FediSecfeeds

CVE	CVSS	EPSS	Posts	Repos	Updated	Description
CVE-2026-33636	7.6	0.00%	2	0	2026-03-26T17:16:41.477000	LIBPNG is a reference library for use in applications that read, create, and man
CVE-2026-33416	7.5	0.00%	2	0	2026-03-26T17:16:38.443000	LIBPNG is a reference library for use in applications that read, create, and man
CVE-2026-29785	7.5	0.07%	2	0	2026-03-26T17:13:31.983000	NATS-Server is a High-Performance server for NATS.io, a cloud and edge native me
CVE-2026-22739	8.6	0.02%	1	0	2026-03-26T17:08:56	Vulnerability in Spring Cloud when substituting the profile parameter from a req
CVE-2026-33696	10.0	0.46%	2	0	2026-03-26T16:41:02	## Impact An authenticated user with permission to create or modify workflows co
CVE-2026-33017	9.8	6.14%	2	4	2026-03-26T15:41:23	## Summary The `POST /api/v1/build_public_tmp/{flow_id}/flow` endpoint allows b
CVE-2026-33348	8.7	0.03%	2	0	2026-03-26T15:16:38.267000	OpenEMR is a free and open source electronic health records and medical practice
CVE-2026-20086	8.6	0.10%	2	0	2026-03-26T15:13:33.940000	A vulnerability in the processing of Control and Provisioning of Wireless Access
CVE-2026-20084	8.6	0.11%	1	0	2026-03-26T15:13:33.940000	A vulnerability in the DHCP snooping feature of Cisco IOS XE Software could allo
CVE-2026-24750	7.6	0.04%	1	0	2026-03-26T15:13:15.790000	Kiteworks is a private data network (PDN). In Kiteworks Secure Data Forms prior
CVE-2026-30975	8.1	0.06%	1	0	2026-03-26T15:13:15.790000	Sonarr is a PVR for Usenet and BitTorrent users. Versions prior to 4.0.16.2942 h
CVE-2026-2995	7.7	0.02%	2	0	2026-03-26T15:13:15.790000	GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 bef
CVE-2026-3988	7.5	0.04%	3	0	2026-03-26T15:13:15.790000	GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5
CVE-2026-4701	9.8	0.02%	1	0	2026-03-26T14:16:13.893000	Use-after-free in the JavaScript Engine component. This vulnerability affects Fi
CVE-2026-4700	9.8	0.02%	1	0	2026-03-26T13:16:30.367000	Mitigation bypass in the Networking: HTTP component. This vulnerability affects
CVE-2026-4698	9.8	0.02%	1	0	2026-03-26T13:16:29.967000	JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability a
CVE-2026-33344	8.1	0.02%	1	0	2026-03-26T13:03:13.500000	Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0
CVE-2026-28760	7.8	0.01%	4	0	2026-03-26T09:30:33	The installer of RATOC RAID Monitoring Manager for Windows searches the current
CVE-2026-32680	7.8	0.01%	4	0	2026-03-26T09:30:33	The installer of RATOC RAID Monitoring Manager for Windows allows to customize t
CVE-2026-4840	8.8	0.15%	4	0	2026-03-26T06:30:27	A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affe
CVE-2026-2931	8.8	0.04%	2	0	2026-03-26T06:30:27	The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object
CVE-2026-4484	9.8	0.04%	2	0	2026-03-26T03:30:34	The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in
CVE-2026-4758	8.8	0.25%	2	0	2026-03-26T00:31:03	The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion
CVE-2026-24151	7.8	0.05%	1	0	2026-03-25T21:57:49.383000	NVIDIA Megatron-LM contains a vulnerability in inferencing where an Attacker may
CVE-2026-24152	7.8	0.05%	1	0	2026-03-25T21:56:52.887000	NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attac
CVE-2026-32537	7.5	0.11%	1	0	2026-03-25T21:31:39	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-25447	9.1	0.04%	2	0	2026-03-25T21:31:39	Improper Control of Generation of Code ('Code Injection') vulnerability in Jonat
CVE-2026-32546	7.5	0.03%	2	0	2026-03-25T21:31:39	Missing Authorization vulnerability in StellarWP Restrict Content restrict-conte
CVE-2026-25001	8.6	0.05%	1	0	2026-03-25T21:31:38	Improper Control of Generation of Code ('Code Injection') vulnerability in Saad
CVE-2026-32573	9.1	0.04%	3	0	2026-03-25T21:30:36	Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio
CVE-2026-32531	8.1	0.11%	1	0	2026-03-25T21:30:36	Improper Control of Filename for Include/Require Statement in PHP Program ('PHP
CVE-2026-32534	8.5	0.03%	1	0	2026-03-25T21:30:36	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-32539	9.3	0.03%	1	0	2026-03-25T21:30:36	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injecti
CVE-2026-25366	10.0	0.05%	2	0	2026-03-25T21:30:35	Improper Control of Generation of Code ('Code Injection') vulnerability in Theme
CVE-2026-32513	8.8	0.05%	1	0	2026-03-25T21:30:35	Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List
CVE-2026-27044	10.0	0.05%	2	0	2026-03-25T21:30:35	Improper Control of Generation of Code ('Code Injection') vulnerability in Total
CVE-2026-4719	7.5	0.01%	1	0	2026-03-25T21:30:28	Incorrect boundary conditions in the Graphics: Text component. This vulnerabilit
CVE-2026-4705	9.8	0.02%	1	0	2026-03-25T21:30:27	Undefined behavior in the WebRTC: Signaling component. This vulnerability affect
CVE-2026-4704	7.5	0.01%	1	0	2026-03-25T21:30:27	Denial-of-service in the WebRTC: Signaling component. This vulnerability affects
CVE-2026-33680	7.5	0.03%	1	0	2026-03-25T21:18:09	## Summary The `LinkSharing.ReadAll()` method allows link share authenticated u
CVE-2026-33678	8.1	0.03%	2	0	2026-03-25T21:17:43	## Summary `TaskAttachment.ReadOne()` queries attachments by ID only (`WHERE id
CVE-2026-32538	7.5	0.03%	1	0	2026-03-25T21:16:46.347000	Insertion of Sensitive Information Into Sent Data vulnerability in Noor Alam SMT
CVE-2026-32536	9.9	0.04%	1	0	2026-03-25T21:16:45.867000	Unrestricted Upload of File with Dangerous Type vulnerability in halfdata Green
CVE-2026-33660	10.0	0.11%	2	0	2026-03-25T21:07:45	## Impact An authenticated user with permission to create or modify workflows co
CVE-2026-33310	8.8	0.05%	1	0	2026-03-25T20:54:34.937000	Intake is a package for finding, investigating, loading and disseminating data.
CVE-2026-33316	8.1	0.03%	2	0	2026-03-25T20:53:33	### Summary A flaw in Vikunja’s password reset logic allows disabled users to r
CVE-2026-29839	8.8	0.01%	1	0	2026-03-25T20:53:05.983000	DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) v
CVE-2026-33211	9.6	0.02%	2	0	2026-03-25T20:48:05	### Summary The Tekton Pipelines git resolver is vulnerable to path traversal v
CVE-2026-4716	9.1	0.02%	1	0	2026-03-25T20:16:37.020000	Incorrect boundary conditions, uninitialized memory in the JavaScript Engine com
CVE-2026-4715	9.1	0.02%	1	0	2026-03-25T20:16:36.837000	Uninitialized memory in the Graphics: Canvas2D component. This vulnerability aff
CVE-2026-32525	9.9	0.05%	1	0	2026-03-25T20:16:30.967000	Improper Control of Generation of Code ('Code Injection') vulnerability in jetmo
CVE-2026-20687	7.1	0.01%	1	1	2026-03-25T20:07:15.087000	A use after free issue was addressed with improved memory management. This issue
CVE-2026-4712	7.5	0.01%	1	0	2026-03-25T19:16:52.517000	Information disclosure in the Widget: Cocoa component. This vulnerability affect
CVE-2026-3857	8.1	0.01%	3	0	2026-03-25T18:32:07	GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10
CVE-2026-20012	8.6	0.10%	2	0	2026-03-25T18:31:51	A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco
CVE-2026-20125	7.7	0.14%	1	0	2026-03-25T18:31:51	A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS X
CVE-2026-26832	9.8	0.19%	1	1	2026-03-25T18:31:51	node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tessera
CVE-2026-3608	7.5	0.02%	1	0	2026-03-25T18:16:32.853000	Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-
CVE-2026-33287	7.5	0.04%	2	0	2026-03-25T17:44:24	### Summary The `replace_first` filter in LiquidJS uses JavaScript's `String.pro
CVE-2026-33285	7.5	0.04%	2	0	2026-03-25T17:40:53	### Summary LiquidJS's `memoryLimit` security mechanism can be completely bypas
CVE-2026-20131	10.0	0.65%	5	3	2026-03-25T17:39:46.247000	A vulnerability in the web-based management interface of Cisco Secure Firewall M
CVE-2026-33286	9.1	0.04%	1	0	2026-03-25T17:18:23.687000	Graphiti is a framework that sits on top of models and exposes them via a JSON:A
CVE-2026-4711	9.8	0.02%	1	0	2026-03-25T17:17:10.257000	Use-after-free in the Widget: Cocoa component. This vulnerability affects Firefo
CVE-2026-27889	7.5	0.07%	1	0	2026-03-25T17:07:53	### Background NATS.io is a high performance open source pub-sub distributed co
CVE-2025-71275	0	0.00%	1	0	2026-03-25T16:16:08.033000	Rejected reason: This CVE was rejected due to being a duplicate of CVE-2024-4551
CVE-2025-32991	9.0	0.21%	2	0	2026-03-25T16:16:07.650000	In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful AP
CVE-2026-2417	0	0.10%	1	0	2026-03-25T15:41:58.280000	A Missing Authentication for Critical Function vulnerability in Pharos Controls
CVE-2025-33244	9.0	0.03%	2	0	2026-03-25T15:41:58.280000	NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker co
CVE-2026-24157	7.8	0.12%	1	0	2026-03-25T15:41:58.280000	NVIDIA NeMo Framework contains a vulnerability in checkpoint loading where an at
CVE-2026-24159	7.8	0.12%	1	0	2026-03-25T15:41:58.280000	NVIDIA NeMo Framework contains a vulnerability where an attacker may cause remot
CVE-2026-33509	7.5	0.06%	1	0	2026-03-25T15:41:58.280000	pyLoad is a free and open-source download manager written in Python. From versio
CVE-2026-33399	7.7	0.03%	1	0	2026-03-25T15:41:58.280000	Wallos is an open-source, self-hostable personal subscription tracker. Prior to
CVE-2026-2072	8.2	0.04%	1	0	2026-03-25T15:41:33.977000	Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor (
CVE-2026-28877	0	0.02%	1	0	2026-03-25T15:41:33.977000	An authorization issue was addressed with improved state management. This issue
CVE-2026-28864	3.3	0.01%	1	0	2026-03-25T15:32:30	This issue was addressed with improved permissions checking. This issue is fixed
CVE-2026-3104	7.5	0.03%	2	0	2026-03-25T15:31:37	A specially crafted domain can be used to cause a memory leak in a BIND resolver
CVE-2026-26830	9.8	0.25%	2	2	2026-03-25T15:31:37	pdf-image (npm package) through version 2.0.0 allows OS command injection via th
CVE-2026-1519	7.5	0.04%	2	0	2026-03-25T15:31:36	If a BIND resolver is performing DNSSEC validation and encounters a maliciously
CVE-2026-2343	5.3	0.03%	1	0	2026-03-25T15:31:30	The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download
CVE-2026-33634	0	0.07%	2	1	2026-03-25T15:16:49.230000	Trivy is a security scanner. On March 19, 2026, a threat actor used compromised
CVE-2026-3909	8.8	4.44%	1	0	2026-03-25T14:05:38.743000	Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a re
CVE-2026-26306	7.8	0.02%	1	0	2026-03-25T06:30:35	The installer for OM Workspace (Windows Edition) Ver 2.4 and earlier insecurely
CVE-2026-33218	7.5	0.12%	2	0	2026-03-24T21:45:30	### Background NATS.io is a high performance open source pub-sub distributed co
CVE-2026-33216	8.6	0.03%	2	0	2026-03-24T21:42:11	### Background NATS.io is a high performance open source pub-sub distributed co
CVE-2026-4725	10.0	0.01%	1	0	2026-03-24T21:32:29	Sandbox escape due to use-after-free in the Graphics: Canvas2D component. This v
CVE-2026-4723	9.8	0.01%	1	0	2026-03-24T21:32:29	Use-after-free in the JavaScript Engine component. This vulnerability affects Fi
CVE-2026-4717	9.8	0.02%	1	0	2026-03-24T21:32:28	Privilege escalation in the Netmonitor component. This vulnerability affects Fir
CVE-2026-4714	7.5	0.01%	1	0	2026-03-24T21:32:28	Incorrect boundary conditions in the Audio/Video component. This vulnerability a
CVE-2026-4713	7.5	0.01%	1	0	2026-03-24T21:32:28	Incorrect boundary conditions in the Graphics component. This vulnerability affe
CVE-2026-30653	7.5	0.18%	1	0	2026-03-24T21:32:28	An issue in Free5GC v.4.2.0 and before allows a remote attacker to cause a denia
CVE-2025-33254	7.5	0.03%	1	0	2026-03-24T21:31:36	NVIDIA Triton Inference Server contains a vulnerability where an attacker may ca
CVE-2025-33248	7.8	0.05%	1	0	2026-03-24T21:31:35	NVIDIA Megatron-LM contains a vulnerability in the hybrid conversion script wher
CVE-2025-33247	7.8	0.24%	1	0	2026-03-24T21:31:35	NVIDIA Megatron LM contains a vulnerability in quantization configuration loadin
CVE-2025-33238	7.5	0.03%	1	0	2026-03-24T21:31:35	NVIDIA Triton Inference Server Sagemaker HTTP server contains a vulnerability wh
CVE-2026-24158	7.5	0.04%	1	0	2026-03-24T21:31:35	NVIDIA Triton Inference Server contains a vulnerability in the HTTP endpoint whe
CVE-2026-24150	7.8	0.05%	1	0	2026-03-24T21:31:35	NVIDIA Megatron-LM contains a vulnerability in checkpoint loading where an Attac
CVE-2026-24141	7.8	0.06%	1	0	2026-03-24T21:31:35	NVIDIA Model Optimizer for Windows and Linux contains a vulnerability in the ONN
CVE-2026-22559	8.8	0.07%	1	0	2026-03-24T21:31:35	An Improper Input Validation vulnerability in UniFi Network Server may allow una
CVE-2026-4702	9.8	0.02%	1	0	2026-03-24T21:31:22	JIT miscompilation in the JavaScript Engine component. This vulnerability affect
CVE-2026-4722	8.8	0.02%	1	0	2026-03-24T21:16:34.063000	Privilege escalation in the IPC component. This vulnerability affects Firefox <
CVE-2026-33554	7.5	0.04%	1	0	2026-03-24T20:16:30.357000	ipmi-oem in FreeIPMI before 1.16.17 has exploitable buffer overflows on response
CVE-2026-33242	7.5	0.01%	1	0	2026-03-24T19:37:42.130000	Salvo is a Rust web framework. Versions 0.39.0 through 0.89.2 have a Path Traver
CVE-2026-33497	7.5	0.01%	1	0	2026-03-24T19:20:25.140000	Langflow is a tool for building and deploying AI-powered agents and workflows. P
CVE-2026-33484	7.5	0.02%	1	0	2026-03-24T19:20:13.567000	Langflow is a tool for building and deploying AI-powered agents and workflows. I
CVE-2026-33418	7.5	0.04%	1	0	2026-03-24T19:19:48.480000	DiceBear is an avatar library for designers and developers. Prior to version 9.4
CVE-2026-4679	8.8	0.08%	1	0	2026-03-24T18:31:34	Integer overflow in Fonts in Google Chrome prior to 146.0.7680.165 allowed a rem
CVE-2026-4675	8.8	0.07%	1	0	2026-03-24T18:31:34	Heap buffer overflow in WebGL in Google Chrome prior to 146.0.7680.165 allowed a
CVE-2026-4678	8.8	0.11%	1	0	2026-03-24T17:50:27.517000	Use after free in WebGPU in Google Chrome prior to 146.0.7680.165 allowed a remo
CVE-2026-4680	8.8	0.13%	1	0	2026-03-24T17:50:13.317000	Use after free in FedCM in Google Chrome prior to 146.0.7680.165 allowed a remot
CVE-2026-4673	8.8	0.07%	2	0	2026-03-24T16:54:37.343000	Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowe
CVE-2026-4674	8.8	0.08%	2	0	2026-03-24T16:53:14.987000	Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a rem
CVE-2026-4676	8.8	0.11%	1	0	2026-03-24T16:50:03.117000	Use after free in Dawn in Google Chrome prior to 146.0.7680.165 allowed a remote
CVE-2026-33056	6.5	0.01%	2	0	2026-03-24T16:17:11.623000	tar-rs is a tar archive reading/writing library for Rust. In versions 0.4.44 and
CVE-2026-3055	0	0.02%	5	0	2026-03-24T15:54:09.400000	Insufficient input validation in NetScaler ADC and NetScaler Gateway when config
CVE-2025-15605	0	0.01%	2	0	2026-03-24T15:54:09.400000	A hardcoded cryptographic key within the configuration mechanism on TP-Link Arch
CVE-2026-4368	0	0.02%	2	0	2026-03-24T15:54:09.400000	Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configur
CVE-2026-4681	0	0.38%	1	0	2026-03-24T15:53:48.067000	A critical remote code execution (RCE) vulnerability has been reported in PTC Wi
CVE-2026-27651	7.5	0.03%	2	0	2026-03-24T15:53:48.067000	When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open
CVE-2026-27654	8.2	0.02%	1	0	2026-03-24T15:53:48.067000	NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module
CVE-2026-4739	0	0.04%	2	0	2026-03-24T15:53:48.067000	Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (‎
CVE-2025-41660	8.8	0.21%	1	0	2026-03-24T15:53:48.067000	A low-privileged remote attacker may be able to replace the boot application of
CVE-2026-4755	9.8	0.06%	1	0	2026-03-24T15:53:48.067000	CWE-20 vulnerability in MolotovCherry Android-ImageMagick7.This issue affects An
CVE-2026-4746	0	0.04%	1	0	2026-03-24T15:53:48.067000	Out-of-bounds Write vulnerability in timeplus-io proton (base/poco/Foundation/sr
CVE-2026-4662	7.5	0.08%	1	0	2026-03-24T15:53:48.067000	The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listi
CVE-2026-33298	7.8	0.04%	2	0	2026-03-24T15:53:48.067000	llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an int
CVE-2026-27784	7.8	0.01%	2	0	2026-03-24T15:30:36	The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_ht
CVE-2026-32647	7.8	0.01%	2	0	2026-03-24T15:30:36	NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module
CVE-2026-4775	7.8	0.06%	1	0	2026-03-24T15:30:36	A flaw was found in the libtiff library. A remote attacker could exploit a signe
CVE-2026-3509	7.5	0.08%	1	0	2026-03-24T09:30:41	An unauthenticated remote attacker may be able to control the format string of m
CVE-2026-4745	None	0.05%	1	0	2026-03-24T06:31:25	Improper Control of Generation of Code ('Code Injection') vulnerability in dendi
CVE-2026-4753	9.1	0.04%	1	0	2026-03-24T06:31:25	Out-of-bounds Read vulnerability in slajerek RetroDebugger.This issue affects Re
CVE-2026-4750	9.1	0.04%	1	0	2026-03-24T06:31:25	Out-of-bounds Read vulnerability in fabiangreffrath woof.This issue affects woof
CVE-2026-4640	7.5	0.07%	1	0	2026-03-24T06:31:25	Vitals ESP developed by Galaxy Software Services has a Missing Authentication vu
CVE-2026-4283	9.1	0.10%	2	0	2026-03-24T06:31:20	The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to unauthorized acc
CVE-2026-4639	8.8	0.10%	2	0	2026-03-24T06:31:14	Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization v
CVE-2026-4744	None	0.01%	1	0	2026-03-24T06:31:14	Out-of-bounds Read vulnerability in rizonesoft Notepad3 (‎scintilla/oniguruma/sr
CVE-2026-4677	8.8	0.07%	1	0	2026-03-24T03:31:25	Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.16
CVE-2025-15517	None	0.04%	2	0	2026-03-23T18:30:39	A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210
CVE-2026-32746	9.8	0.03%	3	5	2026-03-23T15:31:40	telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMO
CVE-2025-31277	8.8	0.27%	1	0	2026-03-20T18:53:35.083000	The issue was addressed with improved memory handling. This issue is fixed in Sa
CVE-2025-43520	5.5	0.47%	8	0	2026-03-20T18:32:19	A memory corruption issue was addressed with improved memory handling. This issu
CVE-2026-33331	8.2	0.01%	1	0	2026-03-20T17:25:56	A Stored Cross-Site Scripting (XSS) vulnerability exists in the OpenAPI document
CVE-2026-21992	9.8	0.06%	1	0	2026-03-20T15:32:14	Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware
CVE-2026-3888	7.8	0.01%	1	5	2026-03-18T04:17:30.720000	Local privilege escalation in snapd on Linux allows local attackers to get root
CVE-2026-32116	8.1	0.08%	1	0	2026-03-16T18:02:21.613000	Magic Wormhole makes it possible to get arbitrary-sized files and directories fr
CVE-2026-26123	5.5	0.05%	2	0	2026-03-10T21:32:18	Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized a
CVE-2026-27598	6.5	0.11%	1	0	2026-02-25T20:23:36.483000	Dagu is a workflow engine with a built-in Web user interface. In versions up to
CVE-2026-27210	None	0.03%	1	0	2026-02-23T22:27:55	### Impact The hot spot `attributes` configuration property allowed any attribut
CVE-2025-43529	8.8	0.17%	1	8	2025-12-17T21:31:01	A use-after-free issue was addressed with improved memory management. This issue
CVE-2025-24201	7.1	0.10%	1	3	2025-11-13T21:31:15	An out-of-bounds write issue was addressed with improved checks to prevent unaut
CVE-2023-38606	5.5	0.12%	2	0	2025-10-31T14:43:10.643000	This issue was addressed with improved state management. This issue is fixed in
CVE-2023-32434	7.8	61.25%	4	2	2025-10-23T18:48:05.013000	An integer overflow was addressed with improved input validation. This issue is
CVE-2026-3650	0	0.00%	2	0		N/A
CVE-2026-15518	0	0.00%	4	0		N/A
CVE-2026-15519	0	0.00%	4	0		N/A
CVE-2026-33526	0	1.98%	2	0		N/A
CVE-2026-33918	0	0.03%	4	0		N/A
CVE-2026-33917	0	0.03%	4	1		N/A
CVE-2026-33932	0	0.03%	2	0		N/A
CVE-2026-34056	0	0.03%	2	0		N/A
CVE-2026-34055	0	0.03%	2	0		N/A
CVE-2026-23514	0	0.04%	2	0		N/A
CVE-2026-29187	0	0.02%	4	1		N/A
CVE-2026-33913	0	0.03%	2	0		N/A
CVE-2026-32628	0	0.03%	1	0		N/A
CVE-2026-30976	0	0.06%	1	0		N/A
CVE-2026-33656	0	0.00%	1	1		N/A
CVE-2026-28373	0	0.00%	1	0		N/A
CVE-2026-33870	0	0.00%	1	0		N/A
CVE-2026-33871	0	0.00%	1	0		N/A
CVE-2026-33329	0	0.07%	1	0		N/A
CVE-2026-33340	0	0.04%	1	0		N/A
CVE-2026-30840	0	0.05%	1	0		N/A
CVE-2026-30839	0	0.03%	1	0		N/A
CVE-2026-33307	0	0.03%	1	0		N/A
CVE-2026-33250	0	0.21%	1	0		N/A

