

https://github.com/securezeron/CVE-2023-38646

https://github.com/Anekant-Singhai/Exploits

https://github.com/m3m0o/metabase-pre-auth-rce-poc

https://github.com/Red4mber/CVE-2023-38646

https://github.com/yxl2001/CVE-2023-38646

https://github.com/nickswink/CVE-2023-38646

https://github.com/Mrunalkaran/CVE-2023-38646

https://github.com/shamo0/CVE-2023-38646-PoC

https://github.com/Pyr0sec/CVE-2023-38646

https://github.com/0xrobiul/CVE-2023-38646

AAKL at 2026-03-26T17:21:40.063Z ##

New. This relates to CVE-2023-46604, CVE-2023-38646, and CVE-2025-55182.

VulnCheck: The Return of the Kinsing vulncheck.com/blog/return-of-t @vulncheck

##
AAKL@infosec.exchange at 2026-03-26T17:21:40.000Z ##

New. This relates to CVE-2023-46604, CVE-2023-38646, and CVE-2025-55182.

VulnCheck: The Return of the Kinsing vulncheck.com/blog/return-of-t @vulncheck #infosec #threatresearch #botnet

##

CVE-2026-33897
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T23:17:57.000Z ##

🔴 CVE-2026-33897 - Critical (9.9)

Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for pongo2 templates within instances which can be use...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T23:17:57.000Z ##

🔴 CVE-2026-33897 - Critical (9.9)

Incus is a system container and virtual machine manager. Prior to version 6.23.0, instance template files can be used to cause arbitrary read or writes as root on the host server. Incus allows for pongo2 templates within instances which can be use...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33396
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T22:22:27.000Z ##

🔴 CVE-2026-33396 - Critical (9.9)

OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.35, a low-privileged authenticated user (ProjectMember) can achieve remote command execution on the Probe container/host by abusing Synthetic Monitor Playwrig...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:22:27.000Z ##

🔴 CVE-2026-33396 - Critical (9.9)

OneUptime is an open-source monitoring and observability platform. Prior to version 10.0.35, a low-privileged authenticated user (ProjectMember) can achieve remote command execution on the Probe container/host by abusing Synthetic Monitor Playwrig...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23995
(0 None)

EPSS: 0.00%

4 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T22:22:17.000Z ##

🟠 CVE-2026-23995 - High (8.4)

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adja...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:21:15.000Z ##

🟠 CVE-2026-23995 - High (8.4)

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adja...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:22:17.000Z ##

🟠 CVE-2026-23995 - High (8.4)

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adja...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:21:15.000Z ##

🟠 CVE-2026-23995 - High (8.4)

EVerest is an EV charging software stack. Prior to version 2026.02.0, stack-based buffer overflow in CAN interface initialization: passing an interface name longer than IFNAMSIZ (16) to CAN open routines overflows `ifreq.ifr_name`, corrupting adja...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-22593
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T22:21:36.000Z ##

🟠 CVE-2026-22593 - High (8.4)

EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename handling causes a stack-based buffer overflow when a filename length equals `MAX_FILE_NAME_LENGTH` (100). A crafted filename i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:21:36.000Z ##

🟠 CVE-2026-22593 - High (8.4)

EVerest is an EV charging software stack. Prior to version 2026.02.0, an off-by-one check in IsoMux certificate filename handling causes a stack-based buffer overflow when a filename length equals `MAX_FILE_NAME_LENGTH` (100). A crafted filename i...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33009
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T22:15:45.000Z ##

🟠 CVE-2026-33009 - High (8.2)

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to C++ UB (potential memory corruption). This is triggered by an MQTT `everest_external/nodered/{connector}/cmd/switch_three_phases_while_charging` mess...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T22:15:45.000Z ##

🟠 CVE-2026-33009 - High (8.2)

EVerest is an EV charging software stack. Versions prior to 2026.02.0 have a data race leading to C++ UB (potential memory corruption). This is triggered by an MQTT `everest_external/nodered/{connector}/cmd/switch_three_phases_while_charging` mess...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33416
(0 None)

EPSS: 0.00%

4 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T22:15:35.000Z ##

🟠 CVE-2026-33416 - High (7.5)

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer betw...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
harrysintonen at 2026-03-26T16:00:58.090Z ##

1.6.56 fixes two high-severity vulnerabilities: CVE-2026-33416 and CVE-2026-33636.