CVE-2026-33636
(7.6 HIGH)

EPSS: 0.00%

updated 2026-03-26T17:16:41.477000

2 posts

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. When expanding 8-bit paletted rows to RGB or RGBA, the Neon loop processes a final partial chunk without verifying that eno

harrysintonen at 2026-03-26T16:00:58.090Z ##

#libpng 1.6.56 fixes two high-severity vulnerabilities: CVE-2026-33416 and CVE-2026-33636.

Out of these CVE-2026-33416: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE is particularly serious as arbitrary code execution has been demonstrated. Applications that call png_free_data() to release memory between png_read_info() and png_read_update_info() are affected.

https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j

The second vulnerability CVE-2026-33636: Out-of-bounds read/write in the palette expansion on ARM Neon is of more limited concern as only crashes has been demonstrated. More serious impacts have not been ruled out, however.

https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2

#infosec #cybersecurity #CVE_2026_33416 #CVE_2026_33636

##

harrysintonen@infosec.exchange at 2026-03-26T16:00:58.000Z ##

#libpng 1.6.56 fixes two high-severity vulnerabilities: CVE-2026-33416 and CVE-2026-33636.

Out of these CVE-2026-33416: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE is particularly serious as arbitrary code execution has been demonstrated. Applications that call png_free_data() to release memory between png_read_info() and png_read_update_info() are affected.

https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j

The second vulnerability CVE-2026-33636: Out-of-bounds read/write in the palette expansion on ARM Neon is of more limited concern as only crashes has been demonstrated. More serious impacts have not been ruled out, however.

https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2

#infosec #cybersecurity #CVE_2026_33416 #CVE_2026_33636

##

CVE-2026-33416
(7.5 HIGH)

EPSS: 0.00%

updated 2026-03-26T17:16:38.443000

2 posts

LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`, sharing a single allocation across two structs with independent lifetimes. The `trans_alpha` aliasing has been present s

harrysintonen at 2026-03-26T16:00:58.090Z ##

#libpng 1.6.56 fixes two high-severity vulnerabilities: CVE-2026-33416 and CVE-2026-33636.

Out of these CVE-2026-33416: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE is particularly serious as arbitrary code execution has been demonstrated. Applications that call png_free_data() to release memory between png_read_info() and png_read_update_info() are affected.

https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j

The second vulnerability CVE-2026-33636: Out-of-bounds read/write in the palette expansion on ARM Neon is of more limited concern as only crashes has been demonstrated. More serious impacts have not been ruled out, however.

https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2

#infosec #cybersecurity #CVE_2026_33416 #CVE_2026_33636

##

harrysintonen@infosec.exchange at 2026-03-26T16:00:58.000Z ##

#libpng 1.6.56 fixes two high-severity vulnerabilities: CVE-2026-33416 and CVE-2026-33636.

Out of these CVE-2026-33416: Use-after-free via pointer aliasing in png_set_tRNS and png_set_PLTE is particularly serious as arbitrary code execution has been demonstrated. Applications that call png_free_data() to release memory between png_read_info() and png_read_update_info() are affected.

https://github.com/pnggroup/libpng/security/advisories/GHSA-m4pc-p4q3-4c7j

The second vulnerability CVE-2026-33636: Out-of-bounds read/write in the palette expansion on ARM Neon is of more limited concern as only crashes has been demonstrated. More serious impacts have not been ruled out, however.

https://github.com/pnggroup/libpng/security/advisories/GHSA-wjr5-c57x-95m2

#infosec #cybersecurity #CVE_2026_33416 #CVE_2026_33636

##

CVE-2026-29785
(7.5 HIGH)

EPSS: 0.07%

updated 2026-03-26T17:13:31.983000

2 posts

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled (not default), then anyone who can connect can crash the nats-server by triggering a panic. This happens pre-authentication and requires that compression be enabled (which it is, by default, when leafnodes

thehackerwire@mastodon.social at 2026-03-25T20:21:39.000Z ##

🟠 CVE-2026-29785 - High (7.5)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.14 and 2.12.5, if the nats-server has the "leafnode" configuration enabled (not default), then anyone who can connect can crash ...

updated 2026-03-26T15:41:23

2 posts

## Summary The `POST /api/v1/build_public_tmp/{flow_id}/flow` endpoint allows building public flows without requiring authentication. When the optional `data` parameter is supplied, the endpoint uses **attacker-controlled flow data** (containing arbitrary Python code in node definitions) instead of the stored flow data from the database. This code is passed to `exec()` with zero sandboxing, resul

4 repos

https://github.com/rootdirective-sec/CVE-2026-33017-Lab

https://github.com/omer-efe-curkus/CVE-2026-33017-Langflow-RCE-PoC

https://github.com/MaxMnMl/langflow-CVE-2026-33017-poc

https://github.com/SimoesCTT/Sovereign-Echo-33017

cisakevtracker@mastodon.social at 2026-03-25T18:00:49.000Z ##

CVE ID: CVE-2026-33017
Vendor: Langflow
Product: Langflow
Date Added: 2026-03-25
Notes: https://github.com/langflow-ai/langflow/security/advisories/GHSA-vwmf-pq79-vjvx ; https://nvd.nist.gov/vuln/detail/CVE-2026-33017
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-33017

##

AAKL@infosec.exchange at 2026-03-25T17:45:20.000Z ##

CISA has updated the KEV catalogue.

- CVE-2026-33017: Langflow Code Injection Vulnerability https://www.cve.org/CVERecord?id=CVE-2026-33017 #CISA #infosec #vulnerability

##

CVE-2026-33348
(8.7 HIGH)

EPSS: 0.03%

updated 2026-03-26T15:16:38.267000

2 posts

OpenEMR is a free and open source electronic health records and medical practice management application. Users with the `Notes - my encounters` role can fill Eye Exam forms in patient encounters. The answers to the form are displayed on the encounter page and in the visit history for the users with the same role. Versions prior to 8.0.0.3 have a stored cross-site scripting (XSS) vulnerability in t

thehackerwire@mastodon.social at 2026-03-25T23:20:35.000Z ##

🟠 CVE-2026-33348 - High (8.7)

OpenEMR is a free and open source electronic health records and medical practice management application. Users with the `Notes - my encounters` role can fill Eye Exam forms in patient encounters. The answers to the form are displayed on the en...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33348/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T23:20:35.000Z ##

🟠 CVE-2026-33348 - High (8.7)

OpenEMR is a free and open source electronic health records and medical practice management application. Users with the `Notes - my encounters` role can fill Eye Exam forms in patient encounters. The answers to the form are displayed on the en...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33348/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20086
(8.6 HIGH)

EPSS: 0.10%

updated 2026-03-26T15:13:33.940000

2 posts

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability is due to improper handling of a malformed CAPWAP packet. An attacker could explo

thehackerwire@mastodon.social at 2026-03-25T23:00:24.000Z ##

🟠 CVE-2026-20086 - High (8.6)

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20086/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T23:00:24.000Z ##

🟠 CVE-2026-20086 - High (8.6)

A vulnerability in the processing of Control and Provisioning of Wireless Access Points (CAPWAP) packets of Cisco IOS XE Wireless Controller Software for the Catalyst CW9800 Family could allow an unauthenticated, remote attacker to cause a denial ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20086/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20084
(8.6 HIGH)

EPSS: 0.11%

updated 2026-03-26T15:13:33.940000

updated 2026-03-26T15:13:15.790000

2 posts

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addresses to targeted user accounts due to improper sanitization of HTML content.

thehackerwire@mastodon.social at 2026-03-25T21:02:24.000Z ##

🟠 CVE-2026-2995 - High (7.7)

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addresses to targeted user accounts due to improper...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2995/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T20:59:57.000Z ##

🟠 CVE-2026-2995 - High (7.7)

GitLab has remediated an issue in GitLab EE affecting all versions from 15.4 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an authenticated user to add email addresses to targeted user accounts due to improper...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2995/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3988
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-26T15:13:15.790000

3 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance unresponsive due to improper input validation in GraphQL request processing.

thehackerwire@mastodon.social at 2026-03-25T20:43:51.000Z ##

🟠 CVE-2026-3988 - High (7.5)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3988/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T20:42:22.000Z ##

🟠 CVE-2026-3988 - High (7.5)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 18.5 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to cause a denial of service by making the GitLab instance ...

EPSS: 0.02%

updated 2026-03-26T13:03:13.500000

1 posts

Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0 to before version 2.3.1, the fix for CVE-2026-27598 added ValidateDAGName to CreateNewDAG and rewrote generateFilePath to use filepath.Base. This patched the CREATE path. The remaining API endpoints - GET, DELETE, RENAME, EXECUTE - all pass the {fileName} URL path parameter to locateDAG without calling ValidateDAGName

thehackerwire@mastodon.social at 2026-03-24T20:29:21.000Z ##

🟠 CVE-2026-33344 - High (8.1)

Dagu is a workflow engine with a built-in Web user interface. From version 2.0.0 to before version 2.3.1, the fix for CVE-2026-27598 added ValidateDAGName to CreateNewDAG and rewrote generateFilePath to use filepath.Base. This patched the CREATE p...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33344/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-28760
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-26T09:30:33

4 posts

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege.

offseq at 2026-03-26T09:00:28.307Z ##

🛡️ HIGH-severity: CVE-2026-28760 in RATOC RAID Monitoring Manager for Windows (<2.00.009.260220) allows DLL hijacking — local attackers may run code as admin. Patch ASAP, restrict installer access, and audit installs. https://radar.offseq.com/threat/cve-2026-28760-uncontrolled-search-path-element-in-f4dfdefd #OffSeq #infosec #vuln #windows

##

thehackerwire@mastodon.social at 2026-03-26T07:19:31.000Z ##

🟠 CVE-2026-28760 - High (7.8)

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28760/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-26T09:00:28.000Z ##

🛡️ HIGH-severity: CVE-2026-28760 in RATOC RAID Monitoring Manager for Windows (<2.00.009.260220) allows DLL hijacking — local attackers may run code as admin. Patch ASAP, restrict installer access, and audit installs. https://radar.offseq.com/threat/cve-2026-28760-uncontrolled-search-path-element-in-f4dfdefd #OffSeq #infosec #vuln #windows

##

thehackerwire@mastodon.social at 2026-03-26T07:19:31.000Z ##

🟠 CVE-2026-28760 - High (7.8)

The installer of RATOC RAID Monitoring Manager for Windows searches the current directory to load certain DLLs. If a user is directed to place a crafted DLL with the installer, an arbitrary code may be executed with the administrator privilege.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-28760/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32680
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-26T09:30:33

4 posts

The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can alter contents of that folder. It may allow a non-administrative user to execute an arbitrary code with SYSTEM privilege.

offseq at 2026-03-26T07:30:29.173Z ##

HIGH severity alert: RATOC RAID Monitoring Manager for Windows (<2.00.009.260220) can leave custom install folders with insecure ACLs, letting non-admins run code as SYSTEM. Check permissions & update! CVE-2026-32680 https://radar.offseq.com/threat/cve-2026-32680-incorrect-default-permissions-in-ra-38982bf7 #OffSeq #Vuln #Windows #SysAdmin

##

thehackerwire@mastodon.social at 2026-03-26T07:19:40.000Z ##

🟠 CVE-2026-32680 - High (7.8)

The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32680/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-26T07:30:29.000Z ##

HIGH severity alert: RATOC RAID Monitoring Manager for Windows (<2.00.009.260220) can leave custom install folders with insecure ACLs, letting non-admins run code as SYSTEM. Check permissions & update! CVE-2026-32680 https://radar.offseq.com/threat/cve-2026-32680-incorrect-default-permissions-in-ra-38982bf7 #OffSeq #Vuln #Windows #SysAdmin

##

thehackerwire@mastodon.social at 2026-03-26T07:19:40.000Z ##

🟠 CVE-2026-32680 - High (7.8)

The installer of RATOC RAID Monitoring Manager for Windows allows to customize the installation folder. If the installation folder is customized to some non-default one, the folder may be left with un-secure ACLs and non-administrative users can a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32680/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4840
(8.8 HIGH)

EPSS: 0.15%

updated 2026-03-26T06:30:27

4 posts

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr results in os command injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks. The

offseq at 2026-03-26T06:00:30.715Z ##

🔥 CVE-2026-4840: HIGH-severity OS command injection in Netcore Power 15AX (≤3.0.0.6938). No patch, public exploit out. Remote code execution possible — immediate mitigation needed! Full compromise risk. Details: https://radar.offseq.com/threat/cve-2026-4840-os-command-injection-in-netcore-powe-abf3a5bc #OffSeq #Netcore #Security #CVE20264840

##

thehackerwire@mastodon.social at 2026-03-26T05:17:52.000Z ##

🟠 CVE-2026-4840 - High (8.8)

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr res...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4840/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

offseq@infosec.exchange at 2026-03-26T06:00:30.000Z ##

🔥 CVE-2026-4840: HIGH-severity OS command injection in Netcore Power 15AX (≤3.0.0.6938). No patch, public exploit out. Remote code execution possible — immediate mitigation needed! Full compromise risk. Details: https://radar.offseq.com/threat/cve-2026-4840-os-command-injection-in-netcore-powe-abf3a5bc #OffSeq #Netcore #Security #CVE20264840

##

thehackerwire@mastodon.social at 2026-03-26T05:17:52.000Z ##

🟠 CVE-2026-4840 - High (8.8)

A security flaw has been discovered in Netcore Power 15AX up to 3.0.0.6938. Affected by this issue is the function setTools of the file /bin/netis.cgi of the component Diagnostic Tool Interface. Performing a manipulation of the argument IpAddr res...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4840/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2931
(8.8 HIGH)

EPSS: 0.04%

updated 2026-03-26T06:30:27

2 posts

The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and access system resources. This makes it possible for authenticated attackers with customer-level permissions or above to change user passwords and potentially

thehackerwire@mastodon.social at 2026-03-26T05:18:02.000Z ##

🟠 CVE-2026-2931 - High (8.8)

The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and acce...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2931/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T05:18:02.000Z ##

🟠 CVE-2026-2931 - High (8.8)

The Amelia Booking plugin for WordPress is vulnerable to Insecure Direct Object References in versions up to, and including, 9.1.2. This is due to the plugin providing user-controlled access to objects, letting a user bypass authorization and acce...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-2931/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4484
(9.8 CRITICAL)

EPSS: 0.04%

updated 2026-03-26T03:30:34

2 posts

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepare_object_for_database' function. This makes it possible for authenticated attackers, with Student-level access and above, to elevate their privileges to that of an admini

thehackerwire@mastodon.social at 2026-03-26T03:00:03.000Z ##

🔴 CVE-2026-4484 - Critical (9.8)

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepare_object_for_data...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4484/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T03:00:03.000Z ##

🔴 CVE-2026-4484 - Critical (9.8)

The Masteriyo LMS plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 2.1.6. This is due to the plugin allowing a user to update the user role through the 'InstructorsController::prepare_object_for_data...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4484/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4758
(8.8 HIGH)

EPSS: 0.25%

updated 2026-03-26T00:31:03

2 posts

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete arbitrary files on the server, which can easily lead to remote code exec

thehackerwire@mastodon.social at 2026-03-26T01:00:42.000Z ##

🟠 CVE-2026-4758 - High (8.8)

The WP Job Portal plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'WPJOBPORTALcustomfields::removeFileCustom' function in all versions up to, and including, 2.4.9. This makes it possibl...

updated 2026-03-25T21:31:39

2 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a through <= 2.3.9.

thehackerwire@mastodon.social at 2026-03-25T21:02:44.000Z ##

🔴 CVE-2026-25447 - Critical (9.1)

Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a through <= 2.3.9.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25447/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T21:00:16.000Z ##

🔴 CVE-2026-25447 - Critical (9.1)

Improper Control of Generation of Code ('Code Injection') vulnerability in Jonathan Daggerhart Widget Wrangler widget-wrangler allows Code Injection.This issue affects Widget Wrangler: from n/a through <= 2.3.9.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25447/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32546
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-25T21:31:39

2 posts

Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through <= 3.2.22.

thehackerwire@mastodon.social at 2026-03-25T20:44:00.000Z ##

🟠 CVE-2026-32546 - High (7.5)

Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through <= 3.2.22.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32546/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T20:42:31.000Z ##

🟠 CVE-2026-32546 - High (7.5)

Missing Authorization vulnerability in StellarWP Restrict Content restrict-content allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Restrict Content: from n/a through <= 3.2.22.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32546/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-25001
(8.6 HIGH)

EPSS: 0.05%

updated 2026-03-25T21:31:38

1 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Saad Iqbal Post Snippets post-snippets allows Remote Code Inclusion.This issue affects Post Snippets: from n/a through <= 4.0.12.

thehackerwire@mastodon.social at 2026-03-25T21:00:28.000Z ##

🟠 CVE-2026-25001 - High (8.5)

Improper Control of Generation of Code ('Code Injection') vulnerability in Saad Iqbal Post Snippets post-snippets allows Remote Code Inclusion.This issue affects Post Snippets: from n/a through <= 4.0.12.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25001/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32573
(9.1 CRITICAL)

EPSS: 0.04%

updated 2026-03-25T21:30:36

3 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Code Injection.This issue affects Nelio AB Testing: from n/a through <= 8.2.7.

offseq at 2026-03-26T04:30:28.147Z ##

🚨 CRITICAL: CVE-2026-32573 in Nelio AB Testing plugin (≤8.2.7) enables code injection on WordPress sites. No active exploits, but risk of remote code execution. Monitor for patches & harden configs. https://radar.offseq.com/threat/cve-2026-32573-improper-control-of-generation-of-c-2c0edccd #OffSeq #WordPress #Vuln

##

updated 2026-03-25T21:30:35

2 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through <= 2.7.1.

Matchbook3469@mastodon.social at 2026-03-26T07:42:57.000Z ##

🔴 New security advisory:

CVE-2026-25366 affects multiple systems.

• Impact: Remote code execution or complete system compromise possible
• Risk: Attackers can gain full control of affected systems
• Mitigation: Patch immediately or isolate affected systems

Full breakdown:
https://www.yazoul.net/advisory/cve/cve-2026-25366-woody-ad-snippets-code-injection-update-immediately

#Cybersecurity #ZeroDay #ThreatIntel

##

thehackerwire@mastodon.social at 2026-03-25T21:00:18.000Z ##

🔴 CVE-2026-25366 - Critical (9.9)

Improper Control of Generation of Code ('Code Injection') vulnerability in Themeisle Woody ad snippets insert-php allows Code Injection.This issue affects Woody ad snippets: from n/a through <= 2.7.1.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-25366/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32513
(8.8 HIGH)

EPSS: 0.05%

updated 2026-03-25T21:30:35

1 posts

Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through <= 6.1.7.

thehackerwire@mastodon.social at 2026-03-25T21:44:41.000Z ##

🟠 CVE-2026-32513 - High (8.8)

Deserialization of Untrusted Data vulnerability in Miguel Useche JS Archive List jquery-archive-list-widget allows Object Injection.This issue affects JS Archive List: from n/a through <= 6.1.7.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-32513/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27044
(10.0 CRITICAL)

EPSS: 0.05%

updated 2026-03-25T21:30:35

2 posts

Improper Control of Generation of Code ('Code Injection') vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Remote Code Inclusion.This issue affects Total Poll Lite: from n/a through <= 4.12.0.

thehackerwire@mastodon.social at 2026-03-25T21:02:33.000Z ##

🔴 CVE-2026-27044 - Critical (9.9)

Improper Control of Generation of Code ('Code Injection') vulnerability in TotalSuite Total Poll Lite totalpoll-lite allows Remote Code Inclusion.This issue affects Total Poll Lite: from n/a through <= 4.12.0.

updated 2026-03-25T21:17:43

2 posts

## Summary `TaskAttachment.ReadOne()` queries attachments by ID only (`WHERE id = ?`), ignoring the task ID from the URL path. The permission check in `CanRead()` validates access to the task specified in the URL, but `ReadOne()` loads a different attachment that may belong to a task in another project. This allows any authenticated user to download or delete any attachment in the system by provi

ivycyber@privacysafe.social at 2026-03-24T20:45:55.000Z ##

🛡️ #Cybersecurity news & tips across the #fediverse

“🟠 CVE-2026-33678 - High (8.1) Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.1, `TaskAttachment.ReadOne()` queries attachments by ID only (`WHERE id = ?`), ignoring the task ID fro...”

updated 2026-03-25T20:53:33

2 posts

### Summary A flaw in Vikunja’s password reset logic allows disabled users to regain access to their accounts. The `ResetPassword()` function sets the user’s status to `StatusActive` after a successful password reset without verifying whether the account was previously disabled. By requesting a reset token through `/api/v1/user/password/token` and completing the reset via `/api/v1/user/password/r

thehackerwire@mastodon.social at 2026-03-24T20:29:39.000Z ##

🟠 CVE-2026-33316 - High (8.1)

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.0, a flaw in Vikunja’s password reset logic allows disabled users to regain access to their accounts. The `ResetPassword()` function sets the user’s status to...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33316/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-24T20:15:23.000Z ##