Out of these CVE-2026-33416: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE is particularly serious as arbitrary code execution has been demonstrated. Applications that call png_free_data() to release memory between png_read_info() and png_read_update_info() are affected.

github.com/pnggroup/libpng/sec

The second vulnerability CVE-2026-33636: Out-of-bounds read/write in the palette expansion on ARM Neon is of more limited concern as only crashes has been demonstrated. More serious impacts have not been ruled out, however.

github.com/pnggroup/libpng/sec

##
thehackerwire@mastodon.social at 2026-03-26T22:15:35.000Z ##

🟠 CVE-2026-33416 - High (7.5)

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer betw...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
harrysintonen@infosec.exchange at 2026-03-26T16:00:58.000Z ##

#libpng 1.6.56 fixes two high-severity vulnerabilities: CVE-2026-33416 and CVE-2026-33636.

Out of these CVE-2026-33416: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE is particularly serious as arbitrary code execution has been demonstrated. Applications that call png_free_data() to release memory between png_read_info() and png_read_update_info() are affected.

github.com/pnggroup/libpng/sec

The second vulnerability CVE-2026-33636: Out-of-bounds read/write in the palette expansion on ARM Neon is of more limited concern as only crashes has been demonstrated. More serious impacts have not been ruled out, however.

github.com/pnggroup/libpng/sec

#infosec #cybersecurity #CVE_2026_33416 #CVE_2026_33636

##

CVE-2026-33636
(0 None)

EPSS: 0.00%

4 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T22:00:53.000Z ##

🟠 CVE-2026-33636 - High (7.6)

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-opti...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
harrysintonen at 2026-03-26T16:00:58.090Z ##

1.6.56 fixes two high-severity vulnerabilities: CVE-2026-33416 and CVE-2026-33636.

Out of these CVE-2026-33416: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE is particularly serious as arbitrary code execution has been demonstrated. Applications that call png_free_data() to release memory between png_read_info() and png_read_update_info() are affected.

github.com/pnggroup/libpng/sec

The second vulnerability CVE-2026-33636: Out-of-bounds read/write in the palette expansion on ARM Neon is of more limited concern as only crashes has been demonstrated. More serious impacts have not been ruled out, however.

github.com/pnggroup/libpng/sec

##
thehackerwire@mastodon.social at 2026-03-26T22:00:53.000Z ##

🟠 CVE-2026-33636 - High (7.6)

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-opti...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
harrysintonen@infosec.exchange at 2026-03-26T16:00:58.000Z ##

#libpng 1.6.56 fixes two high-severity vulnerabilities: CVE-2026-33416 and CVE-2026-33636.

Out of these CVE-2026-33416: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE is particularly serious as arbitrary code execution has been demonstrated. Applications that call png_free_data() to release memory between png_read_info() and png_read_update_info() are affected.

github.com/pnggroup/libpng/sec

The second vulnerability CVE-2026-33636: Out-of-bounds read/write in the palette expansion on ARM Neon is of more limited concern as only crashes has been demonstrated. More serious impacts have not been ruled out, however.

github.com/pnggroup/libpng/sec

#infosec #cybersecurity #CVE_2026_33416 #CVE_2026_33636

##

CVE-2026-33149
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T21:20:17.000Z ##

🟠 CVE-2026-33149 - High (8.1)

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWED_HOSTS = '*' by default, which causes Django to accept any value in the HTTP Host header without val...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T21:20:17.000Z ##

🟠 CVE-2026-33149 - High (8.1)

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. Versions up to and including 2.5.3 set ALLOWED_HOSTS = '*' by default, which causes Django to accept any value in the HTTP Host header without val...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33152
(0 None)

EPSS: 0.00%

4 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T21:00:53.000Z ##

🔴 CVE-2026-33152 - Critical (9.1)

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backend...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq at 2026-03-26T19:30:29.183Z ##

⚠️ CVE-2026-33152: TandoorRecipes < 2.6.0 suffers CRITICAL vuln (CVSS 9.1). No rate limiting on API BasicAuth enables unlimited password guessing. Patch to 2.6.0 now! radar.offseq.com/threat/cve-20