🟠 CVE-2026-33316 - High (8.1)

Vikunja is an open-source self-hosted task management platform. Prior to version 2.2.0, a flaw in Vikunja’s password reset logic allows disabled users to regain access to their accounts. The `ResetPassword()` function sets the user’s status to...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33316/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29839
(8.8 HIGH)

EPSS: 0.01%

updated 2026-03-25T20:53:05.983000

1 posts

DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in /sys_task_add.php.

thehackerwire@mastodon.social at 2026-03-24T20:13:42.000Z ##

🟠 CVE-2026-29839 - High (8.8)

DedeCMS v5.7.118 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability in /sys_task_add.php.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-29839/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33211
(9.6 CRITICAL)

EPSS: 0.02%

updated 2026-03-25T20:48:05

2 posts

### Summary The Tekton Pipelines git resolver is vulnerable to path traversal via the `pathInRepo` parameter. A tenant with permission to create `ResolutionRequests` (e.g. by creating `TaskRuns` or `PipelineRuns` that use the git resolver) can read arbitrary files from the resolver pod's filesystem, including ServiceAccount tokens. The file contents are returned base64-encoded in `resolutionreque

EPSS: 0.01%

updated 2026-03-25T18:32:07

3 posts

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authenticated users due to insufficient CSRF protection.

thehackerwire@mastodon.social at 2026-03-25T20:43:42.000Z ##

🟠 CVE-2026-3857 - High (8.1)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authen...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3857/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T20:42:13.000Z ##

🟠 CVE-2026-3857 - High (8.1)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authen...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3857/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T20:21:07.000Z ##

🟠 CVE-2026-3857 - High (8.1)

GitLab has remediated an issue in GitLab CE/EE affecting all versions from 17.10 before 18.8.7, 18.9 before 18.9.3, and 18.10 before 18.10.1 that could have allowed an unauthenticated user to execute arbitrary GraphQL mutations on behalf of authen...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3857/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20012
(8.6 HIGH)

EPSS: 0.10%

updated 2026-03-25T18:31:51

2 posts

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to trigger a memory leak, resulting in a denial of service (DoS) condition on an affected device. This vulnerab

thehackerwire@mastodon.social at 2026-03-25T23:00:33.000Z ##

🟠 CVE-2026-20012 - High (8.6)

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could al...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20012/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T23:00:33.000Z ##

🟠 CVE-2026-20012 - High (8.6)

A vulnerability in the Internet Key Exchange version 2 (IKEv2) feature of Cisco IOS Software, Cisco IOS XE Software, Cisco Secure Firewall Adaptive Security Appliance (ASA) Software, and Cisco Secure Firewall Threat Defense (FTD) Software could al...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20012/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20125
(7.7 HIGH)

EPSS: 0.14%

updated 2026-03-25T18:31:51

1 posts

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) condition. This vulnerability is due to improper validation of user-supplied input. An attacker could exploit this vulnerability by sending malformed HTTP requ

thehackerwire@mastodon.social at 2026-03-25T22:00:32.000Z ##

🟠 CVE-2026-20125 - High (7.7)

A vulnerability in the HTTP Server feature of Cisco IOS Software and Cisco IOS XE Software Release 3E could allow an authenticated, remote attacker to cause an affected device to reload unexpectedly, resulting in a denial of service (DoS) conditio...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-20125/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26832
(9.8 CRITICAL)

EPSS: 0.19%

updated 2026-03-25T18:31:51

1 posts

node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize() function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a shell command string and passed to child_process.exec() without proper sanitization

1 repos

https://github.com/zebbernCVE/CVE-2026-26832

thehackerwire@mastodon.social at 2026-03-25T21:00:38.000Z ##

🔴 CVE-2026-26832 - Critical (9.8)

node-tesseract-ocr is an npm package that provides a Node.js wrapper for Tesseract OCR. In all versions through 2.2.1, the recognize() function in src/index.js is vulnerable to OS Command Injection. The file path parameter is concatenated into a s...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26832/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-3608
(7.5 HIGH)

EPSS: 0.02%

updated 2026-03-25T18:16:32.853000

1 posts

Sending a maliciously crafted message to the kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, or kea-dhcp6 daemons over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow error. This issue affects Kea versions 2.6.0 through 2.6.4 and 3.0.0 through 3.0.2.

offseq@infosec.exchange at 2026-03-25T10:30:31.000Z ##

🚨 CVE-2026-3608: HIGH-severity vuln in ISC Kea DHCP (2.6.0 – 2.6.4, 3.0.0 – 3.0.2). Remote attackers can crash daemons, causing DoS. Restrict API/HA access, monitor traffic, and prep failover. Details: https://radar.offseq.com/threat/cve-2026-3608-cwe-617-reachable-assertion-in-isc-k-fed4f439 #OffSeq #CVE #DHCP #Infosec

##

CVE-2026-33287
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-25T17:44:24

2 posts

### Summary The `replace_first` filter in LiquidJS uses JavaScript's `String.prototype.replace()` which interprets `$&` as a backreference to the matched substring. The filter only charges `memoryLimit` for the input string length, not the amplified output. An attacker can achieve exponential memory amplification (up to 625,000:1) while staying within the `memoryLimit` budget, leading to denial of

thehackerwire@mastodon.social at 2026-03-26T01:36:13.000Z ##

🟠 CVE-2026-33287 - High (7.5)

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, the `replace_first` filter in LiquidJS uses JavaScript's `String.prototype.replace()` which interprets `$&` as a back reference to the ma...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33287/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:36:13.000Z ##

🟠 CVE-2026-33287 - High (7.5)

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, the `replace_first` filter in LiquidJS uses JavaScript's `String.prototype.replace()` which interprets `$&` as a back reference to the ma...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33287/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33285
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-25T17:40:53

2 posts

### Summary LiquidJS's `memoryLimit` security mechanism can be completely bypassed by using reverse range expressions (e.g., `(100000000..1)`), allowing an attacker to allocate unlimited memory. Combined with a string flattening operation (e.g., `replace` filter), this causes a **V8 Fatal error that crashes the Node.js process**, resulting in complete denial of service from a single HTTP request.

thehackerwire@mastodon.social at 2026-03-26T01:18:13.000Z ##

🟠 CVE-2026-33285 - High (7.5)

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, LiquidJS's `memoryLimit` security mechanism can be completely bypassed by using reverse range expressions (e.g., `(100000000..1)`), allow...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33285/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:18:13.000Z ##

🟠 CVE-2026-33285 - High (7.5)

LiquidJS is a Shopify / GitHub Pages compatible template engine in pure JavaScript. Prior to version 10.25.1, LiquidJS's `memoryLimit` security mechanism can be completely bypassed by using reverse range expressions (e.g., `(100000000..1)`), allow...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33285/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-20131
(10.0 CRITICAL)

EPSS: 0.65%

updated 2026-03-25T17:39:46.247000

5 posts

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to execute arbitrary Java code as root on an affected device. This vulnerability is due to insecure deserialization of a user-supplied Java byte stream. An attacker could exploit this vulnerability by sending a crafted serialized Ja

3 repos

https://github.com/p3Nt3st3r-sTAr/CVE-2026-20131-POC

https://github.com/sak110/CVE-2026-20131

https://github.com/Sushilsin/CVE-2026-20131

netsecio@mastodon.social at 2026-03-26T15:43:19.000Z ##

📰 Cisco Firewall Zero-Day Exploited by Interlock Ransomware for Over a Month Before Patch

🚨 ZERO-DAY: A critical Cisco Firewall flaw (CVE-2026-20131) was exploited by Interlock ransomware for 36 days before a patch. CISA has added it to the KEV catalog. Patch now and restrict management interface access! #0day #Ransomware #Cisco

🔗 https://cyber.netsecops.io/articles/cisco-firewall-flaw-cve-2026-20131-exploited-as-zero-day-by-interlock-ransomware/?utm_source=mastodon&…

##

allaboutsecurity@mastodon.social at 2026-03-26T06:59:12.000Z ##

Cisco Secure FMC: Schwachstelle CVE-2026-20131 erlaubt Remote-Codeausführung – Updates verfügbar

Eine Sicherheitslücke mit dem höchstmöglichen CVSS-Wert von 10,0 betrifft Ciscos Secure Firewall Management Center (FMC). Angreifer können ohne Authentifizierung aus der Ferne beliebigen Code ausführen.

https://www.all-about-security.de/cisco-secure-fmc-schwachstelle-cve-2026-20131-erlaubt-remote-codeausfuehrung-updates-verfuegbar/

#cisco #firewall #remotecode #cve

##

AAKL@infosec.exchange at 2026-03-25T17:50:52.000Z ##

Grab a coffee. Cisco has a long list of advisories today, one is critical, several are high-severity.

This was first published on March 4:

Critical: CVE-2026-20131: Cisco Secure Firewall Management Center Software Remote Code Execution Vulnerability https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-fmc-rce-NKhnULJh

More: https://sec.cloudapps.cisco.com/security/center/publicationListing.x @TalosSecurity

Also, Cisco has tagged GeoVision and MediaArea for zero-day reports https://talosintelligence.com/vulnerability_info #Zeroday #Cisco #infosec #vulnerability

@cR0w

##

LLMs@activitypub.awakari.com at 2026-03-25T12:04:33.000Z ## Ransomware Interlock explota Zero-Day crítico en Cisco FMC (CVE-2026-20131) El equipo de respuesta a incidentes de Cisco (PSIRT) ha emitido un parche de emergencia extraordinario para abordar una ...

#Seguridad

Origin | Interest | Match ##

steelefortress@infosec.exchange at 2026-03-24T11:00:30.000Z ##

Critical patch alert: The US government has ordered a maximum severity patch for a Cisco vulnerability (CVE-2026-20131) that's being exploited in ransomware campaigns.

#Encryption #ThreatIntel #Security #DataPrivacy #CyberDefense

##

CVE-2026-33286
(9.1 CRITICAL)

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution.

thehackerwire@mastodon.social at 2026-03-26T00:00:25.000Z ##

🔴 CVE-2025-32991 - Critical (9)

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-32991/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T00:00:25.000Z ##

🔴 CVE-2025-32991 - Critical (9)

In N2WS Backup & Recovery before 4.4.0, a two-step attack against the RESTful API results in remote code execution.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2025-32991/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2417
(0 None)

EPSS: 0.10%

updated 2026-03-25T15:41:58.280000

1 posts

A Missing Authentication for Critical Function vulnerability in Pharos Controls Mosaic Show Controller firmware version 2.15.3 could allow an unauthenticated attacker to bypass authentication and execute arbitrary commands with root privileges.

beyondmachines1@infosec.exchange at 2026-03-25T09:01:25.000Z ##

Pharos Controls Patches Critical Root Access Flaw in Mosaic Show Controllers

Pharos Controls patched a critical vulnerability (CVE-2026-2417) in its Mosaic Show Controller that allows unauthenticated attackers to execute arbitrary commands with root privileges.

**Make sure all Pharos Mosaic Show Controllers are isolated from the internet and accessible from trusted networks only. Check your version, if you are running 2.15.3, you are at risk. Plan an update the firmware to version 2.16 or later.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/pharos-controls-patches-critical-root-access-flaw-in-mosaic-show-controllers-1-6-s-3-0/gD2P6Ple2L

##

CVE-2025-33244
(9.0 CRITICAL)

EPSS: 0.03%

updated 2026-03-25T15:41:58.280000

2 posts

NVIDIA APEX for Linux contains a vulnerability where an unauthorized attacker could cause a deserialization of untrusted data. This vulnerability affects environments that use PyTorch versions earlier than 2.6. A successful exploit of this vulnerability might lead to code execution, denial of service, escalation of privileges, data tampering, and information disclosure.

thehackerwire@mastodon.social at 2026-03-24T22:05:06.000Z ##

🔴 CVE-2025-33244 - Critical (9)

updated 2026-03-25T15:41:33.977000

1 posts

Cross-Site Scripting vulnerability in Hitachi Infrastructure Analytics Advisor (Analytics probe component), Hitachi Ops Center Analyzer.This issue affects Hitachi Infrastructure Analytics Advisor:; Hitachi Ops Center Analyzer: from 10.0.0-00 before 11.0.5-00.

offseq@infosec.exchange at 2026-03-25T04:30:30.000Z ##

⚠️ HIGH-severity XSS (CVE-2026-2072, CVSS 8.2) in Hitachi Infrastructure Analytics Advisor & Ops Center Analyzer <11.0.5-00. Exploitable by low-privilege users. Patch when available, restrict access, enable WAF. https://radar.offseq.com/threat/cve-2026-2072-cwe-79-improper-neutralization-of-in-c6f3add7 #OffSeq #XSS #Vuln #Hitachi

##

CVE-2026-28877
(0 None)

EPSS: 0.02%

updated 2026-03-25T15:41:33.977000

1 posts

An authorization issue was addressed with improved state management. This issue is fixed in iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. An app may be able to access sensitive user data.

rosyna@mastodon.social at 2026-03-25T02:11:10.000Z ##

I updated the “Device Name” section of my “How to Fingerprint iOS Users” article to note that iOS 26.4 fixes CVE-2026-28877, which leaked the device name without needing a proper entitlement.

https://paradisefacade.com/blog/2026/3/9/how-to-fingerprint-users

##

CVE-2026-28864
(3.3 LOW)

EPSS: 0.01%

updated 2026-03-25T15:32:30

1 posts

This issue was addressed with improved permissions checking. This issue is fixed in iOS 18.7.7 and iPadOS 18.7.7, iOS 26.4 and iPadOS 26.4, macOS Sequoia 15.7.5, macOS Sonoma 14.8.5, macOS Tahoe 26.4, visionOS 26.4, watchOS 26.4. A local attacker may gain access to user's Keychain items.

offseq@infosec.exchange at 2026-03-25T06:00:31.000Z ##

🔒 CVE-2026-28864 (HIGH): Local attackers can access Apple Keychain items on iOS, iPadOS, macOS, visionOS, watchOS. Patch to latest OS releases now to protect credentials. No known exploits yet. https://radar.offseq.com/threat/cve-2026-28864-a-local-attacker-may-gain-access-to-881070fb #OffSeq #Apple #Security #Keychain

##

CVE-2026-3104
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-25T15:31:37

2 posts

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain. This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1. BIND 9 versions 9.18.0 through 9.18.46 and 9.18.11-S1 through 9.18.46-S1 are NOT affected.

thehackerwire@mastodon.social at 2026-03-26T00:00:35.000Z ##

🟠 CVE-2026-3104 - High (7.5)

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.
This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.
BIND 9 versions 9...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3104/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T00:00:35.000Z ##

🟠 CVE-2026-3104 - High (7.5)

A specially crafted domain can be used to cause a memory leak in a BIND resolver simply by querying this domain.
This issue affects BIND 9 versions 9.20.0 through 9.20.20, 9.21.0 through 9.21.19, and 9.20.9-S1 through 9.20.20-S1.
BIND 9 versions 9...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-3104/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-26830
(9.8 CRITICAL)

EPSS: 0.25%

updated 2026-03-25T15:31:37

2 posts

pdf-image (npm package) through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format() to interpolate user-controlled file paths into shell command strings that are executed via child_process.exec()

2 repos

https://github.com/zebbernCVE/CVE-2026-26830

https://github.com/zebbernCVE/npm-cve-2026-26830-26833

thehackerwire@mastodon.social at 2026-03-25T23:00:41.000Z ##

🔴 CVE-2026-26830 - Critical (9.8)

pdf-image (npm package) through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format() to interpolate user-controlled file paths into shel...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26830/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T23:00:41.000Z ##

🔴 CVE-2026-26830 - Critical (9.8)

pdf-image (npm package) through version 2.0.0 allows OS command injection via the pdfFilePath parameter. The constructGetInfoCommand and constructConvertCommandForPage functions use util.format() to interpolate user-controlled file paths into shel...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-26830/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-1519
(7.5 HIGH)

EPSS: 0.04%

updated 2026-03-25T15:31:36

2 posts

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers may make recursive queries (see: https://kb.isc.org/docs/why-does-my-authoritative-server-make-recursive-queries). This issue affects BIND 9 versions 9.

thehackerwire@mastodon.social at 2026-03-26T00:01:34.000Z ##

🟠 CVE-2026-1519 - High (7.5)

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1519/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T00:01:34.000Z ##

🟠 CVE-2026-1519 - High (7.5)

If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU. Authoritative-only servers are generally unaffected, although there are circumstances where authoritative servers...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-1519/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-2343
(5.3 MEDIUM)

EPSS: 0.03%

updated 2026-03-25T15:31:30

1 posts

The PeproDev Ultimate Invoice WordPress plugin through 2.2.5 has a bulk download invoices action that generates ZIP archives containing exported invoice PDFs. The ZIP files are named predictably making it possible to brute force and retreive PII.

offseq@infosec.exchange at 2026-03-25T07:30:29.000Z ##

⚠️ HIGH: CVE-2026-2343 in PeproDev Ultimate Invoice ≤2.2.5 exposes PII via predictable ZIP archive names in bulk downloads. No auth needed — risk of mass data leaks! Disable feature, restrict access, monitor logs. https://radar.offseq.com/threat/cve-2026-2343-cwe-200-information-exposure-in-pepr-b24bfe87 #OffSeq #WordPress #Vuln

##

CVE-2026-33634
(0 None)

EPSS: 0.07%

updated 2026-03-25T15:16:49.230000

2 posts

Trivy is a security scanner. On March 19, 2026, a threat actor used compromised credentials to publish a malicious Trivy v0.69.4 release, force-push 76 of 77 version tags in `aquasecurity/trivy-action` to credential-stealing malware, and replace all 7 tags in `aquasecurity/setup-trivy` with malicious commits. This incident is a continuation of the supply chain attack that began in late February 20

1 repos

https://github.com/ugurrates/teampcp-supply-chain-attack

cisakevtracker@mastodon.social at 2026-03-26T17:00:50.000Z ##

CVE ID: CVE-2026-33634
Vendor: Aquasecurity
Product: Trivy
Date Added: 2026-03-26
Notes: This vulnerability involves a supply‑chain compromise in a product that may be used across multiple products and environments. Additional vendor‑provided guidance must be followed to ensure full remediation. For more information, please see: https://github.com/advisories/GHSA-69fq-xp46-6x23 ; https://nvd.nist.gov/vuln/detail/CVE-2026-33634
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-33634

##

cisakevtracker@mastodon.social at 2026-03-26T17:00:50.000Z ##

CVE ID: CVE-2026-33634
Vendor: Aquasecurity
Product: Trivy
Date Added: 2026-03-26
Notes: This vulnerability involves a supply‑chain compromise in a product that may be used across multiple products and environments. Additional vendor‑provided guidance must be followed to ensure full remediation. For more information, please see: https://github.com/advisories/GHSA-69fq-xp46-6x23 ; https://nvd.nist.gov/vuln/detail/CVE-2026-33634
CVE URL: https://nvd.nist.gov/vuln/detail/CVE-2026-33634

##

CVE-2026-3909
(8.8 HIGH)

EPSS: 4.44%

updated 2026-03-25T14:05:38.743000

1 posts

Out of bounds write in Skia in Google Chrome prior to 146.0.7680.75 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

youranonnewsirc@nerdculture.de at 2026-03-24T00:27:11.000Z ##

Global cybersecurity alerts include active exploitation of Chrome Zero-Days (CVE-2026-3909/3910) and a Quest KACE SMA flaw for credential harvesting. Advanced threats like Android haptic keyloggers and deepfake identity fraud are emerging. Geopolitically, Persian Gulf tensions remain high, while the US announced a new cyber strategy to defend companies from foreign adversaries. In tech, NVIDIA Nemotron 3 Super is now on Amazon Bedrock.

#Cybersecurity #GeopoliticalNews #TechBrief

##

CVE-2026-26306
(7.8 HIGH)

EPSS: 0.02%

updated 2026-03-25T06:30:35

1 posts

The installer for OM Workspace (Windows Edition) Ver 2.4 and earlier insecurely loads Dynamic Link Libraries (DLLs), which could allow an attacker to execute arbitrary code with the privileges of the user invoking the installer.

offseq@infosec.exchange at 2026-03-25T09:00:28.000Z ##

⚠️ CVE-2026-26306 (HIGH): OM Workspace (Windows ≤2.4) vulnerable to DLL hijacking. Local attackers can execute code via unsafe installer DLL loading. Patch urgently or restrict installs & use Safe DLL Search Mode. https://radar.offseq.com/threat/cve-2026-26306-uncontrolled-search-path-element-in-ee774158 #OffSeq #Vulnerability #Windows

##

CVE-2026-33218
(7.5 HIGH)

EPSS: 0.12%

updated 2026-03-24T21:45:30

2 posts

### Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The nats-server allows hub/spoke topologies using "leafnode" connections by other nats-servers. ### Problem Description A client which can connect to the leafnode port can crash the nats-server with a certain malformed message pre-auth

thehackerwire@mastodon.social at 2026-03-25T20:21:31.000Z ##

🟠 CVE-2026-33218 - High (7.5)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a client which can connect to the leafnode port can crash the nats-server with a certain malformed message pre-au...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33218/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T20:20:45.000Z ##

🟠 CVE-2026-33218 - High (7.5)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, a client which can connect to the leafnode port can crash the nats-server with a certain malformed message pre-au...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33218/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33216
(8.6 HIGH)

EPSS: 0.03%

updated 2026-03-24T21:42:11

2 posts

### Background NATS.io is a high performance open source pub-sub distributed communication technology, built for the cloud, on-premise, IoT, and edge computing. The nats-server provides an MQTT client interface. ### Problem Description For MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating identity statement (JWT) and exposed via monit

thehackerwire@mastodon.social at 2026-03-25T20:21:22.000Z ##

🟠 CVE-2026-33216 - High (8.6)

NATS-Server is a High-Performance server for NATS.io, a cloud and edge native messaging system. Prior to versions 2.11.15 and 2.12.6, for MQTT deployments using usercodes/passwords: MQTT passwords are incorrectly classified as a non-authenticating...

🟠 CVE-2026-4673 - High (8.8)

Heap buffer overflow in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: High)

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4673/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4674
(8.8 HIGH)

EPSS: 0.08%

updated 2026-03-24T16:53:14.987000

2 posts

Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

thehackerwire@mastodon.social at 2026-03-24T02:43:52.000Z ##

🟠 CVE-2026-4674 - High (8.8)

Out of bounds read in CSS in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)

updated 2026-03-24T15:54:09.400000

5 posts

Insufficient input validation in NetScaler ADC and NetScaler Gateway when configured as a SAML IDP leading to memory overread

benzogaga33@mamot.fr at 2026-03-26T10:40:04.000Z ##

CVE-2026-3055 : appliquez ce patch Citrix avant qu’il ne soit trop tard https://www.it-connect.fr/cve-2026-3055-appliquez-ce-patch-citrix-avant-quil-ne-soit-trop-tard/ #ActuCybersécurité #Vulnérabilités #Cybersécurité

##

benzogaga33@mamot.fr at 2026-03-26T10:40:04.000Z ##

CVE-2026-3055 : appliquez ce patch Citrix avant qu’il ne soit trop tard https://www.it-connect.fr/cve-2026-3055-appliquez-ce-patch-citrix-avant-quil-ne-soit-trop-tard/ #ActuCybersécurité #Vulnérabilités #Cybersécurité

##

mttaggart@infosec.exchange at 2026-03-25T16:44:59.000Z ##

Aww yiss another critical Citrix vuln.

https://www.bleepingcomputer.com/news/security/citrix-urges-admins-to-patch-netscaler-flaws-as-soon-as-possible/

Detection/remediation details here: https://docs.netscaler.com/en-us/netscaler-console-service/instance-advisory/remediate-vulnerabilities-cve-2026-3055

##

AAKL@infosec.exchange at 2026-03-24T16:22:25.000Z ##

Citrix patched this yesterday.

Arctic Wolf: CVE‑2026‑3055: Critical Unauthenticated Memory-Read Vulnerability in Citrix NetScaler ADC and Gateway https://arcticwolf.com/resources/blog/cve-2026-3055/

Citrix: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-3055 and CVE-2026-4368 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300&articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2026_3055_and_CVE_2026_4368 #infosec #vulnerability

##

beyondmachines1@infosec.exchange at 2026-03-24T15:01:25.000Z ##

Critical Memory Leak and Session Hijacking Vulnerabilities Patched in Citrix NetScaler

Citrix patched a critical memory overread (CVE-2026-3055) and a high-severity session-swapping race condition (CVE-2026-4368) in NetScaler ADC and Gateway. These vulnerabilities allow unauthenticated attackers to leak sensitive memory data or hijack user sessions in environments configured for SAML or VPN services.

**If possible, make sure your NetScaler ADC and Gateway appliances are isolated from the internet and accessible from trusted networks only. Them plan a quick update. If you can't isolate from the internet, this is urgent. Update the firmware to the fixed versions (14.1-66.59, 13.1-62.23, or 13.1-37.262 for FIPS/NDcPP). Attackers have previously exploited similar flaws via the CitrixBleed exploit.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-memory-leak-and-session-hijacking-vulnerabilities-patched-in-citrix-netscaler-s-x-0-i-0/gD2P6Ple2L

##

CVE-2025-15605
(0 None)

EPSS: 0.01%

updated 2026-03-24T15:54:09.400000

2 posts

A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the confidentiality and integrity of device configuration data.

agowa338@chaos.social at 2026-03-26T09:05:52.000Z ##

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

https://feedly.com/cve/CVE-2026-15518 and https://feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

https://feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

##

agowa338@chaos.social at 2026-03-26T09:05:52.000Z ##

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

https://feedly.com/cve/CVE-2026-15518 and https://feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

https://feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

##

CVE-2026-4368
(0 None)

EPSS: 0.02%

updated 2026-03-24T15:54:09.400000

2 posts

Race Condition in NetScaler ADC and NetScaler Gateway when appliance is configured as Gateway (SSL VPN, ICA Proxy, CVPN, RDP Proxy) or AAA virtual server leading to User Session Mixup

AAKL@infosec.exchange at 2026-03-24T16:22:25.000Z ##

Citrix patched this yesterday.

Arctic Wolf: CVE‑2026‑3055: Critical Unauthenticated Memory-Read Vulnerability in Citrix NetScaler ADC and Gateway https://arcticwolf.com/resources/blog/cve-2026-3055/

Citrix: NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2026-3055 and CVE-2026-4368 https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX696300&articleURL=NetScaler_ADC_and_NetScaler_Gateway_Security_Bulletin_for_CVE_2026_3055_and_CVE_2026_4368 #infosec #vulnerability

##

beyondmachines1@infosec.exchange at 2026-03-24T15:01:25.000Z ##

Critical Memory Leak and Session Hijacking Vulnerabilities Patched in Citrix NetScaler

Citrix patched a critical memory overread (CVE-2026-3055) and a high-severity session-swapping race condition (CVE-2026-4368) in NetScaler ADC and Gateway. These vulnerabilities allow unauthenticated attackers to leak sensitive memory data or hijack user sessions in environments configured for SAML or VPN services.

**If possible, make sure your NetScaler ADC and Gateway appliances are isolated from the internet and accessible from trusted networks only. Them plan a quick update. If you can't isolate from the internet, this is urgent. Update the firmware to the fixed versions (14.1-66.59, 13.1-62.23, or 13.1-37.262 for FIPS/NDcPP). Attackers have previously exploited similar flaws via the CitrixBleed exploit.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-memory-leak-and-session-hijacking-vulnerabilities-patched-in-citrix-netscaler-s-x-0-i-0/gD2P6Ple2L

##

CVE-2026-4681
(0 None)

EPSS: 0.38%

updated 2026-03-24T15:53:48.067000

1 posts

A critical remote code execution (RCE) vulnerability has been reported in PTC Windchill and PTC FlexPLM. The vulnerability may be exploited through the deserialization of untrusted data. This issue affects Windchill PDMLink: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.2.0, 12.1.2.0, 13.0.2.0, 13.1.0.0, 13.1.1.0, 13.1.2.0, 13.1.3.0; FlexPLM: 11.0 M030, 11.1 M020, 11.2.1.0, 12.0.0.0, 12.0.2.0, 12.0.3.0, 1

beyondmachines1@infosec.exchange at 2026-03-25T12:01:46.000Z ##

PTC Warns of Imminent RCE Threat in Windchill and FlexPLM Systems

PTC reports a critical RCE vulnerability (CVE-2026-4681) in Windchill and FlexPLM software, leading to emergency warnings from German police due to an imminent threat of exploitation.

**If you're running PTC Windchill or FlexPLM, make sure these systems are isolated from the internet and accessible from trusted networks only. This one is a perfect 10.0 severity with no patch yet, so apply the recommended rewrite rules to block the WindchillGW and WindchillAuthGW servlet paths immediately. Also check your servers for signs of compromise like GW.class, payload.bin, or dpr_*.jsp files, and if you can't apply the workarounds, shut down the affected services until PTC releases an official patch.**
#cybersecurity #infosec #attack #activeexploit
https://beyondmachines.net/event_details/ptc-warns-of-imminent-rce-threat-in-windchill-and-flexplm-systems-8-k-p-i-c/gD2P6Ple2L

##

CVE-2026-27651
(7.5 HIGH)

EPSS: 0.03%

updated 2026-03-24T15:53:48.067000

2 posts

When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentication server permits retry by returning the Auth-Wait response header. Note: Software versions which have reached End of Technical Support (EoTS) are not

thehackerwire@mastodon.social at 2026-03-24T20:59:53.000Z ##

🟠 CVE-2026-27651 - High (7.5)

When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentic...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27651/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-24T20:15:41.000Z ##

🟠 CVE-2026-27651 - High (7.5)

When the ngx_mail_auth_http_module module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when (1) CRAM-MD5 or APOP authentication is enabled, and (2) the authentic...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27651/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27654
(8.2 HIGH)

EPSS: 0.02%

updated 2026-03-24T15:53:48.067000

1 posts

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names outside the document root. This issue affects NGINX Open Source and NGINX Plus when the configuratio

thehackerwire@mastodon.social at 2026-03-24T20:15:34.000Z ##

🟠 CVE-2026-27654 - High (8.2)

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_dav_module module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27654/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4739
(0 None)

EPSS: 0.04%

updated 2026-03-24T15:53:48.067000

2 posts

Integer Overflow or Wraparound vulnerability in InsightSoftwareConsortium ITK (‎Modules/ThirdParty/Expat/src/expat modules).This issue affects ITK: before 2.7.1.

ivycyber@privacysafe.social at 2026-03-24T12:02:16.000Z ##

🛡️ #Cybersecurity news & tips across the #fediverse 👇

“🚨 CVE-2026-4739 (CRITICAL, CVSS 9.4) in ITK: Integer overflow in Expat XML parser enables remote code execution or DoS in medical/scientific apps. Update to v2.7.1 now. User interaction required. Details: https:// ra...”

https://infosec.exchange/@offseq/116283685757971538

🤖 via RSS feed. Not an endorsement.