##
thehackerwire@mastodon.social at 2026-03-26T21:00:53.000Z ##

🔴 CVE-2026-33152 - Critical (9.1)

Tandoor Recipes is an application for managing recipes, planning meals, and building shopping lists. In versions prior to 2.6.0, Tandoor Recipes configures Django REST Framework with BasicAuthentication as one of the default authentication backend...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
offseq@infosec.exchange at 2026-03-26T19:30:29.000Z ##

⚠️ CVE-2026-33152: TandoorRecipes < 2.6.0 suffers CRITICAL vuln (CVSS 9.1). No rate limiting on API BasicAuth enables unlimited password guessing. Patch to 2.6.0 now! radar.offseq.com/threat/cve-20 #OffSeq #Vulnerability #TandoorRecipes #APIsecurity

##

CVE-2026-33506
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T21:00:31.000Z ##

🟠 CVE-2026-33506 - High (8.8)

Ory Polis, formerly known as BoxyHQ Jackson, bridges or proxies a SAML login flow to OAuth 2.0 or OpenID Connect. Versions prior to 26.2.0 contain a DOM-based Cross-Site Scripting (XSS) vulnerability in Ory Polis's login functionality. The applica...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T21:00:31.000Z ##

🟠 CVE-2026-33506 - High (8.8)

Ory Polis, formerly known as BoxyHQ Jackson, bridges or proxies a SAML login flow to OAuth 2.0 or OpenID Connect. Versions prior to 26.2.0 contain a DOM-based Cross-Site Scripting (XSS) vulnerability in Ory Polis's login functionality. The applica...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4926
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T20:35:37.000Z ##

🟠 CVE-2026-4926 - High (7.5)

Impact:

A bad regular expression is generated any time you have multiple sequential optional groups (curly brace syntax), such as `{a}{b}{c}:z`. The generated regex grows exponentially with the number of groups, causing denial of service.

Patche...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T20:35:37.000Z ##

🟠 CVE-2026-4926 - High (7.5)

Impact:

A bad regular expression is generated any time you have multiple sequential optional groups (curly brace syntax), such as `{a}{b}{c}:z`. The generated regex grows exponentially with the number of groups, causing denial of service.

Patche...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33530
(0 None)

EPSS: 0.00%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T20:35:28.000Z ##

🟠 CVE-2026-33530 - High (7.7)

InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, certain API endpoints associated with bulk data operations can be hijacked to exfiltrate sensitive information from the database. The bulk operation API endpoints (e....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T20:35:28.000Z ##

🟠 CVE-2026-33530 - High (7.7)

InvenTree is an Open Source Inventory Management System. Prior to version 1.2.6, certain API endpoints associated with bulk data operations can be hijacked to exfiltrate sensitive information from the database. The bulk operation API endpoints (e....

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-15519
(0 None)

EPSS: 0.00%

2 posts

N/A

agowa338@chaos.social at 2026-03-26T09:05:52.000Z ##

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

feedly.com/cve/CVE-2026-15518 and feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

##
agowa338@chaos.social at 2026-03-26T09:00:45.000Z ##

@heisec

Ehm:

> Für die Ausnutzung zwei weiterer Schwachstellen (CVE-2026-15518, CVE-2026-15519) benötigen Angreifer Adminrechte. Ist das gegeben, können sie eigene Befehle auf Ebene des Betriebssystems ausführen.

Wenn jemand Adminrechte dafür braucht, ist das KEINE Schwachstelle...

##

CVE-2026-15518
(0 None)

EPSS: 0.00%

2 posts

N/A

agowa338@chaos.social at 2026-03-26T09:05:52.000Z ##

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

feedly.com/cve/CVE-2026-15518 and feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

##
agowa338@chaos.social at 2026-03-26T09:00:45.000Z ##

@heisec

Ehm:

> Für die Ausnutzung zwei weiterer Schwachstellen (CVE-2026-15518, CVE-2026-15519) benötigen Angreifer Adminrechte. Ist das gegeben, können sie eigene Befehle auf Ebene des Betriebssystems ausführen.

Wenn jemand Adminrechte dafür braucht, ist das KEINE Schwachstelle...