##

offseq@infosec.exchange at 2026-03-24T10:30:32.000Z ##

🚨 CVE-2026-4739 (CRITICAL, CVSS 9.4) in ITK: Integer overflow in Expat XML parser enables remote code execution or DoS in medical/scientific apps. Update to v2.7.1 now. User interaction required. Details: https://radar.offseq.com/threat/cve-2026-4739-cwe-190-integer-overflow-or-wraparou-4dc9a6b8 #OffSeq #Vulnerability #ITK #Infosec

##

CVE-2025-41660
(8.8 HIGH)

EPSS: 0.21%

updated 2026-03-24T15:53:48.067000

1 posts

A low-privileged remote attacker may be able to replace the boot application of the CODESYS Control runtime system, enabling unauthorized code execution.

updated 2026-03-24T15:53:48.067000

1 posts

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listing_load_more` AJAX action in all versions up to, and including, 3.8.6.1. This is due to the `filtered_query` parameter being excluded from the HMAC signature validation (allowing attacker-controlled input to bypass security checks) combined with the `prepare_where_clause()` method in the SQL Query Builder not sanitizin

thehackerwire@mastodon.social at 2026-03-24T05:25:20.000Z ##

🟠 CVE-2026-4662 - High (7.5)

The JetEngine plugin for WordPress is vulnerable to SQL Injection via the `listing_load_more` AJAX action in all versions up to, and including, 3.8.6.1. This is due to the `filtered_query` parameter being excluded from the HMAC signature validatio...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4662/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33298
(7.8 HIGH)

EPSS: 0.04%

updated 2026-03-24T15:53:48.067000

2 posts

llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the `ggml_nbytes` function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This causes `ggml_nbytes` to return a significantly smaller size than required (e.g., 4MB instead of Exabytes), leading to a heap-based buffer overflow when t

thehackerwire@mastodon.social at 2026-03-24T01:48:19.000Z ##

🟠 CVE-2026-33298 - High (7.8)

llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the `ggml_nbytes` function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33298/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-24T01:30:32.000Z ##

🟠 CVE-2026-33298 - High (7.8)

llama.cpp is an inference of several LLM models in C/C++. Prior to b7824, an integer overflow vulnerability in the `ggml_nbytes` function allows an attacker to bypass memory validation by crafting a GGUF file with specific tensor dimensions. This ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33298/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-27784
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-24T15:30:36

2 posts

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it is built with the ngx_http_mp4_module module and the mp4 directive is used in the configuration file.

thehackerwire@mastodon.social at 2026-03-24T20:58:49.000Z ##

🟠 CVE-2026-27784 - High (7.8)

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. Th...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27784/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-24T20:15:39.000Z ##

🟠 CVE-2026-27784 - High (7.8)

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. Th...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-27784/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32647
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-24T15:30:36

2 posts

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affects NGINX Open Source and NGINX Plus if it is built with the ngx_http_mp4_module module and the mp4 di

thehackerwire@mastodon.social at 2026-03-24T20:58:40.000Z ##

🟠 CVE-2026-32647 - High (7.8)

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, ...

offseq@infosec.exchange at 2026-03-25T01:30:30.000Z ##

🚨 CRITICAL: CVE-2026-4283 in WP DSGVO Tools (GDPR) plugin allows unauthenticated attackers to irreversibly destroy non-admin accounts via 'super-unsubscribe' AJAX. All versions ≤3.1.38 affected. Remove '[unsubscribe_form]' & monitor for abuse. https://radar.offseq.com/threat/cve-2026-4283-cwe-862-missing-authorization-in-leg-b0b3a8d9 #OffSeq #WordPress #Infosec

##

thehackerwire@mastodon.social at 2026-03-24T05:26:09.000Z ##

🔴 CVE-2026-4283 - Critical (9.1)

The WP DSGVO Tools (GDPR) plugin for WordPress is vulnerable to unauthorized account destruction in all versions up to, and including, 3.1.38. This is due to the `super-unsubscribe` AJAX action accepting a `process_now` parameter from unauthentica...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4283/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4639
(8.8 HIGH)

EPSS: 0.10%

updated 2026-03-24T06:31:14

2 posts

Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges.

ivycyber@privacysafe.social at 2026-03-24T06:02:18.000Z ##

🛡️ #Cybersecurity news & tips across the #fediverse 👇

“🟠 CVE-2026-4639 - High (8.8) Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby es...”

https://mastodon.social/@thehackerwire/116282484405537793

🤖 via RSS feed. Not an endorsement.

##

thehackerwire@mastodon.social at 2026-03-24T05:25:01.000Z ##

🟠 CVE-2026-4639 - High (8.8)

Vitals ESP developed by Galaxy Software Services has a Incorrect Authorization vulnerability, allowing authenticated remote attackers to perform certain administrative functions, thereby escalating privileges.

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4639/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-4744(CVSS UNKNOWN)

EPSS: 0.01%

updated 2026-03-24T06:31:14

1 posts

Out-of-bounds Read vulnerability in rizonesoft Notepad3 (‎scintilla/oniguruma/src modules). This vulnerability is associated with program files regcomp.C‎. This issue affects Notepad3: before 6.25.714.1.

offseq@infosec.exchange at 2026-03-24T04:30:30.000Z ##

🛡️ CRITICAL: CVE-2026-4744 in rizonesoft Notepad3 (<6.25.714.1) enables out-of-bounds reads — possible data disclosure & crashes. Patch ASAP, restrict access, and avoid untrusted files. More info: https://radar.offseq.com/threat/cve-2026-4744-cwe-125-out-of-bounds-read-in-rizone-16fef5f9 #OffSeq #CVE20264744 #infosec #vuln

##

CVE-2026-4677
(8.8 HIGH)

EPSS: 0.07%

updated 2026-03-24T03:31:25

1 posts

Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

thehackerwire@mastodon.social at 2026-03-24T02:23:47.000Z ##

🟠 CVE-2026-4677 - High (8.8)

Inappropriate implementation in WebAudio in Google Chrome prior to 146.0.7680.165 allowed a remote attacker to perform an out of bounds memory read via a crafted HTML page. (Chromium security severity: High)

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-4677/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2025-15517(CVSS UNKNOWN)

EPSS: 0.04%

updated 2026-03-23T18:30:39

2 posts

A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker may perform privileged HTTP actions without authentication, including firmware upload and configuration operations.

beyondmachines1 at 2026-03-26T08:01:47.345Z ##

TP-Link Patches Multiple Flaws Including Authentication Bypass in Archer NX Routers

TP-Link patched four high-severity vulnerabilities in its Archer NX router series, including a authentication bypass (CVE-2025-15517) that allows unauthenticated attackers to upload malicious firmware and take full control of the device.

**If you own a TP-Link Archer NX router (NX600, NX500, NX210, or NX200), make sure it is isolated from the internet and accessible from trusted networks only. Then plan a quick patch to the latest firmware from the official TP-Link Support portal for your specific hardware version. Disable remote management and ensure the admin interface is only reachable from your internal network.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/tp-link-patches-multiple-flaws-including-authentication-bypass-in-archer-nx-routers-7-i-6-1-m/gD2P6Ple2L

##

beyondmachines1@infosec.exchange at 2026-03-26T08:01:47.000Z ##

TP-Link Patches Multiple Flaws Including Authentication Bypass in Archer NX Routers

TP-Link patched four high-severity vulnerabilities in its Archer NX router series, including a authentication bypass (CVE-2025-15517) that allows unauthenticated attackers to upload malicious firmware and take full control of the device.

**If you own a TP-Link Archer NX router (NX600, NX500, NX210, or NX200), make sure it is isolated from the internet and accessible from trusted networks only. Then plan a quick patch to the latest firmware from the official TP-Link Support portal for your specific hardware version. Disable remote management and ensure the admin interface is only reachable from your internal network.**
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/tp-link-patches-multiple-flaws-including-authentication-bypass-in-archer-nx-routers-7-i-6-1-m/gD2P6Ple2L

##

CVE-2026-32746
(9.8 CRITICAL)

EPSS: 0.03%

updated 2026-03-23T15:31:40

3 posts

telnetd in GNU inetutils through 2.7 allows an out-of-bounds write in the LINEMODE SLC (Set Local Characters) suboption handler because add_slc does not check whether the buffer is full.

5 repos

https://github.com/chosenonehacks/CVE-2026-32746

https://github.com/danindiana/cve-2026-32746-mitigation

https://github.com/watchtowrlabs/watchtowr-vs-telnetd-CVE-2026-32746

https://github.com/ekomsSavior/telnet_scan

https://github.com/jeffaf/cve-2026-32746

lobsters@mastodon.social at 2026-03-25T10:30:12.000Z ##

A 32-Year-Old Bug Walks Into A Telnet Server (GNU inetutils CVE-2026-32746) https://lobste.rs/s/udbivp #c #security
https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/

##

whitequark@treehouse.systems at 2026-03-25T05:58:33.000Z ##

Yes, the vulnerability is so old, it dates from a time when networks charged on a ‘per-packet basis’.

https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/

##

0xabad1dea@infosec.exchange at 2026-03-25T05:56:26.000Z ##

enjoyed this telnetd analysis. (if you can’t believe anyone has a legitimate operational reason to run telnet, you live in a cozy world indeed) https://labs.watchtowr.com/a-32-year-old-bug-walks-into-a-telnet-server-gnu-inetutils-telnetd-cve-2026-32746/

##

CVE-2025-31277
(8.8 HIGH)

EPSS: 0.27%

updated 2026-03-20T18:53:35.083000

1 posts

The issue was addressed with improved memory handling. This issue is fixed in Safari 18.6, watchOS 11.6, visionOS 2.6, iOS 18.6 and iPadOS 18.6, macOS Sequoia 15.6, tvOS 18.6. Processing maliciously crafted web content may lead to memory corruption.

mttaggart@infosec.exchange at 2026-03-24T21:48:09.000Z ##

@gknauss I think the thing is to move to 18.7.3, which is patched.

For devices running versions of iOS prior to 18.6, DarkSword uses CVE-2025-31277, a JIT optimization/type confusion bug which was patched by Apple in iOS 18.6. For devices running iOS 18.6-18.7, DarkSword uses CVE-2025-43529, a garbage collection bug in the Data Flow Graph (DFG) JIT layer of JavaScriptCore which was patched by Apple in iOS 18.7.3 and 26.2 after it was reported by GTIG. Both exploits develop their own fakeobj/addrof primitives, and then build arbitrary read/write primitives the same way on top of them.

I'm unaware of a compelling reason or hardware limitation to not upgrade from 18.6 to 18.7

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/

##

CVE-2025-43520
(5.5 MEDIUM)

EPSS: 0.47%

updated 2026-03-20T18:32:19

8 posts

A memory corruption issue was addressed with improved memory handling. This issue is fixed in watchOS 26.1, iOS 18.7.2 and iPadOS 18.7.2, macOS Tahoe 26.1, visionOS 26.1, tvOS 26.1, macOS Sonoma 14.8.2, macOS Sequoia 15.7.2, iOS 26.1 and iPadOS 26.1. A malicious application may be able to cause unexpected system termination or write kernel memory.

jjtech@infosec.exchange at 2026-03-24T13:45:52.000Z ##

Unfortunately it looks like CVE-2025-43520 was patched in iOS 26.1b4, the exact build I happened to leave my test device on...

I might play around with it on my Mac or in one of the new iOS pccvre VMs though.

##

fmarini@mastodon.social at 2026-03-24T09:09:10.000Z ##

There has been a lot of sloppy reporting regarding DarkSword, with basically every news outlet saying that iOS 18 is vulnerable. It’s not, if you have the latest 18.7.3.

Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

#iOS #DarkSword

##

fmarini@mastodon.social at 2026-03-24T09:06:55.000Z ##

@peternlewis sloppy reporting, as usual.

Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

##

fmarini@mastodon.social at 2026-03-24T08:54:03.000Z ##

@mackuba

Google has a more in-depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

##

fmarini@mastodon.social at 2026-03-24T08:52:15.000Z ##

@helge the reporting on DarkSword is incredibly sloppy.

Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

##

fmarini@mastodon.social at 2026-03-24T08:50:52.000Z ##

@slightlyoff @owa
Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

##

fmarini@mastodon.social at 2026-03-24T08:41:46.000Z ##

@9to5Mac sloppy reporting, as usual.

Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

##

fmarini@mastodon.social at 2026-03-24T08:35:44.000Z ##

@evacide

Google has a more in depth analysis, with a lot more information on the specific versions of iOS that are affected.

TL;DR It doesn’t seem to affect 18.7.3 at least (might also not work on 18.7.2 given that CVE-2025-43520, which DarkSword uses, has been patched in .2).

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain

##

CVE-2026-33331
(8.2 HIGH)

EPSS: 0.01%

updated 2026-03-20T17:25:56

1 posts

A Stored Cross-Site Scripting (XSS) vulnerability exists in the OpenAPI documentation generation of orpc. If an attacker can control any field within the OpenAPI specification (such as info.description), they can break out of the JSON context and execute arbitrary JavaScript when a user views the generated API documentation. In the packages/openapi/src/plugins/openapi-reference.ts file, the render

thehackerwire@mastodon.social at 2026-03-24T20:26:39.000Z ##

🟠 CVE-2026-33331 - High (8.2)

oRPC is an tool that helps build APIs that are end-to-end type-safe and adhere to OpenAPI standards. Prior to version 1.13.9, a stored cross-site scripting (XSS) vulnerability exists in the OpenAPI documentation generation of orpc. If an attacker ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33331/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-21992
(9.8 CRITICAL)

EPSS: 0.06%

updated 2026-03-20T15:32:14

1 posts

Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: REST WebServices) and Oracle Web Services Manager product of Oracle Fusion Middleware (component: Web Services Security). Supported versions that are affected are 12.2.1.4.0 and 14.1.2.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle

jbhall56@infosec.exchange at 2026-03-24T12:28:46.000Z ##

CVE-2026-21992 can be used without authentication for remote code execution and it may have been exploited in the wild. https://www.securityweek.com/oracle-releases-emergency-patch-for-critical-identity-manager-vulnerability/

##

CVE-2026-3888
(7.8 HIGH)

EPSS: 0.01%

updated 2026-03-18T04:17:30.720000

1 posts

Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS, 22.04 LTS, and 24.04 LTS.

5 repos

https://github.com/Many-Hat-Group/Ubuntu-CVE-2026-3888-patcher

https://github.com/netw0rk7/CVE-2026-3888-PoC

https://github.com/fevar54/CVE-2026-3888-POC-all-from-the-Qualys-platform.

https://github.com/TheCyberGeek/CVE-2026-3888-snap-confine-systemd-tmpfiles-LPE

https://github.com/nomaisthere/CVE-2026-3888

knoppix95@mastodon.social at 2026-03-24T19:37:47.000Z ##

A new Ubuntu vulnerability (CVE-2026-3888) allows local users to escalate privileges to root via a timing-based exploit in Ubuntu Desktop 24.04 and newer. ⏱️
The flaw affects systems using older versions of snapd and requires immediate patching. 🔐

🔗 https://www.infosecurity-magazine.com/news/ubuntu-flaw-enables-root-access/

#TechNews #Ubuntu #Linux #SecurityFlaw #CVE #PrivilegeEscalation #RootAccess #Cybersecurity #LinuxSecurity #PatchNow #Snap #SystemVulnerabilities #DataProtection #TechUpdates #Privacy #OpenSource #Canonical

##

CVE-2026-32116
(8.1 HIGH)

EPSS: 0.08%

updated 2026-03-16T18:02:21.613000

1 posts

Magic Wormhole makes it possible to get arbitrary-sized files and directories from one computer to another. From 0.21.0 to before 0.23.0, receiving a file (wormhole receive) from a malicious party could result in overwriting critical local files, including ~/.ssh/authorized_keys and .bashrc. This could be used to compromise the receiver's computer. Only the sender of the file (the party who runs w

magicwormhole@fosstodon.org at 2026-03-25T19:58:28.000Z ##

This month's exciting release fixes our first official[1] CVE for magic wormhole!

To improve your local machine's safety, please upgrade to magic wormhole 0.23.0

https://pypi.org/project/magic-wormhole/

[1] https://nvd.nist.gov/vuln/detail/CVE-2026-32116

##

CVE-2026-26123
(5.5 MEDIUM)

EPSS: 0.05%

updated 2026-03-10T21:32:18

2 posts

Cwe is not in rca categories in Microsoft Authenticator allows an unauthorized attacker to disclose information locally.

BugBountyShorts at 2026-03-25T23:40:25.636Z ##

Microsoft Authenticator’s Unclaimed Deep Link: A Full Account Takeover Story (CVE-2026–26123)
This vulnerability is an Authentication Bypass, specifically a session hijacking issue affecting the Microsoft Authenticator app. The root cause was improper handling of deep links within the application, which allowed malicious actors to craft unclaimed deep links containing account tokens. When users clicked these links, their active sessions were hijacked, resulting in full account takeover without requiring any user interaction other than clicking a link. To exploit this, an attacker could generate a malicious deep link with an embedded account token and share it via SMS or email. The session hijack occurred due to the application's failure to verify the authenticity of deep links before processing them. This vulnerability has been assigned CVE-2026–26123. Microsoft rewarded $50,000 for this find and immediately patched the issue. To prevent similar vulnerabilities, it is crucial to thoroughly validate and sanitize all user-controlled inputs, including deep links. Key lesson: Always verify the authenticity of user-supplied data before processing it. #BugBounty #Cybersecurity #AuthenticationBypass #SessionHijacking #Infosec

https://infosecwriteups.com/microsoft-authenticators-unclaimed-deep-link-a-full-account-takeover-story-cve-2026-26123-e0409a920a02?source=rss------bug_bounty-5

##

BugBountyShorts@infosec.exchange at 2026-03-25T23:40:25.000Z ##

Microsoft Authenticator’s Unclaimed Deep Link: A Full Account Takeover Story (CVE-2026–26123)
This vulnerability is an Authentication Bypass, specifically a session hijacking issue affecting the Microsoft Authenticator app. The root cause was improper handling of deep links within the application, which allowed malicious actors to craft unclaimed deep links containing account tokens. When users clicked these links, their active sessions were hijacked, resulting in full account takeover without requiring any user interaction other than clicking a link. To exploit this, an attacker could generate a malicious deep link with an embedded account token and share it via SMS or email. The session hijack occurred due to the application's failure to verify the authenticity of deep links before processing them. This vulnerability has been assigned CVE-2026–26123. Microsoft rewarded $50,000 for this find and immediately patched the issue. To prevent similar vulnerabilities, it is crucial to thoroughly validate and sanitize all user-controlled inputs, including deep links. Key lesson: Always verify the authenticity of user-supplied data before processing it. #BugBounty #Cybersecurity #AuthenticationBypass #SessionHijacking #Infosec

https://infosecwriteups.com/microsoft-authenticators-unclaimed-deep-link-a-full-account-takeover-story-cve-2026-26123-e0409a920a02?source=rss------bug_bounty-5

##

https://github.com/bjrjk/CVE-2025-43529

https://github.com/SimoesCTT/Convergent-Time-Theory-Enhanced-iOS-Safari-RCE-CVE-2025-43529-

mttaggart@infosec.exchange at 2026-03-24T21:48:09.000Z ##

@gknauss I think the thing is to move to 18.7.3, which is patched.

For devices running versions of iOS prior to 18.6, DarkSword uses CVE-2025-31277, a JIT optimization/type confusion bug which was patched by Apple in iOS 18.6. For devices running iOS 18.6-18.7, DarkSword uses CVE-2025-43529, a garbage collection bug in the Data Flow Graph (DFG) JIT layer of JavaScriptCore which was patched by Apple in iOS 18.7.3 and 26.2 after it was reported by GTIG. Both exploits develop their own fakeobj/addrof primitives, and then build arbitrary read/write primitives the same way on top of them.

I'm unaware of a compelling reason or hardware limitation to not upgrade from 18.6 to 18.7

https://cloud.google.com/blog/topics/threat-intelligence/darksword-ios-exploit-chain/

##

CVE-2025-24201
(7.1 HIGH)

EPSS: 0.10%

updated 2025-11-13T21:31:15

1 posts

An out-of-bounds write issue was addressed with improved checks to prevent unauthorized actions. This issue is fixed in visionOS 2.3.2, iOS 18.3.2 and iPadOS 18.3.2, macOS Sequoia 15.3.2. Maliciously crafted web content may be able to break out of Web Content sandbox. This is a supplementary fix for an attack that was blocked in iOS 17.2. (Apple is aware of a report that this issue may have been e

3 repos

https://github.com/5ky9uy/glass-cage-i18-2025-24085-and-cve-2025-24201

https://github.com/The-Maxu/CVE-2025-24201-WebKit-Vulnerability-Detector-PoC-

https://github.com/JGoyd/Glass-Cage-iOS18-CVE-2025-24085-CVE-2025-24201

Mozilla@activitypub.awakari.com at 2026-03-24T17:59:15.000Z ## Your iPhone Has a Security Hole That Hackers Already Found — And Apple Needs You to Act Now Apple issued emergency patches for a WebKit zero-day vulnerability already exploited in sophisticated t...

#CybersecurityUpdate #MobileDevPro #Apple #security #update #CVE-2025-24201 #iOS #18.3.2 #iPhone #zero-day #exploit

Origin | Interest | Match ##

CVE-2023-38606
(5.5 MEDIUM)

EPSS: 0.12%

updated 2025-10-31T14:43:10.643000

2 posts

This issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.6.8, iOS 15.7.8 and iPadOS 15.7.8, iOS 16.6 and iPadOS 16.6, tvOS 16.6, macOS Big Sur 11.7.9, macOS Ventura 13.5, watchOS 9.6. An app may be able to modify sensitive kernel state. Apple is aware of a report that this issue may have been actively exploited against versions of iOS released before iOS 15

decio at 2026-03-26T14:50:23.444Z ##

👆
🖼️
"Analysis of the kit showed that it relies on the exploitation of many previously patched vulnerabilities and also includes exploits for CVE-2023-32434 and CVE-2023-38606. These two vulnerabilities particularly caught our attention because they had been first first discovered as zero-days used in Operation Triangulation. "
👇
https://securelist.com/coruna-framework-updated-operation-triangulation-exploit/119228/

ah oueee... ça c'est une jolie "coïncidence" & plot twist

intéressant maintenant de voir quelles etaient les cibles...

#CyberVeille #Triangulation

##

decio@infosec.exchange at 2026-03-26T14:50:23.000Z ##

👆
🖼️
"Analysis of the kit showed that it relies on the exploitation of many previously patched vulnerabilities and also includes exploits for CVE-2023-32434 and CVE-2023-38606. These two vulnerabilities particularly caught our attention because they had been first first discovered as zero-days used in Operation Triangulation. "
👇
https://securelist.com/coruna-framework-updated-operation-triangulation-exploit/119228/

ah oueee... ça c'est une jolie "coïncidence" & plot twist

intéressant maintenant de voir quelles etaient les cibles...

#CyberVeille #Triangulation

##

CVE-2023-32434
(7.8 HIGH)

EPSS: 61.25%

updated 2025-10-23T18:48:05.013000

4 posts

An integer overflow was addressed with improved input validation. This issue is fixed in watchOS 9.5.2, macOS Big Sur 11.7.8, iOS 15.7.7 and iPadOS 15.7.7, macOS Monterey 12.6.7, watchOS 8.8.1, iOS 16.5.1 and iPadOS 16.5.1, macOS Ventura 13.4.1. An app may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited against v

2 repos

https://github.com/alfiecg24/Trigon

https://github.com/rkrakesh524/oob_entry

decio at 2026-03-26T14:50:23.444Z ##

👆
🖼️
"Analysis of the kit showed that it relies on the exploitation of many previously patched vulnerabilities and also includes exploits for CVE-2023-32434 and CVE-2023-38606. These two vulnerabilities particularly caught our attention because they had been first first discovered as zero-days used in Operation Triangulation. "
👇
https://securelist.com/coruna-framework-updated-operation-triangulation-exploit/119228/

ah oueee... ça c'est une jolie "coïncidence" & plot twist

intéressant maintenant de voir quelles etaient les cibles...

#CyberVeille #Triangulation

##

oversecurity@mastodon.social at 2026-03-26T08:20:04.000Z ##

Coruna: the framework used in Operation Triangulation

Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and...

🔗️ [Securelist] https://link.is.it/XwhkQ8

##

decio@infosec.exchange at 2026-03-26T14:50:23.000Z ##

👆
🖼️
"Analysis of the kit showed that it relies on the exploitation of many previously patched vulnerabilities and also includes exploits for CVE-2023-32434 and CVE-2023-38606. These two vulnerabilities particularly caught our attention because they had been first first discovered as zero-days used in Operation Triangulation. "
👇
https://securelist.com/coruna-framework-updated-operation-triangulation-exploit/119228/

ah oueee... ça c'est une jolie "coïncidence" & plot twist

intéressant maintenant de voir quelles etaient les cibles...

#CyberVeille #Triangulation

##

oversecurity@mastodon.social at 2026-03-26T08:20:04.000Z ##

Coruna: the framework used in Operation Triangulation

Kaspersky GReAT experts look into the Coruna exploit kit targeting iPhones. We discovered that the kernel exploit for CVE-2023-32434 and...

🔗️ [Securelist] https://link.is.it/XwhkQ8

##

CVE-2026-3650
(0 None)

EPSS: 0.00%

2 posts

N/A

technadu at 2026-03-26T11:32:07.763Z ##

CVE-2026-3650 in Grassroots DICOM (GDCM):

• Memory leak via malformed DICOM parsing
• CVSS 7.5 → DoS risk
• No patch, no maintainer response
• Impacts healthcare imaging pipelines
Mitigate via isolation + strict input controls.

Source: https://www.hipaajournal.com/grassroots-dicom-vulnerability-march-2026/

Follow @technadu for more.

#InfoSec #HealthcareSecurity #Vulnerability

##

technadu@infosec.exchange at 2026-03-26T11:32:07.000Z ##

CVE-2026-3650 in Grassroots DICOM (GDCM):

• Memory leak via malformed DICOM parsing
• CVSS 7.5 → DoS risk
• No patch, no maintainer response
• Impacts healthcare imaging pipelines
Mitigate via isolation + strict input controls.

Source: https://www.hipaajournal.com/grassroots-dicom-vulnerability-march-2026/

Follow @technadu for more.

#InfoSec #HealthcareSecurity #Vulnerability

##

CVE-2026-15518
(0 None)

EPSS: 0.00%

4 posts

N/A

agowa338@chaos.social at 2026-03-26T09:05:52.000Z ##

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

https://feedly.com/cve/CVE-2026-15518 and https://feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

https://feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

##

agowa338@chaos.social at 2026-03-26T09:00:45.000Z ##

@heisec

Ehm:

> Für die Ausnutzung zwei weiterer Schwachstellen (CVE-2026-15518, CVE-2026-15519) benötigen Angreifer Adminrechte. Ist das gegeben, können sie eigene Befehle auf Ebene des Betriebssystems ausführen.

Wenn jemand Adminrechte dafür braucht, ist das KEINE Schwachstelle...

##

agowa338@chaos.social at 2026-03-26T09:05:52.000Z ##

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

https://feedly.com/cve/CVE-2026-15518 and https://feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

https://feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

##

agowa338@chaos.social at 2026-03-26T09:00:45.000Z ##

@heisec

Ehm:

> Für die Ausnutzung zwei weiterer Schwachstellen (CVE-2026-15518, CVE-2026-15519) benötigen Angreifer Adminrechte. Ist das gegeben, können sie eigene Befehle auf Ebene des Betriebssystems ausführen.

Wenn jemand Adminrechte dafür braucht, ist das KEINE Schwachstelle...

##

CVE-2026-15519
(0 None)

EPSS: 0.00%

4 posts

N/A

agowa338@chaos.social at 2026-03-26T09:05:52.000Z ##

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

https://feedly.com/cve/CVE-2026-15518 and https://feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

https://feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

##

agowa338@chaos.social at 2026-03-26T09:00:45.000Z ##

@heisec

Ehm:

> Für die Ausnutzung zwei weiterer Schwachstellen (CVE-2026-15518, CVE-2026-15519) benötigen Angreifer Adminrechte. Ist das gegeben, können sie eigene Befehle auf Ebene des Betriebssystems ausführen.

Wenn jemand Adminrechte dafür braucht, ist das KEINE Schwachstelle...

##

agowa338@chaos.social at 2026-03-26T09:05:52.000Z ##

@heisec

Außerdem, wenn man in die CVEs kuckt, habt ihr das komplett Falsch dargestellt.

https://feedly.com/cve/CVE-2026-15518 and https://feedly.com/cve/CVE-2026-15519: that allows unauthenticated attackers to decrypt sensitive device configurations

https://feedly.com/cve/CVE-2025-15605: An authenticated attacker with low privileges and adjacent network access

##

agowa338@chaos.social at 2026-03-26T09:00:45.000Z ##

@heisec

Ehm:

> Für die Ausnutzung zwei weiterer Schwachstellen (CVE-2026-15518, CVE-2026-15519) benötigen Angreifer Adminrechte. Ist das gegeben, können sie eigene Befehle auf Ebene des Betriebssystems ausführen.