##

CVE-2026-33918
(0 None)

EPSS: 0.03%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T01:03:46.000Z ##

🟠 CVE-2026-33918 - High (7.6)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the billing file-download endpoint `interface/billing/get_claim_file.php` only verifies that the caller has a valid ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T01:01:14.000Z ##

🟠 CVE-2026-33918 - High (7.6)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the billing file-download endpoint `interface/billing/get_claim_file.php` only verifies that the caller has a valid ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33917
(0 None)

EPSS: 0.03%

2 posts

N/A

1 repos

https://github.com/ChrisSub08/CVE-2026-33917_SqlInjectionVulnerabilityOpenEMR8.0.0

thehackerwire@mastodon.social at 2026-03-26T01:03:36.000Z ##

🟠 CVE-2026-33917 - High (8.8)

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajax_save CAMOS form that can be exploited by authenticated attackers. ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
thehackerwire@mastodon.social at 2026-03-26T01:01:04.000Z ##

🟠 CVE-2026-33917 - High (8.8)

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajax_save CAMOS form that can be exploited by authenticated attackers. ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34056
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T01:00:33.000Z ##

🟠 CVE-2026-34056 - High (7.7)

OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eR...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23514
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T00:00:17.000Z ##

🟠 CVE-2026-23514 - High (8.8)

Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33348
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-25T23:20:35.000Z ##

🟠 CVE-2026-33348 - High (8.7)

OpenEMR is a free and open source electronic health records and medical practice management application. Users with the `Notes - my encounters` role can fill Eye Exam forms in patient encounters. The answers to the form are displayed on the en...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33913
(0 None)

EPSS: 0.03%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-25T23:20:25.000Z ##

🟠 CVE-2026-33913 - High (7.7)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an authenticated user with access to the Carecoordination module can upload a crafted CCDA document containing `` to...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-24750
(0 None)

EPSS: 0.04%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-25T22:00:21.000Z ##

🟠 CVE-2026-24750 - High (7.6)

Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior to version 9.2.1, an authenticated attacker could exploit an Improper Neutralization of Input During Web Page Generation as Stored XSS when modifying forms. Upgrade Ki...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30976
(0 None)

EPSS: 0.06%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-25T21:40:45.000Z ##

🟠 CVE-2026-30976 - High (8.6)

Sonarr is a PVR for Usenet and BitTorrent users. In versions on the 4.x branch prior to 4.0.17.2950, an unauthenticated remote attacker can potentially read any file readable by the Sonarr process. These include application configuration files (co...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-30975
(0 None)

EPSS: 0.06%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-25T21:40:35.000Z ##

🟠 CVE-2026-30975 - High (8.1)

Sonarr is a PVR for Usenet and BitTorrent users. Versions prior to 4.0.16.2942 have an authentication bypass that affected users that had disabled authentication for local addresses (Authentication Required set to: `Disabled for Local Addresses`) ...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33656
(0 None)

EPSS: 0.00%

1 posts

N/A

1 repos

https://github.com/JivaSecurity/ESPOCRM-RCE-POC-CVE-2026-33656

_r_netsec@infosec.exchange at 2026-03-25T12:58:05.000Z ##

CVE-2026-33656: EspoCRM ≤ 9.3.3 — Formula engine ACL gap + path traversal → authenticated RCE (full write-up + PoC) jivasecurity.com/writeups/espo

##

CVE-2026-28373
(0 None)

EPSS: 0.00%

1 posts

N/A

_r_netsec@infosec.exchange at 2026-03-25T09:43:05.000Z ##

Stackfield Desktop App: RCE via Path Traversal and Arbitrary File Write (CVE-2026-28373) rcesecurity.com/2026/03/stackf

##

CVE-2026-33329
(0 None)

EPSS: 0.07%

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-24T20:26:29.000Z ##

🟠 CVE-2026-33329 - High (8.1)

FileRise is a self-hosted web file manager / WebDAV server. From version 1.0.1 to before version 3.10.0, the resumableIdentifier parameter in the Resumable.js chunked upload handler (UploadModel::handleUpload()) is concatenated directly into files...

🔗 thehackerwire.com/vulnerabilit

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##
Visit counter For Websites