Wenn jemand Adminrechte dafür braucht, ist das KEINE Schwachstelle...

##

CVE-2026-33526
(0 None)

EPSS: 1.98%

2 posts

N/A

offseq at 2026-03-26T01:30:27.610Z ##

🚨 CVE-2026-33526: Critical Use-After-Free in Squid (<7.5) allows remote attackers to crash Squid via ICP traffic. icp_access rules are ineffective. Upgrade to 7.5+ or disable ICP (icp_port=0) ASAP! https://radar.offseq.com/threat/cve-2026-33526-cwe-416-use-after-free-in-squid-cac-5f2ea159 #OffSeq #Squid #Vuln #DoS

##

offseq@infosec.exchange at 2026-03-26T01:30:27.000Z ##

🚨 CVE-2026-33526: Critical Use-After-Free in Squid (<7.5) allows remote attackers to crash Squid via ICP traffic. icp_access rules are ineffective. Upgrade to 7.5+ or disable ICP (icp_port=0) ASAP! https://radar.offseq.com/threat/cve-2026-33526-cwe-416-use-after-free-in-squid-cac-5f2ea159 #OffSeq #Squid #Vuln #DoS

##

CVE-2026-33918
(0 None)

EPSS: 0.03%

4 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T01:03:46.000Z ##

🟠 CVE-2026-33918 - High (7.6)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the billing file-download endpoint `interface/billing/get_claim_file.php` only verifies that the caller has a valid ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33918/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:01:14.000Z ##

🟠 CVE-2026-33918 - High (7.6)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the billing file-download endpoint `interface/billing/get_claim_file.php` only verifies that the caller has a valid ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33918/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:03:46.000Z ##

🟠 CVE-2026-33918 - High (7.6)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the billing file-download endpoint `interface/billing/get_claim_file.php` only verifies that the caller has a valid ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33918/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:01:14.000Z ##

🟠 CVE-2026-33918 - High (7.6)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the billing file-download endpoint `interface/billing/get_claim_file.php` only verifies that the caller has a valid ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33918/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33917
(0 None)

EPSS: 0.03%

4 posts

N/A

1 repos

https://github.com/ChrisSub08/CVE-2026-33917_SqlInjectionVulnerabilityOpenEMR8.0.0

thehackerwire@mastodon.social at 2026-03-26T01:03:36.000Z ##

🟠 CVE-2026-33917 - High (8.8)

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajax_save CAMOS form that can be exploited by authenticated attackers. ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33917/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:01:04.000Z ##

🟠 CVE-2026-33917 - High (8.8)

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajax_save CAMOS form that can be exploited by authenticated attackers. ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33917/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:03:36.000Z ##

🟠 CVE-2026-33917 - High (8.8)

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajax_save CAMOS form that can be exploited by authenticated attackers. ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33917/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:01:04.000Z ##

🟠 CVE-2026-33917 - High (8.8)

OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajax_save CAMOS form that can be exploited by authenticated attackers. ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33917/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33932
(0 None)

EPSS: 0.03%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T01:01:16.000Z ##

🟠 CVE-2026-33932 - High (7.6)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document preview allows an attacker who can upload or send a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33932/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:01:16.000Z ##

🟠 CVE-2026-33932 - High (7.6)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a stored cross-site scripting vulnerability in the CCDA document preview allows an attacker who can upload or send a...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33932/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34056
(0 None)

EPSS: 0.03%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T01:00:33.000Z ##

🟠 CVE-2026-34056 - High (7.7)

OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eR...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34056/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:00:33.000Z ##

🟠 CVE-2026-34056 - High (7.7)

OpenEMR is a free and open source electronic health records and medical practice management application. A Broken Access Control vulnerability in OpenEMR up to and including version 8.0.0.3 allows low-privilege users to view and download Ensora eR...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34056/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-34055
(0 None)

EPSS: 0.03%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T01:00:23.000Z ##

🟠 CVE-2026-34055 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the legacy patient notes functions in `library/pnotes.inc.php` perform updates and deletes using `WHERE id = ?` with...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34055/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T01:00:23.000Z ##

🟠 CVE-2026-34055 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, the legacy patient notes functions in `library/pnotes.inc.php` perform updates and deletes using `WHERE id = ?` with...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-34055/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-23514
(0 None)

EPSS: 0.04%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-26T00:00:17.000Z ##

🟠 CVE-2026-23514 - High (8.8)

Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23514/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-26T00:00:17.000Z ##

🟠 CVE-2026-23514 - High (8.8)

Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive ...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-23514/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-29187
(0 None)

EPSS: 0.02%

4 posts

N/A

1 repos

https://github.com/ChrisSub08/CVE-2026-29187_SqlInjectionVulnerabilityOpenEMR7.0.4

thehackerwire@mastodon.social at 2026-03-25T23:35:39.000Z ##

🟠 CVE-2026-29187 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php)...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-29187/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T23:20:27.000Z ##

🟠 CVE-2026-29187 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php)...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-29187/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T23:35:39.000Z ##

🟠 CVE-2026-29187 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php)...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-29187/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T23:20:27.000Z ##

🟠 CVE-2026-29187 - High (8.1)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, a Blind SQL Injection vulnerability exists in the Patient Search functionality (/interface/new/new_search_popup.php)...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-29187/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33913
(0 None)

EPSS: 0.03%

2 posts

N/A

thehackerwire@mastodon.social at 2026-03-25T23:20:25.000Z ##

🟠 CVE-2026-33913 - High (7.7)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an authenticated user with access to the Carecoordination module can upload a crafted CCDA document containing `` to...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33913/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

thehackerwire@mastodon.social at 2026-03-25T23:20:25.000Z ##

🟠 CVE-2026-33913 - High (7.7)

OpenEMR is a free and open source electronic health records and medical practice management application. Prior to version 8.0.0.3, an authenticated user with access to the Carecoordination module can upload a crafted CCDA document containing `` to...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33913/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-32628
(0 None)

EPSS: 0.03%

1 posts

N/A

LLMs@activitypub.awakari.com at 2026-03-26T09:43:00.000Z ## A 56,000-Star AI App Shipped With a Textbook SQL Injection Flaw A 56,000-star LLM app ships with raw string concatenation in its database connector. I found it, reported it, got the CVE. Here is th...

#cybersecurity #ai-security #offensive-security #vulnerability-research #anythingllm-cve #cve-2026-32628 #ai-agent-security #sql-injection-flaw

Origin | Interest | Match ##

CVE-2026-30976
(0 None)

EPSS: 0.06%

1 posts

N/A

1 posts

N/A

chrisvest@mastodon.social at 2026-03-25T00:33:41.000Z ##

We're released Netty 4.2.11 and 4.1.132. These contain many bug fixes, and fixes for two CVEs both rated *high*:

- CVE-2026-33871: HTTP/2 CONTINUATION frame flood Denial of Service.
- CVE-2026-33870: HTTP/1.1 Request Smuggling vulnerability in chunked encoding parsing.

Release notes for 4.2.11: https://netty.io/news/2026/03/24/4-2-11-Final.html
Release notes for 4.1.132: https://netty.io/news/2026/03/24/4-1-132-Final.html

Also of note: We had 17 people contribute to Netty 4.2.11, of which 5 are new first time contributors 😲

#netty #java

##

CVE-2026-33871
(0 None)

EPSS: 0.00%

1 posts

1 posts

N/A

thehackerwire@mastodon.social at 2026-03-24T00:39:20.000Z ##

🟠 CVE-2026-33250 - High (7.5)

Freeciv21 is a free open source, turn-based, empire-building strategy game. Versions prior to 3.1.1 crash with a stack overflow when receiving specially-crafted packets. A remote attacker can use this to take down any public server. A malicious se...

🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-33250/

#CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

##

CVE-2026-33636(7.6 HIGH)

EPSS: 0.00%

CVE-2026-33416(7.5 HIGH)

EPSS: 0.00%

CVE-2026-29785(7.5 HIGH)

EPSS: 0.07%

CVE-2026-22739(8.6 HIGH)

EPSS: 0.02%

CVE-2026-33696(10.0 CRITICAL)

EPSS: 0.46%

CVE-2026-33017(9.8 CRITICAL)

EPSS: 6.14%

CVE-2026-33348(8.7 HIGH)

EPSS: 0.03%

CVE-2026-20086(8.6 HIGH)

EPSS: 0.10%

CVE-2026-20084(8.6 HIGH)

EPSS: 0.11%

CVE-2026-24750(7.6 HIGH)

EPSS: 0.04%

CVE-2026-30975(8.1 HIGH)

EPSS: 0.06%

CVE-2026-2995(7.7 HIGH)

EPSS: 0.02%

CVE-2026-3988(7.5 HIGH)

EPSS: 0.04%

CVE-2026-4701(9.8 CRITICAL)

EPSS: 0.02%

CVE-2026-4700(9.8 CRITICAL)

EPSS: 0.02%

CVE-2026-4698(9.8 CRITICAL)

EPSS: 0.02%

CVE-2026-33344(8.1 HIGH)

EPSS: 0.02%

CVE-2026-28760(7.8 HIGH)

EPSS: 0.01%

CVE-2026-32680(7.8 HIGH)

EPSS: 0.01%

CVE-2026-4840(8.8 HIGH)

EPSS: 0.15%

CVE-2026-2931(8.8 HIGH)

EPSS: 0.04%

CVE-2026-4484(9.8 CRITICAL)

EPSS: 0.04%

CVE-2026-4758(8.8 HIGH)

EPSS: 0.25%

CVE-2026-24151(7.8 HIGH)

EPSS: 0.05%

CVE-2026-24152(7.8 HIGH)

EPSS: 0.05%

CVE-2026-32537(7.5 HIGH)

EPSS: 0.11%

CVE-2026-25447(9.1 CRITICAL)

EPSS: 0.04%

CVE-2026-32546(7.5 HIGH)

EPSS: 0.03%

CVE-2026-25001(8.6 HIGH)

EPSS: 0.05%

CVE-2026-32573(9.1 CRITICAL)

EPSS: 0.04%

CVE-2026-32531(8.1 HIGH)

EPSS: 0.11%

CVE-2026-32534(8.5 HIGH)

EPSS: 0.03%

CVE-2026-32539(9.3 CRITICAL)

EPSS: 0.03%

CVE-2026-25366(10.0 CRITICAL)

EPSS: 0.05%

CVE-2026-32513(8.8 HIGH)

EPSS: 0.05%

CVE-2026-27044(10.0 CRITICAL)

EPSS: 0.05%

CVE-2026-4719(7.5 HIGH)

EPSS: 0.01%

CVE-2026-4705(9.8 CRITICAL)

EPSS: 0.02%

CVE-2026-4704(7.5 HIGH)

EPSS: 0.01%

CVE-2026-33680(7.5 HIGH)

EPSS: 0.03%

CVE-2026-33636
(7.6 HIGH)

CVE-2026-33416
(7.5 HIGH)

CVE-2026-29785
(7.5 HIGH)

CVE-2026-22739
(8.6 HIGH)

CVE-2026-33696
(10.0 CRITICAL)

CVE-2026-33017
(9.8 CRITICAL)

CVE-2026-33348
(8.7 HIGH)

CVE-2026-20086
(8.6 HIGH)

CVE-2026-20084
(8.6 HIGH)

CVE-2026-24750
(7.6 HIGH)

CVE-2026-30975
(8.1 HIGH)

CVE-2026-2995
(7.7 HIGH)

CVE-2026-3988
(7.5 HIGH)

CVE-2026-4701
(9.8 CRITICAL)

CVE-2026-4700
(9.8 CRITICAL)

CVE-2026-4698
(9.8 CRITICAL)

CVE-2026-33344
(8.1 HIGH)

CVE-2026-28760
(7.8 HIGH)

CVE-2026-32680
(7.8 HIGH)

CVE-2026-4840
(8.8 HIGH)

CVE-2026-2931
(8.8 HIGH)

CVE-2026-4484
(9.8 CRITICAL)

CVE-2026-4758
(8.8 HIGH)

CVE-2026-24151
(7.8 HIGH)

CVE-2026-24152
(7.8 HIGH)

CVE-2026-32537
(7.5 HIGH)

CVE-2026-25447
(9.1 CRITICAL)

CVE-2026-32546
(7.5 HIGH)

CVE-2026-25001
(8.6 HIGH)

CVE-2026-32573
(9.1 CRITICAL)

CVE-2026-32531
(8.1 HIGH)

CVE-2026-32534
(8.5 HIGH)

CVE-2026-32539
(9.3 CRITICAL)

CVE-2026-25366
(10.0 CRITICAL)

CVE-2026-32513
(8.8 HIGH)

CVE-2026-27044
(10.0 CRITICAL)

CVE-2026-4719
(7.5 HIGH)

CVE-2026-4705
(9.8 CRITICAL)

CVE-2026-4704
(7.5 HIGH)

CVE-2026-33680
(7.5 HIGH)

CVE-2026-33678
(8.1 HIGH)

CVE-2026-32538
(7.5 HIGH)

CVE-2026-32536
(9.9 CRITICAL)

CVE-2026-33660
(10.0 CRITICAL)

CVE-2026-33310
(8.8 HIGH)

CVE-2026-33316
(8.1 HIGH)

CVE-2026-29839
(8.8 HIGH)

CVE-2026-33211
(9.6 CRITICAL)

CVE-2026-4716
(9.1 CRITICAL)

CVE-2026-4715
(9.1 CRITICAL)

CVE-2026-32525
(9.9 CRITICAL)

CVE-2026-20687
(7.1 HIGH)

CVE-2026-4712
(7.5 HIGH)

CVE-2026-3857
(8.1 HIGH)

CVE-2026-20012
(8.6 HIGH)

CVE-2026-20125
(7.7 HIGH)

CVE-2026-26832
(9.8 CRITICAL)

CVE-2026-3608
(7.5 HIGH)

CVE-2026-33287
(7.5 HIGH)

CVE-2026-33285
(7.5 HIGH)

CVE-2026-20131
(10.0 CRITICAL)

CVE-2026-33286
(9.1 CRITICAL)

CVE-2026-4711
(9.8 CRITICAL)

CVE-2026-27889
(7.5 HIGH)

CVE-2025-71275
(0 None)

CVE-2025-32991
(9.0 CRITICAL)

CVE-2026-2417
(0 None)

CVE-2025-33244
(9.0 CRITICAL)

CVE-2026-24157
(7.8 HIGH)

CVE-2026-24159
(7.8 HIGH)

CVE-2026-33509
(7.5 HIGH)

CVE-2026-33399
(7.7 HIGH)

CVE-2026-2072
(8.2 HIGH)

CVE-2026-28877
(0 None)

CVE-2026-28864
(3.3 LOW)